[FAILED] Unexpected error: <*fmt.wrapError | 0xc0009e0300>: error migrating project konflux-qe/build-nudge-parent to konflux-qe/build-nudge-parent-vhbima (last error: You have already reached your limit of 100 repositories.): context deadline exceeded { msg: "error migrating project konflux-qe/build-nudge-parent to konflux-qe/build-nudge-parent-vhbima (last error: You have already reached your limit of 100 repositories.): context deadline exceeded", err: <context.deadlineExceededError>{}, } occurred In [BeforeAll] at: /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:131 @ 04/19/26 13:55:38.36 There were additional failures detected after the initial failure. These are visible in the timeline > Enter [BeforeAll] component update with renovate - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:72 @ 04/19/26 13:50:24.271 [FAILED] Unexpected error: <*fmt.wrapError | 0xc0009e0300>: error migrating project konflux-qe/build-nudge-parent to konflux-qe/build-nudge-parent-vhbima (last error: You have already reached your limit of 100 repositories.): context deadline exceeded { msg: "error migrating project konflux-qe/build-nudge-parent to konflux-qe/build-nudge-parent-vhbima (last error: You have already reached your limit of 100 repositories.): context deadline exceeded", err: <context.deadlineExceededError>{}, } occurred In [BeforeAll] at: /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:131 @ 04/19/26 13:55:38.36 < Exit [BeforeAll] component update with renovate - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:72 @ 04/19/26 13:55:38.36 (5m14.089s) > Enter [AfterAll] component update with renovate - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:214 @ 04/19/26 13:55:38.36 [FAILED] Timed out after 120.000s. Expected success, but got an error: <*errors.errorString | 0xc000fc40b0>: could not check for namespace '' existence: resource name may not be empty { s: "could not check for namespace '' existence: resource name may not be empty", } In [AfterAll] at: /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:230 @ 04/19/26 13:57:38.361 < Exit [AfterAll] component update with renovate - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:214 @ 04/19/26 13:57:38.361 (2m0.001s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 13:57:38.361 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 13:57:38.54 (179ms) [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:259 @ 04/19/26 13:57:38.541 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:274 @ 04/19/26 13:57:38.541 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:285 @ 04/19/26 13:57:38.542 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:289 @ 04/19/26 13:57:38.542 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:307 @ 04/19/26 13:57:38.542 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:318 @ 04/19/26 13:57:38.542 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:358 @ 04/19/26 13:57:38.542 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:375 @ 04/19/26 13:57:38.543 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:385 @ 04/19/26 13:57:38.543 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:401 @ 04/19/26 13:57:38.543 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:412 @ 04/19/26 13:57:38.543 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:429 @ 04/19/26 13:57:38.543 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:440 @ 04/19/26 13:57:38.543 > Enter [BeforeAll] [release-service-suite [RELEASE-2136] Release CR fails when block-releases true in ReleasePlanAdmission.] - /tmp/tmp.Z3cR7n2baf/tests/release/service/block_releases_release_plan_admission.go:34 @ 04/19/26 13:50:24.373 < Exit [BeforeAll] [release-service-suite [RELEASE-2136] Release CR fails when block-releases true in ReleasePlanAdmission.] - /tmp/tmp.Z3cR7n2baf/tests/release/service/block_releases_release_plan_admission.go:34 @ 04/19/26 13:50:48.746 (24.373s) > Enter [It] block-releases true in ReleasePlanAdmission makes a Release CR set as failed in both IsReleased and IsValid with a proper message to user. - /tmp/tmp.Z3cR7n2baf/tests/release/service/block_releases_release_plan_admission.go:69 @ 04/19/26 13:50:48.746 < Exit [It] block-releases true in ReleasePlanAdmission makes a Release CR set as failed in both IsReleased and IsValid with a proper message to user. - /tmp/tmp.Z3cR7n2baf/tests/release/service/block_releases_release_plan_admission.go:69 @ 04/19/26 13:50:57.899 (9.153s) > Enter [AfterEach] [release-service-suite [RELEASE-2136] Release CR fails when block-releases true in ReleasePlanAdmission.] - /tmp/tmp.Z3cR7n2baf/tests/release/service/block_releases_release_plan_admission.go:32 @ 04/19/26 13:50:57.899 < Exit [AfterEach] [release-service-suite [RELEASE-2136] Release CR fails when block-releases true in ReleasePlanAdmission.] - /tmp/tmp.Z3cR7n2baf/tests/release/service/block_releases_release_plan_admission.go:32 @ 04/19/26 13:50:57.899 (0s) > Enter [AfterAll] [release-service-suite [RELEASE-2136] Release CR fails when block-releases true in ReleasePlanAdmission.] - /tmp/tmp.Z3cR7n2baf/tests/release/service/block_releases_release_plan_admission.go:61 @ 04/19/26 13:50:57.899 < Exit [AfterAll] [release-service-suite [RELEASE-2136] Release CR fails when block-releases true in ReleasePlanAdmission.] - /tmp/tmp.Z3cR7n2baf/tests/release/service/block_releases_release_plan_admission.go:61 @ 04/19/26 13:51:31.092 (33.193s) > Enter [BeforeAll] [release-service-suite [HACBS-2360] Release CR fails when missing ReleasePlan and ReleasePlanAdmission.] - /tmp/tmp.Z3cR7n2baf/tests/release/service/missing_release_plan_and_admission.go:34 @ 04/19/26 13:50:24.07 < Exit [BeforeAll] [release-service-suite [HACBS-2360] Release CR fails when missing ReleasePlan and ReleasePlanAdmission.] - /tmp/tmp.Z3cR7n2baf/tests/release/service/missing_release_plan_and_admission.go:34 @ 04/19/26 13:50:55.189 (31.119s) > Enter [It] missing ReleasePlan makes a Release CR set as failed in both IsReleased and IsValid with a proper message to user. - /tmp/tmp.Z3cR7n2baf/tests/release/service/missing_release_plan_and_admission.go:66 @ 04/19/26 13:50:55.189 < Exit [It] missing ReleasePlan makes a Release CR set as failed in both IsReleased and IsValid with a proper message to user. - /tmp/tmp.Z3cR7n2baf/tests/release/service/missing_release_plan_and_admission.go:66 @ 04/19/26 13:51:03.593 (8.403s) > Enter [AfterEach] [release-service-suite [HACBS-2360] Release CR fails when missing ReleasePlan and ReleasePlanAdmission.] - /tmp/tmp.Z3cR7n2baf/tests/release/service/missing_release_plan_and_admission.go:32 @ 04/19/26 13:51:03.593 < Exit [AfterEach] [release-service-suite [HACBS-2360] Release CR fails when missing ReleasePlan and ReleasePlanAdmission.] - /tmp/tmp.Z3cR7n2baf/tests/release/service/missing_release_plan_and_admission.go:32 @ 04/19/26 13:51:03.593 (0s) > Enter [It] missing ReleasePlanAdmission makes a Release CR set as failed in both IsReleased and IsValid with a proper message to user. - /tmp/tmp.Z3cR7n2baf/tests/release/service/missing_release_plan_and_admission.go:76 @ 04/19/26 13:51:03.593 < Exit [It] missing ReleasePlanAdmission makes a Release CR set as failed in both IsReleased and IsValid with a proper message to user. - /tmp/tmp.Z3cR7n2baf/tests/release/service/missing_release_plan_and_admission.go:76 @ 04/19/26 13:51:03.63 (36ms) > Enter [AfterEach] [release-service-suite [HACBS-2360] Release CR fails when missing ReleasePlan and ReleasePlanAdmission.] - /tmp/tmp.Z3cR7n2baf/tests/release/service/missing_release_plan_and_admission.go:32 @ 04/19/26 13:51:03.63 < Exit [AfterEach] [release-service-suite [HACBS-2360] Release CR fails when missing ReleasePlan and ReleasePlanAdmission.] - /tmp/tmp.Z3cR7n2baf/tests/release/service/missing_release_plan_and_admission.go:32 @ 04/19/26 13:51:03.63 (0s) > Enter [AfterAll] [release-service-suite [HACBS-2360] Release CR fails when missing ReleasePlan and ReleasePlanAdmission.] - /tmp/tmp.Z3cR7n2baf/tests/release/service/missing_release_plan_and_admission.go:58 @ 04/19/26 13:51:03.63 < Exit [AfterAll] [release-service-suite [HACBS-2360] Release CR fails when missing ReleasePlan and ReleasePlanAdmission.] - /tmp/tmp.Z3cR7n2baf/tests/release/service/missing_release_plan_and_admission.go:58 @ 04/19/26 13:51:42.768 (39.138s) > Enter [BeforeAll] test build annotations - /tmp/tmp.Z3cR7n2baf/tests/build/annotations.go:35 @ 04/19/26 13:50:24.468 < Exit [BeforeAll] test build annotations - /tmp/tmp.Z3cR7n2baf/tests/build/annotations.go:35 @ 04/19/26 13:50:28.604 (4.136s) > Enter [BeforeAll] when component is created with invalid build request annotations - /tmp/tmp.Z3cR7n2baf/tests/build/annotations.go:69 @ 04/19/26 13:50:28.604 Image repository for component test-annotations-jkefhp in namespace build-e2e-izor do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. < Exit [BeforeAll] when component is created with invalid build request annotations - /tmp/tmp.Z3cR7n2baf/tests/build/annotations.go:69 @ 04/19/26 13:50:49.374 (20.77s) > Enter [It] handles invalid request annotation - /tmp/tmp.Z3cR7n2baf/tests/build/annotations.go:89 @ 04/19/26 13:50:49.374 build status annotation value: {"message":"unexpected build request: foo"} < Exit [It] handles invalid request annotation - /tmp/tmp.Z3cR7n2baf/tests/build/annotations.go:89 @ 04/19/26 13:51:49.388 (1m0.014s) > Enter [AfterAll] test build annotations - /tmp/tmp.Z3cR7n2baf/tests/build/annotations.go:51 @ 04/19/26 13:51:49.388 < Exit [AfterAll] test build annotations - /tmp/tmp.Z3cR7n2baf/tests/build/annotations.go:51 @ 04/19/26 13:51:51.434 (2.046s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/annotations.go:24 @ 04/19/26 13:51:51.435 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/annotations.go:24 @ 04/19/26 13:51:51.435 (0s) > Enter [BeforeAll] [release-service-suite Release service tenant pipeline] - /tmp/tmp.Z3cR7n2baf/tests/release/service/tenant_pipelines.go:41 @ 04/19/26 13:50:24.268 snapshotPush.Name: %s snapshot-sample-eccd < Exit [BeforeAll] [release-service-suite Release service tenant pipeline] - /tmp/tmp.Z3cR7n2baf/tests/release/service/tenant_pipelines.go:41 @ 04/19/26 13:50:36.755 (12.487s) > Enter [It] verifies that a Release CR should have been created in the dev namespace - /tmp/tmp.Z3cR7n2baf/tests/release/service/tenant_pipelines.go:110 @ 04/19/26 13:50:36.756 < Exit [It] verifies that a Release CR should have been created in the dev namespace - /tmp/tmp.Z3cR7n2baf/tests/release/service/tenant_pipelines.go:110 @ 04/19/26 13:50:38.946 (2.19s) > Enter [AfterEach] [release-service-suite Release service tenant pipeline] - /tmp/tmp.Z3cR7n2baf/tests/release/service/tenant_pipelines.go:28 @ 04/19/26 13:50:38.946 < Exit [AfterEach] [release-service-suite Release service tenant pipeline] - /tmp/tmp.Z3cR7n2baf/tests/release/service/tenant_pipelines.go:28 @ 04/19/26 13:50:38.946 (0s) > Enter [It] verifies that Tenant PipelineRun is triggered - /tmp/tmp.Z3cR7n2baf/tests/release/service/tenant_pipelines.go:117 @ 04/19/26 13:50:38.947 PipelineRun has not been created yet for release %s/%s tenant-dev-swsv snapshot-sample-eccd-5bj4f PipelineRun tenant-46wq9 reason: PipelineRunPending PipelineRun tenant-46wq9 reason: Succeeded < Exit [It] verifies that Tenant PipelineRun is triggered - /tmp/tmp.Z3cR7n2baf/tests/release/service/tenant_pipelines.go:117 @ 04/19/26 13:51:18.956 (40.009s) > Enter [AfterEach] [release-service-suite Release service tenant pipeline] - /tmp/tmp.Z3cR7n2baf/tests/release/service/tenant_pipelines.go:28 @ 04/19/26 13:51:18.956 < Exit [AfterEach] [release-service-suite Release service tenant pipeline] - /tmp/tmp.Z3cR7n2baf/tests/release/service/tenant_pipelines.go:28 @ 04/19/26 13:51:18.956 (0s) > Enter [It] verifies that a Release is marked as succeeded. - /tmp/tmp.Z3cR7n2baf/tests/release/service/tenant_pipelines.go:121 @ 04/19/26 13:51:18.956 < Exit [It] verifies that a Release is marked as succeeded. - /tmp/tmp.Z3cR7n2baf/tests/release/service/tenant_pipelines.go:121 @ 04/19/26 13:51:18.964 (7ms) > Enter [AfterEach] [release-service-suite Release service tenant pipeline] - /tmp/tmp.Z3cR7n2baf/tests/release/service/tenant_pipelines.go:28 @ 04/19/26 13:51:18.964 < Exit [AfterEach] [release-service-suite Release service tenant pipeline] - /tmp/tmp.Z3cR7n2baf/tests/release/service/tenant_pipelines.go:28 @ 04/19/26 13:51:18.964 (0s) > Enter [AfterAll] [release-service-suite Release service tenant pipeline] - /tmp/tmp.Z3cR7n2baf/tests/release/service/tenant_pipelines.go:102 @ 04/19/26 13:51:18.964 < Exit [AfterAll] [release-service-suite Release service tenant pipeline] - /tmp/tmp.Z3cR7n2baf/tests/release/service/tenant_pipelines.go:102 @ 04/19/26 13:52:46.008 (1m27.044s) > Enter [BeforeAll] [release-service-suite Release service happy path] - /tmp/tmp.Z3cR7n2baf/tests/release/service/happy_path.go:42 @ 04/19/26 13:50:24.373 snapshotPush.Name: %s snapshot-sample-adio < Exit [BeforeAll] [release-service-suite Release service happy path] - /tmp/tmp.Z3cR7n2baf/tests/release/service/happy_path.go:42 @ 04/19/26 13:50:59.625 (35.252s) > Enter [It] verifies that a Release CR should have been created in the dev namespace - /tmp/tmp.Z3cR7n2baf/tests/release/service/happy_path.go:151 @ 04/19/26 13:50:59.625 < Exit [It] verifies that a Release CR should have been created in the dev namespace - /tmp/tmp.Z3cR7n2baf/tests/release/service/happy_path.go:151 @ 04/19/26 13:51:02.092 (2.467s) > Enter [AfterEach] [release-service-suite Release service happy path] - /tmp/tmp.Z3cR7n2baf/tests/release/service/happy_path.go:27 @ 04/19/26 13:51:02.092 < Exit [AfterEach] [release-service-suite Release service happy path] - /tmp/tmp.Z3cR7n2baf/tests/release/service/happy_path.go:27 @ 04/19/26 13:51:02.092 (0s) > Enter [It] verifies that Release PipelineRun is triggered - /tmp/tmp.Z3cR7n2baf/tests/release/service/happy_path.go:158 @ 04/19/26 13:51:02.093 PipelineRun has not been created yet for release %s/%s happy-path-eidf snapshot-sample-adio-4v6hq PipelineRun managed-wgvrk reason: Running PipelineRun managed-wgvrk reason: Running PipelineRun managed-wgvrk reason: Running PipelineRun managed-wgvrk reason: Succeeded < Exit [It] verifies that Release PipelineRun is triggered - /tmp/tmp.Z3cR7n2baf/tests/release/service/happy_path.go:158 @ 04/19/26 13:52:22.122 (1m20.029s) > Enter [AfterEach] [release-service-suite Release service happy path] - /tmp/tmp.Z3cR7n2baf/tests/release/service/happy_path.go:27 @ 04/19/26 13:52:22.122 < Exit [AfterEach] [release-service-suite Release service happy path] - /tmp/tmp.Z3cR7n2baf/tests/release/service/happy_path.go:27 @ 04/19/26 13:52:22.122 (0s) > Enter [It] verifies that Enterprise Contract Task has succeeded in the Release PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/release/service/happy_path.go:162 @ 04/19/26 13:52:22.123 the status of the verify-conforma TaskRun on the release pipeline is: [{Succeeded True {2026-04-19 13:52:13 +0000 UTC} Succeeded All Steps have completed executing}] < Exit [It] verifies that Enterprise Contract Task has succeeded in the Release PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/release/service/happy_path.go:162 @ 04/19/26 13:52:22.173 (50ms) > Enter [AfterEach] [release-service-suite Release service happy path] - /tmp/tmp.Z3cR7n2baf/tests/release/service/happy_path.go:27 @ 04/19/26 13:52:22.174 < Exit [AfterEach] [release-service-suite Release service happy path] - /tmp/tmp.Z3cR7n2baf/tests/release/service/happy_path.go:27 @ 04/19/26 13:52:22.174 (0s) > Enter [It] verifies that a Release is marked as succeeded. - /tmp/tmp.Z3cR7n2baf/tests/release/service/happy_path.go:174 @ 04/19/26 13:52:22.174 < Exit [It] verifies that a Release is marked as succeeded. - /tmp/tmp.Z3cR7n2baf/tests/release/service/happy_path.go:174 @ 04/19/26 13:52:22.189 (15ms) > Enter [AfterEach] [release-service-suite Release service happy path] - /tmp/tmp.Z3cR7n2baf/tests/release/service/happy_path.go:27 @ 04/19/26 13:52:22.189 < Exit [AfterEach] [release-service-suite Release service happy path] - /tmp/tmp.Z3cR7n2baf/tests/release/service/happy_path.go:27 @ 04/19/26 13:52:22.189 (0s) > Enter [AfterAll] [release-service-suite Release service happy path] - /tmp/tmp.Z3cR7n2baf/tests/release/service/happy_path.go:142 @ 04/19/26 13:52:22.189 < Exit [AfterAll] [release-service-suite Release service happy path] - /tmp/tmp.Z3cR7n2baf/tests/release/service/happy_path.go:142 @ 04/19/26 13:53:47.29 (1m25.101s) > Enter [BeforeAll] test build secret lookup - /tmp/tmp.Z3cR7n2baf/tests/build/secret_lookup.go:32 @ 04/19/26 13:50:24.368 < Exit [BeforeAll] test build secret lookup - /tmp/tmp.Z3cR7n2baf/tests/build/secret_lookup.go:32 @ 04/19/26 13:50:32.206 (7.838s) > Enter [BeforeAll] when two secrets are created - /tmp/tmp.Z3cR7n2baf/tests/build/secret_lookup.go:100 @ 04/19/26 13:50:32.206 < Exit [BeforeAll] when two secrets are created - /tmp/tmp.Z3cR7n2baf/tests/build/secret_lookup.go:100 @ 04/19/26 13:50:32.223 (17ms) > Enter [It] creates first component - /tmp/tmp.Z3cR7n2baf/tests/build/secret_lookup.go:123 @ 04/19/26 13:50:32.223 Image repository for component component-one-lhcg in namespace build-e2e-adbs do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. < Exit [It] creates first component - /tmp/tmp.Z3cR7n2baf/tests/build/secret_lookup.go:123 @ 04/19/26 13:50:52.312 (20.089s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/secret_lookup.go:25 @ 04/19/26 13:50:52.313 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/secret_lookup.go:25 @ 04/19/26 13:50:52.313 (0s) > Enter [It] creates second component - /tmp/tmp.Z3cR7n2baf/tests/build/secret_lookup.go:140 @ 04/19/26 13:50:52.314 Image repository for component component-two-kwtk in namespace build-e2e-adbs do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Image repository for component component-two-kwtk in namespace build-e2e-adbs do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Image repository for component component-two-kwtk in namespace build-e2e-adbs do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. < Exit [It] creates second component - /tmp/tmp.Z3cR7n2baf/tests/build/secret_lookup.go:140 @ 04/19/26 13:51:32.355 (40.042s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/secret_lookup.go:25 @ 04/19/26 13:51:32.355 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/secret_lookup.go:25 @ 04/19/26 13:51:32.355 (0s) > Enter [It] check first component annotation has errors - /tmp/tmp.Z3cR7n2baf/tests/build/secret_lookup.go:158 @ 04/19/26 13:51:32.356 build status annotation value: {"pac":{"state":"error","error-id":74,"error-message":"74: Access token is unrecognizable by GitHub"},"message":"done"} < Exit [It] check first component annotation has errors - /tmp/tmp.Z3cR7n2baf/tests/build/secret_lookup.go:158 @ 04/19/26 13:51:32.362 (6ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/secret_lookup.go:25 @ 04/19/26 13:51:32.362 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/secret_lookup.go:25 @ 04/19/26 13:51:32.362 (0s) > Enter [It] triggered PipelineRun is for component - /tmp/tmp.Z3cR7n2baf/tests/build/secret_lookup.go:178 @ 04/19/26 13:51:32.363 PipelineRun has not been created yet for the component build-e2e-adbs/component-two-kwtk PipelineRun has not been created yet for the component build-e2e-adbs/component-two-kwtk < Exit [It] triggered PipelineRun is for component - /tmp/tmp.Z3cR7n2baf/tests/build/secret_lookup.go:178 @ 04/19/26 13:52:12.426 (40.064s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/secret_lookup.go:25 @ 04/19/26 13:52:12.427 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/secret_lookup.go:25 @ 04/19/26 13:52:12.427 (0s) > Enter [It] check only one pipelinerun should be triggered - /tmp/tmp.Z3cR7n2baf/tests/build/secret_lookup.go:193 @ 04/19/26 13:52:12.427 < Exit [It] check only one pipelinerun should be triggered - /tmp/tmp.Z3cR7n2baf/tests/build/secret_lookup.go:193 @ 04/19/26 13:54:12.428 (2m0.001s) > Enter [AfterAll] test build secret lookup - /tmp/tmp.Z3cR7n2baf/tests/build/secret_lookup.go:61 @ 04/19/26 13:54:12.429 < Exit [AfterAll] test build secret lookup - /tmp/tmp.Z3cR7n2baf/tests/build/secret_lookup.go:61 @ 04/19/26 13:54:15.557 (3.128s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/secret_lookup.go:25 @ 04/19/26 13:54:15.557 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/secret_lookup.go:25 @ 04/19/26 13:54:15.557 (0s) [FAILED] Failed to fork repository for fj Unexpected error: <*fmt.wrapError | 0xc000adf1c0>: error migrating project konflux-qe/devfile-sample-hello-world to konflux-qe/devfile-sample-hello-world-vpbcor (last error: You have already reached your limit of 100 repositories.): context deadline exceeded { msg: "error migrating project konflux-qe/devfile-sample-hello-world to konflux-qe/devfile-sample-hello-world-vpbcor (last error: You have already reached your limit of 100 repositories.): context deadline exceeded", err: <context.deadlineExceededError>{}, } occurred In [BeforeAll] at: /tmp/tmp.Z3cR7n2baf/tests/build/git_provider_config.go:329 @ 04/19/26 13:55:29.552 > Enter [BeforeAll] PaC component build - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:55 @ 04/19/26 13:50:24.271 [FAILED] Failed to fork repository for fj Unexpected error: <*fmt.wrapError | 0xc000adf1c0>: error migrating project konflux-qe/devfile-sample-hello-world to konflux-qe/devfile-sample-hello-world-vpbcor (last error: You have already reached your limit of 100 repositories.): context deadline exceeded { msg: "error migrating project konflux-qe/devfile-sample-hello-world to konflux-qe/devfile-sample-hello-world-vpbcor (last error: You have already reached your limit of 100 repositories.): context deadline exceeded", err: <context.deadlineExceededError>{}, } occurred In [BeforeAll] at: /tmp/tmp.Z3cR7n2baf/tests/build/git_provider_config.go:329 @ 04/19/26 13:55:29.552 < Exit [BeforeAll] PaC component build - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:55 @ 04/19/26 13:55:29.552 (5m5.281s) > Enter [AfterAll] PaC component build - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:102 @ 04/19/26 13:55:29.552 < Exit [AfterAll] PaC component build - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:102 @ 04/19/26 13:55:29.552 (0s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:55:29.553 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:55:29.908 (355ms) [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:154 @ 04/19/26 13:55:29.909 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:177 @ 04/19/26 13:55:29.909 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:192 @ 04/19/26 13:55:29.909 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:196 @ 04/19/26 13:55:29.91 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:226 @ 04/19/26 13:55:29.91 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:244 @ 04/19/26 13:55:29.91 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:250 @ 04/19/26 13:55:29.91 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:266 @ 04/19/26 13:55:29.911 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:279 @ 04/19/26 13:55:29.911 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:333 @ 04/19/26 13:55:29.911 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:348 @ 04/19/26 13:55:29.911 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:366 @ 04/19/26 13:55:29.912 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:372 @ 04/19/26 13:55:29.912 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:391 @ 04/19/26 13:55:29.912 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:404 @ 04/19/26 13:55:29.912 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:410 @ 04/19/26 13:55:29.912 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:439 @ 04/19/26 13:55:29.913 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:453 @ 04/19/26 13:55:29.913 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:478 @ 04/19/26 13:55:29.913 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:493 @ 04/19/26 13:55:29.913 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:512 @ 04/19/26 13:55:29.913 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:518 @ 04/19/26 13:55:29.914 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:544 @ 04/19/26 13:55:29.914 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:560 @ 04/19/26 13:55:29.914 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:566 @ 04/19/26 13:55:29.914 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:578 @ 04/19/26 13:55:29.915 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:609 @ 04/19/26 13:55:29.915 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:729 @ 04/19/26 13:55:29.915 > Enter [BeforeAll] [enterprise-contract-suite Conforma E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/enterprise-contract/contract.go:31 @ 04/19/26 13:50:24.269 < Exit [BeforeAll] [enterprise-contract-suite Conforma E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/enterprise-contract/contract.go:31 @ 04/19/26 13:50:31.435 (7.166s) > Enter [It] verifies if the chains controller is running - /tmp/tmp.Z3cR7n2baf/tests/enterprise-contract/contract.go:43 @ 04/19/26 13:50:31.435 < Exit [It] verifies if the chains controller is running - /tmp/tmp.Z3cR7n2baf/tests/enterprise-contract/contract.go:43 @ 04/19/26 13:50:31.873 (438ms) > Enter [AfterEach] [enterprise-contract-suite Conforma E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/enterprise-contract/contract.go:29 @ 04/19/26 13:50:31.873 < Exit [AfterEach] [enterprise-contract-suite Conforma E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/enterprise-contract/contract.go:29 @ 04/19/26 13:50:31.873 (0s) > Enter [It] verifies the signing secret is present - /tmp/tmp.Z3cR7n2baf/tests/enterprise-contract/contract.go:48 @ 04/19/26 13:50:31.874 < Exit [It] verifies the signing secret is present - /tmp/tmp.Z3cR7n2baf/tests/enterprise-contract/contract.go:48 @ 04/19/26 13:50:32.262 (388ms) > Enter [AfterEach] [enterprise-contract-suite Conforma E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/enterprise-contract/contract.go:29 @ 04/19/26 13:50:32.262 < Exit [AfterEach] [enterprise-contract-suite Conforma E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/enterprise-contract/contract.go:29 @ 04/19/26 13:50:32.262 (0s) > Enter [BeforeAll] test creating and signing an image and task - /tmp/tmp.Z3cR7n2baf/tests/enterprise-contract/contract.go:73 @ 04/19/26 13:50:32.263 Creating Pipeline "buildah-demo-ofptejhqkf" Waiting for pipeline "buildah-demo-ofptejhqkf" to finish The pipeline named "buildah-demo-ofptejhqkf" in namespace "chains-e2e-dycl" succeeded The image signed by Tekton Chains is quay.io/redhat-appstudio-qe/test-images:buildah-demo-ofptejhqkf@sha256:aa066e3589bb1434b90337c555498279251c91049a2b063f55535f9b169ff4c7 < Exit [BeforeAll] test creating and signing an image and task - /tmp/tmp.Z3cR7n2baf/tests/enterprise-contract/contract.go:73 @ 04/19/26 13:54:56.504 (4m24.241s) > Enter [It] creates signature and attestation - /tmp/tmp.Z3cR7n2baf/tests/enterprise-contract/contract.go:115 @ 04/19/26 13:54:56.505 failed to get cosign result for image quay.io/redhat-appstudio-qe/test-images:buildah-demo-ofptejhqkf@sha256:aa066e3589bb1434b90337c555498279251c91049a2b063f55535f9b169ff4c7: failed to find cosign results for image quay.io/redhat-appstudio-qe/test-images:buildah-demo-ofptejhqkf@sha256:aa066e3589bb1434b90337c555498279251c91049a2b063f55535f9b169ff4c7: error when getting attestation tag: cannot get manifest digest from quay.io/redhat-appstudio-qe/test-images:sha256-aa066e3589bb1434b90337c555498279251c91049a2b063f55535f9b169ff4c7.att image. response body: {"tags": [], "page": 1, "has_additional": false} Cosign verify pass with .att and .sig ImageStreamTags found for quay.io/redhat-appstudio-qe/test-images:buildah-demo-ofptejhqkf@sha256:aa066e3589bb1434b90337c555498279251c91049a2b063f55535f9b169ff4c7 < Exit [It] creates signature and attestation - /tmp/tmp.Z3cR7n2baf/tests/enterprise-contract/contract.go:115 @ 04/19/26 13:54:57.785 (1.28s) > Enter [AfterEach] [enterprise-contract-suite Conforma E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/enterprise-contract/contract.go:29 @ 04/19/26 13:54:57.785 < Exit [AfterEach] [enterprise-contract-suite Conforma E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/enterprise-contract/contract.go:29 @ 04/19/26 13:54:57.785 (0s) [FAILED] Expected <bool>: false to be true In [It] at: /tmp/tmp.Z3cR7n2baf/tests/enterprise-contract/contract.go:190 @ 04/19/26 14:00:52.107 > Enter [BeforeAll] verify-enterprise-contract task - /tmp/tmp.Z3cR7n2baf/tests/enterprise-contract/contract.go:133 @ 04/19/26 13:54:57.786 Copy public key from openshift-pipelines/signing-secrets to a new secret Configured Rekor host: https://rekor.sigstore.dev Using verify EC task bundle: quay.io/conforma/tekton-task:kf-cdfd9188f9352d7269ae1fe8c273a9e67f60ab8a@sha256:3801e78906a70b6dcf850a063cd90b8f5a785b3b54e39ba04630268b08703048 < Exit [BeforeAll] verify-enterprise-contract task - /tmp/tmp.Z3cR7n2baf/tests/enterprise-contract/contract.go:133 @ 04/19/26 13:54:57.842 (56ms) > Enter [BeforeEach] verify-enterprise-contract task - /tmp/tmp.Z3cR7n2baf/tests/enterprise-contract/contract.go:154 @ 04/19/26 13:54:57.842 < Exit [BeforeEach] verify-enterprise-contract task - /tmp/tmp.Z3cR7n2baf/tests/enterprise-contract/contract.go:154 @ 04/19/26 13:54:57.856 (14ms) > Enter [It] succeeds when policy is met - /tmp/tmp.Z3cR7n2baf/tests/enterprise-contract/contract.go:177 @ 04/19/26 13:54:57.856 Creating Pipeline "verify-enterprise-contract-run-szk9w" Waiting for pipeline "verify-enterprise-contract-run-szk9w" to finish *** TaskRun status: artifacts: {} completionTime: "2026-04-19T14:00:51Z" conditions: - lastTransitionTime: "2026-04-19T14:00:51Z" message: '"step-show-config" exited with code 2: Error' reason: Failed status: "False" type: Succeeded podName: verify-enterprise-contract-de36026b2ef7d2a482f9c09fe689cb4f-pod provenance: featureFlags: awaitSidecarReadiness: true coschedule: workspaces enableAPIFields: alpha enableParamEnum: true enableProvenanceInStatus: true enforceNonfalsifiability: none maxResultSize: 4096 resultExtractionMethod: termination-message runningInEnvWithInjectedSidecars: true verificationNoMatchPolicy: ignore refSource: digest: sha256: 3801e78906a70b6dcf850a063cd90b8f5a785b3b54e39ba04630268b08703048 entryPoint: verify-enterprise-contract uri: quay.io/conforma/tekton-task spanContext: traceparent: 00-34aeeef362eca8e520860846da9f88f8-0d870eced5088bce-01 startTime: "2026-04-19T13:54:58Z" steps: - container: step-initialize-tuf imageID: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: initialize-tuf provenance: {} terminated: containerID: cri-o://b0ac0297e41cad925e8a7147cc1eb293446b3e0de0ed02bf986782c884cd71b0 exitCode: 0 finishedAt: "2026-04-19T14:00:45Z" reason: Completed startedAt: "2026-04-19T14:00:45Z" terminationReason: Skipped - container: step-reduce imageID: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: reduce provenance: {} terminated: containerID: cri-o://dfe1058c37195655877d72f7b41e1d4dc2e46916f1a67f7e9b908c092d01ee96 exitCode: 0 finishedAt: "2026-04-19T14:00:45Z" reason: Completed startedAt: "2026-04-19T14:00:45Z" terminationReason: Completed - container: step-validate imageID: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: validate provenance: {} terminated: containerID: cri-o://0c5bef5f1aaf6a9d5cb636492573adc19ebfc29b7383a4dd93aac0887605f230 exitCode: 1 finishedAt: "2026-04-19T14:00:50Z" reason: Completed startedAt: "2026-04-19T14:00:45Z" terminationReason: Continued - container: step-report-json imageID: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: report-json provenance: {} terminated: containerID: cri-o://a397da7f830981cb8907767590811dc99da8fd8a2bde80e2f10aad45befcf2e8 exitCode: 0 finishedAt: "2026-04-19T14:00:50Z" reason: Completed startedAt: "2026-04-19T14:00:50Z" terminationReason: Completed - container: step-summary imageID: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: summary provenance: {} terminated: containerID: cri-o://913fbdb42689043d43d57083fefdb7d8cce89781f012a5b08e6561d182e6e7c6 exitCode: 2 finishedAt: "2026-04-19T14:00:50Z" reason: Completed startedAt: "2026-04-19T14:00:50Z" terminationReason: Continued - container: step-info imageID: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: info provenance: {} terminated: containerID: cri-o://1023c3df2ffeb95999484b2664d4c72536c89739f72c847ccb21b12f6b3972ee exitCode: 0 finishedAt: "2026-04-19T14:00:50Z" reason: Completed startedAt: "2026-04-19T14:00:50Z" terminationReason: Completed - container: step-version imageID: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: version provenance: {} terminated: containerID: cri-o://52c4e7be3bf3be12a4e61d73aa935ab586259d95939b87a8d9794cda77e9acfd exitCode: 0 finishedAt: "2026-04-19T14:00:51Z" reason: Completed startedAt: "2026-04-19T14:00:51Z" terminationReason: Completed - container: step-show-config imageID: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: show-config provenance: {} terminated: containerID: cri-o://6658c6a231307377b18d2783cf09c77d237fcedfcbbb474020fc67b8367b3924 exitCode: 2 finishedAt: "2026-04-19T14:00:51Z" reason: Error startedAt: "2026-04-19T14:00:51Z" terminationReason: Error - container: step-assert imageID: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: assert provenance: {} terminated: containerID: cri-o://0a6fa39e6ceac6fadb7c7448489ba63adde2d335d949278be63f28fe37ff5975 exitCode: 1 finishedAt: "2026-04-19T14:00:51Z" reason: Error startedAt: "2026-04-19T14:00:51Z" terminationReason: Skipped taskSpec: description: Verify the enterprise contract is met params: - description: | Spec section of an ApplicationSnapshot resource. Not all fields of the resource are required. A minimal example: ```json { "components": [ { "containerImage": "quay.io/example/repo:latest" } ] } ``` Each `containerImage` in the `components` array is validated. name: IMAGES type: string - default: enterprise-contract-service/default description: | Name of the policy configuration (EnterpriseContractPolicy resource) to use. `namespace/name` or `name` syntax supported. If namespace is omitted the namespace where the task runs is used. You can also specify a policy configuration using a git url, e.g. `github.com/conforma/config//slsa3`. name: POLICY_CONFIGURATION type: string - default: "" description: Public key used to verify signatures. Must be a valid k8s cosign reference, e.g. k8s://my-space/my-secret where my-secret contains the expected cosign.pub attribute. name: PUBLIC_KEY type: string - default: "" description: Rekor host for transparency log lookups name: REKOR_HOST type: string - default: "false" description: Skip Rekor transparency log checks during validation. name: IGNORE_REKOR type: string - default: "" description: TUF mirror URL. Provide a value when NOT using public sigstore deployment. name: TUF_MIRROR type: string - default: "" description: | Path to a directory containing SSL certs to be used when communicating with external services. This is useful when using the integrated registry and a local instance of Rekor on a development cluster which may use certificates issued by a not-commonly trusted root CA. In such cases, `/var/run/secrets/kubernetes.io/serviceaccount` is a good value. Multiple paths can be provided by using the `:` separator. name: SSL_CERT_DIR type: string - default: trusted-ca description: The name of the ConfigMap to read CA bundle data from. name: CA_TRUST_CONFIGMAP_NAME type: string - default: ca-bundle.crt description: The name of the key in the ConfigMap that contains the CA bundle data. name: CA_TRUST_CONFIG_MAP_KEY type: string - default: "true" description: Include rule titles and descriptions in the output. Set to `"false"` to disable it. name: INFO type: string - default: "true" description: Fail the task if policy fails. Set to `"false"` to disable it. name: STRICT type: string - default: /tekton/home description: Value for the HOME environment variable. name: HOMEDIR type: string - default: now description: Run policy checks with the provided time. name: EFFECTIVE_TIME type: string - default: "" description: Merge additional Rego variables into the policy data. Use syntax "key=value,key2=value2..." name: EXTRA_RULE_DATA type: string - default: "" description: | This param is deprecated and will be removed in future. Its value is ignored. EC will be run without a timeout. (If you do want to apply a timeout use the Tekton task timeout.) name: TIMEOUT type: string - default: "1" description: Number of parallel workers to use for policy evaluation. name: WORKERS type: string - default: "false" description: Reduce the Snapshot to only the component whose build caused the Snapshot to be created name: SINGLE_COMPONENT type: string - default: unknown description: | Name, including kind, of the Kubernetes resource to query for labels when single component mode is enabled, e.g. pr/somepipeline. name: SINGLE_COMPONENT_CUSTOM_RESOURCE type: string - default: "" description: | Kubernetes namespace where the SINGLE_COMPONENT_NAME is found. Only used when single component mode is enabled. name: SINGLE_COMPONENT_CUSTOM_RESOURCE_NS type: string results: - description: Short summary of the policy evaluation for each image name: TEST_OUTPUT type: string stepTemplate: computeResources: {} env: - name: HOME value: /tekton/home steps: - args: - sigstore - initialize - --mirror - "" - --root - /root.json command: - ec computeResources: limits: memory: 256Mi requests: cpu: 100m memory: 256Mi image: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: initialize-tuf when: - operator: notin values: - "" - command: - reduce-snapshot.sh computeResources: limits: memory: 256Mi requests: cpu: 100m memory: 256Mi env: - name: SNAPSHOT value: '{"application":"","components":[{"name":"","containerImage":"quay.io/redhat-appstudio-qe/test-images:buildah-demo-ofptejhqkf@sha256:aa066e3589bb1434b90337c555498279251c91049a2b063f55535f9b169ff4c7","source":{}}],"artifacts":{}}' - name: SINGLE_COMPONENT value: "false" - name: CUSTOM_RESOURCE value: unknown - name: CUSTOM_RESOURCE_NAMESPACE - name: SNAPSHOT_PATH value: /tekton/home/snapshot.json image: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: reduce onError: continue - args: - validate - image - --images - /tekton/home/snapshot.json - --policy - ec-policy - --public-key - k8s://chains-e2e-dycl/cosign-public-key - --rekor-url - "" - --ignore-rekor=true - --workers - "1" - --info=true - --timeout=100h - --strict=false - --show-successes - --effective-time=now - --extra-rule-data= - --output - text?show-successes=false - --output - appstudio=/tekton/results/TEST_OUTPUT - --output - json=/tekton/home/report-json.json command: - ec computeResources: limits: memory: 2Gi requests: cpu: 1800m memory: 2Gi env: - name: SSL_CERT_DIR value: /tekton-custom-certs:/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/var/run/secrets/kubernetes.io/serviceaccount - name: EC_CACHE value: "false" image: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: validate onError: continue volumeMounts: - mountPath: /etc/pki/tls/certs/ca-custom-bundle.crt name: trusted-ca readOnly: true subPath: ca-bundle.crt - args: - jq . /tekton/home/report-json.json | awk '{gsub(/^ +/, ""); acc += length; if (acc >= 8000) { printf "\n"; acc=length } printf $0 }' command: - sh - -c computeResources: limits: memory: 256Mi requests: cpu: 100m memory: 256Mi image: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: report-json onError: continue - args: - . - /tekton/results/TEST_OUTPUT command: - jq computeResources: limits: memory: 256Mi requests: cpu: 100m memory: 256Mi image: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: summary onError: continue - args: - | ----- DEBUG OUTPUT ----- command: - printf computeResources: limits: memory: 256Mi requests: cpu: 100m memory: 256Mi image: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: info - args: - version command: - ec computeResources: limits: memory: 256Mi requests: cpu: 100m memory: 256Mi image: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: version - args: - '{policy: .policy, key: .key, "effective-time": .["effective-time"]}' - /tekton/home/report-json.json command: - jq computeResources: limits: memory: 256Mi requests: cpu: 100m memory: 256Mi image: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: show-config - args: - --argjson - strict - "true" - -e - | .result == "SUCCESS" or .result == "WARNING" or ($strict | not) - /tekton/results/TEST_OUTPUT command: - jq computeResources: limits: memory: 256Mi requests: cpu: 100m memory: 256Mi image: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: assert volumes: - configMap: items: - key: ca-bundle.crt path: ca-bundle.crt name: trusted-ca optional: true name: trusted-ca workspaces: - description: The workspace where the snapshot spec json file resides name: data optional: true *** Logs from pod 'verify-enterprise-contract-de36026b2ef7d2a482f9c09fe689cb4f-pod', container 'step-initialize-tuf': ----- START -----2026/04/19 14:00:45 INFO Step was skipped due to when expressions were evaluated to false. ----- END ----- *** Logs from pod 'verify-enterprise-contract-de36026b2ef7d2a482f9c09fe689cb4f-pod', container 'step-reduce': ----- START -----Single Component mode? false { "application": "", "components": [ { "name": "", "containerImage": "quay.io/redhat-appstudio-qe/test-images:buildah-demo-ofptejhqkf@sha256:aa066e3589bb1434b90337c555498279251c91049a2b063f55535f9b169ff4c7", "source": {} } ], "artifacts": {} } ----- END ----- *** Logs from pod 'verify-enterprise-contract-de36026b2ef7d2a482f9c09fe689cb4f-pod', container 'step-validate': ----- START -----Error: error validating image quay.io/redhat-appstudio-qe/test-images:buildah-demo-ofptejhqkf@sha256:aa066e3589bb1434b90337c555498279251c91049a2b063f55535f9b169ff4c7 of component : load: loading policies: get compiler: 5 errors occurred: /tmp/ec-work-715229403/policy/ecc96998b/policy/lib/sbom/sbom.rego:88: rego_type_error: undefined function ec.oci.image_referrers /tmp/ec-work-715229403/policy/ecc96998b/policy/lib/sbom/sbom.rego:98: rego_type_error: undefined function ec.oci.image_tag_refs /tmp/ec-work-715229403/policy/ecc96998b/policy/release/slsa_build_scripted_build/slsa_build_scripted_build.rego:23: rego_type_error: undefined function ec.oci.image_manifests /tmp/ec-work-715229403/policy/ecc96998b/policy/release/tasks/tasks.rego:37: rego_type_error: undefined function ec.oci.image_manifests /tmp/ec-work-715229403/policy/ecc96998b/policy/release/trusted_task/trusted_task.rego:23: rego_type_error: undefined function ec.oci.image_manifests ----- END ----- *** Logs from pod 'verify-enterprise-contract-de36026b2ef7d2a482f9c09fe689cb4f-pod', container 'step-report-json': ----- START -----jq: error: Could not open file /tekton/home/report-json.json: No such file or directory ----- END ----- *** Logs from pod 'verify-enterprise-contract-de36026b2ef7d2a482f9c09fe689cb4f-pod', container 'step-summary': ----- START -----jq: error: Could not open file /tekton/results/TEST_OUTPUT: No such file or directory ----- END ----- *** Logs from pod 'verify-enterprise-contract-de36026b2ef7d2a482f9c09fe689cb4f-pod', container 'step-info': ----- START ---------- DEBUG OUTPUT ----- ----- END ----- *** Logs from pod 'verify-enterprise-contract-de36026b2ef7d2a482f9c09fe689cb4f-pod', container 'step-version': ----- START -----Version v0.7.111 Source ID cdfd9188f9352d7269ae1fe8c273a9e67f60ab8a Change date 2025-07-09 12:58:49 +0000 UTC (40 weeks ago) ECC v0.1.112 OPA v0.70.0 Conftest v0.55.0 Cosign v2.4.1 Sigstore v1.8.9 Rekor v1.3.6 Tekton Pipeline v0.63.0 Kubernetes Client v0.31.0 ----- END ----- *** Logs from pod 'verify-enterprise-contract-de36026b2ef7d2a482f9c09fe689cb4f-pod', container 'step-show-config': ----- START -----jq: error: Could not open file /tekton/home/report-json.json: No such file or directory ----- END ----- *** Logs from pod 'verify-enterprise-contract-de36026b2ef7d2a482f9c09fe689cb4f-pod', container 'step-assert': ----- START -----2026/04/19 14:00:51 Skipping step because a previous step failed ----- END ----- Make sure TaskRun verify-enterprise-contract of PipelineRun verify-enterprise-contract-run-szk9w succeeded [FAILED] Expected <bool>: false to be true In [It] at: /tmp/tmp.Z3cR7n2baf/tests/enterprise-contract/contract.go:190 @ 04/19/26 14:00:52.107 < Exit [It] succeeds when policy is met - /tmp/tmp.Z3cR7n2baf/tests/enterprise-contract/contract.go:177 @ 04/19/26 14:00:52.108 (5m54.251s) > Enter [AfterEach] [enterprise-contract-suite Conforma E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/enterprise-contract/contract.go:29 @ 04/19/26 14:00:52.108 < Exit [AfterEach] [enterprise-contract-suite Conforma E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/enterprise-contract/contract.go:29 @ 04/19/26 14:00:52.46 (352ms) [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/enterprise-contract/contract.go:197 @ 04/19/26 14:00:52.46 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/enterprise-contract/contract.go:225 @ 04/19/26 14:00:52.46 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/enterprise-contract/contract.go:251 @ 04/19/26 14:00:52.461 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/enterprise-contract/contract.go:279 @ 04/19/26 14:00:52.461 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/enterprise-contract/contract.go:301 @ 04/19/26 14:00:52.461 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/enterprise-contract/contract.go:345 @ 04/19/26 14:00:52.461 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/enterprise-contract/contract.go:382 @ 04/19/26 14:00:52.461 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/enterprise-contract/contract.go:422 @ 04/19/26 14:00:52.462 > Enter [BeforeAll] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:32 @ 04/19/26 13:50:24.469 < Exit [BeforeAll] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:32 @ 04/19/26 13:50:49.298 (24.829s) > Enter [It] verifies that the ReleasePlan CR is unmatched in the beginning - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:57 @ 04/19/26 13:50:49.298 < Exit [It] verifies that the ReleasePlan CR is unmatched in the beginning - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:57 @ 04/19/26 13:50:53.026 (3.728s) > Enter [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/19/26 13:50:53.027 < Exit [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/19/26 13:50:53.027 (0s) > Enter [It] Creates ReleasePlanAdmission CR in corresponding managed namespace - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:72 @ 04/19/26 13:50:53.027 < Exit [It] Creates ReleasePlanAdmission CR in corresponding managed namespace - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:72 @ 04/19/26 13:50:53.057 (30ms) > Enter [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/19/26 13:50:53.058 < Exit [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/19/26 13:50:53.058 (0s) > Enter [It] verifies that the ReleasePlan CR is set to matched - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:85 @ 04/19/26 13:50:53.058 < Exit [It] verifies that the ReleasePlan CR is set to matched - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:85 @ 04/19/26 13:50:55.511 (2.453s) > Enter [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/19/26 13:50:55.511 < Exit [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/19/26 13:50:55.511 (0s) > Enter [It] verifies that the ReleasePlanAdmission CR is set to matched - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:105 @ 04/19/26 13:50:55.512 < Exit [It] verifies that the ReleasePlanAdmission CR is set to matched - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:105 @ 04/19/26 13:50:55.518 (5ms) > Enter [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/19/26 13:50:55.518 < Exit [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/19/26 13:50:55.518 (0s) > Enter [It] Creates a manual release ReleasePlan CR in devNamespace - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:123 @ 04/19/26 13:50:55.518 < Exit [It] Creates a manual release ReleasePlan CR in devNamespace - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:123 @ 04/19/26 13:50:55.548 (29ms) > Enter [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/19/26 13:50:55.548 < Exit [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/19/26 13:50:55.548 (0s) > Enter [It] verifies that the second ReleasePlan CR is set to matched - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:129 @ 04/19/26 13:50:55.548 < Exit [It] verifies that the second ReleasePlan CR is set to matched - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:129 @ 04/19/26 13:50:56.29 (742ms) > Enter [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/19/26 13:50:56.291 < Exit [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/19/26 13:50:56.291 (0s) > Enter [It] verifies that the ReleasePlanAdmission CR has two matched ReleasePlan CRs - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:150 @ 04/19/26 13:50:56.292 < Exit [It] verifies that the ReleasePlanAdmission CR has two matched ReleasePlan CRs - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:150 @ 04/19/26 13:50:57.128 (837ms) > Enter [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/19/26 13:50:57.129 < Exit [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/19/26 13:50:57.129 (0s) > Enter [It] deletes one ReleasePlan CR - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:171 @ 04/19/26 13:50:57.129 < Exit [It] deletes one ReleasePlan CR - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:171 @ 04/19/26 13:50:57.166 (37ms) > Enter [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/19/26 13:50:57.167 < Exit [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/19/26 13:50:57.167 (0s) > Enter [It] verifies that the ReleasePlanAdmission CR has only one matching ReleasePlan - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:177 @ 04/19/26 13:50:57.168 < Exit [It] verifies that the ReleasePlanAdmission CR has only one matching ReleasePlan - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:177 @ 04/19/26 13:50:58.415 (1.248s) > Enter [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/19/26 13:50:58.416 < Exit [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/19/26 13:50:58.416 (0s) > Enter [It] deletes the ReleasePlanAdmission CR - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:198 @ 04/19/26 13:50:58.417 < Exit [It] deletes the ReleasePlanAdmission CR - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:198 @ 04/19/26 13:50:58.428 (11ms) > Enter [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/19/26 13:50:58.428 < Exit [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/19/26 13:50:58.428 (0s) > Enter [It] verifies that the ReleasePlan CR has no matched ReleasePlanAdmission - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:204 @ 04/19/26 13:50:58.429 < Exit [It] verifies that the ReleasePlan CR has no matched ReleasePlanAdmission - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:204 @ 04/19/26 13:50:59.303 (874ms) > Enter [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/19/26 13:50:59.303 < Exit [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/19/26 13:50:59.303 (0s) > Enter [AfterAll] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:48 @ 04/19/26 13:50:59.304 < Exit [AfterAll] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.Z3cR7n2baf/tests/release/service/release_plan_and_admission_matched.go:48 @ 04/19/26 13:51:23.69 (24.387s) > Enter [BeforeAll] with status reporting of Integration tests in CheckRuns - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:45 @ 04/19/26 13:51:23.691 Image repository for component test-component-pac-snkqdo in namespace stat-rep-oqur do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Image repository for component test-component-pac-snkqdo in namespace stat-rep-oqur do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Build PipelineRun has not been created yet for the component stat-rep-oqur/test-component-pac-snkqdo Build PipelineRun has not been created yet for the component stat-rep-oqur/test-component-pac-snkqdo < Exit [BeforeAll] with status reporting of Integration tests in CheckRuns - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:45 @ 04/19/26 13:52:35.894 (1m12.203s) > Enter [It] does not contain an annotation with a Snapshot Name - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:109 @ 04/19/26 13:52:35.895 < Exit [It] does not contain an annotation with a Snapshot Name - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:109 @ 04/19/26 13:52:35.895 (0s) > Enter [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 13:52:35.895 < Exit [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 13:52:35.895 (0s) > Enter [It] should have a related PaC init PR created - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:113 @ 04/19/26 13:52:35.895 < Exit [It] should have a related PaC init PR created - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:113 @ 04/19/26 13:52:36.08 (185ms) > Enter [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 13:52:36.08 < Exit [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 13:52:36.08 (0s) > Enter [It] initialized integration test status is reported to github - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:132 @ 04/19/26 13:52:36.081 < Exit [It] initialized integration test status is reported to github - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:132 @ 04/19/26 13:52:36.249 (168ms) > Enter [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 13:52:36.25 < Exit [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 13:52:36.25 (0s) > Enter [It] should lead to build PipelineRun finishing successfully - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:142 @ 04/19/26 13:52:36.25 PipelineRun test-component-pac-snkqdo-on-pull-request-wkkzg reason: ResolvingTaskRef PipelineRun test-component-pac-snkqdo-on-pull-request-wkkzg reason: Running PipelineRun test-component-pac-snkqdo-on-pull-request-wkkzg reason: Running PipelineRun test-component-pac-snkqdo-on-pull-request-wkkzg reason: Running PipelineRun test-component-pac-snkqdo-on-pull-request-wkkzg reason: Running PipelineRun test-component-pac-snkqdo-on-pull-request-wkkzg reason: Running PipelineRun test-component-pac-snkqdo-on-pull-request-wkkzg reason: Running PipelineRun test-component-pac-snkqdo-on-pull-request-wkkzg reason: Running PipelineRun test-component-pac-snkqdo-on-pull-request-wkkzg reason: Running PipelineRun test-component-pac-snkqdo-on-pull-request-wkkzg reason: Running PipelineRun test-component-pac-snkqdo-on-pull-request-wkkzg reason: Running PipelineRun test-component-pac-snkqdo-on-pull-request-wkkzg reason: Running PipelineRun test-component-pac-snkqdo-on-pull-request-wkkzg reason: Running PipelineRun test-component-pac-snkqdo-on-pull-request-wkkzg reason: Running PipelineRun test-component-pac-snkqdo-on-pull-request-wkkzg reason: Running PipelineRun test-component-pac-snkqdo-on-pull-request-wkkzg reason: Running PipelineRun test-component-pac-snkqdo-on-pull-request-wkkzg reason: Running PipelineRun test-component-pac-snkqdo-on-pull-request-wkkzg reason: Running PipelineRun test-component-pac-snkqdo-on-pull-request-wkkzg reason: Running PipelineRun test-component-pac-snkqdo-on-pull-request-wkkzg reason: Running PipelineRun test-component-pac-snkqdo-on-pull-request-wkkzg reason: Running PipelineRun test-component-pac-snkqdo-on-pull-request-wkkzg reason: Running PipelineRun test-component-pac-snkqdo-on-pull-request-wkkzg reason: Completed < Exit [It] should lead to build PipelineRun finishing successfully - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:142 @ 04/19/26 13:59:56.262 (7m20.012s) > Enter [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 13:59:56.263 < Exit [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 13:59:56.263 (0s) > Enter [It] checks if the BuildPipelineRun have the annotation of chains signed - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:149 @ 04/19/26 13:59:56.263 < Exit [It] checks if the BuildPipelineRun have the annotation of chains signed - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:149 @ 04/19/26 13:59:56.37 (107ms) > Enter [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 13:59:56.37 < Exit [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 13:59:56.37 (0s) > Enter [It] checks if the Snapshot is created - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:153 @ 04/19/26 13:59:56.371 < Exit [It] checks if the Snapshot is created - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:153 @ 04/19/26 13:59:56.376 (6ms) > Enter [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 13:59:56.376 < Exit [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 13:59:56.376 (0s) > Enter [It] checks if the Build PipelineRun got annotated with Snapshot name - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:158 @ 04/19/26 13:59:56.377 < Exit [It] checks if the Build PipelineRun got annotated with Snapshot name - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:158 @ 04/19/26 13:59:56.392 (16ms) > Enter [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 13:59:56.393 < Exit [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 13:59:56.393 (0s) > Enter [It] should find both the related Integration PipelineRuns - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:164 @ 04/19/26 13:59:56.393 < Exit [It] should find both the related Integration PipelineRuns - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:164 @ 04/19/26 13:59:56.41 (16ms) > Enter [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 13:59:56.41 < Exit [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 13:59:56.41 (0s) > Enter [It] should eventually complete successfully - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:183 @ 04/19/26 13:59:56.41 PipelineRun my-integration-test-qcrf-wrj5z reason: ResolvingTaskRef PipelineRun my-integration-test-qcrf-wrj5z reason: Succeeded PipelineRun my-integration-test-vkxk-cwdnn reason: Succeeded PipelineRun my-integration-test-catd-bqqkl reason: Succeeded < Exit [It] should eventually complete successfully - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:183 @ 04/19/26 14:00:16.521 (20.111s) > Enter [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 14:00:16.521 < Exit [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 14:00:16.521 (0s) > Enter [It] should lead to Snapshot CR being marked as failed - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:191 @ 04/19/26 14:00:16.522 < Exit [It] should lead to Snapshot CR being marked as failed - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:191 @ 04/19/26 14:00:16.634 (112ms) > Enter [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 14:00:16.634 < Exit [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 14:00:16.634 (0s) > Enter [It] eventually leads to the status reported at Checks tab for the successful Integration PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:205 @ 04/19/26 14:00:16.634 < Exit [It] eventually leads to the status reported at Checks tab for the successful Integration PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:205 @ 04/19/26 14:00:17.056 (422ms) > Enter [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 14:00:17.056 < Exit [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 14:00:17.056 (0s) > Enter [It] eventually leads to the status reported at Checks tab for the failed Integration PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:209 @ 04/19/26 14:00:17.057 < Exit [It] eventually leads to the status reported at Checks tab for the failed Integration PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:209 @ 04/19/26 14:00:17.474 (417ms) > Enter [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 14:00:17.474 < Exit [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 14:00:17.474 (0s) > Enter [It] eventually leads to the status reported at Checks tab for the optional Integration PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:213 @ 04/19/26 14:00:17.475 < Exit [It] eventually leads to the status reported at Checks tab for the optional Integration PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:213 @ 04/19/26 14:00:17.838 (363ms) > Enter [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 14:00:17.838 < Exit [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 14:00:17.838 (0s) > Enter [It] checks if the optional Integration Test Scenario status is reported in the Snapshot - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:217 @ 04/19/26 14:00:17.839 < Exit [It] checks if the optional Integration Test Scenario status is reported in the Snapshot - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:217 @ 04/19/26 14:00:17.845 (6ms) > Enter [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 14:00:17.845 < Exit [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 14:00:17.845 (0s) > Enter [It] checks if the finalizer was removed from the optional Integration PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:232 @ 04/19/26 14:00:17.846 < Exit [It] checks if the finalizer was removed from the optional Integration PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:232 @ 04/19/26 14:00:17.852 (6ms) > Enter [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 14:00:17.852 < Exit [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 14:00:17.852 (0s) > Enter [It] merging the PR, expected to succeed - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:236 @ 04/19/26 14:00:17.852 merged result sha: a00c803568d35c53ff49cb9de9a10800e44b4ce5 for PR #9380 < Exit [It] merging the PR, expected to succeed - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:236 @ 04/19/26 14:00:19.303 (1.451s) > Enter [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 14:00:19.303 < Exit [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 14:00:19.303 (0s) > Enter [It] leads to triggering a push PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:245 @ 04/19/26 14:00:19.304 Push PipelineRun has not been created yet for the component stat-rep-oqur/test-component-pac-snkqdo < Exit [It] leads to triggering a push PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:245 @ 04/19/26 14:00:39.331 (20.027s) > Enter [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 14:00:39.331 < Exit [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 14:00:39.331 (0s) > Enter [It] verifies that Push PipelineRuns completed - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:260 @ 04/19/26 14:00:39.331 PipelineRun my-integration-test-qcrf-wrj5z reason: Succeeded PipelineRun my-integration-test-vkxk-cwdnn reason: Succeeded < Exit [It] verifies that Push PipelineRuns completed - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:260 @ 04/19/26 14:00:39.344 (13ms) > Enter [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 14:00:39.344 < Exit [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 14:00:39.344 (0s) > Enter [It] validates the Integration test scenario PipelineRun is reported to merge request CheckRuns, and it pass - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:265 @ 04/19/26 14:00:39.345 < Exit [It] validates the Integration test scenario PipelineRun is reported to merge request CheckRuns, and it pass - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:265 @ 04/19/26 14:00:39.684 (339ms) > Enter [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 14:00:39.684 < Exit [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 14:00:39.684 (0s) > Enter [It] eventually leads to the status reported at Checks tab for the failed Integration PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:270 @ 04/19/26 14:00:39.685 < Exit [It] eventually leads to the status reported at Checks tab for the failed Integration PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:270 @ 04/19/26 14:00:40.048 (363ms) > Enter [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 14:00:40.049 < Exit [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 14:00:40.049 (0s) > Enter [It] should set the git-reporting-failure annotation correctly - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:276 @ 04/19/26 14:00:40.049 gitReportingFailureAnnotation does not exist. Annotations: map[build.appstudio.openshift.io/repo:https://github.com/redhat-appstudio-qe/konflux-test-integration-status-report?rev=4a5f3ee2165226671b27ea295c6b2b64cdefd1d1 build.appstudio.redhat.com/commit_sha:4a5f3ee2165226671b27ea295c6b2b64cdefd1d1 build.appstudio.redhat.com/pull_request_number:9380 build.appstudio.redhat.com/target_branch:base-ygzqvx pac.test.appstudio.openshift.io/branch:base-ygzqvx pac.test.appstudio.openshift.io/cancel-in-progress:true pac.test.appstudio.openshift.io/check-run-id:72017396987 pac.test.appstudio.openshift.io/controller-info:{"name":"default","configmap":"pipelines-as-code","secret":"pipelines-as-code-secret", "gRepo": "pipelines-as-code"} pac.test.appstudio.openshift.io/event-type:pull_request pac.test.appstudio.openshift.io/git-auth-secret:pac-gitauth-ippcti pac.test.appstudio.openshift.io/git-provider:not-supported-provider pac.test.appstudio.openshift.io/installation-id:40773614 pac.test.appstudio.openshift.io/log-url:https://console-openshift-console.apps.rosa.kx-05371b0f71.qwxl.p3.openshiftapps.com/k8s/ns/stat-rep-oqur/tekton.dev~v1~PipelineRun/test-component-pac-snkqdo-on-pull-request-wkkzg pac.test.appstudio.openshift.io/max-keep-runs:3 pac.test.appstudio.openshift.io/on-cel-expression:event == "pull_request" && target_branch == "base-ygzqvx" pac.test.appstudio.openshift.io/original-prname:test-component-pac-snkqdo-on-pull-request pac.test.appstudio.openshift.io/pull-request:9380 pac.test.appstudio.openshift.io/repo-url:https://github.com/redhat-appstudio-qe/konflux-test-integration-status-report pac.test.appstudio.openshift.io/repository:test-component-pac-snkqdo pac.test.appstudio.openshift.io/scm-reporting-plr-started:true pac.test.appstudio.openshift.io/sender:rhtap-qe-app[bot] pac.test.appstudio.openshift.io/sha:4a5f3ee2165226671b27ea295c6b2b64cdefd1d1 pac.test.appstudio.openshift.io/sha-title:RHTAP-Qe-App update test-component-pac-snkqdo pac.test.appstudio.openshift.io/sha-url:https://github.com/redhat-appstudio-qe/konflux-test-integration-status-report/commit/4a5f3ee2165226671b27ea295c6b2b64cdefd1d1 pac.test.appstudio.openshift.io/source-branch:konflux-test-component-pac-snkqdo pac.test.appstudio.openshift.io/source-repo-url:https://github.com/redhat-appstudio-qe/konflux-test-integration-status-report pac.test.appstudio.openshift.io/state:completed pac.test.appstudio.openshift.io/url-org:redhat-appstudio-qe pac.test.appstudio.openshift.io/url-repository:konflux-test-integration-status-report test.appstudio.openshift.io/create-groupsnapshot-status:The number 0 of component snapshots belonging to this pr group hash e05ce28830e89659e1d7ad3aee38c33ec4deadd22bbd2212c2c770c238e3df is less than 2, skipping group snapshot creation test.appstudio.openshift.io/git-reporter-status:{"scenarios":{"my-integration-test-catd-integ-app-xnor-20260419-135231-000":{"lastUpdateTime":"2026-04-19T14:00:06.901316239Z"},"my-integration-test-qcrf-integ-app-xnor-20260419-135231-000":{"lastUpdateTime":"2026-04-19T14:00:05.150649045Z"},"my-integration-test-vkxk-integ-app-xnor-20260419-135231-000":{"lastUpdateTime":"2026-04-19T14:00:05.358783274Z"}}} test.appstudio.openshift.io/integration-workflow:pull-request test.appstudio.openshift.io/pipelinerunstarttime:1776606751000 test.appstudio.openshift.io/pr-group:konflux-test-component-pac-snkqdo test.appstudio.openshift.io/pr-status:merged test.appstudio.openshift.io/snapshot-creation-report:SnapshotCreationFailed test.appstudio.openshift.io/source-repo-url:https://github.com/redhat-appstudio-qe/konflux-test-integration-status-report test.appstudio.openshift.io/status:[{"completionTime":"2026-04-19T14:00:05.150649045Z","details":"Integration test passed","lastUpdateTime":"2026-04-19T14:00:40Z","scenario":"my-integration-test-qcrf","startTime":"2026-04-19T13:59:54.842396102Z","status":"TestPassed","testPipelineRunName":"my-integration-test-qcrf-wrj5z"},{"completionTime":"2026-04-19T14:00:05.358783274Z","details":"Integration test failed","lastUpdateTime":"2026-04-19T14:00:05.358783274Z","scenario":"my-integration-test-vkxk","startTime":"2026-04-19T13:59:54.895122582Z","status":"TestFail","testPipelineRunName":"my-integration-test-vkxk-cwdnn"},{"completionTime":"2026-04-19T14:00:06.901316239Z","details":"Integration test failed","isOptionalScenario":true,"lastUpdateTime":"2026-04-19T14:00:06.901316239Z","scenario":"my-integration-test-catd","startTime":"2026-04-19T13:59:54.987333842Z","status":"TestFail","testPipelineRunName":"my-integration-test-catd-bqqkl"}]] < Exit [It] should set the git-reporting-failure annotation correctly - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:276 @ 04/19/26 14:01:00.171 (20.122s) > Enter [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 14:01:00.172 < Exit [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 14:01:00.172 (0s) > Enter [It] build pipelinerun is created but fails - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:323 @ 04/19/26 14:01:00.172 Waiting for pipeline "failing-build-plr-xusp" to finish < Exit [It] build pipelinerun is created but fails - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:323 @ 04/19/26 14:01:08.264 (8.092s) > Enter [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 14:01:08.264 < Exit [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 14:01:08.264 (0s) > Enter [It] build pipelinerun failure is reported to integration test checkRun - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:368 @ 04/19/26 14:01:08.264 failed to check expected checkRun text, actual text is %!s(<nil>): %!(EXTRA string=build pipelinerun stat-rep-oqur/failing-build-plr-xusp is still in progress) < Exit [It] build pipelinerun failure is reported to integration test checkRun - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:368 @ 04/19/26 14:01:28.736 (20.472s) > Enter [AfterAll] with status reporting of Integration tests in CheckRuns - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:92 @ 04/19/26 14:01:28.736 < Exit [AfterAll] with status reporting of Integration tests in CheckRuns - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:92 @ 04/19/26 14:01:32.557 (3.821s) > Enter [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 14:01:32.557 < Exit [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/19/26 14:01:32.557 (0s) > Enter [BeforeAll] Gitlab with status reporting of Integration tests in the assosiated merge request - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:45 @ 04/19/26 13:50:24.069 < Exit [BeforeAll] Gitlab with status reporting of Integration tests in the assosiated merge request - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:45 @ 04/19/26 13:50:36.126 (12.057s) > Enter [BeforeAll] when a new Component with specified custom branch is created - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:109 @ 04/19/26 13:50:36.126 Image repository for component test-comp-pac-gitlab-axhyxp in namespace gitlab-rep-ehhc do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Image repository for component test-comp-pac-gitlab-axhyxp in namespace gitlab-rep-ehhc do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Image repository for component test-comp-pac-gitlab-axhyxp in namespace gitlab-rep-ehhc do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Image repository for component test-comp-pac-gitlab-axhyxp in namespace gitlab-rep-ehhc do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. < Exit [BeforeAll] when a new Component with specified custom branch is created - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:109 @ 04/19/26 13:51:26.407 (50.281s) > Enter [It] triggers a Build PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:130 @ 04/19/26 13:51:26.407 Build PipelineRun has not been created yet for the component gitlab-rep-ehhc/test-comp-pac-gitlab-axhyxp Build PipelineRun has not been created yet for the component gitlab-rep-ehhc/test-comp-pac-gitlab-axhyxp < Exit [It] triggers a Build PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:130 @ 04/19/26 13:52:06.444 (40.037s) > Enter [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 13:52:06.444 < Exit [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 13:52:06.444 (0s) > Enter [It] does not contain an annotation with a Snapshot Name - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:144 @ 04/19/26 13:52:06.445 < Exit [It] does not contain an annotation with a Snapshot Name - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:144 @ 04/19/26 13:52:06.445 (0s) > Enter [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 13:52:06.445 < Exit [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 13:52:06.445 (0s) > Enter [It] should lead to build PipelineRun finishing successfully - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:148 @ 04/19/26 13:52:06.446 PipelineRun test-comp-pac-gitlab-axhyxp-on-pull-request-8d7zm found for Component gitlab-rep-ehhc/test-comp-pac-gitlab-axhyxp PipelineRun test-comp-pac-gitlab-axhyxp-on-pull-request-8d7zm reason: Running PipelineRun test-comp-pac-gitlab-axhyxp-on-pull-request-8d7zm reason: Running PipelineRun test-comp-pac-gitlab-axhyxp-on-pull-request-8d7zm reason: Running PipelineRun test-comp-pac-gitlab-axhyxp-on-pull-request-8d7zm reason: Running PipelineRun test-comp-pac-gitlab-axhyxp-on-pull-request-8d7zm reason: Running PipelineRun test-comp-pac-gitlab-axhyxp-on-pull-request-8d7zm reason: Running PipelineRun test-comp-pac-gitlab-axhyxp-on-pull-request-8d7zm reason: Running PipelineRun test-comp-pac-gitlab-axhyxp-on-pull-request-8d7zm reason: Running PipelineRun test-comp-pac-gitlab-axhyxp-on-pull-request-8d7zm reason: Running PipelineRun test-comp-pac-gitlab-axhyxp-on-pull-request-8d7zm reason: Running PipelineRun test-comp-pac-gitlab-axhyxp-on-pull-request-8d7zm reason: Running PipelineRun test-comp-pac-gitlab-axhyxp-on-pull-request-8d7zm reason: Running PipelineRun test-comp-pac-gitlab-axhyxp-on-pull-request-8d7zm reason: Running PipelineRun test-comp-pac-gitlab-axhyxp-on-pull-request-8d7zm reason: Running PipelineRun test-comp-pac-gitlab-axhyxp-on-pull-request-8d7zm reason: Running PipelineRun test-comp-pac-gitlab-axhyxp-on-pull-request-8d7zm reason: Running PipelineRun test-comp-pac-gitlab-axhyxp-on-pull-request-8d7zm reason: Running PipelineRun test-comp-pac-gitlab-axhyxp-on-pull-request-8d7zm reason: PipelineRunStopping PipelineRun test-comp-pac-gitlab-axhyxp-on-pull-request-8d7zm reason: PipelineRunStopping PipelineRun test-comp-pac-gitlab-axhyxp-on-pull-request-8d7zm reason: PipelineRunStopping PipelineRun test-comp-pac-gitlab-axhyxp-on-pull-request-8d7zm reason: PipelineRunStopping PipelineRun test-comp-pac-gitlab-axhyxp-on-pull-request-8d7zm reason: PipelineRunStopping PipelineRun test-comp-pac-gitlab-axhyxp-on-pull-request-8d7zm reason: PipelineRunStopping PipelineRun test-comp-pac-gitlab-axhyxp-on-pull-request-8d7zm reason: PipelineRunStopping PipelineRun test-comp-pac-gitlab-axhyxp-on-pull-request-8d7zm reason: Failed attempt 1/3: PipelineRun "test-comp-pac-gitlab-axhyxp-on-pull-request-8d7zm" failed: pod: test-comp-pac-gitlab-axhyxp-on-pull-request-8d7zm-init-pod | init container: prepare 2026/04/19 13:51:59 Entrypoint initialization pod: test-comp-pac-gitlab-axhyxp-on-pull-request-8d7zm-init-pod | container step-init: time="2026-04-19T13:52:00Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-19T13:52:00Z" level=info msg="[param] enable: false" time="2026-04-19T13:52:00Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-19T13:52:00Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-19T13:52:00Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-19T13:52:00Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-19T13:52:00Z" level=info msg="Cache proxy is disabled in param or in backend" time="2026-04-19T13:52:00Z" level=info msg="[result] HTTP PROXY: " time="2026-04-19T13:52:00Z" level=info msg="[result] NO PROXY: " pod: test-comp-pac-gitlab-axhyxp8750c7426def474b8d17d753c7d361da-pod | init container: prepare 2026/04/19 13:57:43 Entrypoint initialization pod: test-comp-pac-gitlab-axhyxp8750c7426def474b8d17d753c7d361da-pod | init container: place-scripts 2026/04/19 13:57:44 Decoded script /tekton/scripts/script-0-tkj8k 2026/04/19 13:57:44 Decoded script /tekton/scripts/script-1-pmpg4 2026/04/19 13:57:44 Decoded script /tekton/scripts/script-2-glwj6 2026/04/19 13:57:44 Decoded script /tekton/scripts/script-3-rmklf pod: test-comp-pac-gitlab-axhyxp8750c7426def474b8d17d753c7d361da-pod | container step-get-image-manifests: Inspecting raw image manifest quay.io/redhat-appstudio-qe/gitlab-rep-ehhc/test-comp-pac-gitlab-axhyxp@sha256:579b3888d3459c75ee05081412d0ad0cace947df03745963ec5124fd4a16e6fa. pod: test-comp-pac-gitlab-axhyxp8750c7426def474b8d17d753c7d361da-pod | container step-get-vulnerabilities: Running clair-action on amd64 image manifest... �[90m2026-04-19T13:59:33Z�[0m �[32mINF�[0m �[1mmatchers created�[0m �[36mcomponent=�[0mlibvuln/New �[36mmatchers=�[0m[{"docs":"https://pkg.go.dev/github.com/quay/claircore/gobin","name":"gobin"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/oracle","name":"oracle"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/aws","name":"aws-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/java","name":"java-maven"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/photon","name":"photon"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/rhel/rhcc","name":"rhel-container-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/python","name":"python"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/suse","name":"suse"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/alpine","name":"alpine-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/debian","name":"debian-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/ruby","name":"ruby-gem"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/ubuntu","name":"ubuntu-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/rhel","name":"rhel"}] �[90m2026-04-19T13:59:33Z�[0m �[32mINF�[0m �[1mlibvuln initialized�[0m �[36mcomponent=�[0mlibvuln/New �[90m2026-04-19T13:59:33Z�[0m �[32mINF�[0m �[1mregistered configured scanners�[0m �[36mcomponent=�[0mlibindex/New �[90m2026-04-19T13:59:33Z�[0m �[32mINF�[0m �[1mNewLayerScanner: constructing a new layer-scanner�[0m �[36mcomponent=�[0mindexer.NewLayerScanner �[90m2026-04-19T13:59:33Z�[0m �[32mINF�[0m �[1mindex request start�[0m �[36mcomponent=�[0mlibindex/Libindex.Index �[36mmanifest=�[0msha256:579b3888d3459c75ee05081412d0ad0cace947df03745963ec5124fd4a16e6fa �[90m2026-04-19T13:59:33Z�[0m �[32mINF�[0m �[1mstarting scan�[0m �[36mcomponent=�[0mindexer/controller/Controller.Index �[36mmanifest=�[0msha256:579b3888d3459c75ee05081412d0ad0cace947df03745963ec5124fd4a16e6fa �[90m2026-04-19T13:59:33Z�[0m �[32mINF�[0m �[1mmanifest to be scanned�[0m �[36mcomponent=�[0mindexer/controller/Controller.Index �[36mmanifest=�[0msha256:579b3888d3459c75ee05081412d0ad0cace947df03745963ec5124fd4a16e6fa �[36mstate=�[0mCheckManifest �[90m2026-04-19T13:59:33Z�[0m �[32mINF�[0m �[1mlayers fetch start�[0m �[36mcomponent=�[0mindexer/controller/Controller.Index �[36mmanifest=�[0msha256:579b3888d3459c75ee05081412d0ad0cace947df03745963ec5124fd4a16e6fa �[36mstate=�[0mFetchLayers �[90m2026-04-19T13:59:35Z�[0m �[32mINF�[0m �[1mlayers fetch success�[0m �[36mcomponent=�[0mindexer/controller/Controller.Index �[36mmanifest=�[0msha256:579b3888d3459c75ee05081412d0ad0cace947df03745963ec5124fd4a16e6fa �[36mstate=�[0mFetchLayers �[90m2026-04-19T13:59:35Z�[0m �[32mINF�[0m �[1mlayers fetch done�[0m �[36mcomponent=�[0mindexer/controller/Controller.Index �[36mmanifest=�[0msha256:579b3888d3459c75ee05081412d0ad0cace947df03745963ec5124fd4a16e6fa �[36mstate=�[0mFetchLayers �[90m2026-04-19T13:59:35Z�[0m �[32mINF�[0m �[1mlayers scan start�[0m �[36mcomponent=�[0mindexer/controller/Controller.Index �[36mmanifest=�[0msha256:579b3888d3459c75ee05081412d0ad0cace947df03745963ec5124fd4a16e6fa �[36mstate=�[0mScanLayers �[90m2026-04-19T13:59:35Z�[0m �[32mINF�[0m �[1mfound buildinfo Dockerfile�[0m �[36mcomponent=�[0mrhel/rhcc/scanner.Scan �[36mkind=�[0mpackage �[36mlayer=�[0msha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2 �[36mmanifest=�[0msha256:579b3888d3459c75ee05081412d0ad0cace947df03745963ec5124fd4a16e6fa �[36mpath=�[0mroot/buildinfo/Dockerfile-ubi8-openjdk-17-runtime-1.23-4.1776047406 �[36mscanner=�[0mrhel_containerscanner �[36mstate=�[0mScanLayers �[90m2026-04-19T13:59:35Z�[0m �[32mINF�[0m �[1mskipping jar�[0m �[36mcomponent=�[0mjava/Scanner.Scan �[36mfile=�[0musr/lib/jvm/java-17-openjdk-17.0.18.0.8-1.el8.x86_64/lib/jrt-fs.jar �[36mkind=�[0mpackage �[36mlayer=�[0msha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2 �[36mmanifest=�[0msha256:579b3888d3459c75ee05081412d0ad0cace947df03745963ec5124fd4a16e6fa �[36mreason=�[0m"jar: unidentified jar: jrt-fs.jar" �[36mscanner=�[0mjava �[36mstate=�[0mScanLayers �[36mversion=�[0m6 �[90m2026-04-19T13:59:36Z�[0m �[32mINF�[0m �[1mlayers scan done�[0m �[36mcomponent=�[0mindexer/controller/Controller.Index �[36mmanifest=�[0msha256:579b3888d3459c75ee05081412d0ad0cace947df03745963ec5124fd4a16e6fa �[36mstate=�[0mScanLayers �[90m2026-04-19T13:59:36Z�[0m �[32mINF�[0m �[1mstarting index manifest�[0m �[36mcomponent=�[0mindexer/controller/Controller.Index �[36mmanifest=�[0msha256:579b3888d3459c75ee05081412d0ad0cace947df03745963ec5124fd4a16e6fa �[36mstate=�[0mIndexManifest �[90m2026-04-19T13:59:36Z�[0m �[32mINF�[0m �[1mfinishing scan�[0m �[36mcomponent=�[0mindexer/controller/Controller.Index �[36mmanifest=�[0msha256:579b3888d3459c75ee05081412d0ad0cace947df03745963ec5124fd4a16e6fa �[36mstate=�[0mIndexFinished �[90m2026-04-19T13:59:36Z�[0m �[32mINF�[0m �[1mmanifest successfully scanned�[0m �[36mcomponent=�[0mindexer/controller/Controller.Index �[36mmanifest=�[0msha256:579b3888d3459c75ee05081412d0ad0cace947df03745963ec5124fd4a16e6fa �[36mstate=�[0mIndexFinished �[90m2026-04-19T13:59:36Z�[0m �[32mINF�[0m �[1mindex request done�[0m �[36mcomponent=�[0mlibindex/Libindex.Index �[36mmanifest=�[0msha256:579b3888d3459c75ee05081412d0ad0cace947df03745963ec5124fd4a16e6fa { "manifest_hash": "sha256:579b3888d3459c75ee05081412d0ad0cace947df03745963ec5124fd4a16e6fa", "packages": { "+XM+s3niWaEk1U5jnR5DpA==": { "id": "+XM+s3niWaEk1U5jnR5DpA==", "name": "libyaml", "version": "0.1.7-5.el8", "kind": "binary", "source": { "id": "", "name": "libyaml", "version": "0.1.7-5.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "+Xr7HyTxXf0c8jLaUyo3xA==": { "id": "+Xr7HyTxXf0c8jLaUyo3xA==", "name": "libidn2", "version": "2.2.0-1.el8", "kind": "binary", "source": { "id": "", "name": "libidn2", "version": "2.2.0-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "+hvIC0Et/RtHi7EAFCmfEw==": { "id": "+hvIC0Et/RtHi7EAFCmfEw==", "name": "file-libs", "version": "5.33-27.el8_10", "kind": "binary", "source": { "id": "", "name": "file", "version": "5.33-27.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "+qrxjVH7Im8eBfrz4h4P/w==": { "id": "+qrxjVH7Im8eBfrz4h4P/w==", "name": "shadow-utils", "version": "2:4.6-23.el8_10", "kind": "binary", "source": { "id": "", "name": "shadow-utils", "version": "4.6-23.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "/ji9IJ9FfNcwqVRbMWZshQ==": { "id": "/ji9IJ9FfNcwqVRbMWZshQ==", "name": "nss-softokn-freebl", "version": "3.112.0-4.el8_10", "kind": "binary", "source": { "id": "", "name": "nss", "version": "3.112.0-4.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "0+9x6aIRcNDCM7R94cpzew==": { "id": "0+9x6aIRcNDCM7R94cpzew==", "name": "java-17-openjdk-headless", "version": "1:17.0.18.0.8-1.el8", "kind": "binary", "source": { "id": "", "name": "java-17-openjdk", "version": "17.0.18.0.8-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "1gormAsAjMuks2JveQRd0Q==": { "id": "1gormAsAjMuks2JveQRd0Q==", "name": "gobject-introspection", "version": "1.56.1-1.el8", "kind": "binary", "source": { "id": "", "name": "gobject-introspection", "version": "1.56.1-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "22yBCZl99yVP86UHT7jTdw==": { "id": "22yBCZl99yVP86UHT7jTdw==", "name": "tzdata", "version": "2026a-1.el8", "kind": "binary", "source": { "id": "", "name": "tzdata", "version": "2026a-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "2PBlaOceApWEi634ZUHO/g==": { "id": "2PBlaOceApWEi634ZUHO/g==", "name": "platform-python", "version": "3.6.8-75.el8_10", "kind": "binary", "source": { "id": "", "name": "python3", "version": "3.6.8-75.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "3+d+oaGDGj9g2+1RFZjY5A==": { "id": "3+d+oaGDGj9g2+1RFZjY5A==", "name": "gmp", "version": "1:6.1.2-11.el8", "kind": "binary", "source": { "id": "", "name": "gmp", "version": "6.1.2-11.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "3OVNevSm98h4f1fmX4IZwQ==": { "id": "3OVNevSm98h4f1fmX4IZwQ==", "name": "org.example:simple-java-project", "version": "1.0-SNAPSHOT", "kind": "binary", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "", "cpe": "" }, "3jI2apoRMNGhHa141Q5dlQ==": { "id": "3jI2apoRMNGhHa141Q5dlQ==", "name": "libksba", "version": "1.3.5-9.el8_7", "kind": "binary", "source": { "id": "", "name": "libksba", "version": "1.3.5-9.el8_7", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "3uSX4NgBxQvC8LEk48QoOQ==": { "id": "3uSX4NgBxQvC8LEk48QoOQ==", "name": "cyrus-sasl-lib", "version": "2.1.27-6.el8_5", "kind": "binary", "source": { "id": "", "name": "cyrus-sasl", "version": "2.1.27-6.el8_5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "45rvgYmy022Tx6fVWfking==": { "id": "45rvgYmy022Tx6fVWfking==", "name": "publicsuffix-list-dafsa", "version": "20180723-1.el8", "kind": "binary", "source": { "id": "", "name": "publicsuffix-list", "version": "20180723-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "47OMpR7yEmE4lttsyWq3fw==": { "id": "47OMpR7yEmE4lttsyWq3fw==", "name": "libusbx", "version": "1.0.23-4.el8", "kind": "binary", "source": { "id": "", "name": "libusbx", "version": "1.0.23-4.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "4ZgMXaHDWnwPnqKlcJzEIw==": { "id": "4ZgMXaHDWnwPnqKlcJzEIw==", "name": "krb5-libs", "version": "1.18.2-32.el8_10", "kind": "binary", "source": { "id": "", "name": "krb5", "version": "1.18.2-32.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "4flTdmUV4iK1Ax+LXJm8qQ==": { "id": "4flTdmUV4iK1Ax+LXJm8qQ==", "name": "gnutls", "version": "3.6.16-8.el8_10.5", "kind": "binary", "source": { "id": "", "name": "gnutls", "version": "3.6.16-8.el8_10.5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "4sG4bBloak5Sz907ZDRs6Q==": { "id": "4sG4bBloak5Sz907ZDRs6Q==", "name": "libnsl2", "version": "1.2.0-2.20180605git4a062cf.el8", "kind": "binary", "source": { "id": "", "name": "libnsl2", "version": "1.2.0-2.20180605git4a062cf.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "4uQuJg+li+gGAwnGRDcs+w==": { "id": "4uQuJg+li+gGAwnGRDcs+w==", "name": "nss", "version": "3.112.0-4.el8_10", "kind": "binary", "source": { "id": "", "name": "nss", "version": "3.112.0-4.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "5U8sNbKx0xZsaHcVt4MmxA==": { "id": "5U8sNbKx0xZsaHcVt4MmxA==", "name": "chkconfig", "version": "1.19.2-1.el8", "kind": "binary", "source": { "id": "", "name": "chkconfig", "version": "1.19.2-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "67DLnC895xbDFuD3MGhCtQ==": { "id": "67DLnC895xbDFuD3MGhCtQ==", "name": "io.github.stuartwdouglas.hacbs-test.simple:simple-jdk8", "version": "1.2.4", "kind": "binary", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "", "cpe": "" }, "6KnijwRsfeerWmf5Zl8NWw==": { "id": "6KnijwRsfeerWmf5Zl8NWw==", "name": "sed", "version": "4.5-5.el8", "kind": "binary", "source": { "id": "", "name": "sed", "version": "4.5-5.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "7eg89eCgA75bJ7WhhN/T4Q==": { "id": "7eg89eCgA75bJ7WhhN/T4Q==", "name": "libtasn1", "version": "4.13-5.el8_10", "kind": "binary", "source": { "id": "", "name": "libtasn1", "version": "4.13-5.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "9uhqFNTCJ7/bpzSlc7qCaQ==": { "id": "9uhqFNTCJ7/bpzSlc7qCaQ==", "name": "libgcrypt", "version": "1.8.5-7.el8_6", "kind": "binary", "source": { "id": "", "name": "libgcrypt", "version": "1.8.5-7.el8_6", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "AIs6pmCup5N9+6Ag6e2/og==": { "id": "AIs6pmCup5N9+6Ag6e2/og==", "name": "openssl-libs", "version": "1:1.1.1k-15.el8_6", "kind": "binary", "source": { "id": "", "name": "openssl", "version": "1.1.1k-15.el8_6", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "AuC6XQzcU/5tB4luIfjLFg==": { "id": "AuC6XQzcU/5tB4luIfjLFg==", "name": "elfutils-libelf", "version": "0.190-2.el8", "kind": "binary", "source": { "id": "", "name": "elfutils", "version": "0.190-2.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "AziZ1oGI+oDXVPzldKNj+w==": { "id": "AziZ1oGI+oDXVPzldKNj+w==", "name": "openldap", "version": "2.4.46-21.el8_10", "kind": "binary", "source": { "id": "", "name": "openldap", "version": "2.4.46-21.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "BPsD0kkdIoK3KQUZ5DpJjw==": { "id": "BPsD0kkdIoK3KQUZ5DpJjw==", "name": "dbus-libs", "version": "1:1.12.8-27.el8_10", "kind": "binary", "source": { "id": "", "name": "dbus", "version": "1.12.8-27.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "BmK1zIjr5KsuOODCYwxRCw==": { "id": "BmK1zIjr5KsuOODCYwxRCw==", "name": "libpsl", "version": "0.20.2-6.el8", "kind": "binary", "source": { "id": "", "name": "libpsl", "version": "0.20.2-6.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "CbqHQON08ZsUvPS9XDaTFA==": { "id": "CbqHQON08ZsUvPS9XDaTFA==", "name": "rpm", "version": "4.14.3-32.el8_10", "kind": "binary", "source": { "id": "", "name": "rpm", "version": "4.14.3-32.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "Cklbj7Y2kf3vqxqc0m1GHQ==": { "id": "Cklbj7Y2kf3vqxqc0m1GHQ==", "name": "librhsm", "version": "0.0.3-5.el8", "kind": "binary", "source": { "id": "", "name": "librhsm", "version": "0.0.3-5.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "D/ASdBsgxLNlG5Q8U7UPsQ==": { "id": "D/ASdBsgxLNlG5Q8U7UPsQ==", "name": "rootfiles", "version": "8.1-22.el8", "kind": "binary", "source": { "id": "", "name": "rootfiles", "version": "8.1-22.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "D9iJYSwBt2n6JCuuNo2fKg==": { "id": "D9iJYSwBt2n6JCuuNo2fKg==", "name": "audit-libs", "version": "3.1.2-1.el8_10.1", "kind": "binary", "source": { "id": "", "name": "audit", "version": "3.1.2-1.el8_10.1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "DV119Dw0W4RdsbJkdoHU9w==": { "id": "DV119Dw0W4RdsbJkdoHU9w==", "name": "curl", "version": "7.61.1-34.el8_10.11", "kind": "binary", "source": { "id": "", "name": "curl", "version": "7.61.1-34.el8_10.11", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "DgyhtZBcSIlVmY6xC8s1mA==": { "id": "DgyhtZBcSIlVmY6xC8s1mA==", "name": "coreutils-single", "version": "8.30-17.el8_10", "kind": "binary", "source": { "id": "", "name": "coreutils", "version": "8.30-17.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "EGfzPeF6a5hj9x4BwoN25A==": { "id": "EGfzPeF6a5hj9x4BwoN25A==", "name": "libcap", "version": "2.48-6.el8_9", "kind": "binary", "source": { "id": "", "name": "libcap", "version": "2.48-6.el8_9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "EiNiLT8ulizCzEWcybhizQ==": { "id": "EiNiLT8ulizCzEWcybhizQ==", "name": "lz4-libs", "version": "1.8.3-5.el8_10", "kind": "binary", "source": { "id": "", "name": "lz4", "version": "1.8.3-5.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "F7AOP7tK5AfUXV1g9iTzFA==": { "id": "F7AOP7tK5AfUXV1g9iTzFA==", "name": "mpfr", "version": "3.1.6-1.el8", "kind": "binary", "source": { "id": "", "name": "mpfr", "version": "3.1.6-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "FS5/DAbDsXWURU9onlACPA==": { "id": "FS5/DAbDsXWURU9onlACPA==", "name": "alsa-lib", "version": "1.2.10-2.el8", "kind": "binary", "source": { "id": "", "name": "alsa-lib", "version": "1.2.10-2.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "G+gX+j4AbiCorxKiF1UojA==": { "id": "G+gX+j4AbiCorxKiF1UojA==", "name": "libsolv", "version": "0.7.20-6.el8", "kind": "binary", "source": { "id": "", "name": "libsolv", "version": "0.7.20-6.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "GLKhGblbPbPbtDKwfpCv5A==": { "id": "GLKhGblbPbPbtDKwfpCv5A==", "name": "filesystem", "version": "3.8-6.el8", "kind": "binary", "source": { "id": "", "name": "filesystem", "version": "3.8-6.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "Gg1Q6hponuT1eSJHwaJ83w==": { "id": "Gg1Q6hponuT1eSJHwaJ83w==", "name": "libcap-ng", "version": "0.7.11-1.el8", "kind": "binary", "source": { "id": "", "name": "libcap-ng", "version": "0.7.11-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "HMIoZ/TKrKhxI1rD26qmpw==": { "id": "HMIoZ/TKrKhxI1rD26qmpw==", "name": "json-c", "version": "0.13.1-3.el8", "kind": "binary", "source": { "id": "", "name": "json-c", "version": "0.13.1-3.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "IzLcxZDtcvtJR5Gwdq9HDg==": { "id": "IzLcxZDtcvtJR5Gwdq9HDg==", "name": "libattr", "version": "2.4.48-3.el8", "kind": "binary", "source": { "id": "", "name": "attr", "version": "2.4.48-3.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "J34PJ2GThOWZuKVgFIoieA==": { "id": "J34PJ2GThOWZuKVgFIoieA==", "name": "zlib", "version": "1.2.11-25.el8", "kind": "binary", "source": { "id": "", "name": "zlib", "version": "1.2.11-25.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "JNDNKhJbFTSevs7EALfE9A==": { "id": "JNDNKhJbFTSevs7EALfE9A==", "name": "p11-kit", "version": "0.23.22-2.el8", "kind": "binary", "source": { "id": "", "name": "p11-kit", "version": "0.23.22-2.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "JvPeDbC4IianXNphFOy9jw==": { "id": "JvPeDbC4IianXNphFOy9jw==", "name": "openjdk-17-runtime-ubi8-container", "version": "1.23-4.1776047406", "kind": "source", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "rhctag:1.23.0.0.0.0.0.0.0.0", "arch": "x86_64", "cpe": "" }, "LXiVkIlXLq/usMYIwCTH8Q==": { "id": "LXiVkIlXLq/usMYIwCTH8Q==", "name": "libsmartcols", "version": "2.32.1-48.el8_10", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.32.1-48.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "LkoLKEri5dIAb0vFMkSOag==": { "id": "LkoLKEri5dIAb0vFMkSOag==", "name": "glibc-common", "version": "2.28-251.el8_10.31", "kind": "binary", "source": { "id": "", "name": "glibc", "version": "2.28-251.el8_10.31", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "N1RbIRo2SyHosQefv+skDw==": { "id": "N1RbIRo2SyHosQefv+skDw==", "name": "gawk", "version": "4.2.1-4.el8", "kind": "binary", "source": { "id": "", "name": "gawk", "version": "4.2.1-4.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "N3ZaMrNJKoumMpaY0smlMQ==": { "id": "N3ZaMrNJKoumMpaY0smlMQ==", "name": "sqlite-libs", "version": "3.26.0-20.el8_10", "kind": "binary", "source": { "id": "", "name": "sqlite", "version": "3.26.0-20.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "N5EuVcX6TPHBo7OPtax5uA==": { "id": "N5EuVcX6TPHBo7OPtax5uA==", "name": "crypto-policies-scripts", "version": "20230731-1.git3177e06.el8", "kind": "binary", "source": { "id": "", "name": "crypto-policies", "version": "20230731-1.git3177e06.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "NJbhst8VIOwst++ZzRP6tA==": { "id": "NJbhst8VIOwst++ZzRP6tA==", "name": "libpeas", "version": "1.22.0-6.el8", "kind": "binary", "source": { "id": "", "name": "libpeas", "version": "1.22.0-6.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "NguWV8S6YQYvQsGQDJm2Rg==": { "id": "NguWV8S6YQYvQsGQDJm2Rg==", "name": "ncurses-base", "version": "6.1-10.20180224.el8", "kind": "binary", "source": { "id": "", "name": "ncurses", "version": "6.1-10.20180224.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "NsvPyDc//39XTuXcn3j2uQ==": { "id": "NsvPyDc//39XTuXcn3j2uQ==", "name": "gdbm", "version": "1:1.18-2.el8", "kind": "binary", "source": { "id": "", "name": "gdbm", "version": "1.18-2.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "ORsDK2A5479NPB0r01PoXQ==": { "id": "ORsDK2A5479NPB0r01PoXQ==", "name": "libcurl", "version": "7.61.1-34.el8_10.11", "kind": "binary", "source": { "id": "", "name": "curl", "version": "7.61.1-34.el8_10.11", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "P5Se4zJpr8ZUwZNUojfuzA==": { "id": "P5Se4zJpr8ZUwZNUojfuzA==", "name": "libxcrypt", "version": "4.1.1-6.el8", "kind": "binary", "source": { "id": "", "name": "libxcrypt", "version": "4.1.1-6.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "POPH5BJ/Q4Bfen05TT291g==": { "id": "POPH5BJ/Q4Bfen05TT291g==", "name": "nss-util", "version": "3.112.0-4.el8_10", "kind": "binary", "source": { "id": "", "name": "nss", "version": "3.112.0-4.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "Q0uPb/t/3IQ8GEwlv/J3Cw==": { "id": "Q0uPb/t/3IQ8GEwlv/J3Cw==", "name": "libmount", "version": "2.32.1-48.el8_10", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.32.1-48.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "QC6e3OaV78mjs678tGU2KQ==": { "id": "QC6e3OaV78mjs678tGU2KQ==", "name": "libssh", "version": "0.9.6-16.el8_10", "kind": "binary", "source": { "id": "", "name": "libssh", "version": "0.9.6-16.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "QXEDMSZisv5SUXtJo7Fs5g==": { "id": "QXEDMSZisv5SUXtJo7Fs5g==", "name": "gpgme", "version": "1.13.1-12.el8", "kind": "binary", "source": { "id": "", "name": "gpgme", "version": "1.13.1-12.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "RKXYZTbYgViwzC05uqeDSg==": { "id": "RKXYZTbYgViwzC05uqeDSg==", "name": "io.github.stuartwdouglas.hacbs-test.simple:simple-jdk17", "version": "0.1.2", "kind": "binary", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "", "cpe": "" }, "RRWuvyUdhwGbBo2a/Ra1hw==": { "id": "RRWuvyUdhwGbBo2a/Ra1hw==", "name": "libselinux", "version": "2.9-11.el8_10", "kind": "binary", "source": { "id": "", "name": "libselinux", "version": "2.9-11.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "RtrzwDgrQgu9S5B72s2sww==": { "id": "RtrzwDgrQgu9S5B72s2sww==", "name": "libunistring", "version": "0.9.9-3.el8", "kind": "binary", "source": { "id": "", "name": "libunistring", "version": "0.9.9-3.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "TARQvmsLVC/S1fQD1jO4Xw==": { "id": "TARQvmsLVC/S1fQD1jO4Xw==", "name": "gdbm-libs", "version": "1:1.18-2.el8", "kind": "binary", "source": { "id": "", "name": "gdbm", "version": "1.18-2.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "U3ZkYu9FoEzQITrVBlQtLA==": { "id": "U3ZkYu9FoEzQITrVBlQtLA==", "name": "glibc", "version": "2.28-251.el8_10.31", "kind": "binary", "source": { "id": "", "name": "glibc", "version": "2.28-251.el8_10.31", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "USWNn71p+k059dbiu5HDEA==": { "id": "USWNn71p+k059dbiu5HDEA==", "name": "libassuan", "version": "2.5.1-3.el8", "kind": "binary", "source": { "id": "", "name": "libassuan", "version": "2.5.1-3.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "UUZyda9G/ffvF6rJ5W1UnQ==": { "id": "UUZyda9G/ffvF6rJ5W1UnQ==", "name": "libstdc++", "version": "8.5.0-28.el8_10", "kind": "binary", "source": { "id": "", "name": "gcc", "version": "8.5.0-28.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "Vax934M9zGbzjdT3Y/XU9w==": { "id": "Vax934M9zGbzjdT3Y/XU9w==", "name": "glibc-minimal-langpack", "version": "2.28-251.el8_10.31", "kind": "binary", "source": { "id": "", "name": "glibc", "version": "2.28-251.el8_10.31", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "VrCmPwuY69qW5jl9ctxOZg==": { "id": "VrCmPwuY69qW5jl9ctxOZg==", "name": "libtirpc", "version": "1.1.4-12.el8_10", "kind": "binary", "source": { "id": "", "name": "libtirpc", "version": "1.1.4-12.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "W66WOQ3v6r7mSn6+o7gaew==": { "id": "W66WOQ3v6r7mSn6+o7gaew==", "name": "popt", "version": "1.18-1.el8", "kind": "binary", "source": { "id": "", "name": "popt", "version": "1.18-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "Wq1n4jzKBPdL9z5l5HD99w==": { "id": "Wq1n4jzKBPdL9z5l5HD99w==", "name": "libarchive", "version": "3.3.3-6.el8_10", "kind": "binary", "source": { "id": "", "name": "libarchive", "version": "3.3.3-6.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "YjDcGmvP0/z8VqRiUvkhOQ==": { "id": "YjDcGmvP0/z8VqRiUvkhOQ==", "name": "gnupg2", "version": "2.2.20-4.el8_10", "kind": "binary", "source": { "id": "", "name": "gnupg2", "version": "2.2.20-4.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "Za0y7YiKRidyIBZNIzq/Ng==": { "id": "Za0y7YiKRidyIBZNIzq/Ng==", "name": "librepo", "version": "1.14.2-5.el8", "kind": "binary", "source": { "id": "", "name": "librepo", "version": "1.14.2-5.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "ar0do80Wlk1FaVvtx66g6Q==": { "id": "ar0do80Wlk1FaVvtx66g6Q==", "name": "brotli", "version": "1.0.6-4.el8_10", "kind": "binary", "source": { "id": "", "name": "brotli", "version": "1.0.6-4.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "auI8KtI6OozP7EAIr9UlQQ==": { "id": "auI8KtI6OozP7EAIr9UlQQ==", "name": "pcre2", "version": "10.32-3.el8_6", "kind": "binary", "source": { "id": "", "name": "pcre2", "version": "10.32-3.el8_6", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "bWUdPEYmtshwdmuX5VapfQ==": { "id": "bWUdPEYmtshwdmuX5VapfQ==", "name": "libblkid", "version": "2.32.1-48.el8_10", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.32.1-48.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "bmxL3lydQy0yU8g1iBgovg==": { "id": "bmxL3lydQy0yU8g1iBgovg==", "name": "libsepol", "version": "2.9-3.el8", "kind": "binary", "source": { "id": "", "name": "libsepol", "version": "2.9-3.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "cXCMP7NdkMDf1+Rb1IEktQ==": { "id": "cXCMP7NdkMDf1+Rb1IEktQ==", "name": "libsemanage", "version": "2.9-12.el8_10", "kind": "binary", "source": { "id": "", "name": "libsemanage", "version": "2.9-12.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "dOBT1Qffq44NOVuk9chDyg==": { "id": "dOBT1Qffq44NOVuk9chDyg==", "name": "readline", "version": "7.0-10.el8", "kind": "binary", "source": { "id": "", "name": "readline", "version": "7.0-10.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "dOwQwVL1NxmF6ouACZklrQ==": { "id": "dOwQwVL1NxmF6ouACZklrQ==", "name": "p11-kit-trust", "version": "0.23.22-2.el8", "kind": "binary", "source": { "id": "", "name": "p11-kit", "version": "0.23.22-2.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "dSjxsaDISLUiFwRTCSO8Tg==": { "id": "dSjxsaDISLUiFwRTCSO8Tg==", "name": "crypto-policies", "version": "20230731-1.git3177e06.el8", "kind": "binary", "source": { "id": "", "name": "crypto-policies", "version": "20230731-1.git3177e06.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "dtGaxafuhIU1Ppty914fJw==": { "id": "dtGaxafuhIU1Ppty914fJw==", "name": "nspr", "version": "4.36.0-2.el8_10", "kind": "binary", "source": { "id": "", "name": "nspr", "version": "4.36.0-2.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "eZ7CwFvwDCQu4vzKyuIZgA==": { "id": "eZ7CwFvwDCQu4vzKyuIZgA==", "name": "basesystem", "version": "11-5.el8", "kind": "binary", "source": { "id": "", "name": "basesystem", "version": "11-5.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "f/Al/eNlUhjEgKSV0J2z7w==": { "id": "f/Al/eNlUhjEgKSV0J2z7w==", "name": "python3-pip-wheel", "version": "9.0.3-24.el8", "kind": "binary", "source": { "id": "", "name": "python-pip", "version": "9.0.3-24.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "f1lteJj1IxLDbDb+BI8yjg==": { "id": "f1lteJj1IxLDbDb+BI8yjg==", "name": "ca-certificates", "version": "2025.2.80_v9.0.304-80.2.el8_10", "kind": "binary", "source": { "id": "", "name": "ca-certificates", "version": "2025.2.80_v9.0.304-80.2.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "g146nKetkX1f4hfH1b5RWA==": { "id": "g146nKetkX1f4hfH1b5RWA==", "name": "libdb", "version": "5.3.28-42.el8_4", "kind": "binary", "source": { "id": "", "name": "libdb", "version": "5.3.28-42.el8_4", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "gMqsUnRclTj6iuxHCslNRA==": { "id": "gMqsUnRclTj6iuxHCslNRA==", "name": "libdnf", "version": "0.63.0-21.el8_10", "kind": "binary", "source": { "id": "", "name": "libdnf", "version": "0.63.0-21.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "gOaN4treTmKK7tU+N6AZ1w==": { "id": "gOaN4treTmKK7tU+N6AZ1w==", "name": "pcre", "version": "8.42-6.el8", "kind": "binary", "source": { "id": "", "name": "pcre", "version": "8.42-6.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "gtbMsmX05ZWh+bkM1Wprlw==": { "id": "gtbMsmX05ZWh+bkM1Wprlw==", "name": "bash", "version": "4.4.20-6.el8_10", "kind": "binary", "source": { "id": "", "name": "bash", "version": "4.4.20-6.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "h53SWWmMQUh4cLyBmYeNvw==": { "id": "h53SWWmMQUh4cLyBmYeNvw==", "name": "avahi-libs", "version": "0.7-27.el8_10.1", "kind": "binary", "source": { "id": "", "name": "avahi", "version": "0.7-27.el8_10.1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "hSTTMcRX1DBcXc+8jKeg3Q==": { "id": "hSTTMcRX1DBcXc+8jKeg3Q==", "name": "libgcc", "version": "8.5.0-28.el8_10", "kind": "binary", "source": { "id": "", "name": "gcc", "version": "8.5.0-28.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "hcJqCsCpWm+XI9JT6ImS5g==": { "id": "hcJqCsCpWm+XI9JT6ImS5g==", "name": "nettle", "version": "3.4.1-7.el8", "kind": "binary", "source": { "id": "", "name": "nettle", "version": "3.4.1-7.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "isPl2YxnCTfcLmUYH6Q0sA==": { "id": "isPl2YxnCTfcLmUYH6Q0sA==", "name": "libuuid", "version": "2.32.1-48.el8_10", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.32.1-48.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "j5YRt82iOHry4ndSyCLgaA==": { "id": "j5YRt82iOHry4ndSyCLgaA==", "name": "cups-libs", "version": "1:2.2.6-67.el8_10", "kind": "binary", "source": { "id": "", "name": "cups", "version": "2.2.6-67.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "jSeaYCeiTMhbTniYmwK8dQ==": { "id": "jSeaYCeiTMhbTniYmwK8dQ==", "name": "python3-libs", "version": "3.6.8-75.el8_10", "kind": "binary", "source": { "id": "", "name": "python3", "version": "3.6.8-75.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "jmNxyfDM4IV/F4mrfNTfyg==": { "id": "jmNxyfDM4IV/F4mrfNTfyg==", "name": "setup", "version": "2.12.2-9.el8", "kind": "binary", "source": { "id": "", "name": "setup", "version": "2.12.2-9.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "jtdCxL/eH5JTPcKstKunJg==": { "id": "jtdCxL/eH5JTPcKstKunJg==", "name": "grep", "version": "3.1-6.el8", "kind": "binary", "source": { "id": "", "name": "grep", "version": "3.1-6.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "k/BpvWmZ5EVfmiPqpZ3pGw==": { "id": "k/BpvWmZ5EVfmiPqpZ3pGw==", "name": "expat", "version": "2.5.0-1.el8_10", "kind": "binary", "source": { "id": "", "name": "expat", "version": "2.5.0-1.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "k4gCNgIfg7MM/e42ThRx2w==": { "id": "k4gCNgIfg7MM/e42ThRx2w==", "name": "libzstd", "version": "1.4.4-1.el8", "kind": "binary", "source": { "id": "", "name": "zstd", "version": "1.4.4-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "ka4b0+TZOGmroTz/rrRQcg==": { "id": "ka4b0+TZOGmroTz/rrRQcg==", "name": "nss-softokn", "version": "3.112.0-4.el8_10", "kind": "binary", "source": { "id": "", "name": "nss", "version": "3.112.0-4.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "kwc9NYOQig+qWs5qmBRL/w==": { "id": "kwc9NYOQig+qWs5qmBRL/w==", "name": "ncurses-libs", "version": "6.1-10.20180224.el8", "kind": "binary", "source": { "id": "", "name": "ncurses", "version": "6.1-10.20180224.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "lEFbOzBTlWwCqC/ZbjJfgQ==": { "id": "lEFbOzBTlWwCqC/ZbjJfgQ==", "name": "python3-setuptools-wheel", "version": "39.2.0-9.el8_10", "kind": "binary", "source": { "id": "", "name": "python-setuptools", "version": "39.2.0-9.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "lU0MYRg2dg5wynl2dMGsgA==": { "id": "lU0MYRg2dg5wynl2dMGsgA==", "name": "xz-libs", "version": "5.2.4-4.el8_6", "kind": "binary", "source": { "id": "", "name": "xz", "version": "5.2.4-4.el8_6", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "mAmp7BtGrfzV0HnAKw9sTw==": { "id": "mAmp7BtGrfzV0HnAKw9sTw==", "name": "libsigsegv", "version": "2.11-5.el8", "kind": "binary", "source": { "id": "", "name": "libsigsegv", "version": "2.11-5.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "mLwCNKs2wEtLWAiibtR4BQ==": { "id": "mLwCNKs2wEtLWAiibtR4BQ==", "name": "microdnf", "version": "3.8.0-2.el8", "kind": "binary", "source": { "id": "", "name": "microdnf", "version": "3.8.0-2.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "mkpeQMTn6iNiF+ShBe+oZg==": { "id": "mkpeQMTn6iNiF+ShBe+oZg==", "name": "libverto", "version": "0.3.2-2.el8", "kind": "binary", "source": { "id": "", "name": "libverto", "version": "0.3.2-2.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "mtrWxjnWyzrIFOuHVeUG6g==": { "id": "mtrWxjnWyzrIFOuHVeUG6g==", "name": "tar", "version": "2:1.30-11.el8_10", "kind": "binary", "source": { "id": "", "name": "tar", "version": "1.30-11.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "nDtLoMnkuhspYDn7NZEcjw==": { "id": "nDtLoMnkuhspYDn7NZEcjw==", "name": "findutils", "version": "1:4.6.0-24.el8_10", "kind": "binary", "source": { "id": "", "name": "findutils", "version": "4.6.0-24.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "o4v1nyEgxKUJdf78CSzLEg==": { "id": "o4v1nyEgxKUJdf78CSzLEg==", "name": "libgpg-error", "version": "1.31-1.el8", "kind": "binary", "source": { "id": "", "name": "libgpg-error", "version": "1.31-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "oPxhGBL0xk+N4XwwxvflAQ==": { "id": "oPxhGBL0xk+N4XwwxvflAQ==", "name": "redhat-release", "version": "8.10-0.3.el8", "kind": "binary", "source": { "id": "", "name": "redhat-release", "version": "8.10-0.3.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "oSDtB9GflLljTYeOAikyIQ==": { "id": "oSDtB9GflLljTYeOAikyIQ==", "name": "glib2", "version": "2.56.4-168.el8_10", "kind": "binary", "source": { "id": "", "name": "glib2", "version": "2.56.4-168.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "p9tXHgTBVU/b3sTnwfubzg==": { "id": "p9tXHgTBVU/b3sTnwfubzg==", "name": "libdb-utils", "version": "5.3.28-42.el8_4", "kind": "binary", "source": { "id": "", "name": "libdb", "version": "5.3.28-42.el8_4", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "pY2NT/GP1UxyOuAl2rKgCw==": { "id": "pY2NT/GP1UxyOuAl2rKgCw==", "name": "npth", "version": "1.5-4.el8", "kind": "binary", "source": { "id": "", "name": "npth", "version": "1.5-4.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "peUaHHW4E9Y6Nd8+gJR5cQ==": { "id": "peUaHHW4E9Y6Nd8+gJR5cQ==", "name": "libssh-config", "version": "0.9.6-16.el8_10", "kind": "binary", "source": { "id": "", "name": "libssh", "version": "0.9.6-16.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "pp9zZ0tBoevZ/s15eFRL8g==": { "id": "pp9zZ0tBoevZ/s15eFRL8g==", "name": "libacl", "version": "2.2.53-3.el8", "kind": "binary", "source": { "id": "", "name": "acl", "version": "2.2.53-3.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "q4X/5GGPJSNoqWY61ewdVA==": { "id": "q4X/5GGPJSNoqWY61ewdVA==", "name": "tzdata-java", "version": "2026a-1.el8", "kind": "binary", "source": { "id": "", "name": "tzdata", "version": "2026a-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "r23nOnTJvuvXzj0P21ldlw==": { "id": "r23nOnTJvuvXzj0P21ldlw==", "name": "rpm-libs", "version": "4.14.3-32.el8_10", "kind": "binary", "source": { "id": "", "name": "rpm", "version": "4.14.3-32.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "rFsA2fU/SFo3JGOkxRURTQ==": { "id": "rFsA2fU/SFo3JGOkxRURTQ==", "name": "keyutils-libs", "version": "1.5.10-9.el8", "kind": "binary", "source": { "id": "", "name": "keyutils", "version": "1.5.10-9.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "sMrsZHOrW8FfprPHZo6Jww==": { "id": "sMrsZHOrW8FfprPHZo6Jww==", "name": "libmodulemd", "version": "2.13.0-1.el8", "kind": "binary", "source": { "id": "", "name": "libmodulemd", "version": "2.13.0-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "sUhkiUesE2DHTU1IF7t+tw==": { "id": "sUhkiUesE2DHTU1IF7t+tw==", "name": "platform-python-setuptools", "version": "39.2.0-9.el8_10", "kind": "binary", "source": { "id": "", "name": "python-setuptools", "version": "39.2.0-9.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "trIX86+UkjuJsaeYfHvnYw==": { "id": "trIX86+UkjuJsaeYfHvnYw==", "name": "libnghttp2", "version": "1.33.0-6.el8_10.2", "kind": "binary", "source": { "id": "", "name": "nghttp2", "version": "1.33.0-6.el8_10.2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "u25cfo+Wn6RpzVY/kgcoGQ==": { "id": "u25cfo+Wn6RpzVY/kgcoGQ==", "name": "lksctp-tools", "version": "1.0.18-3.el8", "kind": "binary", "source": { "id": "", "name": "lksctp-tools", "version": "1.0.18-3.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "uAJuv5cA4XPhcDfjrdFI9w==": { "id": "uAJuv5cA4XPhcDfjrdFI9w==", "name": "javapackages-filesystem", "version": "5.3.0-1.module+el8+2447+6f56d9a6", "kind": "binary", "source": { "id": "", "name": "javapackages-tools", "version": "5.3.0-1.module+el8+2447+6f56d9a6", "kind": "source", "normalized_version": "", "module": "javapackages-runtime:201801", "cpe": "" }, "normalized_version": "", "module": "javapackages-runtime:201801", "arch": "noarch", "cpe": "" }, "uCw7c1p0VzVV36rFL2/j4Q==": { "id": "uCw7c1p0VzVV36rFL2/j4Q==", "name": "bzip2-libs", "version": "1.0.6-28.el8_10", "kind": "binary", "source": { "id": "", "name": "bzip2", "version": "1.0.6-28.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "v/KoDsdxOHqLHd7du8yyWQ==": { "id": "v/KoDsdxOHqLHd7du8yyWQ==", "name": "lua-libs", "version": "5.3.4-12.el8", "kind": "binary", "source": { "id": "", "name": "lua", "version": "5.3.4-12.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "v4V8PzD9YS+9p+1g+BPsfA==": { "id": "v4V8PzD9YS+9p+1g+BPsfA==", "name": "ubi8/openjdk-17-runtime", "version": "1.23-4.1776047406", "kind": "binary", "source": { "id": "JvPeDbC4IianXNphFOy9jw==", "name": "openjdk-17-runtime-ubi8-container", "version": "1.23-4.1776047406", "kind": "source", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "rhctag:1.23.0.0.0.0.0.0.0.0", "arch": "x86_64", "cpe": "" }, "normalized_version": "rhctag:1.23.0.0.0.0.0.0.0.0", "arch": "x86_64", "cpe": "" }, "wQToP4WURQ4/A8LQU1k5kA==": { "id": "wQToP4WURQ4/A8LQU1k5kA==", "name": "langpacks-en", "version": "1.0-12.el8", "kind": "binary", "source": { "id": "", "name": "langpacks", "version": "1.0-12.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "wiX2z3C4urSDsP+bIajgNg==": { "id": "wiX2z3C4urSDsP+bIajgNg==", "name": "io.github.stuartwdouglas.hacbs-test.shaded:shaded-jdk11", "version": "1.9", "kind": "binary", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "", "cpe": "" }, "wpJmhjYJz5TYuh0mbRPs4Q==": { "id": "wpJmhjYJz5TYuh0mbRPs4Q==", "name": "info", "version": "6.5-7.el8", "kind": "binary", "source": { "id": "", "name": "texinfo", "version": "6.5-7.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "xDLbw0lNdZ2pSj9R8k9t6A==": { "id": "xDLbw0lNdZ2pSj9R8k9t6A==", "name": "copy-jdk-configs", "version": "4.0-2.el8", "kind": "binary", "source": { "id": "", "name": "copy-jdk-configs", "version": "4.0-2.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "xTF9l16G3x26txeCsO9Bug==": { "id": "xTF9l16G3x26txeCsO9Bug==", "name": "json-glib", "version": "1.4.4-1.el8", "kind": "binary", "source": { "id": "", "name": "json-glib", "version": "1.4.4-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "xY/gcEds28iVWCynxOCw9g==": { "id": "xY/gcEds28iVWCynxOCw9g==", "name": "libcom_err", "version": "1.45.6-7.el8_10", "kind": "binary", "source": { "id": "", "name": "e2fsprogs", "version": "1.45.6-7.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "xvIYCTeML23osZxD1kFItQ==": { "id": "xvIYCTeML23osZxD1kFItQ==", "name": "lua", "version": "5.3.4-12.el8", "kind": "binary", "source": { "id": "", "name": "lua", "version": "5.3.4-12.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "y1KXv1Wa0o6q+5/jJ4FmmA==": { "id": "y1KXv1Wa0o6q+5/jJ4FmmA==", "name": "libxml2", "version": "2.9.7-21.el8_10.3", "kind": "binary", "source": { "id": "", "name": "libxml2", "version": "2.9.7-21.el8_10.3", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "yI01txXPQZENPfjF45L+Zw==": { "id": "yI01txXPQZENPfjF45L+Zw==", "name": "nss-sysinit", "version": "3.112.0-4.el8_10", "kind": "binary", "source": { "id": "", "name": "nss", "version": "3.112.0-4.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "yX08xXm2MSxk7s6Ui2Z6BQ==": { "id": "yX08xXm2MSxk7s6Ui2Z6BQ==", "name": "systemd-libs", "version": "239-82.el8_10.15", "kind": "binary", "source": { "id": "", "name": "systemd", "version": "239-82.el8_10.15", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "zAReYdYoHUkp8wr8i3SW2g==": { "id": "zAReYdYoHUkp8wr8i3SW2g==", "name": "libffi", "version": "3.1-24.el8", "kind": "binary", "source": { "id": "", "name": "libffi", "version": "3.1-24.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" } }, "distributions": { "a14107f4-03ad-4328-bafb-7308ece7b6dd": { "id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "did": "rhel", "name": "Red Hat Enterprise Linux Server", "version": "8", "version_code_name": "", "version_id": "8", "arch": "", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "pretty_name": "Red Hat Enterprise Linux Server 8" } }, "repository": { "5905d29d-21e0-425f-a8ee-2eac204d06aa": { "id": "5905d29d-21e0-425f-a8ee-2eac204d06aa", "name": "cpe:/a:redhat:enterprise_linux:8::appstream", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "6a791925-d1d7-477a-99c5-c66cb7376b16": { "id": "6a791925-d1d7-477a-99c5-c66cb7376b16", "name": "Red Hat Container Catalog", "uri": "https://catalog.redhat.com/software/containers/explore", "cpe": "" }, "765b49cb-84ce-4f3e-a364-fadb53ba40dc": { "id": "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "name": "cpe:/a:redhat:enterprise_linux:8::appstream", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "c5ab0220-6726-427d-922f-84173d6186b3": { "id": "c5ab0220-6726-427d-922f-84173d6186b3", "name": "cpe:/o:redhat:enterprise_linux:8::baseos", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "da5c3647-96f6-4c8d-b87b-57fb2b45ed32": { "id": "da5c3647-96f6-4c8d-b87b-57fb2b45ed32", "name": "cpe:/o:redhat:enterprise_linux:8::baseos", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "ef06d13c-382d-4ffb-8d11-befc2ec3c83d": { "id": "ef06d13c-382d-4ffb-8d11-befc2ec3c83d", "name": "maven", "uri": "https://repo1.maven.apache.org/maven2", "cpe": "" } }, "environments": { "+XM+s3niWaEk1U5jnR5DpA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "+Xr7HyTxXf0c8jLaUyo3xA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "+hvIC0Et/RtHi7EAFCmfEw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "+qrxjVH7Im8eBfrz4h4P/w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "5905d29d-21e0-425f-a8ee-2eac204d06aa", "da5c3647-96f6-4c8d-b87b-57fb2b45ed32" ] } ], "/ji9IJ9FfNcwqVRbMWZshQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "5905d29d-21e0-425f-a8ee-2eac204d06aa", "da5c3647-96f6-4c8d-b87b-57fb2b45ed32" ] } ], "0+9x6aIRcNDCM7R94cpzew==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "5905d29d-21e0-425f-a8ee-2eac204d06aa", "da5c3647-96f6-4c8d-b87b-57fb2b45ed32" ] } ], "1gormAsAjMuks2JveQRd0Q==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "22yBCZl99yVP86UHT7jTdw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "2PBlaOceApWEi634ZUHO/g==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "5905d29d-21e0-425f-a8ee-2eac204d06aa", "da5c3647-96f6-4c8d-b87b-57fb2b45ed32" ] } ], "3+d+oaGDGj9g2+1RFZjY5A==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "3OVNevSm98h4f1fmX4IZwQ==": [ { "package_db": "maven:deployments/hacbs-test.jar", "introduced_in": "sha256:807257ccec3172d3ff00b01aec5eea4742716a67080bf366ef28bc0d071fe65e", "distribution_id": "", "repository_ids": [ "ef06d13c-382d-4ffb-8d11-befc2ec3c83d" ] } ], "3jI2apoRMNGhHa141Q5dlQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "3uSX4NgBxQvC8LEk48QoOQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "45rvgYmy022Tx6fVWfking==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "47OMpR7yEmE4lttsyWq3fw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "4ZgMXaHDWnwPnqKlcJzEIw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "4flTdmUV4iK1Ax+LXJm8qQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "4sG4bBloak5Sz907ZDRs6Q==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "5905d29d-21e0-425f-a8ee-2eac204d06aa", "da5c3647-96f6-4c8d-b87b-57fb2b45ed32" ] } ], "4uQuJg+li+gGAwnGRDcs+w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "5905d29d-21e0-425f-a8ee-2eac204d06aa", "da5c3647-96f6-4c8d-b87b-57fb2b45ed32" ] } ], "5U8sNbKx0xZsaHcVt4MmxA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "67DLnC895xbDFuD3MGhCtQ==": [ { "package_db": "maven:deployments/hacbs-test.jar", "introduced_in": "sha256:807257ccec3172d3ff00b01aec5eea4742716a67080bf366ef28bc0d071fe65e", "distribution_id": "", "repository_ids": [ "ef06d13c-382d-4ffb-8d11-befc2ec3c83d" ] } ], "6KnijwRsfeerWmf5Zl8NWw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "7eg89eCgA75bJ7WhhN/T4Q==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "9uhqFNTCJ7/bpzSlc7qCaQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "AIs6pmCup5N9+6Ag6e2/og==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "AuC6XQzcU/5tB4luIfjLFg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "AziZ1oGI+oDXVPzldKNj+w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "BPsD0kkdIoK3KQUZ5DpJjw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "5905d29d-21e0-425f-a8ee-2eac204d06aa", "da5c3647-96f6-4c8d-b87b-57fb2b45ed32" ] } ], "BmK1zIjr5KsuOODCYwxRCw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "CbqHQON08ZsUvPS9XDaTFA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "Cklbj7Y2kf3vqxqc0m1GHQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "D/ASdBsgxLNlG5Q8U7UPsQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "D9iJYSwBt2n6JCuuNo2fKg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "DV119Dw0W4RdsbJkdoHU9w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "DgyhtZBcSIlVmY6xC8s1mA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "EGfzPeF6a5hj9x4BwoN25A==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "EiNiLT8ulizCzEWcybhizQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "F7AOP7tK5AfUXV1g9iTzFA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "FS5/DAbDsXWURU9onlACPA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "5905d29d-21e0-425f-a8ee-2eac204d06aa", "da5c3647-96f6-4c8d-b87b-57fb2b45ed32" ] } ], "G+gX+j4AbiCorxKiF1UojA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "GLKhGblbPbPbtDKwfpCv5A==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "Gg1Q6hponuT1eSJHwaJ83w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "HMIoZ/TKrKhxI1rD26qmpw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "IzLcxZDtcvtJR5Gwdq9HDg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "J34PJ2GThOWZuKVgFIoieA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "JNDNKhJbFTSevs7EALfE9A==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "JvPeDbC4IianXNphFOy9jw==": [ { "package_db": "root/buildinfo/Dockerfile-ubi8-openjdk-17-runtime-1.23-4.1776047406", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": [ "6a791925-d1d7-477a-99c5-c66cb7376b16", "6a791925-d1d7-477a-99c5-c66cb7376b16" ] } ], "LXiVkIlXLq/usMYIwCTH8Q==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "LkoLKEri5dIAb0vFMkSOag==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "N1RbIRo2SyHosQefv+skDw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "N3ZaMrNJKoumMpaY0smlMQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "N5EuVcX6TPHBo7OPtax5uA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "5905d29d-21e0-425f-a8ee-2eac204d06aa", "da5c3647-96f6-4c8d-b87b-57fb2b45ed32" ] } ], "NJbhst8VIOwst++ZzRP6tA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "NguWV8S6YQYvQsGQDJm2Rg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "NsvPyDc//39XTuXcn3j2uQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "5905d29d-21e0-425f-a8ee-2eac204d06aa", "da5c3647-96f6-4c8d-b87b-57fb2b45ed32" ] } ], "ORsDK2A5479NPB0r01PoXQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "P5Se4zJpr8ZUwZNUojfuzA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "POPH5BJ/Q4Bfen05TT291g==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "5905d29d-21e0-425f-a8ee-2eac204d06aa", "da5c3647-96f6-4c8d-b87b-57fb2b45ed32" ] } ], "Q0uPb/t/3IQ8GEwlv/J3Cw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "QC6e3OaV78mjs678tGU2KQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "QXEDMSZisv5SUXtJo7Fs5g==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "RKXYZTbYgViwzC05uqeDSg==": [ { "package_db": "maven:deployments/hacbs-test.jar", "introduced_in": "sha256:807257ccec3172d3ff00b01aec5eea4742716a67080bf366ef28bc0d071fe65e", "distribution_id": "", "repository_ids": [ "ef06d13c-382d-4ffb-8d11-befc2ec3c83d" ] } ], "RRWuvyUdhwGbBo2a/Ra1hw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "RtrzwDgrQgu9S5B72s2sww==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "TARQvmsLVC/S1fQD1jO4Xw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "5905d29d-21e0-425f-a8ee-2eac204d06aa", "da5c3647-96f6-4c8d-b87b-57fb2b45ed32" ] } ], "U3ZkYu9FoEzQITrVBlQtLA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "USWNn71p+k059dbiu5HDEA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "UUZyda9G/ffvF6rJ5W1UnQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "Vax934M9zGbzjdT3Y/XU9w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "VrCmPwuY69qW5jl9ctxOZg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "5905d29d-21e0-425f-a8ee-2eac204d06aa", "da5c3647-96f6-4c8d-b87b-57fb2b45ed32" ] } ], "W66WOQ3v6r7mSn6+o7gaew==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "Wq1n4jzKBPdL9z5l5HD99w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "YjDcGmvP0/z8VqRiUvkhOQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "Za0y7YiKRidyIBZNIzq/Ng==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "ar0do80Wlk1FaVvtx66g6Q==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "auI8KtI6OozP7EAIr9UlQQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "bWUdPEYmtshwdmuX5VapfQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "bmxL3lydQy0yU8g1iBgovg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "cXCMP7NdkMDf1+Rb1IEktQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "5905d29d-21e0-425f-a8ee-2eac204d06aa", "da5c3647-96f6-4c8d-b87b-57fb2b45ed32" ] } ], "dOBT1Qffq44NOVuk9chDyg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "dOwQwVL1NxmF6ouACZklrQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "dSjxsaDISLUiFwRTCSO8Tg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "dtGaxafuhIU1Ppty914fJw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "5905d29d-21e0-425f-a8ee-2eac204d06aa", "da5c3647-96f6-4c8d-b87b-57fb2b45ed32" ] } ], "eZ7CwFvwDCQu4vzKyuIZgA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "f/Al/eNlUhjEgKSV0J2z7w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "5905d29d-21e0-425f-a8ee-2eac204d06aa", "da5c3647-96f6-4c8d-b87b-57fb2b45ed32" ] } ], "f1lteJj1IxLDbDb+BI8yjg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "g146nKetkX1f4hfH1b5RWA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "gMqsUnRclTj6iuxHCslNRA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "gOaN4treTmKK7tU+N6AZ1w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "gtbMsmX05ZWh+bkM1Wprlw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "h53SWWmMQUh4cLyBmYeNvw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "5905d29d-21e0-425f-a8ee-2eac204d06aa", "da5c3647-96f6-4c8d-b87b-57fb2b45ed32" ] } ], "hSTTMcRX1DBcXc+8jKeg3Q==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "hcJqCsCpWm+XI9JT6ImS5g==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "isPl2YxnCTfcLmUYH6Q0sA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "j5YRt82iOHry4ndSyCLgaA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "5905d29d-21e0-425f-a8ee-2eac204d06aa", "da5c3647-96f6-4c8d-b87b-57fb2b45ed32" ] } ], "jSeaYCeiTMhbTniYmwK8dQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "5905d29d-21e0-425f-a8ee-2eac204d06aa", "da5c3647-96f6-4c8d-b87b-57fb2b45ed32" ] } ], "jmNxyfDM4IV/F4mrfNTfyg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "jtdCxL/eH5JTPcKstKunJg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "k/BpvWmZ5EVfmiPqpZ3pGw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "5905d29d-21e0-425f-a8ee-2eac204d06aa", "da5c3647-96f6-4c8d-b87b-57fb2b45ed32" ] } ], "k4gCNgIfg7MM/e42ThRx2w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "ka4b0+TZOGmroTz/rrRQcg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "5905d29d-21e0-425f-a8ee-2eac204d06aa", "da5c3647-96f6-4c8d-b87b-57fb2b45ed32" ] } ], "kwc9NYOQig+qWs5qmBRL/w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "lEFbOzBTlWwCqC/ZbjJfgQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "5905d29d-21e0-425f-a8ee-2eac204d06aa", "da5c3647-96f6-4c8d-b87b-57fb2b45ed32" ] } ], "lU0MYRg2dg5wynl2dMGsgA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "mAmp7BtGrfzV0HnAKw9sTw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "mLwCNKs2wEtLWAiibtR4BQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "mkpeQMTn6iNiF+ShBe+oZg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "mtrWxjnWyzrIFOuHVeUG6g==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "5905d29d-21e0-425f-a8ee-2eac204d06aa", "da5c3647-96f6-4c8d-b87b-57fb2b45ed32" ] } ], "nDtLoMnkuhspYDn7NZEcjw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "5905d29d-21e0-425f-a8ee-2eac204d06aa", "da5c3647-96f6-4c8d-b87b-57fb2b45ed32" ] } ], "o4v1nyEgxKUJdf78CSzLEg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "oPxhGBL0xk+N4XwwxvflAQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "oSDtB9GflLljTYeOAikyIQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "p9tXHgTBVU/b3sTnwfubzg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "pY2NT/GP1UxyOuAl2rKgCw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "peUaHHW4E9Y6Nd8+gJR5cQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "pp9zZ0tBoevZ/s15eFRL8g==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "q4X/5GGPJSNoqWY61ewdVA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "5905d29d-21e0-425f-a8ee-2eac204d06aa", "da5c3647-96f6-4c8d-b87b-57fb2b45ed32" ] } ], "r23nOnTJvuvXzj0P21ldlw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "rFsA2fU/SFo3JGOkxRURTQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "sMrsZHOrW8FfprPHZo6Jww==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "sUhkiUesE2DHTU1IF7t+tw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "5905d29d-21e0-425f-a8ee-2eac204d06aa", "da5c3647-96f6-4c8d-b87b-57fb2b45ed32" ] } ], "trIX86+UkjuJsaeYfHvnYw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "5905d29d-21e0-425f-a8ee-2eac204d06aa", "da5c3647-96f6-4c8d-b87b-57fb2b45ed32" ] } ], "u25cfo+Wn6RpzVY/kgcoGQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "5905d29d-21e0-425f-a8ee-2eac204d06aa", "da5c3647-96f6-4c8d-b87b-57fb2b45ed32" ] } ], "uAJuv5cA4XPhcDfjrdFI9w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "5905d29d-21e0-425f-a8ee-2eac204d06aa", "da5c3647-96f6-4c8d-b87b-57fb2b45ed32" ] } ], "uCw7c1p0VzVV36rFL2/j4Q==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "v/KoDsdxOHqLHd7du8yyWQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "v4V8PzD9YS+9p+1g+BPsfA==": [ { "package_db": "root/buildinfo/Dockerfile-ubi8-openjdk-17-runtime-1.23-4.1776047406", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": [ "6a791925-d1d7-477a-99c5-c66cb7376b16", "6a791925-d1d7-477a-99c5-c66cb7376b16" ] } ], "wQToP4WURQ4/A8LQU1k5kA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "wiX2z3C4urSDsP+bIajgNg==": [ { "package_db": "maven:deployments/hacbs-test.jar", "introduced_in": "sha256:807257ccec3172d3ff00b01aec5eea4742716a67080bf366ef28bc0d071fe65e", "distribution_id": "", "repository_ids": [ "ef06d13c-382d-4ffb-8d11-befc2ec3c83d" ] } ], "wpJmhjYJz5TYuh0mbRPs4Q==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "xDLbw0lNdZ2pSj9R8k9t6A==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "5905d29d-21e0-425f-a8ee-2eac204d06aa", "da5c3647-96f6-4c8d-b87b-57fb2b45ed32" ] } ], "xTF9l16G3x26txeCsO9Bug==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "xY/gcEds28iVWCynxOCw9g==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "xvIYCTeML23osZxD1kFItQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "5905d29d-21e0-425f-a8ee-2eac204d06aa", "da5c3647-96f6-4c8d-b87b-57fb2b45ed32" ] } ], "y1KXv1Wa0o6q+5/jJ4FmmA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "yI01txXPQZENPfjF45L+Zw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "5905d29d-21e0-425f-a8ee-2eac204d06aa", "da5c3647-96f6-4c8d-b87b-57fb2b45ed32" ] } ], "yX08xXm2MSxk7s6Ui2Z6BQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ], "zAReYdYoHUkp8wr8i3SW2g==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "a14107f4-03ad-4328-bafb-7308ece7b6dd", "repository_ids": [ "765b49cb-84ce-4f3e-a364-fadb53ba40dc", "c5ab0220-6726-427d-922f-84173d6186b3" ] } ] }, "vulnerabilities": { "+nHq7dak7Hkjcru/xpwzhQ==": { "id": "+nHq7dak7Hkjcru/xpwzhQ==", "updater": "rhel-vex", "name": "CVE-2020-12413", "description": "A flaw was found in Mozilla nss. A raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being able to compute the pre-master secret in connections which have used a Diffie-Hellman(DH) based ciphersuite. In such a case this would result in the attacker being able to eavesdrop on all encrypted communications sent over that TLS connection. The highest threat from this vulnerability is to data confidentiality.", "issued": "2020-09-09T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-12413 https://bugzilla.redhat.com/show_bug.cgi?id=1877557 https://www.cve.org/CVERecord?id=CVE-2020-12413 https://nvd.nist.gov/vuln/detail/CVE-2020-12413 https://raccoon-attack.com/RacoonAttack.pdf https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-12413.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "nss", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "/1CYFiexnJcM7p4YrI/FVg==": { "id": "/1CYFiexnJcM7p4YrI/FVg==", "updater": "rhel-vex", "name": "CVE-2023-4504", "description": "A vulnerability was found in CUPS and libppd, where a failure to validate the length provided in an attacker-crafted PPD PostScript document can lead to a heap-based buffer overflow, causing a denial of service or, in some cases, execute arbitrary code, depending on how the application processes untrusted PPD files.", "issued": "2023-09-20T12:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4504 https://bugzilla.redhat.com/show_bug.cgi?id=2238509 https://www.cve.org/CVERecord?id=CVE-2023-4504 https://nvd.nist.gov/vuln/detail/CVE-2023-4504 https://takeonme.org/cves/CVE-2023-4504.html https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4504.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "cups", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "/QaL/BUIdoF2MAB/C1YiGQ==": { "id": "/QaL/BUIdoF2MAB/C1YiGQ==", "updater": "rhel-vex", "name": "CVE-2026-4424", "description": "A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a specially crafted RAR archive, leading to the disclosure of sensitive heap memory information without requiring authentication or user interaction.", "issued": "2026-03-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4424 https://bugzilla.redhat.com/show_bug.cgi?id=2449006 https://www.cve.org/CVERecord?id=CVE-2026-4424 https://nvd.nist.gov/vuln/detail/CVE-2026-4424 https://github.com/libarchive/libarchive/pull/2898 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4424.json https://access.redhat.com/errata/RHSA-2026:8534", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "High", "package": { "id": "", "name": "libarchive", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.3.3-7.el8_10", "arch_op": "pattern match" }, "0QzoXQSqkKieJ7Oc+px0JA==": { "id": "0QzoXQSqkKieJ7Oc+px0JA==", "updater": "rhel-vex", "name": "CVE-2025-13837", "description": "A flaw was found in the plistlib module in the Python standard library. The amount of data to read from a Plist file is specified in the file itself. This issue allows a specially crafted Plist file to cause an application to allocate a large amount of memory, potentially resulting in allocations errors, swapping, out-of-memory conditions or even system freezes.", "issued": "2025-12-01T18:13:32Z", "links": "https://access.redhat.com/security/cve/CVE-2025-13837 https://bugzilla.redhat.com/show_bug.cgi?id=2418084 https://www.cve.org/CVERecord?id=CVE-2025-13837 https://nvd.nist.gov/vuln/detail/CVE-2025-13837 https://github.com/python/cpython/issues/119342 https://github.com/python/cpython/pull/119343 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-13837.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "0WTD6ZUY2Zj2w0R3oyPWRw==": { "id": "0WTD6ZUY2Zj2w0R3oyPWRw==", "updater": "rhel-vex", "name": "CVE-2026-34980", "description": "A flaw was found in OpenPrinting CUPS. An unauthorized client can exploit this vulnerability by sending a specially crafted print job to a shared PostScript queue without authentication. The server improperly handles the `page-border` value, allowing an attacker to embed and reparse malicious text as a trusted scheduler control record. This can lead to arbitrary code execution with the privileges of the 'lp' user, potentially compromising the affected system.", "issued": "2026-04-03T21:18:09Z", "links": "https://access.redhat.com/security/cve/CVE-2026-34980 https://bugzilla.redhat.com/show_bug.cgi?id=2454954 https://www.cve.org/CVERecord?id=CVE-2026-34980 https://nvd.nist.gov/vuln/detail/CVE-2026-34980 https://github.com/OpenPrinting/cups/security/advisories/GHSA-4852-v58g-6cwf https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-34980.json", "severity": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "cups", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "0fCtWwB6iclgRvIA+IqiJQ==": { "id": "0fCtWwB6iclgRvIA+IqiJQ==", "updater": "rhel-vex", "name": "CVE-2026-1484", "description": "A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the library may miscalculate buffer boundaries. This can cause memory writes outside the allocated buffer. Applications that process untrusted or extremely large Base64 input using GLib may crash or behave unpredictably.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-1484 https://bugzilla.redhat.com/show_bug.cgi?id=2433259 https://www.cve.org/CVERecord?id=CVE-2026-1484 https://nvd.nist.gov/vuln/detail/CVE-2026-1484 https://gitlab.gnome.org/GNOME/glib/-/issues/3870 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1484.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "0nQ3GJDLY22M176Z5ESg6A==": { "id": "0nQ3GJDLY22M176Z5ESg6A==", "updater": "rhel-vex", "name": "CVE-2025-68972", "description": "A flaw was found in GnuPG. An adversary can exploit this vulnerability by crafting a signed message that includes a form feed character (\\f) at the end of a plaintext line. This allows the adversary to append additional, unsigned text to the message while the signature verification still reports success. This issue leads to an integrity bypass, potentially enabling the spoofing of signed communications.", "issued": "2025-12-27T22:52:30Z", "links": "https://access.redhat.com/security/cve/CVE-2025-68972 https://bugzilla.redhat.com/show_bug.cgi?id=2425646 https://www.cve.org/CVERecord?id=CVE-2025-68972 https://nvd.nist.gov/vuln/detail/CVE-2025-68972 https://gpg.fail/formfeed https://news.ycombinator.com/item?id=46404339 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-68972.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "1lUHOMB3ANHGWpqCBv9Ynw==": { "id": "1lUHOMB3ANHGWpqCBv9Ynw==", "updater": "rhel-vex", "name": "CVE-2026-4105", "description": "A flaw was found in systemd. The systemd-machined service contains an Improper Access Control vulnerability due to insufficient validation of the class parameter in the RegisterMachine D-Bus (Desktop Bus) method. A local unprivileged user can exploit this by attempting to register a machine with a specific class value, which may leave behind a usable, attacker-controlled machine object. This allows the attacker to invoke methods on the privileged object, leading to the execution of arbitrary commands with root privileges on the host system.", "issued": "2026-03-13T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4105 https://bugzilla.redhat.com/show_bug.cgi?id=2447262 https://www.cve.org/CVERecord?id=CVE-2026-4105 https://nvd.nist.gov/vuln/detail/CVE-2026-4105 https://github.com/systemd/systemd/security/advisories/GHSA-4h6x-r8vx-3862 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4105.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "1vG4ZYIu07BTj9XJ+a+P9Q==": { "id": "1vG4ZYIu07BTj9XJ+a+P9Q==", "updater": "rhel-vex", "name": "CVE-2026-27171", "description": "A flaw was found in zlib. An attacker providing specially crafted input to the `crc32_combine64` or `crc32_combine_gen64` functions could trigger an infinite loop within the `x2nmodp` function. This leads to excessive CPU consumption, which can result in a Denial of Service (DoS) for the affected system.", "issued": "2026-02-18T02:36:19Z", "links": "https://access.redhat.com/security/cve/CVE-2026-27171 https://bugzilla.redhat.com/show_bug.cgi?id=2440530 https://www.cve.org/CVERecord?id=CVE-2026-27171 https://nvd.nist.gov/vuln/detail/CVE-2026-27171 https://7asecurity.com/blog/2026/02/zlib-7asecurity-audit/ https://7asecurity.com/reports/pentest-report-zlib-RC1.1.pdf https://github.com/madler/zlib/issues/904 https://github.com/madler/zlib/releases/tag/v1.3.2 https://ostif.org/zlib-audit-complete/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-27171.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "java-17-openjdk", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "29qrZyz+fmdn9Nzjpl2/Pg==": { "id": "29qrZyz+fmdn9Nzjpl2/Pg==", "updater": "rhel-vex", "name": "CVE-2026-22693", "description": "A null pointer dereference vector has been discovered in the harfbuzz package. A null pointer dereference vulnerability exists in the SubtableUnicodesCache::create function located in src/hb-ot-cmap-table.hh:1672-1673. The function fails to check if hb_malloc returns NULL before using placement new to construct an object at the returned pointer address. When hb_malloc fails to allocate memory (which can occur in low-memory conditions or when using custom allocators that simulate allocation failures), it returns NULL. The code then attempts to call the constructor on this null pointer using placement new syntax, resulting in undefined behavior and a Segmentation Fault.", "issued": "2026-01-10T05:53:21Z", "links": "https://access.redhat.com/security/cve/CVE-2026-22693 https://bugzilla.redhat.com/show_bug.cgi?id=2428439 https://www.cve.org/CVERecord?id=CVE-2026-22693 https://nvd.nist.gov/vuln/detail/CVE-2026-22693 https://github.com/harfbuzz/harfbuzz/commit/1265ff8d990284f04d8768f35b0e20ae5f60daae https://github.com/harfbuzz/harfbuzz/security/advisories/GHSA-xvjr-f2r9-c7ww https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-22693.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "2U8ppg+02PjFDuM5YqFstQ==": { "id": "2U8ppg+02PjFDuM5YqFstQ==", "updater": "rhel-vex", "name": "CVE-2025-15282", "description": "Missing newline filtering has been discovered in Python. User-controlled data URLs parsed by urllib.request.DataHandler allow injecting headers through newlines in the data URL mediatype.", "issued": "2026-01-20T21:35:13Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15282 https://bugzilla.redhat.com/show_bug.cgi?id=2431366 https://www.cve.org/CVERecord?id=CVE-2025-15282 https://nvd.nist.gov/vuln/detail/CVE-2025-15282 https://github.com/python/cpython/issues/143925 https://github.com/python/cpython/pull/143926 https://mail.python.org/archives/list/security-announce@python.org/thread/X66HL7SISGJT33J53OHXMZT4DFLMHVKF/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15282.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "3IgZDz5UYkhu/U1/4kSWKg==": { "id": "3IgZDz5UYkhu/U1/4kSWKg==", "updater": "rhel-vex", "name": "CVE-2021-25317", "description": "It was found that some Linux vendors may assign the ownership of the /var/log/cups directory to the `lp` user. This could allow an attacker with such privileges to create empty files in arbitrary locations, or to force arbitrary files to be opened and closed, using a symlink attack. This has a low impact on the integrity of the system.", "issued": "2021-04-29T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-25317 https://bugzilla.redhat.com/show_bug.cgi?id=1949119 https://www.cve.org/CVERecord?id=CVE-2021-25317 https://nvd.nist.gov/vuln/detail/CVE-2021-25317 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-25317.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "cups", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "3O4IzHXnRQMZXCe1gYATvw==": { "id": "3O4IzHXnRQMZXCe1gYATvw==", "updater": "rhel-vex", "name": "CVE-2026-22185", "description": "A flaw was found in OpenLDAP Lightning Memory-Mapped Database (LMDB) mdb_load. When processing malformed input, a local attacker can exploit a heap buffer underflow vulnerability in the readline() function. This can lead to an out-of-bounds read, potentially causing a denial of service (DoS) and limited disclosure of heap memory contents.", "issued": "2026-01-07T20:26:30Z", "links": "https://access.redhat.com/security/cve/CVE-2026-22185 https://bugzilla.redhat.com/show_bug.cgi?id=2427679 https://www.cve.org/CVERecord?id=CVE-2026-22185 https://nvd.nist.gov/vuln/detail/CVE-2026-22185 https://seclists.org/fulldisclosure/2026/Jan/5 https://seclists.org/fulldisclosure/2026/Jan/8 https://www.openldap.org/ https://www.vulncheck.com/advisories/openldap-lmdb-mdb-load-heap-buffer-underflow-in-readline https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-22185.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "openldap", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "4/mftydHpy90Umw3G0mTuQ==": { "id": "4/mftydHpy90Umw3G0mTuQ==", "updater": "rhel-vex", "name": "CVE-2018-1000879", "description": "libarchive version commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 onwards (release v3.3.0 onwards) contains a CWE-476: NULL Pointer Dereference vulnerability in ACL parser - libarchive/archive_acl.c, archive_acl_from_text_l() that can result in Crash/DoS. This attack appear to be exploitable via the victim must open a specially crafted archive file.", "issued": "2018-11-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2018-1000879 https://bugzilla.redhat.com/show_bug.cgi?id=1663890 https://www.cve.org/CVERecord?id=CVE-2018-1000879 https://nvd.nist.gov/vuln/detail/CVE-2018-1000879 https://security.access.redhat.com/data/csaf/v2/vex/2018/cve-2018-1000879.json", "severity": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "5B1tQ2BK8z/YjRkYcvwqag==": { "id": "5B1tQ2BK8z/YjRkYcvwqag==", "updater": "rhel-vex", "name": "CVE-2019-19244", "description": "A flaw was found in the way SQLite handled certain types of SQL queries using DISTINCT, OVER and ORDER BY clauses. A remote attacker could exploit this flaw by providing a malicious SQL query that, when processed by an application linked to SQLite, would crash the application causing a denial of service.", "issued": "2019-11-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2019-19244 https://bugzilla.redhat.com/show_bug.cgi?id=1777945 https://www.cve.org/CVERecord?id=CVE-2019-19244 https://nvd.nist.gov/vuln/detail/CVE-2019-19244 https://security.access.redhat.com/data/csaf/v2/vex/2019/cve-2019-19244.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "sqlite", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "5ZHvcDYhgzWjwNpRgF2u1w==": { "id": "5ZHvcDYhgzWjwNpRgF2u1w==", "updater": "rhel-vex", "name": "CVE-2025-1795", "description": "A flaw was found in Python. When a separating comma ends up on a folded line during an address list folding of email headers, the comma is unintentionally unicode encoded. The expected behavior is that the separating comma remains unencoded. This can result in the address header being misinterpreted by some mail servers.", "issued": "2025-02-28T18:59:31Z", "links": "https://access.redhat.com/security/cve/CVE-2025-1795 https://bugzilla.redhat.com/show_bug.cgi?id=2349061 https://www.cve.org/CVERecord?id=CVE-2025-1795 https://nvd.nist.gov/vuln/detail/CVE-2025-1795 https://github.com/python/cpython/commit/09fab93c3d857496c0bd162797fab816c311ee48 https://github.com/python/cpython/commit/70754d21c288535e86070ca7a6e90dcb670b8593 https://github.com/python/cpython/commit/9148b77e0af91cdacaa7fe3dfac09635c3fe9a74 https://github.com/python/cpython/issues/100884 https://github.com/python/cpython/pull/100885 https://github.com/python/cpython/pull/119099 https://mail.python.org/archives/list/security-announce@python.org/thread/MB62IZMEC3UM6SGHP5LET5JX2Y7H4ZUR/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-1795.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "673FKazcUiydbfN5c6amaw==": { "id": "673FKazcUiydbfN5c6amaw==", "updater": "rhel-vex", "name": "CVE-2020-19190", "description": "A flaw has been identified in the ncurses library. This issue occurs when processing a crafted terminfo database, causing a heap-based buffer overflow, resulting in an application crash.", "issued": "2019-05-03T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-19190 https://bugzilla.redhat.com/show_bug.cgi?id=2234923 https://www.cve.org/CVERecord?id=CVE-2020-19190 https://nvd.nist.gov/vuln/detail/CVE-2020-19190 https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-19190.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "6Cqvzp5JbuVfHsuYnIJNFw==": { "id": "6Cqvzp5JbuVfHsuYnIJNFw==", "updater": "rhel-vex", "name": "CVE-2026-4438", "description": "A flaw was found in the GNU C library (glibc). When applications use the `gethostbyaddr` or `gethostbyaddr_r` functions with a `nsswitch.conf` configuration that specifies glibc's DNS backend, the library may return an invalid DNS hostname. This violates the DNS specification and could lead to applications receiving incorrect hostname information, potentially impacting network operations or security decisions.", "issued": "2026-03-20T19:59:06Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4438 https://bugzilla.redhat.com/show_bug.cgi?id=2449783 https://www.cve.org/CVERecord?id=CVE-2026-4438 https://nvd.nist.gov/vuln/detail/CVE-2026-4438 https://sourceware.org/bugzilla/show_bug.cgi?id=34015 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4438.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "6FQUI3OxX4C5skWXKgq80Q==": { "id": "6FQUI3OxX4C5skWXKgq80Q==", "updater": "rhel-vex", "name": "CVE-2023-0464", "description": "A security vulnerability has been identified in all supported OpenSSL versions related to verifying X.509 certificate chains that include policy constraints. This flaw allows attackers to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial of service (DoS) attack on affected systems. Policy processing is disabled by default but can be enabled by passing the -policy' argument to the command line utilities or calling the X509_VERIFY_PARAM_set1_policies()' function.", "issued": "2023-03-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-0464 https://bugzilla.redhat.com/show_bug.cgi?id=2181082 https://www.cve.org/CVERecord?id=CVE-2023-0464 https://nvd.nist.gov/vuln/detail/CVE-2023-0464 https://www.openssl.org/news/secadv/20230322.txt https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-0464.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "6Xr5PbPGSy+aHLDQ9q4L9w==": { "id": "6Xr5PbPGSy+aHLDQ9q4L9w==", "updater": "rhel-vex", "name": "CVE-2026-1502", "description": "A flaw was found in Python. This vulnerability allows for the injection of extra information into HTTP communication. Specifically, the system does not properly prevent special characters (carriage return and line feed) from being included in HTTP client proxy tunnel headers or host fields.", "issued": "2026-04-10T17:54:44Z", "links": "https://access.redhat.com/security/cve/CVE-2026-1502 https://bugzilla.redhat.com/show_bug.cgi?id=2457409 https://www.cve.org/CVERecord?id=CVE-2026-1502 https://nvd.nist.gov/vuln/detail/CVE-2026-1502 https://github.com/python/cpython/commit/05ed7ce7ae9e17c23a04085b2539fe6d6d3cef69 https://github.com/python/cpython/issues/146211 https://github.com/python/cpython/pull/146212 https://mail.python.org/archives/list/security-announce@python.org/thread/2IVPAEQWUJBCTQZEJEVTYCIKSMQPGRZ3/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1502.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "6p6EeZQEuYkK2CtO4ey3Ag==": { "id": "6p6EeZQEuYkK2CtO4ey3Ag==", "updater": "rhel-vex", "name": "CVE-2025-66293", "description": "An out of bounds read vulnerability has been discovered in libpng. This vulnerability is in libpng's simplified API allows reading up to 1012 bytes beyond the png_sRGB_base[512] array when processing valid palette PNG images with partial transparency and gamma correction. The PNG files that trigger this vulnerability are valid per the PNG specification; the bug is in libpng's internal state management.", "issued": "2025-12-03T20:33:57Z", "links": "https://access.redhat.com/security/cve/CVE-2025-66293 https://bugzilla.redhat.com/show_bug.cgi?id=2418711 https://www.cve.org/CVERecord?id=CVE-2025-66293 https://nvd.nist.gov/vuln/detail/CVE-2025-66293 https://github.com/pnggroup/libpng/commit/788a624d7387a758ffd5c7ab010f1870dea753a1 https://github.com/pnggroup/libpng/commit/a05a48b756de63e3234ea6b3b938b8f5f862484a https://github.com/pnggroup/libpng/issues/764 https://github.com/pnggroup/libpng/security/advisories/GHSA-9mpm-9pxh-mg4f https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-66293.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", "normalized_severity": "High", "package": { "id": "", "name": "java-17-openjdk", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "7Puka2o1jq4jSr2Hekrfhg==": { "id": "7Puka2o1jq4jSr2Hekrfhg==", "updater": "rhel-vex", "name": "CVE-2026-1757", "description": "A flaw was identified in the interactive shell of the xmllint utility, part of the libxml2 project, where memory allocated for user input is not properly released under certain conditions. When a user submits input consisting only of whitespace, the program skips command execution but fails to free the allocated buffer. Repeating this action causes memory to continuously accumulate. Over time, this can exhaust system memory and terminate the xmllint process, creating a denial-of-service condition on the local system.", "issued": "2026-02-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-1757 https://bugzilla.redhat.com/show_bug.cgi?id=2435940 https://www.cve.org/CVERecord?id=CVE-2026-1757 https://nvd.nist.gov/vuln/detail/CVE-2026-1757 https://gitlab.gnome.org/GNOME/libxml2/-/issues/1009 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1757.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "7lnphmrb/VojuhlikpNO5w==": { "id": "7lnphmrb/VojuhlikpNO5w==", "updater": "rhel-vex", "name": "CVE-2026-24401", "description": "A flaw was found in Avahi, a system that enables devices to discover services on a local network. A remote attacker can exploit this vulnerability by sending a specially crafted mDNS (multicast Domain Name System) response containing a recursive CNAME (Canonical Name) record. This triggers an uncontrolled recursion within the avahi-daemon process, leading to stack exhaustion and causing the service to crash. This results in a denial of service (DoS) for affected systems.", "issued": "2026-01-24T01:25:02Z", "links": "https://access.redhat.com/security/cve/CVE-2026-24401 https://bugzilla.redhat.com/show_bug.cgi?id=2432534 https://www.cve.org/CVERecord?id=CVE-2026-24401 https://nvd.nist.gov/vuln/detail/CVE-2026-24401 https://github.com/avahi/avahi/commit/78eab31128479f06e30beb8c1cbf99dd921e2524 https://github.com/avahi/avahi/issues/501 https://github.com/avahi/avahi/security/advisories/GHSA-h4vp-5m8j-f6w3 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-24401.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "avahi", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "86unVXyTxdffdcXWZTYw5g==": { "id": "86unVXyTxdffdcXWZTYw5g==", "updater": "rhel-vex", "name": "CVE-2023-0465", "description": "A flaw was found in OpenSSL. Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. OpenSSL and other certificate policy checks silently ignore invalid certificate policies in leaf certificates that are skipped for that certificate. A malicious CA could use this to deliberately assert invalid certificate policies to circumvent policy checking on the certificate altogether. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function.", "issued": "2023-03-28T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-0465 https://bugzilla.redhat.com/show_bug.cgi?id=2182561 https://www.cve.org/CVERecord?id=CVE-2023-0465 https://nvd.nist.gov/vuln/detail/CVE-2023-0465 https://www.openssl.org/news/secadv/20230328.txt https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-0465.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "8D3i4K1ylUr5dGk9imV9zA==": { "id": "8D3i4K1ylUr5dGk9imV9zA==", "updater": "rhel-vex", "name": "CVE-2025-69420", "description": "A flaw was found in OpenSSL. A type confusion vulnerability exists in the TimeStamp Response verification code, where an ASN1_TYPE union member is accessed without proper type validation. A remote attacker can exploit this by providing a malformed TimeStamp Response to an application that verifies timestamp responses. This can lead to an invalid or NULL pointer dereference, resulting in a Denial of Service (DoS) due to an application crash.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-69420 https://bugzilla.redhat.com/show_bug.cgi?id=2430388 https://www.cve.org/CVERecord?id=CVE-2025-69420 https://nvd.nist.gov/vuln/detail/CVE-2025-69420 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69420.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "8I2jFG8JRR+6+eqqYlXhAg==": { "id": "8I2jFG8JRR+6+eqqYlXhAg==", "updater": "rhel-vex", "name": "CVE-2018-20225", "description": "A vulnerability was found in python-pip due to a flaw in the --extra-index-url option, where it installs the version with the highest version number, even if the user intended to obtain a private package from a private index. Exploitation requires that the package does not already exist in the public index, allowing an attacker to place the package there with an arbitrary version number.", "issued": "2020-04-28T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2018-20225 https://bugzilla.redhat.com/show_bug.cgi?id=1835736 https://www.cve.org/CVERecord?id=CVE-2018-20225 https://nvd.nist.gov/vuln/detail/CVE-2018-20225 https://cowlicks.website/posts/arbitrary-code-execution-from-pips-extra-index-url.html https://security.access.redhat.com/data/csaf/v2/vex/2018/cve-2018-20225.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "python-pip", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "8KJb4x3mXgChaQULEsid2A==": { "id": "8KJb4x3mXgChaQULEsid2A==", "updater": "rhel-vex", "name": "CVE-2025-15224", "description": "A flaw was found in libcurl. When doing SSH-based transfers using either SCP or SFTP, and asked to do\npublic key authentication, curl would wrongly still ask and authenticate using\na locally running SSH agent.", "issued": "2026-01-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15224 https://bugzilla.redhat.com/show_bug.cgi?id=2426410 https://www.cve.org/CVERecord?id=CVE-2025-15224 https://nvd.nist.gov/vuln/detail/CVE-2025-15224 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15224.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "8Sec+JvKiQWGqYCOBdZhjg==": { "id": "8Sec+JvKiQWGqYCOBdZhjg==", "updater": "rhel-vex", "name": "CVE-2025-5918", "description": "A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memory corruption, or a denial-of-service condition.", "issued": "2025-05-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5918 https://bugzilla.redhat.com/show_bug.cgi?id=2370877 https://www.cve.org/CVERecord?id=CVE-2025-5918 https://nvd.nist.gov/vuln/detail/CVE-2025-5918 https://github.com/libarchive/libarchive/pull/2584 https://github.com/libarchive/libarchive/releases/tag/v3.8.0 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5918.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "8TgjbHNGzIFm7/fF9DBU7Q==": { "id": "8TgjbHNGzIFm7/fF9DBU7Q==", "updater": "rhel-vex", "name": "CVE-2026-34757", "description": "A flaw was found in libpng, a library used for handling PNG (Portable Network Graphics) image files. This vulnerability arises when an application reuses a pointer, previously obtained from functions like png_get_PLTE, by passing it back to a corresponding setter function within the same image structure. This action causes the setter to access memory that has already been deallocated, leading to a use-after-free condition. A local attacker could potentially exploit this flaw to corrupt image metadata or disclose sensitive information from the application's memory.", "issued": "2026-04-09T14:41:18Z", "links": "https://access.redhat.com/security/cve/CVE-2026-34757 https://bugzilla.redhat.com/show_bug.cgi?id=2456918 https://www.cve.org/CVERecord?id=CVE-2026-34757 https://nvd.nist.gov/vuln/detail/CVE-2026-34757 https://github.com/pnggroup/libpng/commit/398cbe3df03f4e11bb031e07f416dfdde3684e8a https://github.com/pnggroup/libpng/commit/55d20aaa322c9274491cda82c5cd4f99b48c6bcc https://github.com/pnggroup/libpng/issues/836 https://github.com/pnggroup/libpng/issues/837 https://github.com/pnggroup/libpng/security/advisories/GHSA-6fr7-g8h7-v645 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-34757.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "8ZxbhBIT+9Mj99/XbMpLSQ==": { "id": "8ZxbhBIT+9Mj99/XbMpLSQ==", "updater": "rhel-vex", "name": "CVE-2024-0232", "description": "A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading to a denial of service.", "issued": "2023-10-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-0232 https://bugzilla.redhat.com/show_bug.cgi?id=2243754 https://www.cve.org/CVERecord?id=CVE-2024-0232 https://nvd.nist.gov/vuln/detail/CVE-2024-0232 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-0232.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "sqlite", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "8qOJVWAut1+UqTXPOWH12g==": { "id": "8qOJVWAut1+UqTXPOWH12g==", "updater": "rhel-vex", "name": "CVE-2025-8291", "description": "A zip file handling flaw has been discovered in the python standard library `zipfile` module. The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory (EOCD) Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be abused to create ZIP archives that are handled differently by the 'zipfile' module compared to other ZIP implementations.", "issued": "2025-10-07T18:10:05Z", "links": "https://access.redhat.com/security/cve/CVE-2025-8291 https://bugzilla.redhat.com/show_bug.cgi?id=2402342 https://www.cve.org/CVERecord?id=CVE-2025-8291 https://nvd.nist.gov/vuln/detail/CVE-2025-8291 https://github.com/python/cpython/commit/162997bb70e067668c039700141770687bc8f267 https://github.com/python/cpython/commit/333d4a6f4967d3ace91492a39ededbcf3faa76a6 https://github.com/python/cpython/issues/139700 https://github.com/python/cpython/pull/139702 https://mail.python.org/archives/list/security-announce@python.org/thread/QECOPWMTH4VPPJAXAH2BGTA4XADOP62G/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-8291.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "8rvqTFlh9aOz4UvxQN0SBQ==": { "id": "8rvqTFlh9aOz4UvxQN0SBQ==", "updater": "rhel-vex", "name": "CVE-2026-3479", "description": "A flaw was found in Python's `pkgutil.get_data()` function, which is used to retrieve data from packages. This function did not properly validate the `resource` argument, allowing a local attacker to perform path traversal attacks. Path traversal enables an attacker to access files and directories stored outside the intended root directory, potentially leading to information disclosure or unintended file access.", "issued": "2026-03-18T18:13:42Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3479 https://bugzilla.redhat.com/show_bug.cgi?id=2448746 https://www.cve.org/CVERecord?id=CVE-2026-3479 https://nvd.nist.gov/vuln/detail/CVE-2026-3479 https://github.com/python/cpython/issues/146121 https://github.com/python/cpython/pull/146122 https://mail.python.org/archives/list/security-announce@python.org/thread/WYLLVQOOCKGK73JM7Z7ZSNOJC4N7BAWY/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3479.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "8rxYDEPu2XxazQ3cBUhX0Q==": { "id": "8rxYDEPu2XxazQ3cBUhX0Q==", "updater": "rhel-vex", "name": "CVE-2019-9923", "description": "pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers.", "issued": "2019-01-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2019-9923 https://bugzilla.redhat.com/show_bug.cgi?id=1691764 https://www.cve.org/CVERecord?id=CVE-2019-9923 https://nvd.nist.gov/vuln/detail/CVE-2019-9923 https://security.access.redhat.com/data/csaf/v2/vex/2019/cve-2019-9923.json", "severity": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "tar", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "92KuvWwbPhsQNPu0knrHAQ==": { "id": "92KuvWwbPhsQNPu0knrHAQ==", "updater": "rhel-vex", "name": "CVE-2025-6170", "description": "A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections.", "issued": "2025-06-16T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-6170 https://bugzilla.redhat.com/show_bug.cgi?id=2372952 https://www.cve.org/CVERecord?id=CVE-2025-6170 https://nvd.nist.gov/vuln/detail/CVE-2025-6170 https://gitlab.gnome.org/GNOME/libxml2/-/issues/941 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-6170.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "97PwDrD8knMveLXwKCvQjA==": { "id": "97PwDrD8knMveLXwKCvQjA==", "updater": "rhel-vex", "name": "CVE-2026-22795", "description": "A flaw was found in OpenSSL. This type confusion vulnerability allows a remote attacker to cause a Denial of Service (DoS) by tricking a user or application into processing a maliciously crafted PKCS#12 (Personal Information Exchange Syntax Standard) file. The vulnerability leads to an invalid or NULL pointer dereference, resulting in an application crash.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-22795 https://bugzilla.redhat.com/show_bug.cgi?id=2430389 https://www.cve.org/CVERecord?id=CVE-2026-22795 https://nvd.nist.gov/vuln/detail/CVE-2026-22795 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-22795.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "9jHXNtwzqlOir/Op7pd9+w==": { "id": "9jHXNtwzqlOir/Op7pd9+w==", "updater": "rhel-vex", "name": "CVE-2025-68276", "description": "A flaw was found in Avahi, a system that facilitates service discovery on a local network. An unprivileged local user can exploit this vulnerability by creating record browsers with the AVAHI_LOOKUP_USE_WIDE_AREA flag set via D-Bus. This can lead to a Denial of Service (DoS) by crashing the avahi-daemon, making the service unavailable.", "issued": "2026-01-12T17:31:49Z", "links": "https://access.redhat.com/security/cve/CVE-2025-68276 https://bugzilla.redhat.com/show_bug.cgi?id=2428713 https://www.cve.org/CVERecord?id=CVE-2025-68276 https://nvd.nist.gov/vuln/detail/CVE-2025-68276 https://github.com/avahi/avahi/commit/ede7048475c5d47d53890e3bc1350dda8e0b3688 https://github.com/avahi/avahi/pull/806 https://github.com/avahi/avahi/security/advisories/GHSA-mhf3-865v-g5rc https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-68276.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "avahi", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "9oBjtBiHtz7+Hwc4swPaAw==": { "id": "9oBjtBiHtz7+Hwc4swPaAw==", "updater": "rhel-vex", "name": "CVE-2026-34979", "description": "A flaw was found in OpenPrinting CUPS. A remote attacker could exploit a heap-based buffer overflow by sending specially crafted job attributes when building filter option strings. This could lead to a denial of service, making the printing system unavailable.", "issued": "2026-04-03T21:16:38Z", "links": "https://access.redhat.com/security/cve/CVE-2026-34979 https://bugzilla.redhat.com/show_bug.cgi?id=2454946 https://www.cve.org/CVERecord?id=CVE-2026-34979 https://nvd.nist.gov/vuln/detail/CVE-2026-34979 https://github.com/OpenPrinting/cups/security/advisories/GHSA-6qxf-7jx6-86fh https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-34979.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "cups", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "9uK7ZDYgFtqP786n0QunAg==": { "id": "9uK7ZDYgFtqP786n0QunAg==", "updater": "rhel-vex", "name": "CVE-2023-39804", "description": "A flaw was found in tar. This issue occurs when extended attributes are processed in PAX archives, and could allow an attacker to cause an application crash, resulting in a denial of service.", "issued": "2023-12-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-39804 https://bugzilla.redhat.com/show_bug.cgi?id=2254067 https://www.cve.org/CVERecord?id=CVE-2023-39804 https://nvd.nist.gov/vuln/detail/CVE-2023-39804 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-39804.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "tar", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "9zRC9UwUH2bQs1UcHQ5UTQ==": { "id": "9zRC9UwUH2bQs1UcHQ5UTQ==", "updater": "rhel-vex", "name": "CVE-2019-9937", "description": "In SQLite 3.27.2, interleaving reads and writes in a single transaction with an fts5 virtual table will lead to a NULL Pointer Dereference in fts5ChunkIterate in sqlite3.c. This is related to ext/fts5/fts5_hash.c and ext/fts5/fts5_index.c.", "issued": "2019-03-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2019-9937 https://bugzilla.redhat.com/show_bug.cgi?id=1692357 https://www.cve.org/CVERecord?id=CVE-2019-9937 https://nvd.nist.gov/vuln/detail/CVE-2019-9937 https://security.access.redhat.com/data/csaf/v2/vex/2019/cve-2019-9937.json", "severity": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "sqlite", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "A1UDSDMkPKOSx7ma/geQyg==": { "id": "A1UDSDMkPKOSx7ma/geQyg==", "updater": "rhel-vex", "name": "CVE-2025-68468", "description": "A flaw was found in Avahi. A remote attacker can cause a Denial of Service (DoS) by sending specially crafted unsolicited announcements containing CNAME resource records. These records, when pointing to other resource records with short Time-To-Live (TTL) values, can lead to the `avahi-daemon` crashing once they expire. This vulnerability impacts the availability of services relying on Avahi's service discovery.", "issued": "2026-01-12T17:38:10Z", "links": "https://access.redhat.com/security/cve/CVE-2025-68468 https://bugzilla.redhat.com/show_bug.cgi?id=2428714 https://www.cve.org/CVERecord?id=CVE-2025-68468 https://nvd.nist.gov/vuln/detail/CVE-2025-68468 https://github.com/avahi/avahi/commit/f66be13d7f31a3ef806d226bf8b67240179d309a https://github.com/avahi/avahi/issues/683 https://github.com/avahi/avahi/security/advisories/GHSA-cp79-r4x9-vf52 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-68468.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "avahi", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "AE8Cp1u8I9t52OYW7oGU4w==": { "id": "AE8Cp1u8I9t52OYW7oGU4w==", "updater": "rhel-vex", "name": "CVE-2024-57970", "description": "A flaw was found in the libarchive library. A specially-crafted tar file may trigger a head-based buffer over-read condition due to incorrect handling of truncation in the middle of a long GNU linkname. This issue can cause an application crash leading to a denial of service.", "issued": "2025-02-16T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-57970 https://bugzilla.redhat.com/show_bug.cgi?id=2345954 https://www.cve.org/CVERecord?id=CVE-2024-57970 https://nvd.nist.gov/vuln/detail/CVE-2024-57970 https://github.com/libarchive/libarchive/issues/2415 https://github.com/libarchive/libarchive/pull/2422 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-57970.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "AZQ9MHTiNLYiRU7sYZlVGw==": { "id": "AZQ9MHTiNLYiRU7sYZlVGw==", "updater": "rhel-vex", "name": "CVE-2022-4899", "description": "A vulnerability was found in zstd. This flaw allows an attacker to supply an empty string as an argument to the command line tool to cause a buffer overrun.", "issued": "2022-07-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-4899 https://bugzilla.redhat.com/show_bug.cgi?id=2179864 https://www.cve.org/CVERecord?id=CVE-2022-4899 https://nvd.nist.gov/vuln/detail/CVE-2022-4899 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-4899.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "zstd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "B5eXEM8SeidgdpzXoFJFGQ==": { "id": "B5eXEM8SeidgdpzXoFJFGQ==", "updater": "rhel-vex", "name": "CVE-2026-33636", "description": "A flaw was found in libpng. A remote attacker could exploit an out-of-bounds read and write vulnerability in the ARM/AArch64 Neon-optimized palette expansion path. This occurs when processing a final partial chunk of 8-bit paletted rows without verifying sufficient input pixels, leading to dereferencing pointers before the start of the row buffer and writing expanded pixel data to underflowed positions. This flaw can result in information disclosure and denial of service.", "issued": "2026-03-26T16:51:58Z", "links": "https://access.redhat.com/security/cve/CVE-2026-33636 https://bugzilla.redhat.com/show_bug.cgi?id=2451819 https://www.cve.org/CVERecord?id=CVE-2026-33636 https://nvd.nist.gov/vuln/detail/CVE-2026-33636 https://github.com/pnggroup/libpng/commit/7734cda20cf1236aef60f3bbd2267c97bbb40869 https://github.com/pnggroup/libpng/commit/aba9f18eba870d14fb52c5ba5d73451349e339c3 https://github.com/pnggroup/libpng/security/advisories/GHSA-wjr5-c57x-95m2 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33636.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "BV++s35Ur4bQRS6HK0QCIA==": { "id": "BV++s35Ur4bQRS6HK0QCIA==", "updater": "rhel-vex", "name": "CVE-2026-31789", "description": "A flaw was found in OpenSSL. This vulnerability, a heap buffer overflow, affects 32-bit systems when processing an unusually large X.509 certificate. If an application or service attempts to print or log such a specially crafted certificate, it could lead to a system crash or potentially allow an attacker to execute arbitrary code. This issue is considered low severity due to the specific conditions required for exploitation, including the need for an extremely large certificate and a 32-bit operating environment.", "issued": "2026-04-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-31789 https://bugzilla.redhat.com/show_bug.cgi?id=2451095 https://www.cve.org/CVERecord?id=CVE-2026-31789 https://nvd.nist.gov/vuln/detail/CVE-2026-31789 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-31789.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Bgew407C4GMDdNe8dNeN7w==": { "id": "Bgew407C4GMDdNe8dNeN7w==", "updater": "rhel-vex", "name": "CVE-2024-52615", "description": "A flaw was found in Avahi-daemon, which relies on fixed source ports for wide-area DNS queries. This issue simplifies attacks where malicious DNS responses are injected.", "issued": "2024-11-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-52615 https://bugzilla.redhat.com/show_bug.cgi?id=2326418 https://www.cve.org/CVERecord?id=CVE-2024-52615 https://nvd.nist.gov/vuln/detail/CVE-2024-52615 https://github.com/avahi/avahi/pull/577 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-52615.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "avahi", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "BooDzA4nzaDI1l3E5zAHgg==": { "id": "BooDzA4nzaDI1l3E5zAHgg==", "updater": "rhel-vex", "name": "CVE-2021-3997", "description": "A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp.", "issued": "2022-01-10T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-3997 https://bugzilla.redhat.com/show_bug.cgi?id=2024639 https://www.cve.org/CVERecord?id=CVE-2021-3997 https://nvd.nist.gov/vuln/detail/CVE-2021-3997 https://www.openwall.com/lists/oss-security/2022/01/10/2 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-3997.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "DDWmqlxBSfXi2KJJ5mwTNg==": { "id": "DDWmqlxBSfXi2KJJ5mwTNg==", "updater": "rhel-vex", "name": "CVE-2025-60753", "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", "issued": "2025-11-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-60753 https://bugzilla.redhat.com/show_bug.cgi?id=2412648 https://www.cve.org/CVERecord?id=CVE-2025-60753 https://nvd.nist.gov/vuln/detail/CVE-2025-60753 https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753 https://github.com/libarchive/libarchive/issues/2725 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-60753.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "EKs36DFwHVCzU/cF0Be9pQ==": { "id": "EKs36DFwHVCzU/cF0Be9pQ==", "updater": "rhel-vex", "name": "CVE-2023-29499", "description": "A flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to the expected format, leading to denial of service.", "issued": "2022-12-14T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-29499 https://bugzilla.redhat.com/show_bug.cgi?id=2211828 https://www.cve.org/CVERecord?id=CVE-2023-29499 https://nvd.nist.gov/vuln/detail/CVE-2023-29499 https://gitlab.gnome.org/GNOME/glib/-/issues/2794 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-29499.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "EQ4eP3gKo3y8JsWUiWr6+g==": { "id": "EQ4eP3gKo3y8JsWUiWr6+g==", "updater": "rhel-vex", "name": "CVE-2018-1000880", "description": "libarchive version commit 9693801580c0cf7c70e862d305270a16b52826a7 onwards (release v3.2.0 onwards) contains a CWE-20: Improper Input Validation vulnerability in WARC parser - libarchive/archive_read_support_format_warc.c, _warc_read() that can result in DoS - quasi-infinite run time and disk usage from tiny file. This attack appear to be exploitable via the victim must open a specially crafted WARC file.", "issued": "2018-11-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2018-1000880 https://bugzilla.redhat.com/show_bug.cgi?id=1663892 https://www.cve.org/CVERecord?id=CVE-2018-1000880 https://nvd.nist.gov/vuln/detail/CVE-2018-1000880 https://security.access.redhat.com/data/csaf/v2/vex/2018/cve-2018-1000880.json", "severity": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "EiJx6rOT8KoLX+Wu7/N6HQ==": { "id": "EiJx6rOT8KoLX+Wu7/N6HQ==", "updater": "rhel-vex", "name": "CVE-2025-27113", "description": "A flaw was found in libxml2. This vulnerability allows a NULL pointer dereference, leading to a potential crash or denial of service via a crafted XML pattern.", "issued": "2025-02-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-27113 https://bugzilla.redhat.com/show_bug.cgi?id=2346410 https://www.cve.org/CVERecord?id=CVE-2025-27113 https://nvd.nist.gov/vuln/detail/CVE-2025-27113 https://gitlab.gnome.org/GNOME/libxml2/-/issues/861 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-27113.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "EiL50P2QSOoRA18XAAH6Pg==": { "id": "EiL50P2QSOoRA18XAAH6Pg==", "updater": "rhel-vex", "name": "CVE-2023-32665", "description": "A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service.", "issued": "2022-12-14T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-32665 https://bugzilla.redhat.com/show_bug.cgi?id=2211827 https://www.cve.org/CVERecord?id=CVE-2023-32665 https://nvd.nist.gov/vuln/detail/CVE-2023-32665 https://gitlab.gnome.org/GNOME/glib/-/issues/2121 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-32665.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ElIjMFAz33tt/XVMysRkdA==": { "id": "ElIjMFAz33tt/XVMysRkdA==", "updater": "rhel-vex", "name": "CVE-2026-0988", "description": "A flaw was found in glib. Missing validation of offset and count parameters in the g_buffered_input_stream_peek() function can lead to an integer overflow during length calculation. When specially crafted values are provided, this overflow results in an incorrect size being passed to memcpy(), triggering a buffer overflow. This can cause application crashes, leading to a Denial of Service (DoS).", "issued": "2026-01-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0988 https://bugzilla.redhat.com/show_bug.cgi?id=2429886 https://www.cve.org/CVERecord?id=CVE-2026-0988 https://nvd.nist.gov/vuln/detail/CVE-2026-0988 https://gitlab.gnome.org/GNOME/glib/-/issues/3851 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0988.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "FkRDB0vpJYeh2ipqLS0/Iw==": { "id": "FkRDB0vpJYeh2ipqLS0/Iw==", "updater": "rhel-vex", "name": "CVE-2025-28164", "description": "A flaw was found in libpng. This buffer overflow vulnerability allows a local attacker to cause a denial of service (DoS) by exploiting the `png_create_read_struct()` function. This can lead to the affected system becoming unresponsive or crashing.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-28164 https://bugzilla.redhat.com/show_bug.cgi?id=2433398 https://www.cve.org/CVERecord?id=CVE-2025-28164 https://nvd.nist.gov/vuln/detail/CVE-2025-28164 https://gist.github.com/kittener/506516f8c22178005b4379c8b2a7de20 https://github.com/pnggroup/libpng/issues/655 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-28164.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Fp999hDC/lucBsNHwOlp/A==": { "id": "Fp999hDC/lucBsNHwOlp/A==", "updater": "rhel-vex", "name": "CVE-2024-13176", "description": "A timing side-channel vulnerability was found in OpenSSL. This vulnerability allows an attacker to recover the private key. However, measuring the timing would require local access to the signing application or a fast network connection with low latency. There is a timing signal of around 300 nanoseconds when the top word of the inverted ECDSA nonce value is zero. This issue can happen with significant probability only for some of the supported elliptic curves. In particular, the NIST P-521 curve is affected.", "issued": "2025-01-20T13:29:57Z", "links": "https://access.redhat.com/security/cve/CVE-2024-13176 https://bugzilla.redhat.com/show_bug.cgi?id=2338999 https://www.cve.org/CVERecord?id=CVE-2024-13176 https://nvd.nist.gov/vuln/detail/CVE-2024-13176 https://www.oracle.com/security-alerts/cpuapr2025.html#AppendixMSQL https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-13176.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "G7IyfoPhe9f8QzIGbOfn7Q==": { "id": "G7IyfoPhe9f8QzIGbOfn7Q==", "updater": "rhel-vex", "name": "CVE-2023-45322", "description": "A flaw was found in libxml2. In an out-of-memory condition or when limiting the memory allocation, processing a XML document using the HTML parser may result in a use-after-free vulnerability.", "issued": "2023-08-23T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-45322 https://bugzilla.redhat.com/show_bug.cgi?id=2242945 https://www.cve.org/CVERecord?id=CVE-2023-45322 https://nvd.nist.gov/vuln/detail/CVE-2023-45322 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-45322.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "H2CablNBrQ/I5AsUjk5xyw==": { "id": "H2CablNBrQ/I5AsUjk5xyw==", "updater": "rhel-vex", "name": "CVE-2018-20839", "description": "systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the KDGKBMODE (aka current keyboard mode) check is mishandled.", "issued": "2019-05-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2018-20839 https://bugzilla.redhat.com/show_bug.cgi?id=1716955 https://www.cve.org/CVERecord?id=CVE-2018-20839 https://nvd.nist.gov/vuln/detail/CVE-2018-20839 https://security.access.redhat.com/data/csaf/v2/vex/2018/cve-2018-20839.json", "severity": "CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "H9Ud41wofJc/QlL6Rm7WkA==": { "id": "H9Ud41wofJc/QlL6Rm7WkA==", "updater": "rhel-vex", "name": "CVE-2026-0968", "description": "A flaw was found in libssh in which a malicious SFTP (SSH File Transfer Protocol) server can exploit this by sending a malformed 'longname' field within an `SSH_FXP_NAME` message during a file listing operation. This missing null check can lead to reading beyond allocated memory on the heap. This can cause unexpected behavior or lead to a denial of service (DoS) due to application crashes.", "issued": "2026-02-10T18:46:58Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0968 https://bugzilla.redhat.com/show_bug.cgi?id=2436982 https://www.cve.org/CVERecord?id=CVE-2026-0968 https://nvd.nist.gov/vuln/detail/CVE-2026-0968 https://www.libssh.org/2026/02/10/libssh-0-12-0-and-0-11-4-security-releases/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0968.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libssh", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "HB9r/GLycEmk6aXttwtBlw==": { "id": "HB9r/GLycEmk6aXttwtBlw==", "updater": "rhel-vex", "name": "CVE-2025-11468", "description": "Missing character filtering has been discovered in Python. When folding a long comment in an email header containing exclusively unfoldable characters, the parenthesis would not be preserved. This could be used for injecting headers into email messages where addresses are user-controlled and not sanitized.", "issued": "2026-01-20T21:09:11Z", "links": "https://access.redhat.com/security/cve/CVE-2025-11468 https://bugzilla.redhat.com/show_bug.cgi?id=2431375 https://www.cve.org/CVERecord?id=CVE-2025-11468 https://nvd.nist.gov/vuln/detail/CVE-2025-11468 https://github.com/python/cpython/issues/143935 https://github.com/python/cpython/pull/143936 https://mail.python.org/archives/list/security-announce@python.org/thread/FELSEOLBI2QR6YLG6Q7VYF7FWSGQTKLI/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-11468.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "HKrLnQyTw1292mNt3MQ0aQ==": { "id": "HKrLnQyTw1292mNt3MQ0aQ==", "updater": "rhel-vex", "name": "CVE-2024-7592", "description": "A flaw was found in the `http.cookies` module in the Python package. When parsing cookies that contain backslashes, under certain circumstances, the module uses an algorithm with quadratic complexity, leading to excessive CPU consumption.", "issued": "2024-08-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-7592 https://bugzilla.redhat.com/show_bug.cgi?id=2305879 https://www.cve.org/CVERecord?id=CVE-2024-7592 https://nvd.nist.gov/vuln/detail/CVE-2024-7592 https://github.com/python/cpython/issues/123067 https://github.com/python/cpython/pull/123075 https://mail.python.org/archives/list/security-announce@python.org/thread/HXJAAAALNUNGCQUS2W7WR6GFIZIHFOOK/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-7592.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "HNpGGr9eP5twQKC3yCh1mA==": { "id": "HNpGGr9eP5twQKC3yCh1mA==", "updater": "rhel-vex", "name": "CVE-2025-5915", "description": "A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer over-read due to the size of a filter block potentially exceeding the Lempel-Ziv-Storer-Schieber (LZSS) window. This means the library may attempt to read beyond the allocated memory buffer, which can result in unpredictable program behavior, crashes (denial of service), or the disclosure of sensitive information from adjacent memory regions.", "issued": "2025-05-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5915 https://bugzilla.redhat.com/show_bug.cgi?id=2370865 https://www.cve.org/CVERecord?id=CVE-2025-5915 https://nvd.nist.gov/vuln/detail/CVE-2025-5915 https://github.com/libarchive/libarchive/pull/2599 https://github.com/libarchive/libarchive/releases/tag/v3.8.0 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5915.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "HTk+AAyRWNCrZTtBLx34Aw==": { "id": "HTk+AAyRWNCrZTtBLx34Aw==", "updater": "rhel-vex", "name": "CVE-2024-25260", "description": "A NULL pointer dereference vulnerability in the elfutils library has been discovered. This vulnerability occurs within the handle_verdef() function in the readelf.c source file. A NULL pointer dereference typically happens when a program attempts to access memory using a pointer that is not pointing anywhere (i.e., it's NULL), leading to a crash or potentially exploitable behavior.", "issued": "2024-02-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-25260 https://bugzilla.redhat.com/show_bug.cgi?id=2265194 https://www.cve.org/CVERecord?id=CVE-2024-25260 https://nvd.nist.gov/vuln/detail/CVE-2024-25260 https://github.com/schsiung/fuzzer_issues/issues/1 https://sourceware.org/bugzilla/show_bug.cgi?id=31058 https://sourceware.org/elfutils/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-25260.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "elfutils", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "HdAyLUATPStr/HXiy9fgQw==": { "id": "HdAyLUATPStr/HXiy9fgQw==", "updater": "rhel-vex", "name": "CVE-2026-0990", "description": "A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function when an XML catalog contains a delegate URI entry that references itself. A remote attacker could exploit this configuration-dependent issue by providing a specially crafted XML catalog, leading to infinite recursion and call stack exhaustion. This ultimately results in a segmentation fault, causing a Denial of Service (DoS) by crashing affected applications.", "issued": "2026-01-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0990 https://bugzilla.redhat.com/show_bug.cgi?id=2429959 https://www.cve.org/CVERecord?id=CVE-2026-0990 https://nvd.nist.gov/vuln/detail/CVE-2026-0990 https://gitlab.gnome.org/GNOME/libxml2/-/issues/1018 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0990.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "HuLJLN6ajygY/CpLyzV5lw==": { "id": "HuLJLN6ajygY/CpLyzV5lw==", "updater": "rhel-vex", "name": "CVE-2023-45803", "description": "A flaw was found in urllib3, an HTTP client library for Python. urllib3 doesn't remove the HTTP request body when an HTTP redirect response using status 301, 302, or 303, after changing the method in a request from one that could accept a request body such as `POST` to `GET`, as is required by HTTP RFCs. This issue requires a previously trusted service to become compromised in order to have an impact on confidentiality, therefore, the exploitability of this vulnerability is low. Additionally, many users aren't putting sensitive data in HTTP request bodies; if this is the case, this vulnerability isn't exploitable.", "issued": "2023-10-13T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-45803 https://bugzilla.redhat.com/show_bug.cgi?id=2246840 https://www.cve.org/CVERecord?id=CVE-2023-45803 https://nvd.nist.gov/vuln/detail/CVE-2023-45803 https://github.com/urllib3/urllib3/commit/4e98d57809dacab1cbe625fddeec1a290c478ea9 https://github.com/urllib3/urllib3/security/advisories/GHSA-g4mx-q9vg-27p4 https://www.rfc-editor.org/rfc/rfc9110.html#name-get https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-45803.json", "severity": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-pip", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "HuOxI+pWjgGV0XsBvltzlg==": { "id": "HuOxI+pWjgGV0XsBvltzlg==", "updater": "rhel-vex", "name": "CVE-2020-19187", "description": "A flaw was found in the ncurses library. This issue occurs when processing a crafted terminfo database, causing a heap-based buffer overflow, resulting in an application crash, leading to a denial of service.", "issued": "2019-05-03T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-19187 https://bugzilla.redhat.com/show_bug.cgi?id=2234911 https://www.cve.org/CVERecord?id=CVE-2020-19187 https://nvd.nist.gov/vuln/detail/CVE-2020-19187 https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-19187.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "I31WPu2ZGWOsqloSJfE2Fg==": { "id": "I31WPu2ZGWOsqloSJfE2Fg==", "updater": "rhel-vex", "name": "CVE-2026-25646", "description": "A heap based buffer overflow flaw has been discovered in LibPNG. Prior to version 1.6.55, an out-of-bounds read vulnerability exists in the png_set_quantize() API function. When the function is called with no histogram and the number of colors in the palette is more than twice the maximum supported by the user's display, certain palettes will cause the function to enter into an infinite loop that reads past the end of an internal heap-allocated buffer. The images that trigger this vulnerability are valid per the PNG specification.", "issued": "2026-02-10T17:04:38Z", "links": "https://access.redhat.com/security/cve/CVE-2026-25646 https://bugzilla.redhat.com/show_bug.cgi?id=2438542 https://www.cve.org/CVERecord?id=CVE-2026-25646 https://nvd.nist.gov/vuln/detail/CVE-2026-25646 http://www.openwall.com/lists/oss-security/2026/02/09/7 https://github.com/pnggroup/libpng/commit/01d03b8453eb30ade759cd45c707e5a1c7277d88 https://github.com/pnggroup/libpng/security/advisories/GHSA-g8hp-mq4h-rqm3 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-25646.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H", "normalized_severity": "High", "package": { "id": "", "name": "java-17-openjdk", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "IItHEdPWz5fl9O7ZhzjDAA==": { "id": "IItHEdPWz5fl9O7ZhzjDAA==", "updater": "rhel-vex", "name": "CVE-2026-0672", "description": "An injection flaw has been discovered in Python. When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control characters within cookie names, values, and parameters.", "issued": "2026-01-20T21:52:33Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0672 https://bugzilla.redhat.com/show_bug.cgi?id=2431374 https://www.cve.org/CVERecord?id=CVE-2026-0672 https://nvd.nist.gov/vuln/detail/CVE-2026-0672 https://github.com/python/cpython/issues/143919 https://github.com/python/cpython/pull/143920 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0672.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "K3eafQ/8P8PEZ3BPWZfCgg==": { "id": "K3eafQ/8P8PEZ3BPWZfCgg==", "updater": "rhel-vex", "name": "CVE-2026-27447", "description": "A flaw was found in OpenPrinting CUPS. This authorization bypass vulnerability allows an unprivileged user to gain unauthorized access to restricted operations. This can be exploited by using a username that differs only in case from an authorized user during authorization checks.", "issued": "2026-04-03T21:11:59Z", "links": "https://access.redhat.com/security/cve/CVE-2026-27447 https://bugzilla.redhat.com/show_bug.cgi?id=2454949 https://www.cve.org/CVERecord?id=CVE-2026-27447 https://nvd.nist.gov/vuln/detail/CVE-2026-27447 https://github.com/OpenPrinting/cups/commit/88516bf6d9e34cef7a64a704b856b837f70cd220 https://github.com/OpenPrinting/cups/security/advisories/GHSA-v987-m8hp-phj9 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-27447.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "cups", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "KCgCqCavM9U0xL+GHJqzSg==": { "id": "KCgCqCavM9U0xL+GHJqzSg==", "updater": "rhel-vex", "name": "CVE-2026-0964", "description": "A malicious SCP server can send unexpected paths that could make the\nclient application override local files outside of working directory.\nThis could be misused to create malicious executable or configuration\nfiles and make the user execute them under specific consequences.\n\nThis is the same issue as in OpenSSH, tracked as CVE-2019-6111.", "issued": "2026-02-10T18:44:42Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0964 https://bugzilla.redhat.com/show_bug.cgi?id=2436979 https://www.cve.org/CVERecord?id=CVE-2026-0964 https://nvd.nist.gov/vuln/detail/CVE-2026-0964 https://www.libssh.org/2026/02/10/libssh-0-12-0-and-0-11-4-security-releases/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0964.json", "severity": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "libssh", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "KExChYIaW0MvXNLWbjS/Hw==": { "id": "KExChYIaW0MvXNLWbjS/Hw==", "updater": "rhel-vex", "name": "CVE-2026-41080", "description": "A flaw was found in libexpat. A remote attacker could exploit this vulnerability by providing a specially crafted XML document that leverages insufficient entropy in the hash function. This can lead to hash flooding, a type of Denial of Service (DoS) attack, where the system becomes unresponsive or crashes due to excessive resource consumption.", "issued": "2026-04-16T16:52:01Z", "links": "https://access.redhat.com/security/cve/CVE-2026-41080 https://bugzilla.redhat.com/show_bug.cgi?id=2458967 https://www.cve.org/CVERecord?id=CVE-2026-41080 https://nvd.nist.gov/vuln/detail/CVE-2026-41080 https://github.com/libexpat/libexpat/issues/47 https://github.com/libexpat/libexpat/pull/1183 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-41080.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "KaROgE0QmtiOixMG9Wi1RA==": { "id": "KaROgE0QmtiOixMG9Wi1RA==", "updater": "rhel-vex", "name": "CVE-2023-32636", "description": "A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect glib distributors who followed the guidance of glib developers to backport the initial fix for CVE-2023-29499.", "issued": "2022-12-14T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-32636 https://bugzilla.redhat.com/show_bug.cgi?id=2211833 https://www.cve.org/CVERecord?id=CVE-2023-32636 https://nvd.nist.gov/vuln/detail/CVE-2023-32636 https://discourse.gnome.org/t/multiple-fixes-for-gvariant-normalisation-issues-in-glib/12835 https://gitlab.gnome.org/GNOME/glib/-/issues/2841 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-32636.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "L3k0cIIlkMGQFiWnZm8Mlg==": { "id": "L3k0cIIlkMGQFiWnZm8Mlg==", "updater": "rhel-vex", "name": "CVE-2025-12781", "description": "A flaw was found in the base64 module in the Python standard library. The b64decode, standard_b64decode and urlsafe_b64decode functions will always accept the '+' and '/' characters even when an alternative base64 alphabet is specified via the altchars parameter that excludes them. This input validation bypass allows malformed or unexpected data to pass through decoding filters, potentially causing logical errors or data integrity issues in applications relying on strict character sets.", "issued": "2026-01-21T19:34:47Z", "links": "https://access.redhat.com/security/cve/CVE-2025-12781 https://bugzilla.redhat.com/show_bug.cgi?id=2431736 https://www.cve.org/CVERecord?id=CVE-2025-12781 https://nvd.nist.gov/vuln/detail/CVE-2025-12781 https://github.com/python/cpython/issues/125346 https://github.com/python/cpython/pull/141128 https://mail.python.org/archives/list/security-announce@python.org/thread/KRI7GC6S27YV5NJ4FPDALS2WI5ENAFJ6/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-12781.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "L7QbkTbsy8v3tMfOqNsVKQ==": { "id": "L7QbkTbsy8v3tMfOqNsVKQ==", "updater": "rhel-vex", "name": "CVE-2024-7531", "description": "The Mozilla Foundation Security Advisory describes this flaw as:\n\nCalling PK11_Encrypt() in NSS using CKM_CHACHA20 and the same buffer for input and output can result in plaintext on Intel Sandy Bridge and later processors. In Firefox this only affects the QUIC header protection feature when the connection is using the ChaCha20-Poly1305 cipher suite. The most likely outcome is connection failure, but if the connection persists despite the high packet loss it could be possible for a network observer to identify packets as coming from the same source despite a network path change.", "issued": "2024-08-06T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-7531 https://bugzilla.redhat.com/show_bug.cgi?id=2303148 https://www.cve.org/CVERecord?id=CVE-2024-7531 https://nvd.nist.gov/vuln/detail/CVE-2024-7531 https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/#CVE-2024-7531 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-7531.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "nss", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "LWLSX4FCLbzYWK97i5Or+A==": { "id": "LWLSX4FCLbzYWK97i5Or+A==", "updater": "rhel-vex", "name": "CVE-2026-28389", "description": "A flaw was found in OpenSSL. A remote attacker could exploit this by sending a specially crafted Cryptographic Message Syntax (CMS) EnvelopedData message with KeyAgreeRecipientInfo. This vulnerability arises because the software attempts to process an optional field without verifying its existence, leading to a NULL pointer dereference. This can result in a Denial of Service (DoS) for applications that handle untrusted CMS data.", "issued": "2026-04-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-28389 https://bugzilla.redhat.com/show_bug.cgi?id=2451096 https://www.cve.org/CVERecord?id=CVE-2026-28389 https://nvd.nist.gov/vuln/detail/CVE-2026-28389 https://openssl-library.org/news/secadv/20260407.txt https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-28389.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Lt2Hg7sVYgz0GD7ldFmjjA==": { "id": "Lt2Hg7sVYgz0GD7ldFmjjA==", "updater": "rhel-vex", "name": "CVE-2026-32777", "description": "A flaw was found in libexpat. A remote attacker could exploit this vulnerability by providing specially crafted Document Type Definition (DTD) content. This could lead to an infinite loop during parsing, resulting in a Denial of Service (DoS) for the application using libexpat.", "issued": "2026-03-16T06:58:06Z", "links": "https://access.redhat.com/security/cve/CVE-2026-32777 https://bugzilla.redhat.com/show_bug.cgi?id=2447890 https://www.cve.org/CVERecord?id=CVE-2026-32777 https://nvd.nist.gov/vuln/detail/CVE-2026-32777 https://github.com/libexpat/libexpat/issues/1161 https://github.com/libexpat/libexpat/pull/1159 https://github.com/libexpat/libexpat/pull/1162 https://issues.oss-fuzz.com/issues/486993411 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-32777.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "MRnBR1NwPejsF0F/Po53Ew==": { "id": "MRnBR1NwPejsF0F/Po53Ew==", "updater": "rhel-vex", "name": "CVE-2019-8905", "description": "do_core_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printable, a different vulnerability than CVE-2018-10360.", "issued": "2019-02-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2019-8905 https://bugzilla.redhat.com/show_bug.cgi?id=1679181 https://www.cve.org/CVERecord?id=CVE-2019-8905 https://nvd.nist.gov/vuln/detail/CVE-2019-8905 https://security.access.redhat.com/data/csaf/v2/vex/2019/cve-2019-8905.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "file", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "MW3KGjkk7BWuR5JCc6cywg==": { "id": "MW3KGjkk7BWuR5JCc6cywg==", "updater": "rhel-vex", "name": "CVE-2024-52616", "description": "A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them sequentially after that. This predictable behavior facilitates DNS spoofing attacks, allowing attackers to guess transaction IDs.", "issued": "2024-11-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-52616 https://bugzilla.redhat.com/show_bug.cgi?id=2326429 https://www.cve.org/CVERecord?id=CVE-2024-52616 https://nvd.nist.gov/vuln/detail/CVE-2024-52616 https://github.com/avahi/avahi/pull/577 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-52616.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "avahi", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "O6eQrDqYe8zCvECWFMIzFQ==": { "id": "O6eQrDqYe8zCvECWFMIzFQ==", "updater": "rhel-vex", "name": "CVE-2019-8906", "description": "do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused.", "issued": "2019-01-03T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2019-8906 https://bugzilla.redhat.com/show_bug.cgi?id=1679175 https://www.cve.org/CVERecord?id=CVE-2019-8906 https://nvd.nist.gov/vuln/detail/CVE-2019-8906 https://security.access.redhat.com/data/csaf/v2/vex/2019/cve-2019-8906.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "file", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "O8fIVXqcGshIonMWsEH9gA==": { "id": "O8fIVXqcGshIonMWsEH9gA==", "updater": "rhel-vex", "name": "CVE-2025-5916", "description": "A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Archive (WARC) file that claims to have more than INT64_MAX - 4 content bytes. An attacker could craft a malicious WARC archive to induce this overflow, potentially leading to unpredictable program behavior, memory corruption, or a denial-of-service condition within applications that process such archives using libarchive. This bug affects libarchive versions prior to 3.8.0.", "issued": "2025-05-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5916 https://bugzilla.redhat.com/show_bug.cgi?id=2370872 https://www.cve.org/CVERecord?id=CVE-2025-5916 https://nvd.nist.gov/vuln/detail/CVE-2025-5916 https://github.com/libarchive/libarchive/pull/2568 https://github.com/libarchive/libarchive/releases/tag/v3.8.0 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5916.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "OFdQC3/0S5rItoyqpACTFw==": { "id": "OFdQC3/0S5rItoyqpACTFw==", "updater": "rhel-vex", "name": "CVE-2026-4224", "description": "A stack overflow flaw has been discovered in the python pyexpat module. When an Expat parser with a registered ElementDeclHandler parses an inline document type definition containing a deeply nested content model a C stack overflow occurs. This will result in a program crash.", "issued": "2026-03-16T17:52:26Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4224 https://bugzilla.redhat.com/show_bug.cgi?id=2448181 https://www.cve.org/CVERecord?id=CVE-2026-4224 https://nvd.nist.gov/vuln/detail/CVE-2026-4224 https://github.com/python/cpython/commit/196edfb06a7458377d4d0f4b3cd41724c1f3bd4a https://github.com/python/cpython/commit/e0a8a6da90597a924b300debe045cdb4628ee1f3 https://github.com/python/cpython/commit/eb0e8be3a7e11b87d198a2c3af1ed0eccf532768 https://github.com/python/cpython/issues/145986 https://github.com/python/cpython/pull/145987 https://mail.python.org/archives/list/security-announce@python.org/thread/5M7CGUW3XBRY7II4DK43KF7NQQ3TPZ6R/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4224.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "OLKvdPVgT9/lPcflJTxE3Q==": { "id": "OLKvdPVgT9/lPcflJTxE3Q==", "updater": "rhel-vex", "name": "CVE-2025-68160", "description": "A flaw was found in OpenSSL. This vulnerability involves an out-of-bounds write in the line-buffering BIO filter, which can lead to memory corruption. While exploitation is unlikely to be under direct attacker control, a successful attack could cause an application to crash, resulting in a Denial of Service (DoS).", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-68160 https://bugzilla.redhat.com/show_bug.cgi?id=2430380 https://www.cve.org/CVERecord?id=CVE-2025-68160 https://nvd.nist.gov/vuln/detail/CVE-2025-68160 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-68160.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "OPNDKUsVLJt2v1gO1zvkBA==": { "id": "OPNDKUsVLJt2v1gO1zvkBA==", "updater": "rhel-vex", "name": "CVE-2025-1632", "description": "A flaw was found in the bsdunzip utility of libarchive. In affected versions, a specially crafted file may trigger a null pointer dereference. This issue can lead to an application crash or other unexpected behavior. This bug does not compromise the integrity or availability of the base system.", "issued": "2025-02-24T13:31:08Z", "links": "https://access.redhat.com/security/cve/CVE-2025-1632 https://bugzilla.redhat.com/show_bug.cgi?id=2347309 https://www.cve.org/CVERecord?id=CVE-2025-1632 https://nvd.nist.gov/vuln/detail/CVE-2025-1632 https://github.com/Ekkosun/pocs/blob/main/bsdunzip-poc https://vuldb.com/?ctiid.296619 https://vuldb.com/?id.296619 https://vuldb.com/?submit.496460 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-1632.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "OTZM0RD60ajdSeEqWGkkTw==": { "id": "OTZM0RD60ajdSeEqWGkkTw==", "updater": "rhel-vex", "name": "CVE-2026-26740", "description": "A flaw was found in giflib. A remote attacker can exploit a buffer overflow vulnerability in the EGifGCBToExtension function by providing a specially crafted Graphics Control Extension (GCE) block. This allows overwriting an existing GCE block without proper size validation, leading to a denial of service (DoS) on the system.", "issued": "2026-03-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-26740 https://bugzilla.redhat.com/show_bug.cgi?id=2448747 https://www.cve.org/CVERecord?id=CVE-2026-26740 https://nvd.nist.gov/vuln/detail/CVE-2026-26740 https://github.com/zakkanijia/POC/blob/main/giflib/giftool/giflib_giftool_gce_len_heap_oobwrite_disclosure.md https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-26740.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "High", "package": { "id": "", "name": "java-17-openjdk", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "OgFGrvrnAoXXvapnatTrxQ==": { "id": "OgFGrvrnAoXXvapnatTrxQ==", "updater": "rhel-vex", "name": "CVE-2026-0965", "description": "A flaw was found in libssh where it can attempt to open arbitrary files during configuration parsing. A local attacker can exploit this by providing a malicious configuration file or when the system is misconfigured. This vulnerability could lead to a Denial of Service (DoS) by causing the system to try and access dangerous files, such as block devices or large system files, which can disrupt normal operations.", "issued": "2026-02-10T18:47:22Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0965 https://bugzilla.redhat.com/show_bug.cgi?id=2436980 https://www.cve.org/CVERecord?id=CVE-2026-0965 https://nvd.nist.gov/vuln/detail/CVE-2026-0965 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0965.json", "severity": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libssh", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Oi3Y6I7JDcoQrQyH+jMXWw==": { "id": "Oi3Y6I7JDcoQrQyH+jMXWw==", "updater": "rhel-vex", "name": "CVE-2025-14087", "description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "issued": "2025-12-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14087 https://bugzilla.redhat.com/show_bug.cgi?id=2419093 https://www.cve.org/CVERecord?id=CVE-2025-14087 https://nvd.nist.gov/vuln/detail/CVE-2025-14087 https://gitlab.gnome.org/GNOME/glib/-/issues/3834 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14087.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "OpUahpCA4oBceG962KxTMA==": { "id": "OpUahpCA4oBceG962KxTMA==", "updater": "rhel-vex", "name": "CVE-2026-22796", "description": "A flaw was found in OpenSSL. This type confusion vulnerability allows a remote attacker to cause a denial of service (DoS) by providing specially crafted PKCS#7 data to an application that performs signature verification. The vulnerability occurs because the application accesses an ASN1_TYPE union member without proper type validation, leading to an invalid or NULL pointer dereference and a crash.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-22796 https://bugzilla.redhat.com/show_bug.cgi?id=2430390 https://www.cve.org/CVERecord?id=CVE-2026-22796 https://nvd.nist.gov/vuln/detail/CVE-2026-22796 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-22796.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "PcNbuWOo0ahqjfbOQhXvvQ==": { "id": "PcNbuWOo0ahqjfbOQhXvvQ==", "updater": "rhel-vex", "name": "CVE-2024-41996", "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "issued": "2024-08-26T06:15:04Z", "links": "https://access.redhat.com/security/cve/CVE-2024-41996 https://bugzilla.redhat.com/show_bug.cgi?id=2307826 https://www.cve.org/CVERecord?id=CVE-2024-41996 https://nvd.nist.gov/vuln/detail/CVE-2024-41996 https://dheatattack.gitlab.io/details/ https://dheatattack.gitlab.io/faq/ https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1 https://github.com/openssl/openssl/issues/17374 https://openssl-library.org/post/2022-10-21-tls-groups-configuration/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-41996.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Pe4IHqZpuBtuSkrgd2HMEg==": { "id": "Pe4IHqZpuBtuSkrgd2HMEg==", "updater": "rhel-vex", "name": "CVE-2025-13034", "description": "A flaw was found in curl. When configured to use public key pinning with QUIC connections and GnuTLS, and with standard certificate verification explicitly disabled, curl could bypass the intended public key check. This oversight allows a malicious server to impersonate a legitimate one, potentially leading to unauthorized access or information disclosure due to a failure in verifying the server's identity.", "issued": "2026-01-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-13034 https://bugzilla.redhat.com/show_bug.cgi?id=2426406 https://www.cve.org/CVERecord?id=CVE-2025-13034 https://nvd.nist.gov/vuln/detail/CVE-2025-13034 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-13034.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Q5xJp4zJ1MCYcYbDi9qrdQ==": { "id": "Q5xJp4zJ1MCYcYbDi9qrdQ==", "updater": "rhel-vex", "name": "CVE-2026-25068", "description": "alsa-lib versions 1.2.2 up to and including 1.2.15.2, prior to commit 5f7fe33, contain a heap-based buffer overflow in the topology mixer control decoder. The tplg_decode_control_mixer1() function reads the num_channels field from untrusted .tplg data and uses it as a loop bound without validating it against the fixed-size channel array (SND_TPLG_MAX_CHAN). A crafted topology file with an excessive num_channels value can cause out-of-bounds heap writes, leading to a crash.", "issued": "2026-01-29T19:08:03Z", "links": "https://access.redhat.com/security/cve/CVE-2026-25068 https://bugzilla.redhat.com/show_bug.cgi?id=2435372 https://www.cve.org/CVERecord?id=CVE-2026-25068 https://nvd.nist.gov/vuln/detail/CVE-2026-25068 https://github.com/alsa-project/alsa-lib/commit/5f7fe33002d2d98d84f72e381ec2cccc0d5d3d40 https://www.vulncheck.com/advisories/alsa-lib-topology-decoder-heap-based-buffer-overflow https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-25068.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "alsa-lib", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "QSNBg/XspHcBwSxBTMU4rg==": { "id": "QSNBg/XspHcBwSxBTMU4rg==", "updater": "rhel-vex", "name": "CVE-2025-50181", "description": "A flaw was found in urllib3. The `PoolManager` class allows redirects to be disabled by configuring retries in a specific manner, effectively bypassing intended HTTP redirection behavior. A network attacker can leverage this configuration to manipulate request flows and disrupt service. This bypass occurs through improper handling of retry parameters during PoolManager instantiation. This issue can reult in a denial of service or unintended data exposure due to altered request destinations.", "issued": "2025-06-19T01:08:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-50181 https://bugzilla.redhat.com/show_bug.cgi?id=2373799 https://www.cve.org/CVERecord?id=CVE-2025-50181 https://nvd.nist.gov/vuln/detail/CVE-2025-50181 https://github.com/urllib3/urllib3/commit/f05b1329126d5be6de501f9d1e3e36738bc08857 https://github.com/urllib3/urllib3/security/advisories/GHSA-pq67-6m6q-mj2v https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-50181.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-pip", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "QUtTYJuHdkAOgtveagWUfA==": { "id": "QUtTYJuHdkAOgtveagWUfA==", "updater": "rhel-vex", "name": "CVE-2023-0466", "description": "A flaw was found in OpenSSL. The X509_VERIFY_PARAM_add0_policy() function is documented to enable the certificate policy check when doing certificate verification implicitly. However, implementing the function does not enable the check, allowing certificates with invalid or incorrect policies to pass the certificate verification. Suddenly enabling the policy check could break existing deployments, so it was decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() function. The applications that require OpenSSL to perform certificate policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly enable the policy check by calling X509_VERIFY_PARAM_set_flags() with the X509_V_FLAG_POLICY_CHECK flag argument. Certificate policy checks are disabled by default in OpenSSL and are not commonly used by applications.", "issued": "2023-03-28T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-0466 https://bugzilla.redhat.com/show_bug.cgi?id=2182565 https://www.cve.org/CVERecord?id=CVE-2023-0466 https://nvd.nist.gov/vuln/detail/CVE-2023-0466 https://www.openssl.org/news/secadv/20230328.txt https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-0466.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "QcOTYeOedG0AUhPSakMpIA==": { "id": "QcOTYeOedG0AUhPSakMpIA==", "updater": "rhel-vex", "name": "CVE-2024-4741", "description": "A use-after-free vulnerability was found in OpenSSL. Calling the OpenSSL API SSL_free_buffers function may cause memory to be accessed that was previously freed in some situations.", "issued": "2024-05-28T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-4741 https://bugzilla.redhat.com/show_bug.cgi?id=2283757 https://www.cve.org/CVERecord?id=CVE-2024-4741 https://nvd.nist.gov/vuln/detail/CVE-2024-4741 https://www.openssl.org/news/secadv/20240528.txt https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-4741.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "RVCidRUm4D1IKoPhoUi2AA==": { "id": "RVCidRUm4D1IKoPhoUi2AA==", "updater": "rhel-vex", "name": "CVE-2019-9674", "description": "A ZIP bomb attack was found in the Python zipfile module. A remote attacker could abuse this flaw by providing a specially crafted ZIP file that, when decompressed by zipfile, would exhaust system resources resulting in a denial of service.", "issued": "2019-03-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2019-9674 https://bugzilla.redhat.com/show_bug.cgi?id=1800749 https://www.cve.org/CVERecord?id=CVE-2019-9674 https://nvd.nist.gov/vuln/detail/CVE-2019-9674 https://security.access.redhat.com/data/csaf/v2/vex/2019/cve-2019-9674.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "RXjd5U95osIGXnqCa34Jkg==": { "id": "RXjd5U95osIGXnqCa34Jkg==", "updater": "rhel-vex", "name": "CVE-2026-0989", "description": "A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested \u003cinclude\u003e directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This may lead to stack exhaustion and application crashes, creating a denial-of-service risk.", "issued": "2026-01-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0989 https://bugzilla.redhat.com/show_bug.cgi?id=2429933 https://www.cve.org/CVERecord?id=CVE-2026-0989 https://nvd.nist.gov/vuln/detail/CVE-2026-0989 https://gitlab.gnome.org/GNOME/libxml2/-/issues/998 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0989.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "RYqFgDYIttLgJc8B82sK/w==": { "id": "RYqFgDYIttLgJc8B82sK/w==", "updater": "rhel-vex", "name": "CVE-2025-66382", "description": "A flaw was found in libexpat. This vulnerability allows a denial of service (DoS) by processing a crafted file with an approximate size of 2 MiB, leading to dozens of seconds of processing time.", "issued": "2025-11-28T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-66382 https://bugzilla.redhat.com/show_bug.cgi?id=2417661 https://www.cve.org/CVERecord?id=CVE-2025-66382 https://nvd.nist.gov/vuln/detail/CVE-2025-66382 https://github.com/libexpat/libexpat/issues/1076 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-66382.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "RdjNn4dAdZKcn6VS95a/SQ==": { "id": "RdjNn4dAdZKcn6VS95a/SQ==", "updater": "rhel-vex", "name": "CVE-2026-39314", "description": "A flaw was found in CUPS, an open-source printing system. An unprivileged local user can exploit an integer underflow vulnerability by providing a negative job-password-supported Internet Printing Protocol (IPP) attribute. This manipulation causes the cupsd root process to crash, which can be repeatedly triggered to achieve a sustained Denial of Service (DoS) on the system.", "issued": "2026-04-07T16:59:23Z", "links": "https://access.redhat.com/security/cve/CVE-2026-39314 https://bugzilla.redhat.com/show_bug.cgi?id=2456107 https://www.cve.org/CVERecord?id=CVE-2026-39314 https://nvd.nist.gov/vuln/detail/CVE-2026-39314 https://github.com/OpenPrinting/cups/security/advisories/GHSA-pp8w-2g52-7vj7 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-39314.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "cups", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Rfm1tD+QxSP/TVjKFDNabg==": { "id": "Rfm1tD+QxSP/TVjKFDNabg==", "updater": "rhel-vex", "name": "CVE-2026-0967", "description": "A flaw was found in libssh. A remote attacker, by controlling client configuration files or known_hosts files, could craft specific hostnames that when processed by the `match_pattern()` function can lead to inefficient regular expression backtracking. This can cause timeouts and resource exhaustion, resulting in a Denial of Service (DoS) for the client.", "issued": "2026-02-10T18:47:09Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0967 https://bugzilla.redhat.com/show_bug.cgi?id=2436981 https://www.cve.org/CVERecord?id=CVE-2026-0967 https://nvd.nist.gov/vuln/detail/CVE-2026-0967 https://www.libssh.org/2026/02/10/libssh-0-12-0-and-0-11-4-security-releases/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0967.json", "severity": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libssh", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Rw8DyDlyRHRJOeZaAbGMRA==": { "id": "Rw8DyDlyRHRJOeZaAbGMRA==", "updater": "rhel-vex", "name": "CVE-2025-59529", "description": "A flaw was found in avahi. The simple protocol server ignores the documented client limit and accepts unlimited connections, allowing for easy local Denial of Service.", "issued": "2025-12-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-59529 https://bugzilla.redhat.com/show_bug.cgi?id=2405338 https://www.cve.org/CVERecord?id=CVE-2025-59529 https://nvd.nist.gov/vuln/detail/CVE-2025-59529 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-59529.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "avahi", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "S7qx7a03HASsJhyQafvXjg==": { "id": "S7qx7a03HASsJhyQafvXjg==", "updater": "rhel-vex", "name": "CVE-2018-19211", "description": "In ncurses 6.1, there is a NULL pointer dereference at function _nc_parse_entry in parse_entry.c that will lead to a denial of service attack. The product proceeds to the dereference code path even after a \"dubious character `*' in name or alias field\" detection.", "issued": "2018-10-28T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2018-19211 https://bugzilla.redhat.com/show_bug.cgi?id=1652600 https://www.cve.org/CVERecord?id=CVE-2018-19211 https://nvd.nist.gov/vuln/detail/CVE-2018-19211 https://security.access.redhat.com/data/csaf/v2/vex/2018/cve-2018-19211.json", "severity": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "SHxE0qXbBmDEp/LL1ieJeA==": { "id": "SHxE0qXbBmDEp/LL1ieJeA==", "updater": "rhel-vex", "name": "CVE-2020-19189", "description": "A flaw has been identified in the ncurses library. This issue occurs when processing a crafted terminfo database, causing a heap-based buffer overflow, resulting in an application crash.", "issued": "2019-05-03T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-19189 https://bugzilla.redhat.com/show_bug.cgi?id=2234926 https://www.cve.org/CVERecord?id=CVE-2020-19189 https://nvd.nist.gov/vuln/detail/CVE-2020-19189 https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-19189.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "SixpK4TZp5ARiPVlZlGpew==": { "id": "SixpK4TZp5ARiPVlZlGpew==", "updater": "rhel-vex", "name": "CVE-2026-4878", "description": "A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use (TOCTOU) race condition in the `cap_set_file()` function. This allows an attacker with write access to a parent directory to redirect file capability updates to an attacker-controlled file. By doing so, capabilities can be injected into or stripped from unintended executables, leading to privilege escalation.", "issued": "2026-04-06T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4878 https://bugzilla.redhat.com/show_bug.cgi?id=2451615 https://www.cve.org/CVERecord?id=CVE-2026-4878 https://nvd.nist.gov/vuln/detail/CVE-2026-4878 https://bugzilla.redhat.com/show_bug.cgi?id=2447554 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4878.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "libcap", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "TLOrmSYL76Du+GI4WD9gMQ==": { "id": "TLOrmSYL76Du+GI4WD9gMQ==", "updater": "rhel-vex", "name": "CVE-2024-34459", "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", "issued": "2024-05-08T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-34459 https://bugzilla.redhat.com/show_bug.cgi?id=2280532 https://www.cve.org/CVERecord?id=CVE-2024-34459 https://nvd.nist.gov/vuln/detail/CVE-2024-34459 https://gitlab.gnome.org/GNOME/libxml2/-/issues/720 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-34459.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Te9j1HGn7feNCE/Fduu0+A==": { "id": "Te9j1HGn7feNCE/Fduu0+A==", "updater": "rhel-vex", "name": "CVE-2025-64505", "description": "A heap buffer over-read vulnerability exists in libpng's png_do_quantize function when processing PNG files with malformed palette indices. The vulnerability occurs when palette_lookup array bounds are not validated against externally-supplied image data, allowing an attacker to craft a PNG file with out-of-range palette indices that trigger out-of-bounds memory access.", "issued": "2025-11-24T23:38:40Z", "links": "https://access.redhat.com/security/cve/CVE-2025-64505 https://bugzilla.redhat.com/show_bug.cgi?id=2416905 https://www.cve.org/CVERecord?id=CVE-2025-64505 https://nvd.nist.gov/vuln/detail/CVE-2025-64505 https://github.com/pnggroup/libpng/commit/6a528eb5fd0dd7f6de1c39d30de0e41473431c37 https://github.com/pnggroup/libpng/pull/748 https://github.com/pnggroup/libpng/security/advisories/GHSA-4952-h5wq-4m42 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-64505.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "TuBnhFrkwMqIcYtYYgNGNQ==": { "id": "TuBnhFrkwMqIcYtYYgNGNQ==", "updater": "rhel-vex", "name": "CVE-2026-3784", "description": "A flaw was found in curl. This vulnerability allows curl to wrongly reuse an existing HTTP proxy connection when performing a CONNECT request to a server, even if the new request uses different authentication credentials for the HTTP proxy. This improper connection reuse could lead to an attacker gaining unauthorized access to resources or information intended for a different user.", "issued": "2026-03-11T10:09:21Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3784 https://bugzilla.redhat.com/show_bug.cgi?id=2446449 https://www.cve.org/CVERecord?id=CVE-2026-3784 https://nvd.nist.gov/vuln/detail/CVE-2026-3784 http://www.openwall.com/lists/oss-security/2026/03/11/3 https://curl.se/docs/CVE-2026-3784.html https://curl.se/docs/CVE-2026-3784.json https://hackerone.com/reports/3584903 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3784.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "UMD4nV1Ky5C5eKUMgtnKzw==": { "id": "UMD4nV1Ky5C5eKUMgtnKzw==", "updater": "rhel-vex", "name": "CVE-2021-20193", "description": "A flaw was found in the src/list.c of tar. This flaw allows an attacker who can submit a crafted input file to tar to cause uncontrolled consumption of memory. The highest threat from this vulnerability is to system availability.", "issued": "2021-01-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-20193 https://bugzilla.redhat.com/show_bug.cgi?id=1917565 https://www.cve.org/CVERecord?id=CVE-2021-20193 https://nvd.nist.gov/vuln/detail/CVE-2021-20193 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-20193.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "tar", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "UPzTyNn8ZLXlb+bwRFPPTA==": { "id": "UPzTyNn8ZLXlb+bwRFPPTA==", "updater": "rhel-vex", "name": "CVE-2023-2650", "description": "A flaw was found in OpenSSL resulting in a possible denial of service while translating ASN.1 object identifiers. Applications that use OBJ_obj2txt() directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience long delays when processing messages, which may lead to a denial of service.", "issued": "2023-05-30T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-2650 https://bugzilla.redhat.com/show_bug.cgi?id=2207947 https://www.cve.org/CVERecord?id=CVE-2023-2650 https://nvd.nist.gov/vuln/detail/CVE-2023-2650 https://www.openssl.org/news/secadv/20230530.txt https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-2650.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "UbmdE2pHXRFccv8l1e02Jw==": { "id": "UbmdE2pHXRFccv8l1e02Jw==", "updater": "rhel-vex", "name": "CVE-2023-4156", "description": "A heap out-of-bounds read flaw was found in builtin.c in the gawk package. This issue may lead to a crash and could be used to read sensitive information.", "issued": "2023-06-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4156 https://bugzilla.redhat.com/show_bug.cgi?id=2215930 https://www.cve.org/CVERecord?id=CVE-2023-4156 https://nvd.nist.gov/vuln/detail/CVE-2023-4156 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4156.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "gawk", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "UgHucRu0hN47CoyxGAMXTQ==": { "id": "UgHucRu0hN47CoyxGAMXTQ==", "updater": "rhel-vex", "name": "CVE-2026-28386", "description": "A flaw was found in openssl. Applications using AES-CFB128 encryption or decryption on systems with AVX-512 and VAES support may experience a Denial of Service (DoS). This occurs when processing partial cipher blocks, specifically if the input buffer ends at a memory page boundary and the subsequent page is unmapped. This can lead to an out-of-bounds read of up to 15 bytes and a potential application crash.", "issued": "2026-04-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-28386 https://bugzilla.redhat.com/show_bug.cgi?id=2451099 https://www.cve.org/CVERecord?id=CVE-2026-28386 https://nvd.nist.gov/vuln/detail/CVE-2026-28386 https://openssl-library.org/news/secadv/20260407.txt https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-28386.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "UoEFDYM+Gqf2mdRJh5HUFw==": { "id": "UoEFDYM+Gqf2mdRJh5HUFw==", "updater": "rhel-vex", "name": "CVE-2025-45582", "description": "A relative path traversal flaw was found in the gnu tar utility. When archives with relative paths are extracted without the ‘--keep-old-files’ (‘-k’), the extraction process may overwrite existing files that the current user has access to. The server may be impacted if these files are critical to the operation of some service.", "issued": "2025-07-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-45582 https://bugzilla.redhat.com/show_bug.cgi?id=2379592 https://www.cve.org/CVERecord?id=CVE-2025-45582 https://nvd.nist.gov/vuln/detail/CVE-2025-45582 https://github.com/i900008/vulndb/blob/main/Gnu_tar_vuln.md https://www.gnu.org/software/tar/ https://www.gnu.org/software/tar/manual/html_node/Integrity.html#Integrity https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-45582.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "tar", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "UyCjBcpeB0nhkRTVhUcAJQ==": { "id": "UyCjBcpeB0nhkRTVhUcAJQ==", "updater": "rhel-vex", "name": "CVE-2026-39316", "description": "A flaw was found in CUPS, an open-source printing system. This vulnerability, known as a use-after-free, occurs in the CUPS scheduler when temporary printers are automatically removed. The system fails to properly manage memory, leaving a pointer to a freed memory location. An attacker could exploit this to cause the CUPS daemon to crash, leading to a denial of service. In more severe scenarios, this could potentially allow an attacker to execute arbitrary code.", "issued": "2026-04-07T17:00:26Z", "links": "https://access.redhat.com/security/cve/CVE-2026-39316 https://bugzilla.redhat.com/show_bug.cgi?id=2456120 https://www.cve.org/CVERecord?id=CVE-2026-39316 https://nvd.nist.gov/vuln/detail/CVE-2026-39316 https://github.com/OpenPrinting/cups/security/advisories/GHSA-pjv5-prqp-46rg https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-39316.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "cups", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "VLzwKVDYC7fQrtcpCzjXjA==": { "id": "VLzwKVDYC7fQrtcpCzjXjA==", "updater": "rhel-vex", "name": "CVE-2025-69418", "description": "A flaw was found in OpenSSL. When applications directly call the low-level CRYPTO_ocb128_encrypt() or CRYPTO_ocb128_decrypt() functions with non-block-aligned lengths in a single call on hardware-accelerated builds, the trailing 1-15 bytes of a message may be exposed in cleartext. These exposed bytes are not covered by the authentication tag, allowing an attacker to read or tamper with them without detection.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-69418 https://bugzilla.redhat.com/show_bug.cgi?id=2430381 https://www.cve.org/CVERecord?id=CVE-2025-69418 https://nvd.nist.gov/vuln/detail/CVE-2025-69418 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69418.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "VPoF+qCqaQ4y2sVl2255/g==": { "id": "VPoF+qCqaQ4y2sVl2255/g==", "updater": "rhel-vex", "name": "CVE-2026-33416", "description": "A flaw was found in libpng, a library used for processing PNG (Portable Network Graphics) image files. This vulnerability arises from improper memory management where a heap-allocated buffer is aliased between internal data structures. When specific functions are called, a freed memory region can still be referenced, leading to a use-after-free condition. An attacker could potentially exploit this to achieve arbitrary code execution or cause a denial of service.", "issued": "2026-03-26T16:48:54Z", "links": "https://access.redhat.com/security/cve/CVE-2026-33416 https://bugzilla.redhat.com/show_bug.cgi?id=2451805 https://www.cve.org/CVERecord?id=CVE-2026-33416 https://nvd.nist.gov/vuln/detail/CVE-2026-33416 https://github.com/pnggroup/libpng/commit/23019269764e35ed8458e517f1897bd3c54820eb https://github.com/pnggroup/libpng/commit/7ea9eea884a2328cc7fdcb3c0c00246a50d90667 https://github.com/pnggroup/libpng/commit/a3a21443ed12bfa1ef46fa0d4fb2b74a0fa34a25 https://github.com/pnggroup/libpng/commit/c1b0318b393c90679e6fa5bc1d329fd5d5012ec1 https://github.com/pnggroup/libpng/pull/824 https://github.com/pnggroup/libpng/security/advisories/GHSA-m4pc-p4q3-4c7j https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33416.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "VsocCwaFpF6PzdX5PxR+sQ==": { "id": "VsocCwaFpF6PzdX5PxR+sQ==", "updater": "rhel-vex", "name": "CVE-2020-19185", "description": "A flaw has been identified in the ncurses library. This issue occurs when processing a crafted terminfo database, causing a heap-based buffer overflow, resulting in an application crash, causing denial of service.", "issued": "2019-05-03T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-19185 https://bugzilla.redhat.com/show_bug.cgi?id=2234924 https://www.cve.org/CVERecord?id=CVE-2020-19185 https://nvd.nist.gov/vuln/detail/CVE-2020-19185 https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-19185.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "W/DMqBRMDYVkVH3D67luGg==": { "id": "W/DMqBRMDYVkVH3D67luGg==", "updater": "rhel-vex", "name": "CVE-2025-64118", "description": "A flaw was found in node-tar, a Tar utility for Node.js. This vulnerability allows a local attacker to potentially disclose sensitive information. When the .t (or .list) function is used with { sync: true } to read tar entry contents, and the tar file is concurrently modified on disk to a smaller size, the function may return uninitialized memory contents. This could lead to the exposure of arbitrary data.", "issued": "2025-10-30T17:50:20Z", "links": "https://access.redhat.com/security/cve/CVE-2025-64118 https://bugzilla.redhat.com/show_bug.cgi?id=2407440 https://www.cve.org/CVERecord?id=CVE-2025-64118 https://nvd.nist.gov/vuln/detail/CVE-2025-64118 https://github.com/isaacs/node-tar/commit/5330eb04bc43014f216e5c271b40d5c00d45224d https://github.com/isaacs/node-tar/issues/445 https://github.com/isaacs/node-tar/pull/446 https://github.com/isaacs/node-tar/security/advisories/GHSA-29xp-372q-xqph https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-64118.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "tar", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "W/d4trZ7jb2yxjrq4cNOWA==": { "id": "W/d4trZ7jb2yxjrq4cNOWA==", "updater": "rhel-vex", "name": "CVE-2022-3219", "description": "A vulnerability was found in GnuPG. GnuPG can spin on a relatively small input by crafting a public key with thousands of signatures attached and compressed down to a few kilobytes. This issue can potentially cause a denial of service.", "issued": "2022-09-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-3219 https://bugzilla.redhat.com/show_bug.cgi?id=2127010 https://www.cve.org/CVERecord?id=CVE-2022-3219 https://nvd.nist.gov/vuln/detail/CVE-2022-3219 https://dev.gnupg.org/D556 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-3219.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "WGvgNwrW2u5APZcidQ6v1Q==": { "id": "WGvgNwrW2u5APZcidQ6v1Q==", "updater": "rhel-vex", "name": "CVE-2026-27456", "description": "A flaw was found in util-linux. When an /etc/fstab entry is configured with the user,loop options, the `mount` program checks the file path with user permissions but later opens it with root privileges. This creates a brief Time-of-Check-Time-of-Use (TOCTOU) window where an attacker can substitute the intended file with a malicious symbolic link. This allows a local unprivileged user to mount any root-owned file or block device that contains a valid filesystem, gaining full read access to its contents.", "issued": "2026-04-03T21:23:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-27456 https://bugzilla.redhat.com/show_bug.cgi?id=2454956 https://www.cve.org/CVERecord?id=CVE-2026-27456 https://nvd.nist.gov/vuln/detail/CVE-2026-27456 https://github.com/util-linux/util-linux/commit/5e390467b26a3cf3fecc04e1a0d482dff3162fc4 https://github.com/util-linux/util-linux/releases/tag/v2.41.4 https://github.com/util-linux/util-linux/security/advisories/GHSA-qq4x-vfq4-9h9g https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-27456.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "util-linux", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "WcChSpNAL6V9Xfxc9AqW7g==": { "id": "WcChSpNAL6V9Xfxc9AqW7g==", "updater": "rhel-vex", "name": "CVE-2025-15469", "description": "A flaw was found in openssl. When a user signs or verifies files larger than 16MB using the `openssl dgst` command with one-shot algorithms, the tool silently truncates the input to 16MB. This creates an integrity gap, allowing trailing data beyond the initial 16MB to be modified without detection because it remains unauthenticated. This vulnerability primarily impacts workflows that both sign and verify files using the affected `openssl dgst` command.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15469 https://bugzilla.redhat.com/show_bug.cgi?id=2430378 https://www.cve.org/CVERecord?id=CVE-2025-15469 https://nvd.nist.gov/vuln/detail/CVE-2025-15469 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15469.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "X37PWFfcTFBuBxL2613UQg==": { "id": "X37PWFfcTFBuBxL2613UQg==", "updater": "rhel-vex", "name": "CVE-2026-4786", "description": "A flaw was found in the Python webbrowser.open() API. If a specially crafted URL containing \"%action\" is processed, an attacker could bypass a previous mitigation for CVE-2026-4519. This bypass allows for command injection into the underlying shell, potentially leading to arbitrary code execution.", "issued": "2026-04-13T21:52:19Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4786 https://bugzilla.redhat.com/show_bug.cgi?id=2458049 https://www.cve.org/CVERecord?id=CVE-2026-4786 https://nvd.nist.gov/vuln/detail/CVE-2026-4786 https://github.com/python/cpython/issues/148169 https://github.com/python/cpython/pull/148170 https://mail.python.org/archives/list/security-announce@python.org/thread/JQDUNJVB4AQNTJECSUKOBDU3XCJIPSE5/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4786.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L", "normalized_severity": "High", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "XBiy/XVR6SoThCkYUmkD1g==": { "id": "XBiy/XVR6SoThCkYUmkD1g==", "updater": "rhel-vex", "name": "CVE-2026-33056", "description": "A flaw was found in tar-rs, a Rust library for reading and writing tar archives. When unpacking a crafted tar archive, an attacker can exploit a symbolic link vulnerability. By including a symlink followed by a directory with the same name, the library incorrectly applies file permissions to the symlink's target. This allows an attacker to modify the permissions of arbitrary directories outside the intended extraction location.", "issued": "2026-03-20T07:11:10Z", "links": "https://access.redhat.com/security/cve/CVE-2026-33056 https://bugzilla.redhat.com/show_bug.cgi?id=2449490 https://www.cve.org/CVERecord?id=CVE-2026-33056 https://nvd.nist.gov/vuln/detail/CVE-2026-33056 https://github.com/alexcrichton/tar-rs/commit/17b1fd84e632071cb8eef9d3709bf347bd266446 https://github.com/alexcrichton/tar-rs/security/advisories/GHSA-j4xf-2g29-59ph https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33056.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "tar", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "XXiaw1EwhFkuilI94EKiqQ==": { "id": "XXiaw1EwhFkuilI94EKiqQ==", "updater": "rhel-vex", "name": "CVE-2026-5713", "description": "A flaw was found in Python. A malicious Python process could exploit the \"profiling.sampling\" module and \"asyncio introspection capabilities\" to read and write memory addresses within a privileged process. This vulnerability occurs when the privileged process connects to the malicious process via its remote debugging feature, potentially leading to information disclosure and arbitrary code execution. Successful exploitation requires repeated connections, which may cause instability in the connecting process.", "issued": "2026-04-14T15:11:51Z", "links": "https://access.redhat.com/security/cve/CVE-2026-5713 https://bugzilla.redhat.com/show_bug.cgi?id=2458239 https://www.cve.org/CVERecord?id=CVE-2026-5713 https://nvd.nist.gov/vuln/detail/CVE-2026-5713 https://github.com/python/cpython/issues/148178 https://github.com/python/cpython/pull/148187 https://mail.python.org/archives/list/security-announce@python.org/thread/OG4RHARYSNIE22GGOMVMCRH76L5HKPLM/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5713.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "XbpXfbeApuDuIKvY0/qWiA==": { "id": "XbpXfbeApuDuIKvY0/qWiA==", "updater": "rhel-vex", "name": "CVE-2026-3731", "description": "A flaw was found in libssh. A remote attacker could trigger an out-of-bounds read vulnerability in the SFTP Extension Name Handler by manipulating the `idx` argument in the `sftp_extensions_get_name` or `sftp_extensions_get_data` functions. This could lead to a Denial of Service (DoS), making the affected system unresponsive.", "issued": "2026-03-08T10:32:19Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3731 https://bugzilla.redhat.com/show_bug.cgi?id=2445579 https://www.cve.org/CVERecord?id=CVE-2026-3731 https://nvd.nist.gov/vuln/detail/CVE-2026-3731 https://gitlab.com/libssh/libssh-mirror/-/commit/855a0853ad3abd4a6cd85ce06fce6d8d4c7a0b60 https://vuldb.com/?ctiid.349709 https://vuldb.com/?id.349709 https://vuldb.com/?submit.767120 https://www.libssh.org/files/0.12/libssh-0.12.0.tar.xz https://www.libssh.org/security/advisories/libssh-2026-sftp-extensions.txt https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3731.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "libssh", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "XygysGe2kdlyCRQHM1fu3w==": { "id": "XygysGe2kdlyCRQHM1fu3w==", "updater": "rhel-vex", "name": "CVE-2025-5917", "description": "A vulnerability has been identified in the libarchive library. This flaw involves an 'off-by-one' miscalculation when handling prefixes and suffixes for file names. This can lead to a 1-byte write overflow. While seemingly small, such an overflow can corrupt adjacent memory, leading to unpredictable program behavior, crashes, or in specific circumstances, could be leveraged as a building block for more sophisticated exploitation. This bug affects libarchive versions prior to 3.8.0.", "issued": "2025-05-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5917 https://bugzilla.redhat.com/show_bug.cgi?id=2370874 https://www.cve.org/CVERecord?id=CVE-2025-5917 https://nvd.nist.gov/vuln/detail/CVE-2025-5917 https://github.com/libarchive/libarchive/pull/2588 https://github.com/libarchive/libarchive/releases/tag/v3.8.0 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5917.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "YiJlkUTKf0/7+ORZMmQ2cw==": { "id": "YiJlkUTKf0/7+ORZMmQ2cw==", "updater": "rhel-vex", "name": "CVE-2025-25724", "description": "A flaw was found in the libarchive package. Affected versions of libarchive do not check a strftime return value, which can lead to a denial of service or unspecified other impacts via a crafted TAR archive that is read with a verbose value of 2. For example, the 100-byte buffer may not be sufficient for a custom locale.", "issued": "2025-03-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-25724 https://bugzilla.redhat.com/show_bug.cgi?id=2349221 https://www.cve.org/CVERecord?id=CVE-2025-25724 https://nvd.nist.gov/vuln/detail/CVE-2025-25724 https://gist.github.com/Ekkosun/a83870ce7f3b7813b9b462a395e8ad92 https://github.com/Ekkosun/pocs/blob/main/bsdtarbug https://github.com/libarchive/libarchive/blob/b439d586f53911c84be5e380445a8a259e19114c/tar/util.c#L751-L752 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-25724.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "YoCxZvEp16Bt9LDv+Ficeg==": { "id": "YoCxZvEp16Bt9LDv+Ficeg==", "updater": "rhel-vex", "name": "CVE-2025-64506", "description": "A buffer over read flaw has been discovered in libpng. A heap buffer over-read vulnerability exists in libpng's png_write_image_8bit function when processing 8-bit images through the simplified write API with convert_to_8bit enabled. The vulnerability affects 8-bit grayscale+alpha, RGB/RGBA, and images with incomplete row data. A conditional guard incorrectly allows 8-bit input to enter code expecting 16-bit input, causing reads up to 2 bytes beyond allocated buffer boundaries.", "issued": "2025-11-24T23:41:09Z", "links": "https://access.redhat.com/security/cve/CVE-2025-64506 https://bugzilla.redhat.com/show_bug.cgi?id=2416906 https://www.cve.org/CVERecord?id=CVE-2025-64506 https://nvd.nist.gov/vuln/detail/CVE-2025-64506 https://github.com/pnggroup/libpng/commit/2bd84c019c300b78e811743fbcddb67c9d9bf821 https://github.com/pnggroup/libpng/pull/749 https://github.com/pnggroup/libpng/security/advisories/GHSA-qpr4-xm66-hww6 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-64506.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ZTGiJlkqcqrCLJSY/Sq8lA==": { "id": "ZTGiJlkqcqrCLJSY/Sq8lA==", "updater": "rhel-vex", "name": "CVE-2020-19186", "description": "A flaw has been identified in the ncurses library. This issue occurs when processing a crafted terminfo database, causing a buffer over-read, resulting in an application crash.", "issued": "2019-05-03T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-19186 https://bugzilla.redhat.com/show_bug.cgi?id=2234908 https://www.cve.org/CVERecord?id=CVE-2020-19186 https://nvd.nist.gov/vuln/detail/CVE-2020-19186 https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-19186.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ZkEez7f24VNVhTaTCDhuEg==": { "id": "ZkEez7f24VNVhTaTCDhuEg==", "updater": "rhel-vex", "name": "CVE-2025-15468", "description": "A flaw was found in openssl. A remote attacker could trigger a NULL pointer dereference by sending an unknown or unsupported cipher ID during the client hello callback in applications using the QUIC (Quick UDP Internet Connections) protocol. This vulnerability, occurring when the SSL_CIPHER_find() function is called in this specific context, leads to an abnormal termination of the running process, causing a Denial of Service (DoS).", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15468 https://bugzilla.redhat.com/show_bug.cgi?id=2430377 https://www.cve.org/CVERecord?id=CVE-2025-15468 https://nvd.nist.gov/vuln/detail/CVE-2025-15468 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15468.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ZlxfTVb/4bi6yWQ+JLaOnw==": { "id": "ZlxfTVb/4bi6yWQ+JLaOnw==", "updater": "rhel-vex", "name": "CVE-2026-2297", "description": "A flaw was found in CPython. This vulnerability allows a local user with low privileges to bypass security auditing mechanisms. The issue occurs because the SourcelessFileLoader component, responsible for handling older Python compiled files (.pyc), does not properly trigger system audit events. This oversight could enable malicious activities to go undetected, compromising the integrity of the system.", "issued": "2026-03-04T22:10:43Z", "links": "https://access.redhat.com/security/cve/CVE-2026-2297 https://bugzilla.redhat.com/show_bug.cgi?id=2444691 https://www.cve.org/CVERecord?id=CVE-2026-2297 https://nvd.nist.gov/vuln/detail/CVE-2026-2297 https://github.com/python/cpython/commit/482d6f8bdba9da3725d272e8bb4a2d25fb6a603e https://github.com/python/cpython/commit/a51b1b512de1d56b3714b65628a2eae2b07e535e https://github.com/python/cpython/commit/e58e9802b9bec5cdbf48fc9bf1da5f4fda482e86 https://github.com/python/cpython/issues/145506 https://github.com/python/cpython/pull/145507 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-2297.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Znm2hdK/FULQhTTGTVX59Q==": { "id": "Znm2hdK/FULQhTTGTVX59Q==", "updater": "rhel-vex", "name": "CVE-2026-3783", "description": "A flaw was found in curl. When an OAuth2 bearer token is used for an HTTP(S) transfer that redirects to a second URL, curl could unintentionally leak the token. This occurs if the second hostname has entries in the `.netrc` file, allowing the bearer token intended for the first host to be sent to the redirected host. This information disclosure could allow an attacker to gain unauthorized access.", "issued": "2026-03-11T10:09:08Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3783 https://bugzilla.redhat.com/show_bug.cgi?id=2446450 https://www.cve.org/CVERecord?id=CVE-2026-3783 https://nvd.nist.gov/vuln/detail/CVE-2026-3783 http://www.openwall.com/lists/oss-security/2026/03/11/2 https://curl.se/docs/CVE-2026-3783.html https://curl.se/docs/CVE-2026-3783.json https://hackerone.com/reports/3583983 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3783.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Zp9+pixFuNBueE2yO610gQ==": { "id": "Zp9+pixFuNBueE2yO610gQ==", "updater": "rhel-vex", "name": "CVE-2024-56433", "description": "A flaw was found in shadow-utils. Affected versions of shadow-utils establish a default /etc/subuid behavior, for example, uid 100000 through 165535 for the first user account, that can conflict with the uids of users defined on locally administered networks. This issue potentially leads to account takeover by leveraging newuidmap for access to an NFS home directory or same-host resources for remote logins by these local network users.", "issued": "2024-12-26T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-56433 https://bugzilla.redhat.com/show_bug.cgi?id=2334165 https://www.cve.org/CVERecord?id=CVE-2024-56433 https://nvd.nist.gov/vuln/detail/CVE-2024-56433 https://github.com/shadow-maint/shadow/blob/e2512d5741d4a44bdd81a8c2d0029b6222728cf0/etc/login.defs#L238-L241 https://github.com/shadow-maint/shadow/issues/1157 https://github.com/shadow-maint/shadow/releases/tag/4.4 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-56433.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "shadow-utils", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ZvX4VR3jvMBd1Wq+RxNTgg==": { "id": "ZvX4VR3jvMBd1Wq+RxNTgg==", "updater": "rhel-vex", "name": "CVE-2020-35512", "description": "A use-after-free flaw was found in D-Bus when a system has multiple usernames sharing the same UID. When a set of policy rules references these usernames, D-Bus may free some memory in the heap, which is still used by data structures necessary for the other usernames sharing the UID, possibly leading to a crash or other undefined behaviors.", "issued": "2020-06-30T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-35512 https://bugzilla.redhat.com/show_bug.cgi?id=1909101 https://www.cve.org/CVERecord?id=CVE-2020-35512 https://nvd.nist.gov/vuln/detail/CVE-2020-35512 https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-35512.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "dbus", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "a067YUjLHWzR99JNl/RtGQ==": { "id": "a067YUjLHWzR99JNl/RtGQ==", "updater": "rhel-vex", "name": "CVE-2025-4598", "description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process.\n\nA SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "issued": "2025-05-29T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-4598 https://bugzilla.redhat.com/show_bug.cgi?id=2369242 https://www.cve.org/CVERecord?id=CVE-2025-4598 https://nvd.nist.gov/vuln/detail/CVE-2025-4598 https://www.openwall.com/lists/oss-security/2025/05/29/3 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-4598.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "avzu5SRbIjcduH4QdmZ1gg==": { "id": "avzu5SRbIjcduH4QdmZ1gg==", "updater": "rhel-vex", "name": "CVE-2026-0966", "description": "The API function `ssh_get_hexa()` is vulnerable, when 0-lenght\ninput is provided to this function. This function is used internally\nin `ssh_get_fingerprint_hash()` and `ssh_print_hexa()` (deprecated),\nwhich is vulnerable to the same input (length is provided by the\ncalling application).\n\nThe function is also used internally in the gssapi code for logging\nthe OIDs received by the server during GSSAPI authentication. This\ncould be triggered remotely, when the server allows GSSAPI authentication\nand logging verbosity is set at least to SSH_LOG_PACKET (3). This\ncould cause self-DoS of the per-connection daemon process.", "issued": "2026-02-10T18:47:15Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0966 https://bugzilla.redhat.com/show_bug.cgi?id=2433121 https://www.cve.org/CVERecord?id=CVE-2026-0966 https://nvd.nist.gov/vuln/detail/CVE-2026-0966 https://www.libssh.org/2026/02/10/libssh-0-12-0-and-0-11-4-security-releases/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0966.json", "severity": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "libssh", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "cCowLuOsLfTMmPFOoqUVww==": { "id": "cCowLuOsLfTMmPFOoqUVww==", "updater": "rhel-vex", "name": "CVE-2024-0397", "description": "A vulnerability was found in Python. A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “cert_store_stats()” and “get_ca_certs()”. The race condition can be triggered if the methods are called at the same time that certificates are loaded into the SSLContext, such as during the TLS handshake with a configured certificate directory.", "issued": "2024-06-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-0397 https://bugzilla.redhat.com/show_bug.cgi?id=2301891 https://www.cve.org/CVERecord?id=CVE-2024-0397 https://nvd.nist.gov/vuln/detail/CVE-2024-0397 https://mail.python.org/archives/list/security-announce@python.org/thread/BMAK5BCGKYWNJOACVUSLUF6SFGBIM4VP/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-0397.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "cW+DgNrGAeRAwNB4wrDZhw==": { "id": "cW+DgNrGAeRAwNB4wrDZhw==", "updater": "rhel-vex", "name": "CVE-2026-22695", "description": "A flaw was found in libpng, a reference library for processing PNG (Portable Network Graphics) image files. A local attacker could exploit a heap buffer over-read vulnerability in the `png_image_finish_read` function by tricking a user into processing a specially crafted interlaced 16-bit PNG file with an 8-bit output format and non-minimal row stride. This could lead to a denial of service (DoS) and potentially information disclosure.", "issued": "2026-01-12T22:55:40Z", "links": "https://access.redhat.com/security/cve/CVE-2026-22695 https://bugzilla.redhat.com/show_bug.cgi?id=2428825 https://www.cve.org/CVERecord?id=CVE-2026-22695 https://nvd.nist.gov/vuln/detail/CVE-2026-22695 https://github.com/pnggroup/libpng/commit/218612ddd6b17944e21eda56caf8b4bf7779d1ea https://github.com/pnggroup/libpng/commit/e4f7ad4ea2 https://github.com/pnggroup/libpng/issues/778 https://github.com/pnggroup/libpng/security/advisories/GHSA-mmq5-27w3-rxpp https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-22695.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "cqYWiTibDLM7aibErMKang==": { "id": "cqYWiTibDLM7aibErMKang==", "updater": "rhel-vex", "name": "CVE-2026-4437", "description": "A flaw was found in glibc (the GNU C Library). When an application uses the `gethostbyaddr` or `gethostbyaddr_r` functions with a `nsswitch.conf` configuration that specifies glibc's DNS backend, a remote attacker can send a specially crafted DNS (Domain Name System) response. This crafted response can cause the application to incorrectly interpret a non-answer section of the DNS response as a valid answer, leading to potential misbehavior or incorrect information processing.", "issued": "2026-03-20T19:59:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4437 https://bugzilla.redhat.com/show_bug.cgi?id=2449777 https://www.cve.org/CVERecord?id=CVE-2026-4437 https://nvd.nist.gov/vuln/detail/CVE-2026-4437 https://sourceware.org/bugzilla/show_bug.cgi?id=34014 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4437.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "crmilTSJ/pTSPBKY9EJmZg==": { "id": "crmilTSJ/pTSPBKY9EJmZg==", "updater": "rhel-vex", "name": "CVE-2025-14524", "description": "A flaw was found in curl. When an OAuth2 (Open Authorization) bearer token is used for an HTTP(S) transfer, and that transfer performs a cross-protocol redirect to a different scheme like IMAP, LDAP, POP3, or SMTP, curl might incorrectly pass the bearer token to the new target host. This could lead to information disclosure, where sensitive authentication tokens are exposed to unintended recipients.", "issued": "2026-01-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14524 https://bugzilla.redhat.com/show_bug.cgi?id=2426407 https://www.cve.org/CVERecord?id=CVE-2025-14524 https://nvd.nist.gov/vuln/detail/CVE-2025-14524 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14524.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "eCNdMtt9JN2Rrb8I23NIsA==": { "id": "eCNdMtt9JN2Rrb8I23NIsA==", "updater": "rhel-vex", "name": "CVE-2026-34990", "description": "A flaw was found in OpenPrinting CUPS. A local unprivileged user can exploit this vulnerability by coercing the `cupsd` service to authenticate to an attacker-controlled Internet Printing Protocol (IPP) service. This allows the user to create a persistent printer queue that can overwrite arbitrary files with root privileges. Successful exploitation can lead to privilege escalation and arbitrary root command execution.", "issued": "2026-04-03T21:14:09Z", "links": "https://access.redhat.com/security/cve/CVE-2026-34990 https://bugzilla.redhat.com/show_bug.cgi?id=2454947 https://www.cve.org/CVERecord?id=CVE-2026-34990 https://nvd.nist.gov/vuln/detail/CVE-2026-34990 https://github.com/OpenPrinting/cups/security/advisories/GHSA-c54j-2vqw-wpwp https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-34990.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "cups", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "eohUFw28jV3sGLZE2CBPXA==": { "id": "eohUFw28jV3sGLZE2CBPXA==", "updater": "rhel-vex", "name": "CVE-2025-4878", "description": "A vulnerability was found in libssh, where an uninitialized variable exists under certain conditions in the privatekey_from_file() function. This flaw can be triggered if the file specified by the filename doesn't exist and may lead to possible signing failures or heap corruption.", "issued": "2025-06-24T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-4878 https://bugzilla.redhat.com/show_bug.cgi?id=2376184 https://www.cve.org/CVERecord?id=CVE-2025-4878 https://nvd.nist.gov/vuln/detail/CVE-2025-4878 https://git.libssh.org/projects/libssh.git/commit/?id=697650caa97eaf7623924c75f9fcfec6dd423cd1 https://git.libssh.org/projects/libssh.git/commit/?id=b35ee876adc92a208d47194772e99f9c71e0bedb https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-4878.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "libssh", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "eqoqeJN8gMUINJLH2PXP7g==": { "id": "eqoqeJN8gMUINJLH2PXP7g==", "updater": "rhel-vex", "name": "CVE-2018-1000654", "description": "GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 contains a DoS, specifically CPU usage will reach 100% when running asn1Paser against the POC due to an issue in _asn1_expand_object_id(p_tree), after a long time, the program will be killed. This attack appears to be exploitable via parsing a crafted file.", "issued": "2018-08-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2018-1000654 https://bugzilla.redhat.com/show_bug.cgi?id=1621972 https://www.cve.org/CVERecord?id=CVE-2018-1000654 https://nvd.nist.gov/vuln/detail/CVE-2018-1000654 https://security.access.redhat.com/data/csaf/v2/vex/2018/cve-2018-1000654.json", "severity": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libtasn1", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "fXpWtuXNPi3tb2edhk37bw==": { "id": "fXpWtuXNPi3tb2edhk37bw==", "updater": "rhel-vex", "name": "CVE-2024-2236", "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", "issued": "2024-03-06T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-2236 https://bugzilla.redhat.com/show_bug.cgi?id=2245218 https://www.cve.org/CVERecord?id=CVE-2024-2236 https://nvd.nist.gov/vuln/detail/CVE-2024-2236 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-2236.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "libgcrypt", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "fayrPya6DVXP9weWvA6obQ==": { "id": "fayrPya6DVXP9weWvA6obQ==", "updater": "rhel-vex", "name": "CVE-2024-7264", "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "issued": "2024-07-31T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-7264 https://bugzilla.redhat.com/show_bug.cgi?id=2301888 https://www.cve.org/CVERecord?id=CVE-2024-7264 https://nvd.nist.gov/vuln/detail/CVE-2024-7264 https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixMSQL https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-7264.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "fvGjL9hw9hDQockMTb7lrA==": { "id": "fvGjL9hw9hDQockMTb7lrA==", "updater": "rhel-vex", "name": "CVE-2021-4209", "description": "A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances.", "issued": "2021-12-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-4209 https://bugzilla.redhat.com/show_bug.cgi?id=2044156 https://www.cve.org/CVERecord?id=CVE-2021-4209 https://nvd.nist.gov/vuln/detail/CVE-2021-4209 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-4209.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "gnutls", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "gaFOKxy9D9KR/Iyd+kDZoA==": { "id": "gaFOKxy9D9KR/Iyd+kDZoA==", "updater": "rhel-vex", "name": "CVE-2025-50182", "description": "A flaw was found in urllib3. The library fails to properly validate redirect URLs, allowing an attacker to manipulate redirect chains when used in environments like Pyodide utilizing the JavaScript Fetch API. This lack of validation can enable a remote attacker to control the redirect destination, leading to arbitrary URL redirection. Consequently, an attacker can redirect users to malicious websites. This \nvulnerability stems from a failure to constrain the redirect target.", "issued": "2025-06-19T01:42:44Z", "links": "https://access.redhat.com/security/cve/CVE-2025-50182 https://bugzilla.redhat.com/show_bug.cgi?id=2373800 https://www.cve.org/CVERecord?id=CVE-2025-50182 https://nvd.nist.gov/vuln/detail/CVE-2025-50182 https://github.com/urllib3/urllib3/commit/7eb4a2aafe49a279c29b6d1f0ed0f42e9736194f https://github.com/urllib3/urllib3/security/advisories/GHSA-48p4-8xcf-vxj5 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-50182.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-pip", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "gagftKXuSuh9pi4dRu9yPQ==": { "id": "gagftKXuSuh9pi4dRu9yPQ==", "updater": "rhel-vex", "name": "CVE-2024-2511", "description": "A flaw was found in OpenSSL. A malicious client can trigger an uncontrolled memory consumption, resulting in a Denial of Service. This issue occurs due to OpenSSL's TLSv1.3 session cache going into an incorrect state, leading to it failing to flush properly as it fills. OpenSSL must be configured with the non-default SSL_OP_NO_TICKET option enabled to be vulnerable. This issue only affects TLSv1.3 servers, while TLS clients are not affected.", "issued": "2024-04-08T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-2511 https://bugzilla.redhat.com/show_bug.cgi?id=2274020 https://www.cve.org/CVERecord?id=CVE-2024-2511 https://nvd.nist.gov/vuln/detail/CVE-2024-2511 https://www.openssl.org/news/vulnerabilities.html https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-2511.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "h6rS2s3xilGaG0a+pIjl8A==": { "id": "h6rS2s3xilGaG0a+pIjl8A==", "updater": "rhel-vex", "name": "CVE-2026-3644", "description": "A control character validation flaw has been discovered in the Python http.cookie module. The Morsel.update(), |= operator, and unpickling paths were not patched to resolve CVE-2026-0672, allowing control characters to bypass input validation. Additionally, BaseCookie.js_output() lacked the output validation applied to BaseCookie.output().", "issued": "2026-03-16T17:37:31Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3644 https://bugzilla.redhat.com/show_bug.cgi?id=2448168 https://www.cve.org/CVERecord?id=CVE-2026-3644 https://nvd.nist.gov/vuln/detail/CVE-2026-3644 https://github.com/python/cpython/commit/57e88c1cf95e1481b94ae57abe1010469d47a6b4 https://github.com/python/cpython/issues/145599 https://github.com/python/cpython/pull/145600 https://mail.python.org/archives/list/security-announce@python.org/thread/H6CADMBCDRFGWCMOXWUIHFJNV43GABJ7/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3644.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "hfBpyVezkUAf98QWnlvzIA==": { "id": "hfBpyVezkUAf98QWnlvzIA==", "updater": "rhel-vex", "name": "CVE-2026-34743", "description": "A flaw was found in XZ Utils. When the `lzma_index_decoder()` function processes an empty index, and a subsequent `lzma_index_append()` operation is performed, insufficient memory is allocated. This can lead to a buffer overflow, potentially causing a denial of service (DoS) for affected systems.", "issued": "2026-04-02T18:36:37Z", "links": "https://access.redhat.com/security/cve/CVE-2026-34743 https://bugzilla.redhat.com/show_bug.cgi?id=2454589 https://www.cve.org/CVERecord?id=CVE-2026-34743 https://nvd.nist.gov/vuln/detail/CVE-2026-34743 https://github.com/tukaani-project/xz/commit/c8c22869e780ff57c96b46939c3d79ff99395f87 https://github.com/tukaani-project/xz/releases/tag/v5.8.3 https://github.com/tukaani-project/xz/security/advisories/GHSA-x872-m794-cxhv https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-34743.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "xz", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "hkP7fdNBNcMv5alTtw0c+Q==": { "id": "hkP7fdNBNcMv5alTtw0c+Q==", "updater": "rhel-vex", "name": "CVE-2025-13151", "description": "A flaw was found in libtasn1. A remote attacker could exploit a stack-based buffer overflow vulnerability in the `asn1_expend_octet_string` function. This occurs due to a failure in validating the size of input data. Successful exploitation can lead to a Denial of Service (DoS) condition, making the affected system or application unavailable.", "issued": "2026-01-07T21:14:05Z", "links": "https://access.redhat.com/security/cve/CVE-2025-13151 https://bugzilla.redhat.com/show_bug.cgi?id=2427698 https://www.cve.org/CVERecord?id=CVE-2025-13151 https://nvd.nist.gov/vuln/detail/CVE-2025-13151 https://gitlab.com/gnutls/libtasn1 https://gitlab.com/gnutls/libtasn1/-/merge_requests/121 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-13151.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "libtasn1", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ho4M6//kfDyE5kZ9fbpV0g==": { "id": "ho4M6//kfDyE5kZ9fbpV0g==", "updater": "rhel-vex", "name": "CVE-2025-14819", "description": "A flaw was found in libcurl. When handling secure connections (TLS) and reusing connection settings, libcurl could incorrectly apply a cached security setting related to certificate chain validation. This could allow libcurl to accept a server's security certificate that it should have otherwise rejected, potentially compromising the integrity of the secure connection.", "issued": "2026-01-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14819 https://bugzilla.redhat.com/show_bug.cgi?id=2426408 https://www.cve.org/CVERecord?id=CVE-2025-14819 https://nvd.nist.gov/vuln/detail/CVE-2025-14819 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14819.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "iEGZHZXt8HWPSM5eJesddQ==": { "id": "iEGZHZXt8HWPSM5eJesddQ==", "updater": "rhel-vex", "name": "CVE-2025-7039", "description": "A flaw was found in glib. An integer overflow during temporary file creation leads to an out-of-bounds memory access, allowing an attacker to potentially perform path traversal or access private temporary file content by creating symbolic links. This vulnerability allows a local attacker to manipulate file paths and access unauthorized data. The core issue stems from insufficient validation of file path lengths during temporary file operations.", "issued": "2025-07-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-7039 https://bugzilla.redhat.com/show_bug.cgi?id=2392423 https://www.cve.org/CVERecord?id=CVE-2025-7039 https://nvd.nist.gov/vuln/detail/CVE-2025-7039 https://gitlab.gnome.org/GNOME/glib/-/issues/3716 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-7039.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "icj6a8bc4dYK/DJNvkU0+A==": { "id": "icj6a8bc4dYK/DJNvkU0+A==", "updater": "rhel-vex", "name": "CVE-2022-41409", "description": "A flaw was found in PCRE2, where it is susceptible to an integer overflow vulnerability triggered by a negative repeat value in the pcre2test subject line that causes infinite looping. This flaw allows a remote attacker to pass specially crafted data to the application, initiating an integer overflow and executing a denial of service (DoS) attack.", "issued": "2023-07-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-41409 https://bugzilla.redhat.com/show_bug.cgi?id=2260814 https://www.cve.org/CVERecord?id=CVE-2022-41409 https://nvd.nist.gov/vuln/detail/CVE-2022-41409 https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35 https://github.com/PCRE2Project/pcre2/issues/141 https://github.com/advisories/GHSA-4qfx-v7wh-3q4j https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-41409.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "pcre2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ieASPdYzGxWke8nZZhE02Q==": { "id": "ieASPdYzGxWke8nZZhE02Q==", "updater": "rhel-vex", "name": "CVE-2018-20657", "description": "A vulnerability was found in the demangle_template function in GNU libiberty, as distributed in GNU Binutils, where a memory leak could occur, a specially crafted file could cause the application to consume excessive memory, potentially leading to a crash.", "issued": "2018-12-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2018-20657 https://bugzilla.redhat.com/show_bug.cgi?id=1664708 https://www.cve.org/CVERecord?id=CVE-2018-20657 https://nvd.nist.gov/vuln/detail/CVE-2018-20657 https://security.access.redhat.com/data/csaf/v2/vex/2018/cve-2018-20657.json", "severity": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gcc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "j1KIfSLRyAo+5FqbDzJbtg==": { "id": "j1KIfSLRyAo+5FqbDzJbtg==", "updater": "rhel-vex", "name": "CVE-2025-5278", "description": "A flaw was found in GNU Coreutils. The sort utility's begfield() function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitive data.", "issued": "2025-05-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5278 https://bugzilla.redhat.com/show_bug.cgi?id=2368764 https://www.cve.org/CVERecord?id=CVE-2025-5278 https://nvd.nist.gov/vuln/detail/CVE-2025-5278 https://cgit.git.savannah.gnu.org/cgit/coreutils.git/commit/?id=8c9602e3a145e9596dc1a63c6ed67865814b6633 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5278.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "coreutils", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "jguV9kU5iHC5V/cF3+b/tg==": { "id": "jguV9kU5iHC5V/cF3+b/tg==", "updater": "rhel-vex", "name": "CVE-2025-3360", "description": "A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the g_date_time_new_from_iso8601() function.", "issued": "2025-04-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-3360 https://bugzilla.redhat.com/show_bug.cgi?id=2357754 https://www.cve.org/CVERecord?id=CVE-2025-3360 https://nvd.nist.gov/vuln/detail/CVE-2025-3360 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-3360.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "jw1ZiDut5Ot+DyVFjCrixg==": { "id": "jw1ZiDut5Ot+DyVFjCrixg==", "updater": "rhel-vex", "name": "CVE-2020-19188", "description": "A flaw was found in the ncurses library. This issue occurs when processing a crafted terminfo database, causing a stack-based buffer overflow, resulting in an application crash, leading to a denial of service.", "issued": "2019-05-03T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-19188 https://bugzilla.redhat.com/show_bug.cgi?id=2234913 https://www.cve.org/CVERecord?id=CVE-2020-19188 https://nvd.nist.gov/vuln/detail/CVE-2020-19188 https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-19188.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "kCsMurCi7F77HxJoLqd9jA==": { "id": "kCsMurCi7F77HxJoLqd9jA==", "updater": "rhel-vex", "name": "CVE-2026-34978", "description": "A flaw was found in OpenPrinting CUPS. A remote attacker can exploit a path traversal vulnerability in the RSS notifier by manipulating the `notify-recipient-uri`. This allows writing arbitrary RSS XML data to sensitive files outside the intended directory. This can lead to a denial of service (DoS) by corrupting critical system files, such as the job cache, causing the scheduler to fail and previously queued jobs to disappear.", "issued": "2026-04-03T21:15:15Z", "links": "https://access.redhat.com/security/cve/CVE-2026-34978 https://bugzilla.redhat.com/show_bug.cgi?id=2454957 https://www.cve.org/CVERecord?id=CVE-2026-34978 https://nvd.nist.gov/vuln/detail/CVE-2026-34978 https://github.com/OpenPrinting/cups/security/advisories/GHSA-f53q-7mxp-9gcr https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-34978.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "cups", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "kYYDrncBncmKkmFnSd5t3w==": { "id": "kYYDrncBncmKkmFnSd5t3w==", "updater": "rhel-vex", "name": "CVE-2017-6519", "description": "avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets. NOTE: this may overlap CVE-2015-2809.", "issued": "2015-03-31T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2017-6519 https://bugzilla.redhat.com/show_bug.cgi?id=1426712 https://www.cve.org/CVERecord?id=CVE-2017-6519 https://nvd.nist.gov/vuln/detail/CVE-2017-6519 https://www.kb.cert.org/vuls/id/550620 https://security.access.redhat.com/data/csaf/v2/vex/2017/cve-2017-6519.json", "severity": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "avahi", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "klCkJxhhNVG564GOUQMh+Q==": { "id": "klCkJxhhNVG564GOUQMh+Q==", "updater": "rhel-vex", "name": "CVE-2026-5745", "description": "A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archive_acl_from_text_nl() function. When processing a malformed ACL string (such as a bare \"d\" or \"default\" tag without subsequent fields), the function fails to perform adequate validation before advancing the pointer. An attacker can exploit this by providing a maliciously crafted archive, causing an application utilizing the libarchive API (such as bsdtar) to crash, resulting in a Denial of Service (DoS).", "issued": "2026-04-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-5745 https://bugzilla.redhat.com/show_bug.cgi?id=2455921 https://www.cve.org/CVERecord?id=CVE-2026-5745 https://nvd.nist.gov/vuln/detail/CVE-2026-5745 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5745.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "m8ueKfgkaYIYTU+xtIQcwA==": { "id": "m8ueKfgkaYIYTU+xtIQcwA==", "updater": "rhel-vex", "name": "CVE-2022-3857", "description": "[REJECTED CVE] A issue has been identified with libpng in png_setup_paeth_row() function. A crafted PNG image from a n attacker can lead to a segmentation fault and Denial of service.", "issued": "2022-11-04T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-3857 https://bugzilla.redhat.com/show_bug.cgi?id=2142600 https://www.cve.org/CVERecord?id=CVE-2022-3857 https://nvd.nist.gov/vuln/detail/CVE-2022-3857 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-3857.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "java-17-openjdk", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "mRazAXjBcgFrTolNDZHDsA==": { "id": "mRazAXjBcgFrTolNDZHDsA==", "updater": "rhel-vex", "name": "CVE-2025-6069", "description": "A denial-of-service (DoS) vulnerability has been discovered in Python's html.parser.HTMLParser class. When processing specially malformed HTML input, the parsing runtime can become quadratic with respect to the input size. This significantly increased processing time can lead to excessive resource consumption, ultimately causing a denial-of-service condition in applications that rely on this parser.", "issued": "2025-06-17T13:39:46Z", "links": "https://access.redhat.com/security/cve/CVE-2025-6069 https://bugzilla.redhat.com/show_bug.cgi?id=2373234 https://www.cve.org/CVERecord?id=CVE-2025-6069 https://nvd.nist.gov/vuln/detail/CVE-2025-6069 https://github.com/python/cpython/commit/4455cbabf991e202185a25a631af206f60bbc949 https://github.com/python/cpython/commit/6eb6c5dbfb528bd07d77b60fd71fd05d81d45c41 https://github.com/python/cpython/commit/d851f8e258c7328814943e923a7df81bca15df4b https://github.com/python/cpython/issues/135462 https://github.com/python/cpython/pull/135464 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-6069.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "mVT54HSCxoOy6IF9Noa/Zw==": { "id": "mVT54HSCxoOy6IF9Noa/Zw==", "updater": "rhel-vex", "name": "CVE-2026-6100", "description": "A flaw was found in Python's decompression modules, including `lzma.LZMADecompressor`, `bz2.BZ2Decompressor`, and `gzip.GzipFile`. This vulnerability, a use-after-free, can occur if a program attempts to re-use a decompression object after a memory allocation error, especially when the system is experiencing high memory usage. Exploitation of this flaw could potentially allow an attacker to execute arbitrary code or access sensitive data. The vulnerability is only present if the program re-uses decompressor instances across multiple decompression calls even after a `MemoryError` is raised during decompression. Using the helper functions to one-shot decompress data such as `lzma.decompress()`, `bz2.decompress()`, `gzip.decompress()`, and `zlib.decompress()` are not affected as a new decompressor instance is used per call. If the decompressor instance is not re-used after an error condition, this usage is similarly not vulnerable.", "issued": "2026-04-13T17:15:47Z", "links": "https://access.redhat.com/security/cve/CVE-2026-6100 https://bugzilla.redhat.com/show_bug.cgi?id=2457932 https://www.cve.org/CVERecord?id=CVE-2026-6100 https://nvd.nist.gov/vuln/detail/CVE-2026-6100 https://github.com/python/cpython/commit/6a5f79c8d7bbf22b083b240910c7a8781a59437d https://github.com/python/cpython/commit/8fc66aef6d7b3ae58f43f5c66f9366cc8cbbfcd2 https://github.com/python/cpython/commit/c3cf71c3366fe49acb776a639405c0eea6169c20 https://github.com/python/cpython/issues/148395 https://github.com/python/cpython/pull/148396 https://mail.python.org/archives/list/security-announce@python.org/thread/HTWB2Z6KT5QQX4RYEZAFININDHNOSIF3/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-6100.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "mouoWVvs12H8FynnB5qIsQ==": { "id": "mouoWVvs12H8FynnB5qIsQ==", "updater": "rhel-vex", "name": "CVE-2019-14250", "description": "This issue resides on libiberty code, a part of binutils, distributed with different versions of RH software. The vulnerability is triggered when the shstrndx (Section Header String Table Index) is zero in the ELF file. This specific condition leads to the integer overflow and subsequent buffer overflow.", "issued": "2019-08-09T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2019-14250 https://bugzilla.redhat.com/show_bug.cgi?id=1739490 https://www.cve.org/CVERecord?id=CVE-2019-14250 https://nvd.nist.gov/vuln/detail/CVE-2019-14250 https://security.access.redhat.com/data/csaf/v2/vex/2019/cve-2019-14250.json", "severity": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gcc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "n83jaRl/T6kiaoMyWtX8xw==": { "id": "n83jaRl/T6kiaoMyWtX8xw==", "updater": "rhel-vex", "name": "CVE-2021-24032", "description": "A flaw was found in zstd. While the final file mode is reflective of the input file, when compressing or uncompressing, the file can temporarily gain greater permissions than the input and potentially leading to security issues (especially if large files are being handled).", "issued": "2021-02-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-24032 https://bugzilla.redhat.com/show_bug.cgi?id=1928090 https://www.cve.org/CVERecord?id=CVE-2021-24032 https://nvd.nist.gov/vuln/detail/CVE-2021-24032 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-24032.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "zstd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "nYtstWEUOCTbjAlmYOKURA==": { "id": "nYtstWEUOCTbjAlmYOKURA==", "updater": "rhel-vex", "name": "CVE-2025-4516", "description": "A vulnerability has been identified in CPython's bytes.decode() function when used with the \"unicode_escape\" encoding and the \"ignore\" or \"replace\" error handling modes. This flaw can result in the incorrect decoding of byte strings. While this may not directly lead to traditional security breaches like data exfiltration, the resulting unexpected program behavior could introduce instability, logic errors, or unintended side effects within applications that rely on this specific decoding functionality.", "issued": "2025-05-15T13:29:20Z", "links": "https://access.redhat.com/security/cve/CVE-2025-4516 https://bugzilla.redhat.com/show_bug.cgi?id=2366509 https://www.cve.org/CVERecord?id=CVE-2025-4516 https://nvd.nist.gov/vuln/detail/CVE-2025-4516 https://github.com/python/cpython/commit/69b4387f78f413e8c47572a85b3478c47eba8142 https://github.com/python/cpython/commit/9f69a58623bd01349a18ba0c7a9cb1dad6a51e8e https://github.com/python/cpython/issues/133767 https://github.com/python/cpython/pull/129648 https://mail.python.org/archives/list/security-announce@python.org/thread/L75IPBBTSCYEF56I2M4KIW353BB3AY74/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-4516.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ngbKDtxhn33NKWC2lhOQNQ==": { "id": "ngbKDtxhn33NKWC2lhOQNQ==", "updater": "rhel-vex", "name": "CVE-2026-1485", "description": "A flaw was found in Glib's content type parsing logic. This buffer underflow vulnerability occurs because the length of a header line is stored in a signed integer, which can lead to integer wraparound for very large inputs. This results in pointer underflow and out-of-bounds memory access. Exploitation requires a local user to install or process a specially crafted treemagic file, which can lead to local denial of service or application instability.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-1485 https://bugzilla.redhat.com/show_bug.cgi?id=2433325 https://www.cve.org/CVERecord?id=CVE-2026-1485 https://nvd.nist.gov/vuln/detail/CVE-2026-1485 https://gitlab.gnome.org/GNOME/glib/-/issues/3871 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1485.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "npBrFSWnZYxq9cizdfDfCQ==": { "id": "npBrFSWnZYxq9cizdfDfCQ==", "updater": "rhel-vex", "name": "CVE-2026-1489", "description": "A flaw was found in GLib. An integer overflow vulnerability in its Unicode case conversion implementation can lead to memory corruption. By processing specially crafted and extremely large Unicode strings, an attacker could trigger an undersized memory allocation, resulting in out-of-bounds writes. This could cause applications utilizing GLib for string conversion to crash or become unstable.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-1489 https://bugzilla.redhat.com/show_bug.cgi?id=2433348 https://www.cve.org/CVERecord?id=CVE-2026-1489 https://nvd.nist.gov/vuln/detail/CVE-2026-1489 https://gitlab.gnome.org/GNOME/glib/-/issues/3872 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1489.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "npQpPXYG8xMJ1LRSVSnKGA==": { "id": "npQpPXYG8xMJ1LRSVSnKGA==", "updater": "rhel-vex", "name": "CVE-2025-8114", "description": "A flaw was found in libssh, a library that implements the SSH protocol. When calculating the session ID during the key exchange (KEX) process, an allocation failure in cryptographic functions may lead to a NULL pointer dereference. This issue can cause the client or server to crash.", "issued": "2025-07-24T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-8114 https://bugzilla.redhat.com/show_bug.cgi?id=2383220 https://www.cve.org/CVERecord?id=CVE-2025-8114 https://nvd.nist.gov/vuln/detail/CVE-2025-8114 https://git.libssh.org/projects/libssh.git/commit/?id=53ac23ded4cb2c5463f6c4cd1525331bd578812d https://git.libssh.org/projects/libssh.git/commit/?id=65f363c9 https://www.libssh.org/security/advisories/CVE-2025-8114.txt https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-8114.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libssh", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "p2qAiuM4AsdQ5J4fBWvbBA==": { "id": "p2qAiuM4AsdQ5J4fBWvbBA==", "updater": "rhel-vex", "name": "CVE-2025-14512", "description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "issued": "2025-12-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14512 https://bugzilla.redhat.com/show_bug.cgi?id=2421339 https://www.cve.org/CVERecord?id=CVE-2025-14512 https://nvd.nist.gov/vuln/detail/CVE-2025-14512 https://gitlab.gnome.org/GNOME/glib/-/issues/3845 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14512.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "pjb5LKdJAfqIzj4N6YBwUQ==": { "id": "pjb5LKdJAfqIzj4N6YBwUQ==", "updater": "rhel-vex", "name": "CVE-2024-11053", "description": "A flaw was found in curl. A logic error when processing credentials from the .netrc file while performing redirects allows the transfer of credentials from the original host to the followed-to host under certain circumstances, leaking the credentials to the followed-to host.", "issued": "2024-12-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-11053 https://bugzilla.redhat.com/show_bug.cgi?id=2331191 https://www.cve.org/CVERecord?id=CVE-2024-11053 https://nvd.nist.gov/vuln/detail/CVE-2024-11053 https://www.oracle.com/security-alerts/cpujan2025.html#AppendixMSQL https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-11053.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "qC/lM94bJkHuTCcx6Z47mQ==": { "id": "qC/lM94bJkHuTCcx6Z47mQ==", "updater": "rhel-vex", "name": "CVE-2026-32778", "description": "A flaw was found in libexpat. This vulnerability allows an attacker to trigger a NULL pointer dereference in the `setContext` function. This occurs when the system attempts to retry an operation after an out-of-memory condition, which can lead to a Denial of Service (DoS) for the affected application.", "issued": "2026-03-16T07:02:34Z", "links": "https://access.redhat.com/security/cve/CVE-2026-32778 https://bugzilla.redhat.com/show_bug.cgi?id=2447885 https://www.cve.org/CVERecord?id=CVE-2026-32778 https://nvd.nist.gov/vuln/detail/CVE-2026-32778 https://github.com/libexpat/libexpat/pull/1159 https://github.com/libexpat/libexpat/pull/1163 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-32778.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "qXNASosSuCsudML1MqXPjw==": { "id": "qXNASosSuCsudML1MqXPjw==", "updater": "rhel-vex", "name": "CVE-2023-27534", "description": "A path traversal vulnerability exists in curl \u003c8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's home directory. Attackers can exploit this flaw to bypass filtering or execute arbitrary code by crafting a path like /~2/foo while accessing a server with a specific user.", "issued": "2023-03-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-27534 https://bugzilla.redhat.com/show_bug.cgi?id=2179069 https://www.cve.org/CVERecord?id=CVE-2023-27534 https://nvd.nist.gov/vuln/detail/CVE-2023-27534 https://curl.se/docs/CVE-2023-27534.html https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-27534.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "qv1CBAIhzNsoWe8hSWlF1g==": { "id": "qv1CBAIhzNsoWe8hSWlF1g==", "updater": "rhel-vex", "name": "CVE-2026-28390", "description": "A flaw was found in OpenSSL. A remote attacker could exploit this vulnerability by sending a specially crafted Cryptographic Message Syntax (CMS) EnvelopedData message. During the processing of a KeyTransportRecipientInfo with RSA-OAEP encryption, the system attempts to access an optional parameter field without first verifying its presence. This leads to a NULL pointer dereference, which can cause applications processing the attacker-controlled CMS data to crash, resulting in a Denial of Service (DoS).", "issued": "2026-04-07T22:00:54Z", "links": "https://access.redhat.com/security/cve/CVE-2026-28390 https://bugzilla.redhat.com/show_bug.cgi?id=2456314 https://www.cve.org/CVERecord?id=CVE-2026-28390 https://nvd.nist.gov/vuln/detail/CVE-2026-28390 https://github.com/openssl/openssl/commit/01194a8f1941115cd0383bfa91c736dd3993c8bc https://github.com/openssl/openssl/commit/2e39b7a6993be445fddb9fbce316fa756e0397b6 https://github.com/openssl/openssl/commit/af2a5fecd3e71a29e7568f9c1453dec5cebbaff4 https://github.com/openssl/openssl/commit/ea7b4ea4f9f853521ba34830cbcadc970d2e0788 https://github.com/openssl/openssl/commit/fd2f1a6cf53b9ceeca723a001aa4b825d7c7ee75 https://openssl-library.org/news/secadv/20260407.txt https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-28390.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "rCI1GSL47zJlliQotxXM4Q==": { "id": "rCI1GSL47zJlliQotxXM4Q==", "updater": "rhel-vex", "name": "CVE-2026-2673", "description": "A key group selection preference flaw has been discovered in OpenSSL. An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the \"DEFAULT\" keyword. A less preferred key exchange may be used even when a more preferred group is supported by both client and server, if the group was not included among the client's initial predicated keyshares. This will sometimes be the case with the new hybrid post-quantum groups, if the client chooses to defer their use until specifically requested by the server. No OpenSSL FIPS modules are affected by this issue, the code in question lies outside the FIPS boundary.", "issued": "2026-03-13T13:23:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-2673 https://bugzilla.redhat.com/show_bug.cgi?id=2447327 https://www.cve.org/CVERecord?id=CVE-2026-2673 https://nvd.nist.gov/vuln/detail/CVE-2026-2673 https://github.com/openssl/openssl/commit/2157c9d81f7b0bd7dfa25b960e928ec28e8dd63f https://github.com/openssl/openssl/commit/85977e013f32ceb96aa034c0e741adddc1a05e34 https://openssl-library.org/news/secadv/20260313.txt https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-2673.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "rEd6JdG2xx5NZ9bcsFRNpw==": { "id": "rEd6JdG2xx5NZ9bcsFRNpw==", "updater": "rhel-vex", "name": "CVE-2026-28388", "description": "A flaw was found in OpenSSL. When processing a malformed delta Certificate Revocation List (CRL) that lacks a required CRL Number extension, a NULL pointer dereference can occur. This vulnerability can be exploited by a remote attacker who provides a specially crafted delta CRL to an application that has delta CRL processing enabled, leading to a Denial of Service (DoS) for the application.", "issued": "2026-04-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-28388 https://bugzilla.redhat.com/show_bug.cgi?id=2451097 https://www.cve.org/CVERecord?id=CVE-2026-28388 https://nvd.nist.gov/vuln/detail/CVE-2026-28388 https://openssl-library.org/news/secadv/20260407.txt https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-28388.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "rEg00U8+//igCt+0+QBUhA==": { "id": "rEg00U8+//igCt+0+QBUhA==", "updater": "rhel-vex", "name": "CVE-2023-50495", "description": "A vulnerability was found in the NCurses package, where a segmentation fault may be triggered through _nc_wrap_entry().", "issued": "2023-12-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-50495 https://bugzilla.redhat.com/show_bug.cgi?id=2254244 https://www.cve.org/CVERecord?id=CVE-2023-50495 https://nvd.nist.gov/vuln/detail/CVE-2023-50495 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-50495.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "rVgBV65FWtFg3jitEqotFA==": { "id": "rVgBV65FWtFg3jitEqotFA==", "updater": "rhel-vex", "name": "CVE-2024-0727", "description": "A flaw was found in OpenSSL. The optional ContentInfo fields can be set to null, even if the \"type\" is a valid value, which can lead to a null dereference error that may cause a denial of service.", "issued": "2024-01-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-0727 https://bugzilla.redhat.com/show_bug.cgi?id=2259944 https://www.cve.org/CVERecord?id=CVE-2024-0727 https://nvd.nist.gov/vuln/detail/CVE-2024-0727 https://github.com/openssl/openssl/pull/23362 https://www.openssl.org/news/secadv/20240125.txt https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-0727.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "rfyVleP0iFAaKAccoWyLNQ==": { "id": "rfyVleP0iFAaKAccoWyLNQ==", "updater": "rhel-vex", "name": "CVE-2026-3805", "description": "A flaw was found in curl. When handling a second Server Message Block (SMB) request to the same host, curl incorrectly accesses memory that has already been freed. This memory corruption vulnerability, known as a use-after-free, could allow a remote attacker to potentially execute arbitrary code or cause a denial of service.", "issued": "2026-03-11T10:09:37Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3805 https://bugzilla.redhat.com/show_bug.cgi?id=2446451 https://www.cve.org/CVERecord?id=CVE-2026-3805 https://nvd.nist.gov/vuln/detail/CVE-2026-3805 http://www.openwall.com/lists/oss-security/2026/03/11/4 https://curl.se/docs/CVE-2026-3805.html https://curl.se/docs/CVE-2026-3805.json https://hackerone.com/reports/3591944 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3805.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ruDQdx7OmIsgMCpioWbqOQ==": { "id": "ruDQdx7OmIsgMCpioWbqOQ==", "updater": "rhel-vex", "name": "CVE-2025-5351", "description": "A flaw was found in the key export functionality of libssh. The issue occurs in the internal function responsible for converting cryptographic keys into serialized formats. During error handling, a memory structure is freed but not cleared, leading to a potential double free issue if an additional failure occurs later in the function. This condition may result in heap corruption or application instability in low-memory scenarios, posing a risk to system reliability where key export operations are performed.", "issued": "2025-06-24T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5351 https://bugzilla.redhat.com/show_bug.cgi?id=2369367 https://www.cve.org/CVERecord?id=CVE-2025-5351 https://nvd.nist.gov/vuln/detail/CVE-2025-5351 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5351.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libssh", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "s1kzjy+cDztHEcgHrl7kHQ==": { "id": "s1kzjy+cDztHEcgHrl7kHQ==", "updater": "rhel-vex", "name": "CVE-2026-22801", "description": "A flaw was found in libpng, a reference library for PNG (Portable Network Graphics) raster image files. An integer truncation vulnerability exists in the png_write_image_16bit and png_write_image_8bit simplified write API functions. A local attacker could exploit this flaw by providing a negative row stride (for bottom-up image layouts) or a stride exceeding 65535 bytes, leading to a heap buffer over-read. This can result in information disclosure or a denial of service (DoS) to the system.", "issued": "2026-01-12T22:57:58Z", "links": "https://access.redhat.com/security/cve/CVE-2026-22801 https://bugzilla.redhat.com/show_bug.cgi?id=2428824 https://www.cve.org/CVERecord?id=CVE-2026-22801 https://nvd.nist.gov/vuln/detail/CVE-2026-22801 https://github.com/pnggroup/libpng/security/advisories/GHSA-vgjq-8cw5-ggw8 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-22801.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "sExC9WXn4M01POjg0haQrA==": { "id": "sExC9WXn4M01POjg0haQrA==", "updater": "rhel-vex", "name": "CVE-2026-34933", "description": "A flaw was found in Avahi. An unprivileged local user can exploit this vulnerability by sending a D-Bus method call with conflicting publish flags. This can lead to a denial of service (DoS) by crashing the avahi-daemon, making the service unavailable.", "issued": "2026-04-03T22:43:26Z", "links": "https://access.redhat.com/security/cve/CVE-2026-34933 https://bugzilla.redhat.com/show_bug.cgi?id=2454978 https://www.cve.org/CVERecord?id=CVE-2026-34933 https://nvd.nist.gov/vuln/detail/CVE-2026-34933 https://github.com/avahi/avahi/commit/625ca0fac19229f6dfa3a6c6b698ae657187e50c https://github.com/avahi/avahi/pull/891 https://github.com/avahi/avahi/security/advisories/GHSA-w65r-6gxh-vhvc https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-34933.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "avahi", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "sGwL9v57mGx7f18qBkIacA==": { "id": "sGwL9v57mGx7f18qBkIacA==", "updater": "rhel-vex", "name": "CVE-2025-6075", "description": "A vulnerability in Python’s os.path.expandvars() function that can cause performance degradation. When processing specially crafted, user-controlled input with nested environment variable patterns, the function exhibits quadratic time complexity, potentially leading to excessive CPU usage and denial of service (DoS) conditions. No code execution or data exposure occurs, so the impact is limited to performance slowdown.", "issued": "2025-10-31T16:41:34Z", "links": "https://access.redhat.com/security/cve/CVE-2025-6075 https://bugzilla.redhat.com/show_bug.cgi?id=2408891 https://www.cve.org/CVERecord?id=CVE-2025-6075 https://nvd.nist.gov/vuln/detail/CVE-2025-6075 https://github.com/python/cpython/issues/136065 https://mail.python.org/archives/list/security-announce@python.org/thread/IUP5QJ6D4KK6ULHOMPC7DPNKRYQTQNLA/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-6075.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "sRVcQFAdq4Ll42smqacaCw==": { "id": "sRVcQFAdq4Ll42smqacaCw==", "updater": "rhel-vex", "name": "CVE-2022-27943", "description": "A flaw was found in binutils, where GNU GCC is vulnerable to a denial of service caused by a stack consumption in the demangle_const() function in libiberty/rust-demangle.c. The vulnerability exists due to the application not properly controlling the consumption of internal resources. By persuading a victim to open a specially-crafted file, an attacker could cause a denial of service.", "issued": "2022-03-26T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-27943 https://bugzilla.redhat.com/show_bug.cgi?id=2071728 https://www.cve.org/CVERecord?id=CVE-2022-27943 https://nvd.nist.gov/vuln/detail/CVE-2022-27943 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-27943.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "gcc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "sThg2GGoKqa1RTJ5skEJTA==": { "id": "sThg2GGoKqa1RTJ5skEJTA==", "updater": "rhel-vex", "name": "CVE-2026-24883", "description": "A flaw was found in GnuPG. A remote attacker could provide a specially crafted long signature packet that, when processed, causes the application to crash. This vulnerability leads to a denial of service (DoS), making the GnuPG application unavailable to legitimate users.", "issued": "2026-01-27T18:43:18Z", "links": "https://access.redhat.com/security/cve/CVE-2026-24883 https://bugzilla.redhat.com/show_bug.cgi?id=2433463 https://www.cve.org/CVERecord?id=CVE-2026-24883 https://nvd.nist.gov/vuln/detail/CVE-2026-24883 https://dev.gnupg.org/T8049 https://www.openwall.com/lists/oss-security/2026/01/27/8 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-24883.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "t3XJyztcU9aOXTMLI8NRmA==": { "id": "t3XJyztcU9aOXTMLI8NRmA==", "updater": "rhel-vex", "name": "CVE-2026-29111", "description": "A flaw was found in systemd, a system and service manager. An unprivileged user can exploit this vulnerability by making an Inter-Process Communication (IPC) API call with spurious data. In older versions (v249 and earlier), this can lead to stack overwriting with attacker-controlled content, potentially enabling arbitrary code execution or privilege escalation. In newer versions (v250 and later), the flaw causes systemd to assert and freeze, resulting in a Denial of Service (DoS).", "issued": "2026-03-23T21:03:56Z", "links": "https://access.redhat.com/security/cve/CVE-2026-29111 https://bugzilla.redhat.com/show_bug.cgi?id=2450505 https://www.cve.org/CVERecord?id=CVE-2026-29111 https://nvd.nist.gov/vuln/detail/CVE-2026-29111 https://github.com/systemd/systemd/commit/1d22f706bd04f45f8422e17fbde3f56ece17758a https://github.com/systemd/systemd/commit/20021e7686426052e3a7505425d7e12085feb2a6 https://github.com/systemd/systemd/commit/21167006574d6b83813c7596759b474f56562412 https://github.com/systemd/systemd/commit/3cee294fe8cf4fa0eff933ab21416d099942cabd https://github.com/systemd/systemd/commit/42aee39107fbdd7db1ccd402a2151822b2805e9f https://github.com/systemd/systemd/commit/54588d2dedff54bfb6036670820650e4ea74628f https://github.com/systemd/systemd/commit/7ac3220213690e8a8d6d2a6e81e43bd1dce01d69 https://github.com/systemd/systemd/commit/80acea4ef80a4bb78560ed970c34952299b890d6 https://github.com/systemd/systemd/commit/b5fd14693057e5f2c9b4a49603be64ec3608ff6c https://github.com/systemd/systemd/commit/efa6ba2ab625aaa160ac435a09e6482fc63bdbe8 https://github.com/systemd/systemd/security/advisories/GHSA-gx6q-6f99-m764 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-29111.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "t4oe6DBPNf5Ikk93RfTdig==": { "id": "t4oe6DBPNf5Ikk93RfTdig==", "updater": "rhel-vex", "name": "CVE-2019-12904", "description": "[Disputed] A vulnerability has been identified in Libgcrypt due to a flaw in its C implementation of AES. This vulnerability enables a remote attacker to perform a flush-and-reload side-channel attack, potentially accessing sensitive information. The vulnerability arises from the availability of physical addresses to other processes, particularly on platforms lacking an assembly-language implementation.", "issued": "2019-07-16T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2019-12904 https://bugzilla.redhat.com/show_bug.cgi?id=1730320 https://www.cve.org/CVERecord?id=CVE-2019-12904 https://nvd.nist.gov/vuln/detail/CVE-2019-12904 https://dev.gnupg.org/T4541 https://lists.gnupg.org/pipermail/gcrypt-devel/2019-July/004760.html https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-12904.html https://security.access.redhat.com/data/csaf/v2/vex/2019/cve-2019-12904.json", "severity": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "libgcrypt", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "tYeLT/YUKIk7yaK07WvPeA==": { "id": "tYeLT/YUKIk7yaK07WvPeA==", "updater": "rhel-vex", "name": "CVE-2026-32776", "description": "A flaw was found in libexpat. A remote attacker could exploit this vulnerability by providing specially crafted XML content with empty external parameter entities. This could lead to a NULL pointer dereference, causing the application to crash and resulting in a Denial of Service (DoS).", "issued": "2026-03-16T06:54:20Z", "links": "https://access.redhat.com/security/cve/CVE-2026-32776 https://bugzilla.redhat.com/show_bug.cgi?id=2447888 https://www.cve.org/CVERecord?id=CVE-2026-32776 https://nvd.nist.gov/vuln/detail/CVE-2026-32776 https://github.com/libexpat/libexpat/pull/1158 https://github.com/libexpat/libexpat/pull/1159 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-32776.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "teoauN/Djw6odXikmjP4Lw==": { "id": "teoauN/Djw6odXikmjP4Lw==", "updater": "rhel-vex", "name": "CVE-2025-68471", "description": "A flaw was found in Avahi, a system that enables devices to discover services on a local network using the mDNS/DNS-SD (Multicast Domain Name System/DNS-based Service Discovery) protocols. A remote attacker can exploit this by sending two specific network messages, known as unsolicited announcements with CNAME resource records, within a two-second timeframe. This action can cause the `avahi-daemon` process to crash, leading to a Denial of Service (DoS) for the affected system.", "issued": "2026-01-12T17:39:57Z", "links": "https://access.redhat.com/security/cve/CVE-2025-68471 https://bugzilla.redhat.com/show_bug.cgi?id=2428717 https://www.cve.org/CVERecord?id=CVE-2025-68471 https://nvd.nist.gov/vuln/detail/CVE-2025-68471 https://github.com/avahi/avahi/commit/9c6eb53bf2e290aed84b1f207e3ce35c54cc0aa1 https://github.com/avahi/avahi/issues/678 https://github.com/avahi/avahi/security/advisories/GHSA-56rf-42xr-qmmg https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-68471.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "avahi", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "tlWVK61iOpKPkvmeShS9AQ==": { "id": "tlWVK61iOpKPkvmeShS9AQ==", "updater": "rhel-vex", "name": "CVE-2025-69421", "description": "A flaw was found in OpenSSL. This vulnerability allows a remote attacker to trigger a Denial of Service (DoS) by providing a specially crafted, malformed PKCS#12 file to an application that processes it. The flaw occurs due to a NULL pointer dereference in the PKCS12_item_decrypt_d2i_ex() function when handling the malformed file, leading to an application crash.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-69421 https://bugzilla.redhat.com/show_bug.cgi?id=2430387 https://www.cve.org/CVERecord?id=CVE-2025-69421 https://nvd.nist.gov/vuln/detail/CVE-2025-69421 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69421.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "tnBbKyfWYMq7GMqd8UCfIw==": { "id": "tnBbKyfWYMq7GMqd8UCfIw==", "updater": "rhel-vex", "name": "CVE-2025-70873", "description": "A flaw was found in SQLite. This information disclosure vulnerability exists within the zipfile extension, specifically in the zipfileInflate function. A remote attacker could exploit this by providing a specially crafted ZIP file. Successful exploitation could lead to the disclosure of sensitive heap memory information.", "issued": "2026-03-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-70873 https://bugzilla.redhat.com/show_bug.cgi?id=2447086 https://www.cve.org/CVERecord?id=CVE-2025-70873 https://nvd.nist.gov/vuln/detail/CVE-2025-70873 https://gist.github.com/cnwangjihe/f496393f30f5ecec5b18c8f5ab072054 https://sqlite.org/forum/forumpost/761eac3c82 https://sqlite.org/src/info/3d459f1fb1bd1b5e https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-70873.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "sqlite", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "u7b5r2PfK9a1QyjBR1cFRw==": { "id": "u7b5r2PfK9a1QyjBR1cFRw==", "updater": "rhel-vex", "name": "CVE-2026-4046", "description": "A flaw was found in glibc, the GNU C Library. A remote attacker could exploit this vulnerability by providing specially crafted inputs using the IBM1390 or IBM1399 character sets to the `iconv()` function. This could lead to an assertion failure, causing the application to crash and resulting in a Denial of Service (DoS).", "issued": "2026-03-30T17:16:11Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4046 https://bugzilla.redhat.com/show_bug.cgi?id=2453117 https://www.cve.org/CVERecord?id=CVE-2026-4046 https://nvd.nist.gov/vuln/detail/CVE-2026-4046 https://packages.fedoraproject.org/pkgs/glibc/glibc-gconv-extra/ https://sourceware.org/bugzilla/show_bug.cgi?id=33980 https://sourceware.org/git/?p=glibc.git;a=blob_plain;f=advisories/GLIBC-SA-2026-0007;hb=HEAD https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4046.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "uEggs7thHCRp4eZu5EDH0A==": { "id": "uEggs7thHCRp4eZu5EDH0A==", "updater": "rhel-vex", "name": "CVE-2026-27171", "description": "A flaw was found in zlib. An attacker providing specially crafted input to the `crc32_combine64` or `crc32_combine_gen64` functions could trigger an infinite loop within the `x2nmodp` function. This leads to excessive CPU consumption, which can result in a Denial of Service (DoS) for the affected system.", "issued": "2026-02-18T02:36:19Z", "links": "https://access.redhat.com/security/cve/CVE-2026-27171 https://bugzilla.redhat.com/show_bug.cgi?id=2440530 https://www.cve.org/CVERecord?id=CVE-2026-27171 https://nvd.nist.gov/vuln/detail/CVE-2026-27171 https://7asecurity.com/blog/2026/02/zlib-7asecurity-audit/ https://7asecurity.com/reports/pentest-report-zlib-RC1.1.pdf https://github.com/madler/zlib/issues/904 https://github.com/madler/zlib/releases/tag/v1.3.2 https://ostif.org/zlib-audit-complete/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-27171.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "zlib", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "uWVbYb9OwW4BBqLbnE2d4A==": { "id": "uWVbYb9OwW4BBqLbnE2d4A==", "updater": "rhel-vex", "name": "CVE-2026-23865", "description": "A flaw was found in Freetype. An integer overflow vulnerability exists when processing specially crafted OpenType variable fonts. A local attacker could exploit this by convincing a user to open a malicious font file, which may lead to an out-of-bounds read and potential information disclosure or denial of service.", "issued": "2026-03-02T16:09:42Z", "links": "https://access.redhat.com/security/cve/CVE-2026-23865 https://bugzilla.redhat.com/show_bug.cgi?id=2443891 https://www.cve.org/CVERecord?id=CVE-2026-23865 https://nvd.nist.gov/vuln/detail/CVE-2026-23865 https://gitlab.com/freetype/freetype/-/commit/fc85a255849229c024c8e65f536fe1875d84841c https://sourceforge.net/projects/freetype/files/freetype2/2.14.2/ https://www.facebook.com/security/advisories/cve-2026-23865 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-23865.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "uxd8tIEkk+r2hWTEgvyv8w==": { "id": "uxd8tIEkk+r2hWTEgvyv8w==", "updater": "rhel-vex", "name": "CVE-2019-9936", "description": "In SQLite 3.27.2, running fts5 prefix queries inside a transaction could trigger a heap-based buffer over-read in fts5HashEntrySort in sqlite3.c, which may lead to an information leak. This is related to ext/fts5/fts5_hash.c.", "issued": "2019-03-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2019-9936 https://bugzilla.redhat.com/show_bug.cgi?id=1692365 https://www.cve.org/CVERecord?id=CVE-2019-9936 https://nvd.nist.gov/vuln/detail/CVE-2019-9936 https://security.access.redhat.com/data/csaf/v2/vex/2019/cve-2019-9936.json", "severity": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "sqlite", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "v1exQXePimNPt3tveLBP9g==": { "id": "v1exQXePimNPt3tveLBP9g==", "updater": "rhel-vex", "name": "CVE-2026-1965", "description": "A flaw was found in curl. When an application uses libcurl to make multiple Negotiate-authenticated HTTP or HTTPS requests to the same server with different credentials, libcurl may incorrectly reuse an existing connection. This logical error can cause a subsequent request to be sent using the authentication of a previous user, leading to an authentication bypass.", "issued": "2026-03-11T10:08:52Z", "links": "https://access.redhat.com/security/cve/CVE-2026-1965 https://bugzilla.redhat.com/show_bug.cgi?id=2446448 https://www.cve.org/CVERecord?id=CVE-2026-1965 https://nvd.nist.gov/vuln/detail/CVE-2026-1965 https://curl.se/docs/CVE-2026-1965.html https://curl.se/docs/CVE-2026-1965.json https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1965.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "vTJZ/R8pdcyDbwAwRi8cBw==": { "id": "vTJZ/R8pdcyDbwAwRi8cBw==", "updater": "rhel-vex", "name": "CVE-2025-15079", "description": "A flaw was found in curl. When performing SSH-based transfers using SCP or SFTP, libcurl could mistakenly connect to hosts not listed in the user-specified knownhosts file. This occurs if the host is present in the libssh global knownhosts file, effectively bypassing the intended host verification. This could allow a remote attacker to connect to an untrusted host, potentially leading to information disclosure or man-in-the-middle attacks.", "issued": "2026-01-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15079 https://bugzilla.redhat.com/show_bug.cgi?id=2426409 https://www.cve.org/CVERecord?id=CVE-2025-15079 https://nvd.nist.gov/vuln/detail/CVE-2025-15079 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15079.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "vx2N2RZTm7neux8kVlqgEg==": { "id": "vx2N2RZTm7neux8kVlqgEg==", "updater": "rhel-vex", "name": "CVE-2026-5704", "description": "A flaw was found in tar. A remote attacker could exploit this vulnerability by crafting a malicious archive, leading to hidden file injection with fully attacker-controlled content. This bypasses pre-extraction inspection mechanisms, potentially allowing an attacker to introduce malicious files onto a system without detection.", "issued": "2026-04-06T13:36:20Z", "links": "https://access.redhat.com/security/cve/CVE-2026-5704 https://bugzilla.redhat.com/show_bug.cgi?id=2455360 https://www.cve.org/CVERecord?id=CVE-2026-5704 https://nvd.nist.gov/vuln/detail/CVE-2026-5704 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5704.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "tar", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "wbBiCPikq6Iz02EPsysTgA==": { "id": "wbBiCPikq6Iz02EPsysTgA==", "updater": "rhel-vex", "name": "CVE-2025-14017", "description": "A flaw was found in curl. When performing multi-threaded LDAPS (Lightweight Directory Access Protocol Secure) transfers, changes to Transport Layer Security (TLS) options in one thread could inadvertently apply globally, affecting other concurrent transfers. This could lead to unintended security posture changes, such as disabling certificate verification for other threads. This vulnerability can result in a security bypass, where expected security checks are not performed.", "issued": "2026-01-08T10:07:05Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14017 https://bugzilla.redhat.com/show_bug.cgi?id=2427870 https://www.cve.org/CVERecord?id=CVE-2025-14017 https://nvd.nist.gov/vuln/detail/CVE-2025-14017 https://curl.se/docs/CVE-2025-14017.html https://curl.se/docs/CVE-2025-14017.json https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14017.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "wxS+u/uf8o4sT9iSccXQwA==": { "id": "wxS+u/uf8o4sT9iSccXQwA==", "updater": "rhel-vex", "name": "CVE-2026-4426", "description": "A flaw was found in libarchive. An Undefined Behavior vulnerability exists in the zisofs decompression logic, caused by improper validation of a field (`pz_log2_bs`) read from ISO9660 Rock Ridge extensions. A remote attacker can exploit this by supplying a specially crafted ISO file. This can lead to incorrect memory allocation and potential application crashes, resulting in a denial-of-service (DoS) condition.", "issued": "2026-03-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4426 https://bugzilla.redhat.com/show_bug.cgi?id=2449010 https://www.cve.org/CVERecord?id=CVE-2026-4426 https://nvd.nist.gov/vuln/detail/CVE-2026-4426 https://github.com/libarchive/libarchive/pull/2897 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4426.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "xCUiEQAH1lfhrKtUxQDIYA==": { "id": "xCUiEQAH1lfhrKtUxQDIYA==", "updater": "rhel-vex", "name": "CVE-2021-39537", "description": "A heap overflow vulnerability has been identified in the ncurses package, particularly in the \"tic\". This flaw results from a lack of proper bounds checking during input processing. By exploiting this boundary error, an attacker can create a malicious file, deceive the victim into opening it using the affected software, and initiate an out-of-bounds write, potentially impacting system availability.", "issued": "2020-08-04T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-39537 https://bugzilla.redhat.com/show_bug.cgi?id=2006978 https://www.cve.org/CVERecord?id=CVE-2021-39537 https://nvd.nist.gov/vuln/detail/CVE-2021-39537 https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-39537.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "xKLQGv5zNwcnWtQQKiO3Ww==": { "id": "xKLQGv5zNwcnWtQQKiO3Ww==", "updater": "rhel-vex", "name": "CVE-2026-25645", "description": "A flaw was found in the `requests` HTTP library, specifically in the `requests.utils.extract_zipped_paths()` function, which is used to load Certificate Authority (CA) bundles. A local attacker can exploit this vulnerability by pre-creating a malicious CA bundle file in the system's temporary directory. When a vulnerable application initializes the `requests` library, it may load this malicious file instead of the legitimate CA bundle, leading to a bypass of security controls and potential integrity compromise.", "issued": "2026-03-25T17:02:48Z", "links": "https://access.redhat.com/security/cve/CVE-2026-25645 https://bugzilla.redhat.com/show_bug.cgi?id=2451408 https://www.cve.org/CVERecord?id=CVE-2026-25645 https://nvd.nist.gov/vuln/detail/CVE-2026-25645 https://github.com/psf/requests/commit/66d21cb07bd6255b1280291c4fafb71803cdb3b7 https://github.com/psf/requests/releases/tag/v2.33.0 https://github.com/psf/requests/security/advisories/GHSA-gc5v-m9x4-r6x2 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-25645.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-pip", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "xLIujTim86EomaRofe4tDg==": { "id": "xLIujTim86EomaRofe4tDg==", "updater": "rhel-vex", "name": "CVE-2023-32611", "description": "A flaw was found in GLib. GVariant deserialization is vulnerable to a slowdown issue where a crafted GVariant can cause excessive processing, leading to denial of service.", "issued": "2022-12-14T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-32611 https://bugzilla.redhat.com/show_bug.cgi?id=2211829 https://www.cve.org/CVERecord?id=CVE-2023-32611 https://nvd.nist.gov/vuln/detail/CVE-2023-32611 https://gitlab.gnome.org/GNOME/glib/-/issues/2797 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-32611.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "xYjfT47p5BaLoMKfWyn2HQ==": { "id": "xYjfT47p5BaLoMKfWyn2HQ==", "updater": "rhel-vex", "name": "CVE-2026-24515", "description": "In libexpat before 2.7.4, XML_ExternalEntityParserCreate does not copy unknown encoding handler user data.", "issued": "2026-01-23T07:46:36Z", "links": "https://access.redhat.com/security/cve/CVE-2026-24515 https://bugzilla.redhat.com/show_bug.cgi?id=2432312 https://www.cve.org/CVERecord?id=CVE-2026-24515 https://nvd.nist.gov/vuln/detail/CVE-2026-24515 https://github.com/libexpat/libexpat/pull/1131 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-24515.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "xjRJnKlNaH/FGi0NN5VKBQ==": { "id": "xjRJnKlNaH/FGi0NN5VKBQ==", "updater": "rhel-vex", "name": "CVE-2026-0992", "description": "A flaw was found in the libxml2 library. This uncontrolled resource consumption vulnerability occurs when processing XML catalogs that contain repeated \u003cnextCatalog\u003e elements pointing to the same downstream catalog. A remote attacker can exploit this by supplying crafted catalogs, causing the parser to redundantly traverse catalog chains. This leads to excessive CPU consumption and degrades application availability, resulting in a denial-of-service condition.", "issued": "2026-01-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0992 https://bugzilla.redhat.com/show_bug.cgi?id=2429975 https://www.cve.org/CVERecord?id=CVE-2026-0992 https://nvd.nist.gov/vuln/detail/CVE-2026-0992 https://gitlab.gnome.org/GNOME/libxml2/-/issues/1019 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0992.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "yGCmffaimhyTCMJRNZflXg==": { "id": "yGCmffaimhyTCMJRNZflXg==", "updater": "rhel-vex", "name": "CVE-2026-5121", "description": "A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buffer overflow. This could potentially allow for arbitrary code execution on the affected system.", "issued": "2026-03-30T07:44:15Z", "links": "https://access.redhat.com/security/cve/CVE-2026-5121 https://bugzilla.redhat.com/show_bug.cgi?id=2452945 https://www.cve.org/CVERecord?id=CVE-2026-5121 https://nvd.nist.gov/vuln/detail/CVE-2026-5121 https://github.com/advisories/GHSA-2vwv-vqpv-v8vc https://github.com/libarchive/libarchive/pull/2934 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5121.json https://access.redhat.com/errata/RHSA-2026:8534", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "libarchive", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.3.3-7.el8_10", "arch_op": "pattern match" }, "yePhQ2wYSrZV2+z+gEbpRg==": { "id": "yePhQ2wYSrZV2+z+gEbpRg==", "updater": "rhel-vex", "name": "CVE-2025-9714", "description": "A flaw was found in libxstl/libxml2. The 'exsltDynMapFunction' function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling 'dyn:map()', leading to stack exhaustion and a local denial of service.", "issued": "2025-09-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-9714 https://bugzilla.redhat.com/show_bug.cgi?id=2392605 https://www.cve.org/CVERecord?id=CVE-2025-9714 https://nvd.nist.gov/vuln/detail/CVE-2025-9714 https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21 https://gitlab.gnome.org/GNOME/libxslt/-/issues/148 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-9714.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "yuFlxOGqQlDuMCywIIELNw==": { "id": "yuFlxOGqQlDuMCywIIELNw==", "updater": "rhel-vex", "name": "CVE-2025-30258", "description": "A flaw was found in GnuPG. In affected versions, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that has incorrect usage flags, the user loses the ability to verify signatures made from certain other signing keys, leading to a verification denial of service.", "issued": "2025-03-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-30258 https://bugzilla.redhat.com/show_bug.cgi?id=2353427 https://www.cve.org/CVERecord?id=CVE-2025-30258 https://nvd.nist.gov/vuln/detail/CVE-2025-30258 https://dev.gnupg.org/T7527 https://dev.gnupg.org/rG48978ccb4e20866472ef18436a32744350a65158 https://lists.gnupg.org/pipermail/gnupg-announce/2025q1/000491.html https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-30258.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "zMNYUY09QO2aCVD23XG4dw==": { "id": "zMNYUY09QO2aCVD23XG4dw==", "updater": "rhel-vex", "name": "CVE-2025-8277", "description": "A flaw was found in libssh's handling of key exchange (KEX) processes when a client repeatedly sends incorrect KEX guesses. The library fails to free memory during these rekey operations, which can gradually exhaust system memory. This issue can lead to crashes on the client side, particularly when using libgcrypt, which impacts application stability and availability.", "issued": "2025-09-09T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-8277 https://bugzilla.redhat.com/show_bug.cgi?id=2383888 https://www.cve.org/CVERecord?id=CVE-2025-8277 https://nvd.nist.gov/vuln/detail/CVE-2025-8277 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-8277.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libssh", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" } }, "package_vulnerabilities": { "+hvIC0Et/RtHi7EAFCmfEw==": [ "O6eQrDqYe8zCvECWFMIzFQ==", "MRnBR1NwPejsF0F/Po53Ew==" ], "+qrxjVH7Im8eBfrz4h4P/w==": [ "Zp9+pixFuNBueE2yO610gQ==" ], "/ji9IJ9FfNcwqVRbMWZshQ==": [ "+nHq7dak7Hkjcru/xpwzhQ==", "L7QbkTbsy8v3tMfOqNsVKQ==" ], "0+9x6aIRcNDCM7R94cpzew==": [ "8TgjbHNGzIFm7/fF9DBU7Q==", "1vG4ZYIu07BTj9XJ+a+P9Q==", "B5eXEM8SeidgdpzXoFJFGQ==", "m8ueKfgkaYIYTU+xtIQcwA==", "Te9j1HGn7feNCE/Fduu0+A==", "YoCxZvEp16Bt9LDv+Ficeg==", "I31WPu2ZGWOsqloSJfE2Fg==", "uWVbYb9OwW4BBqLbnE2d4A==", "cW+DgNrGAeRAwNB4wrDZhw==", "VPoF+qCqaQ4y2sVl2255/g==", "s1kzjy+cDztHEcgHrl7kHQ==", "OTZM0RD60ajdSeEqWGkkTw==", "29qrZyz+fmdn9Nzjpl2/Pg==", "6p6EeZQEuYkK2CtO4ey3Ag==", "FkRDB0vpJYeh2ipqLS0/Iw==" ], "2PBlaOceApWEi634ZUHO/g==": [ "mRazAXjBcgFrTolNDZHDsA==", "h6rS2s3xilGaG0a+pIjl8A==", "mVT54HSCxoOy6IF9Noa/Zw==", "sGwL9v57mGx7f18qBkIacA==", "6Xr5PbPGSy+aHLDQ9q4L9w==", "RVCidRUm4D1IKoPhoUi2AA==", "L3k0cIIlkMGQFiWnZm8Mlg==", "XXiaw1EwhFkuilI94EKiqQ==", "X37PWFfcTFBuBxL2613UQg==", "0QzoXQSqkKieJ7Oc+px0JA==", "8qOJVWAut1+UqTXPOWH12g==", "HB9r/GLycEmk6aXttwtBlw==", "2U8ppg+02PjFDuM5YqFstQ==", "HKrLnQyTw1292mNt3MQ0aQ==", "ZlxfTVb/4bi6yWQ+JLaOnw==", "nYtstWEUOCTbjAlmYOKURA==", "5ZHvcDYhgzWjwNpRgF2u1w==", "IItHEdPWz5fl9O7ZhzjDAA==", "OFdQC3/0S5rItoyqpACTFw==", "8rvqTFlh9aOz4UvxQN0SBQ==", "cCowLuOsLfTMmPFOoqUVww==" ], "4flTdmUV4iK1Ax+LXJm8qQ==": [ "fvGjL9hw9hDQockMTb7lrA==" ], "4uQuJg+li+gGAwnGRDcs+w==": [ "+nHq7dak7Hkjcru/xpwzhQ==", "L7QbkTbsy8v3tMfOqNsVKQ==" ], "7eg89eCgA75bJ7WhhN/T4Q==": [ "eqoqeJN8gMUINJLH2PXP7g==", "hkP7fdNBNcMv5alTtw0c+Q==" ], "9uhqFNTCJ7/bpzSlc7qCaQ==": [ "t4oe6DBPNf5Ikk93RfTdig==", "fXpWtuXNPi3tb2edhk37bw==" ], "AIs6pmCup5N9+6Ag6e2/og==": [ "qv1CBAIhzNsoWe8hSWlF1g==", "UPzTyNn8ZLXlb+bwRFPPTA==", "WcChSpNAL6V9Xfxc9AqW7g==", "ZkEez7f24VNVhTaTCDhuEg==", "6FQUI3OxX4C5skWXKgq80Q==", "OpUahpCA4oBceG962KxTMA==", "QcOTYeOedG0AUhPSakMpIA==", "rEd6JdG2xx5NZ9bcsFRNpw==", "PcNbuWOo0ahqjfbOQhXvvQ==", "gagftKXuSuh9pi4dRu9yPQ==", "8D3i4K1ylUr5dGk9imV9zA==", "97PwDrD8knMveLXwKCvQjA==", "tlWVK61iOpKPkvmeShS9AQ==", "86unVXyTxdffdcXWZTYw5g==", "BV++s35Ur4bQRS6HK0QCIA==", "OLKvdPVgT9/lPcflJTxE3Q==", "UgHucRu0hN47CoyxGAMXTQ==", "rCI1GSL47zJlliQotxXM4Q==", "Fp999hDC/lucBsNHwOlp/A==", "VLzwKVDYC7fQrtcpCzjXjA==", "QUtTYJuHdkAOgtveagWUfA==", "LWLSX4FCLbzYWK97i5Or+A==", "rVgBV65FWtFg3jitEqotFA==" ], "AuC6XQzcU/5tB4luIfjLFg==": [ "HTk+AAyRWNCrZTtBLx34Aw==" ], "AziZ1oGI+oDXVPzldKNj+w==": [ "3O4IzHXnRQMZXCe1gYATvw==" ], "BPsD0kkdIoK3KQUZ5DpJjw==": [ "ZvX4VR3jvMBd1Wq+RxNTgg==" ], "DV119Dw0W4RdsbJkdoHU9w==": [ "qXNASosSuCsudML1MqXPjw==", "rfyVleP0iFAaKAccoWyLNQ==", "8KJb4x3mXgChaQULEsid2A==", "Znm2hdK/FULQhTTGTVX59Q==", "v1exQXePimNPt3tveLBP9g==", "pjb5LKdJAfqIzj4N6YBwUQ==", "crmilTSJ/pTSPBKY9EJmZg==", "fayrPya6DVXP9weWvA6obQ==", "TuBnhFrkwMqIcYtYYgNGNQ==", "ho4M6//kfDyE5kZ9fbpV0g==", "wbBiCPikq6Iz02EPsysTgA==", "vTJZ/R8pdcyDbwAwRi8cBw==", "Pe4IHqZpuBtuSkrgd2HMEg==" ], "DgyhtZBcSIlVmY6xC8s1mA==": [ "j1KIfSLRyAo+5FqbDzJbtg==" ], "EGfzPeF6a5hj9x4BwoN25A==": [ "SixpK4TZp5ARiPVlZlGpew==" ], "FS5/DAbDsXWURU9onlACPA==": [ "Q5xJp4zJ1MCYcYbDi9qrdQ==" ], "J34PJ2GThOWZuKVgFIoieA==": [ "uEggs7thHCRp4eZu5EDH0A==" ], "LXiVkIlXLq/usMYIwCTH8Q==": [ "WGvgNwrW2u5APZcidQ6v1Q==" ], "LkoLKEri5dIAb0vFMkSOag==": [ "6Cqvzp5JbuVfHsuYnIJNFw==", "u7b5r2PfK9a1QyjBR1cFRw==", "cqYWiTibDLM7aibErMKang==" ], "N1RbIRo2SyHosQefv+skDw==": [ "UbmdE2pHXRFccv8l1e02Jw==" ], "N3ZaMrNJKoumMpaY0smlMQ==": [ "8ZxbhBIT+9Mj99/XbMpLSQ==", "9zRC9UwUH2bQs1UcHQ5UTQ==", "uxd8tIEkk+r2hWTEgvyv8w==", "5B1tQ2BK8z/YjRkYcvwqag==", "tnBbKyfWYMq7GMqd8UCfIw==" ], "NguWV8S6YQYvQsGQDJm2Rg==": [ "xCUiEQAH1lfhrKtUxQDIYA==", "HuOxI+pWjgGV0XsBvltzlg==", "SHxE0qXbBmDEp/LL1ieJeA==", "rEg00U8+//igCt+0+QBUhA==", "jw1ZiDut5Ot+DyVFjCrixg==", "673FKazcUiydbfN5c6amaw==", "ZTGiJlkqcqrCLJSY/Sq8lA==", "VsocCwaFpF6PzdX5PxR+sQ==", "S7qx7a03HASsJhyQafvXjg==" ], "ORsDK2A5479NPB0r01PoXQ==": [ "qXNASosSuCsudML1MqXPjw==", "rfyVleP0iFAaKAccoWyLNQ==", "8KJb4x3mXgChaQULEsid2A==", "Znm2hdK/FULQhTTGTVX59Q==", "v1exQXePimNPt3tveLBP9g==", "pjb5LKdJAfqIzj4N6YBwUQ==", "crmilTSJ/pTSPBKY9EJmZg==", "fayrPya6DVXP9weWvA6obQ==", "TuBnhFrkwMqIcYtYYgNGNQ==", "ho4M6//kfDyE5kZ9fbpV0g==", "wbBiCPikq6Iz02EPsysTgA==", "vTJZ/R8pdcyDbwAwRi8cBw==", "Pe4IHqZpuBtuSkrgd2HMEg==" ], "POPH5BJ/Q4Bfen05TT291g==": [ "+nHq7dak7Hkjcru/xpwzhQ==", "L7QbkTbsy8v3tMfOqNsVKQ==" ], "Q0uPb/t/3IQ8GEwlv/J3Cw==": [ "WGvgNwrW2u5APZcidQ6v1Q==" ], "QC6e3OaV78mjs678tGU2KQ==": [ "eohUFw28jV3sGLZE2CBPXA==", "H9Ud41wofJc/QlL6Rm7WkA==", "avzu5SRbIjcduH4QdmZ1gg==", "OgFGrvrnAoXXvapnatTrxQ==", "XbpXfbeApuDuIKvY0/qWiA==", "ruDQdx7OmIsgMCpioWbqOQ==", "zMNYUY09QO2aCVD23XG4dw==", "npQpPXYG8xMJ1LRSVSnKGA==", "KCgCqCavM9U0xL+GHJqzSg==", "Rfm1tD+QxSP/TVjKFDNabg==" ], "U3ZkYu9FoEzQITrVBlQtLA==": [ "6Cqvzp5JbuVfHsuYnIJNFw==", "u7b5r2PfK9a1QyjBR1cFRw==", "cqYWiTibDLM7aibErMKang==" ], "UUZyda9G/ffvF6rJ5W1UnQ==": [ "sRVcQFAdq4Ll42smqacaCw==", "mouoWVvs12H8FynnB5qIsQ==", "ieASPdYzGxWke8nZZhE02Q==" ], "Vax934M9zGbzjdT3Y/XU9w==": [ "6Cqvzp5JbuVfHsuYnIJNFw==", "u7b5r2PfK9a1QyjBR1cFRw==", "cqYWiTibDLM7aibErMKang==" ], "Wq1n4jzKBPdL9z5l5HD99w==": [ "DDWmqlxBSfXi2KJJ5mwTNg==", "8Sec+JvKiQWGqYCOBdZhjg==", "wxS+u/uf8o4sT9iSccXQwA==", "AE8Cp1u8I9t52OYW7oGU4w==", "HNpGGr9eP5twQKC3yCh1mA==", "O8fIVXqcGshIonMWsEH9gA==", "EQ4eP3gKo3y8JsWUiWr6+g==", "XygysGe2kdlyCRQHM1fu3w==", "OPNDKUsVLJt2v1gO1zvkBA==", "YiJlkUTKf0/7+ORZMmQ2cw==", "4/mftydHpy90Umw3G0mTuQ==", "klCkJxhhNVG564GOUQMh+Q==", "/QaL/BUIdoF2MAB/C1YiGQ==", "yGCmffaimhyTCMJRNZflXg==" ], "YjDcGmvP0/z8VqRiUvkhOQ==": [ "yuFlxOGqQlDuMCywIIELNw==", "sThg2GGoKqa1RTJ5skEJTA==", "W/d4trZ7jb2yxjrq4cNOWA==", "0nQ3GJDLY22M176Z5ESg6A==" ], "auI8KtI6OozP7EAIr9UlQQ==": [ "icj6a8bc4dYK/DJNvkU0+A==" ], "bWUdPEYmtshwdmuX5VapfQ==": [ "WGvgNwrW2u5APZcidQ6v1Q==" ], "f/Al/eNlUhjEgKSV0J2z7w==": [ "QSNBg/XspHcBwSxBTMU4rg==", "xKLQGv5zNwcnWtQQKiO3Ww==", "gaFOKxy9D9KR/Iyd+kDZoA==", "HuLJLN6ajygY/CpLyzV5lw==", "8I2jFG8JRR+6+eqqYlXhAg==" ], "h53SWWmMQUh4cLyBmYeNvw==": [ "Bgew407C4GMDdNe8dNeN7w==", "9jHXNtwzqlOir/Op7pd9+w==", "Rw8DyDlyRHRJOeZaAbGMRA==", "A1UDSDMkPKOSx7ma/geQyg==", "MW3KGjkk7BWuR5JCc6cywg==", "kYYDrncBncmKkmFnSd5t3w==", "teoauN/Djw6odXikmjP4Lw==", "7lnphmrb/VojuhlikpNO5w==", "sExC9WXn4M01POjg0haQrA==" ], "hSTTMcRX1DBcXc+8jKeg3Q==": [ "sRVcQFAdq4Ll42smqacaCw==", "mouoWVvs12H8FynnB5qIsQ==", "ieASPdYzGxWke8nZZhE02Q==" ], "isPl2YxnCTfcLmUYH6Q0sA==": [ "WGvgNwrW2u5APZcidQ6v1Q==" ], "j5YRt82iOHry4ndSyCLgaA==": [ "/1CYFiexnJcM7p4YrI/FVg==", "eCNdMtt9JN2Rrb8I23NIsA==", "RdjNn4dAdZKcn6VS95a/SQ==", "K3eafQ/8P8PEZ3BPWZfCgg==", "UyCjBcpeB0nhkRTVhUcAJQ==", "kCsMurCi7F77HxJoLqd9jA==", "0WTD6ZUY2Zj2w0R3oyPWRw==", "9oBjtBiHtz7+Hwc4swPaAw==", "3IgZDz5UYkhu/U1/4kSWKg==" ], "jSeaYCeiTMhbTniYmwK8dQ==": [ "mRazAXjBcgFrTolNDZHDsA==", "h6rS2s3xilGaG0a+pIjl8A==", "mVT54HSCxoOy6IF9Noa/Zw==", "sGwL9v57mGx7f18qBkIacA==", "6Xr5PbPGSy+aHLDQ9q4L9w==", "RVCidRUm4D1IKoPhoUi2AA==", "L3k0cIIlkMGQFiWnZm8Mlg==", "XXiaw1EwhFkuilI94EKiqQ==", "X37PWFfcTFBuBxL2613UQg==", "0QzoXQSqkKieJ7Oc+px0JA==", "8qOJVWAut1+UqTXPOWH12g==", "HB9r/GLycEmk6aXttwtBlw==", "2U8ppg+02PjFDuM5YqFstQ==", "HKrLnQyTw1292mNt3MQ0aQ==", "ZlxfTVb/4bi6yWQ+JLaOnw==", "nYtstWEUOCTbjAlmYOKURA==", "5ZHvcDYhgzWjwNpRgF2u1w==", "IItHEdPWz5fl9O7ZhzjDAA==", "OFdQC3/0S5rItoyqpACTFw==", "8rvqTFlh9aOz4UvxQN0SBQ==", "cCowLuOsLfTMmPFOoqUVww==" ], "k/BpvWmZ5EVfmiPqpZ3pGw==": [ "qC/lM94bJkHuTCcx6Z47mQ==", "KExChYIaW0MvXNLWbjS/Hw==", "RYqFgDYIttLgJc8B82sK/w==", "xYjfT47p5BaLoMKfWyn2HQ==", "Lt2Hg7sVYgz0GD7ldFmjjA==", "tYeLT/YUKIk7yaK07WvPeA==" ], "k4gCNgIfg7MM/e42ThRx2w==": [ "n83jaRl/T6kiaoMyWtX8xw==", "AZQ9MHTiNLYiRU7sYZlVGw==" ], "ka4b0+TZOGmroTz/rrRQcg==": [ "+nHq7dak7Hkjcru/xpwzhQ==", "L7QbkTbsy8v3tMfOqNsVKQ==" ], "kwc9NYOQig+qWs5qmBRL/w==": [ "xCUiEQAH1lfhrKtUxQDIYA==", "HuOxI+pWjgGV0XsBvltzlg==", "SHxE0qXbBmDEp/LL1ieJeA==", "rEg00U8+//igCt+0+QBUhA==", "jw1ZiDut5Ot+DyVFjCrixg==", "673FKazcUiydbfN5c6amaw==", "ZTGiJlkqcqrCLJSY/Sq8lA==", "VsocCwaFpF6PzdX5PxR+sQ==", "S7qx7a03HASsJhyQafvXjg==" ], "lU0MYRg2dg5wynl2dMGsgA==": [ "hfBpyVezkUAf98QWnlvzIA==" ], "mtrWxjnWyzrIFOuHVeUG6g==": [ "UoEFDYM+Gqf2mdRJh5HUFw==", "8rxYDEPu2XxazQ3cBUhX0Q==", "9uK7ZDYgFtqP786n0QunAg==", "UMD4nV1Ky5C5eKUMgtnKzw==", "W/DMqBRMDYVkVH3D67luGg==", "XBiy/XVR6SoThCkYUmkD1g==", "vx2N2RZTm7neux8kVlqgEg==" ], "oSDtB9GflLljTYeOAikyIQ==": [ "0fCtWwB6iclgRvIA+IqiJQ==", "EiL50P2QSOoRA18XAAH6Pg==", "EKs36DFwHVCzU/cF0Be9pQ==", "xLIujTim86EomaRofe4tDg==", "KaROgE0QmtiOixMG9Wi1RA==", "ElIjMFAz33tt/XVMysRkdA==", "jguV9kU5iHC5V/cF3+b/tg==", "Oi3Y6I7JDcoQrQyH+jMXWw==", "p2qAiuM4AsdQ5J4fBWvbBA==", "iEGZHZXt8HWPSM5eJesddQ==", "npBrFSWnZYxq9cizdfDfCQ==", "ngbKDtxhn33NKWC2lhOQNQ==" ], "peUaHHW4E9Y6Nd8+gJR5cQ==": [ "eohUFw28jV3sGLZE2CBPXA==", "H9Ud41wofJc/QlL6Rm7WkA==", "avzu5SRbIjcduH4QdmZ1gg==", "OgFGrvrnAoXXvapnatTrxQ==", "XbpXfbeApuDuIKvY0/qWiA==", "ruDQdx7OmIsgMCpioWbqOQ==", "zMNYUY09QO2aCVD23XG4dw==", "npQpPXYG8xMJ1LRSVSnKGA==", "KCgCqCavM9U0xL+GHJqzSg==", "Rfm1tD+QxSP/TVjKFDNabg==" ], "y1KXv1Wa0o6q+5/jJ4FmmA==": [ "RXjd5U95osIGXnqCa34Jkg==", "HdAyLUATPStr/HXiy9fgQw==", "92KuvWwbPhsQNPu0knrHAQ==", "G7IyfoPhe9f8QzIGbOfn7Q==", "TLOrmSYL76Du+GI4WD9gMQ==", "7Puka2o1jq4jSr2Hekrfhg==", "xjRJnKlNaH/FGi0NN5VKBQ==", "yePhQ2wYSrZV2+z+gEbpRg==", "EiJx6rOT8KoLX+Wu7/N6HQ==" ], "yI01txXPQZENPfjF45L+Zw==": [ "+nHq7dak7Hkjcru/xpwzhQ==", "L7QbkTbsy8v3tMfOqNsVKQ==" ], "yX08xXm2MSxk7s6Ui2Z6BQ==": [ "H2CablNBrQ/I5AsUjk5xyw==", "BooDzA4nzaDI1l3E5zAHgg==", "1lUHOMB3ANHGWpqCBv9Ynw==", "a067YUjLHWzR99JNl/RtGQ==", "t3XJyztcU9aOXTMLI8NRmA==" ] }, "enrichments": {} } pod: test-comp-pac-gitlab-axhyxp8750c7426def474b8d17d753c7d361da-pod | container step-oci-attach-report: Selecting auth Using token for quay.io/redhat-appstudio-qe/gitlab-rep-ehhc/test-comp-pac-gitlab-axhyxp Attaching clair-report-amd64.json to quay.io/redhat-appstudio-qe/gitlab-rep-ehhc/test-comp-pac-gitlab-axhyxp@sha256:579b3888d3459c75ee05081412d0ad0cace947df03745963ec5124fd4a16e6fa Executing: oras attach --no-tty --format go-template={{.digest}} --registry-config /home/oras/auth.json --artifact-type application/vnd.redhat.clair-report+json quay.io/redhat-appstudio-qe/gitlab-rep-ehhc/test-comp-pac-gitlab-axhyxp@sha256:579b3888d3459c75ee05081412d0ad0cace947df03745963ec5124fd4a16e6fa clair-report-amd64.json:application/vnd.redhat.clair-report+json pod: test-comp-pac-gitlab-axhyxp8750c7426def474b8d17d753c7d361da-pod | container step-conftest-vulnerabilities: [ { "filename": "/tekton/home/clair-result-amd64.json", "namespace": "required_checks", "successes": 5, "warnings": [ { "msg": "Found packages with high vulnerabilities associated with RHSA fixes. Consider updating to a newer version of those packages, they may no longer be affected by the reported CVEs.", "metadata": { "details": { "description": "Vulnerabilities found: libarchive-3.3.3-6.el8_10 (CVE-2026-4424)", "name": "clair_high_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 1 } }, { "msg": "Found packages with unpatched high vulnerabilities. These vulnerabilities don't have a known fix at this time.", "metadata": { "details": { "description": "Vulnerabilities found: python3-libs-3.6.8-75.el8_10 (CVE-2026-4786, CVE-2026-6100), libcap-2.48-6.el8_9 (CVE-2026-4878), java-17-openjdk-headless-1:17.0.18.0.8-1.el8 (CVE-2025-66293, CVE-2026-25646, CVE-2026-26740), platform-python-3.6.8-75.el8_10 (CVE-2026-4786, CVE-2026-6100)", "name": "clair_unpatched_high_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 8 } }, { "msg": "Found packages with medium vulnerabilities associated with RHSA fixes. Consider updating to a newer version of those packages, they may no longer be affected by the reported CVEs.", "metadata": { "details": { "description": "Vulnerabilities found: libarchive-3.3.3-6.el8_10 (CVE-2026-5121)", "name": "clair_medium_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 1 } }, { "msg": "Found packages with unpatched medium vulnerabilities. These vulnerabilities don't have a known fix at this time.", "metadata": { "details": { "description": "Vulnerabilities found: libcurl-7.61.1-34.el8_10.11 (CVE-2025-13034, CVE-2025-14017, CVE-2026-1965, CVE-2026-3783, CVE-2026-3784, CVE-2026-3805), libssh-0.9.6-16.el8_10 (CVE-2025-5351, CVE-2025-8114, CVE-2026-0964, CVE-2026-0966, CVE-2026-3731), libzstd-1.4.4-1.el8 (CVE-2022-4899), alsa-lib-1.2.10-2.el8 (CVE-2026-25068), libssh-config-0.9.6-16.el8_10 (CVE-2025-5351, CVE-2025-8114, CVE-2026-0964, CVE-2026-0966, CVE-2026-3731), gnupg2-2.2.20-4.el8_10 (CVE-2025-68972), cups-libs-1:2.2.6-67.el8_10 (CVE-2023-4504, CVE-2026-27447, CVE-2026-34978, CVE-2026-34979, CVE-2026-34980, CVE-2026-34990, CVE-2026-39314, CVE-2026-39316), python3-libs-3.6.8-75.el8_10 (CVE-2025-11468, CVE-2025-12781, CVE-2025-13837, CVE-2025-15282, CVE-2025-4516, CVE-2025-6069, CVE-2025-8291, CVE-2026-0672, CVE-2026-1502, CVE-2026-3644, CVE-2026-4224, CVE-2026-5713), systemd-libs-239-82.el8_10.15 (CVE-2018-20839, CVE-2025-4598, CVE-2026-29111, CVE-2026-4105), expat-2.5.0-1.el8_10 (CVE-2026-32776, CVE-2026-32777, CVE-2026-32778), openldap-2.4.46-21.el8_10 (CVE-2026-22185), file-libs-5.33-27.el8_10 (CVE-2019-8905), python3-pip-wheel-9.0.3-24.el8 (CVE-2023-45803, CVE-2025-50181, CVE-2025-50182, CVE-2026-25645), glibc-common-2.28-251.el8_10.31 (CVE-2026-4046, CVE-2026-4437), libblkid-2.32.1-48.el8_10 (CVE-2026-27456), glib2-2.56.4-168.el8_10 (CVE-2025-14087, CVE-2025-14512, CVE-2026-1484, CVE-2026-1489), libsmartcols-2.32.1-48.el8_10 (CVE-2026-27456), xz-libs-5.2.4-4.el8_6 (CVE-2026-34743), glibc-minimal-langpack-2.28-251.el8_10.31 (CVE-2026-4046, CVE-2026-4437), libarchive-3.3.3-6.el8_10 (CVE-2024-57970, CVE-2025-25724, CVE-2025-60753, CVE-2026-4426, CVE-2026-5745), curl-7.61.1-34.el8_10.11 (CVE-2025-13034, CVE-2025-14017, CVE-2026-1965, CVE-2026-3783, CVE-2026-3784, CVE-2026-3805), coreutils-single-8.30-17.el8_10 (CVE-2025-5278), tar-2:1.30-11.el8_10 (CVE-2025-45582, CVE-2025-64118, CVE-2026-33056, CVE-2026-5704), openssl-libs-1:1.1.1k-15.el8_6 (CVE-2023-0466, CVE-2026-28390), java-17-openjdk-headless-1:17.0.18.0.8-1.el8 (CVE-2025-28164, CVE-2025-64505, CVE-2025-64506, CVE-2026-22693, CVE-2026-22695, CVE-2026-22801, CVE-2026-23865, CVE-2026-33416, CVE-2026-33636, CVE-2026-34757), platform-python-3.6.8-75.el8_10 (CVE-2025-11468, CVE-2025-12781, CVE-2025-13837, CVE-2025-15282, CVE-2025-4516, CVE-2025-6069, CVE-2025-8291, CVE-2026-0672, CVE-2026-1502, CVE-2026-3644, CVE-2026-4224, CVE-2026-5713), libxml2-2.9.7-21.el8_10.3 (CVE-2025-9714, CVE-2026-0990, CVE-2026-1757), glibc-2.28-251.el8_10.31 (CVE-2026-4046, CVE-2026-4437), libgcrypt-1.8.5-7.el8_6 (CVE-2019-12904, CVE-2024-2236), libuuid-2.32.1-48.el8_10 (CVE-2026-27456), libmount-2.32.1-48.el8_10 (CVE-2026-27456), avahi-libs-0.7-27.el8_10.1 (CVE-2024-52615, CVE-2024-52616, CVE-2025-59529, CVE-2025-68276, CVE-2025-68468, CVE-2025-68471, CVE-2026-24401, CVE-2026-34933)", "name": "clair_unpatched_medium_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 120 } }, { "msg": "Found packages with unpatched low/negligible vulnerabilities. These vulnerabilities don't have a known fix at this time.", "metadata": { "details": { "description": "Vulnerabilities found: ncurses-libs-6.1-10.20180224.el8 (CVE-2018-19211, CVE-2020-19185, CVE-2020-19186, CVE-2020-19187, CVE-2020-19188, CVE-2020-19189, CVE-2020-19190, CVE-2021-39537, CVE-2023-50495), sqlite-libs-3.26.0-20.el8_10 (CVE-2019-19244, CVE-2019-9936, CVE-2019-9937, CVE-2024-0232, CVE-2025-70873), libtasn1-4.13-5.el8_10 (CVE-2018-1000654, CVE-2025-13151), elfutils-libelf-0.190-2.el8 (CVE-2024-25260), libcurl-7.61.1-34.el8_10.11 (CVE-2023-27534, CVE-2024-11053, CVE-2024-7264, CVE-2025-14524, CVE-2025-14819, CVE-2025-15079, CVE-2025-15224), libssh-0.9.6-16.el8_10 (CVE-2025-4878, CVE-2025-8277, CVE-2026-0965, CVE-2026-0967, CVE-2026-0968), ncurses-base-6.1-10.20180224.el8 (CVE-2018-19211, CVE-2020-19185, CVE-2020-19186, CVE-2020-19187, CVE-2020-19188, CVE-2020-19189, CVE-2020-19190, CVE-2021-39537, CVE-2023-50495), libzstd-1.4.4-1.el8 (CVE-2021-24032), libstdc++-8.5.0-28.el8_10 (CVE-2018-20657, CVE-2019-14250, CVE-2022-27943), libssh-config-0.9.6-16.el8_10 (CVE-2025-4878, CVE-2025-8277, CVE-2026-0965, CVE-2026-0967, CVE-2026-0968), gnupg2-2.2.20-4.el8_10 (CVE-2022-3219, CVE-2025-30258, CVE-2026-24883), dbus-libs-1:1.12.8-27.el8_10 (CVE-2020-35512), cups-libs-1:2.2.6-67.el8_10 (CVE-2021-25317), python3-libs-3.6.8-75.el8_10 (CVE-2019-9674, CVE-2024-0397, CVE-2024-7592, CVE-2025-1795, CVE-2025-6075, CVE-2026-2297, CVE-2026-3479), systemd-libs-239-82.el8_10.15 (CVE-2021-3997), expat-2.5.0-1.el8_10 (CVE-2025-66382, CVE-2026-24515, CVE-2026-41080), nss-sysinit-3.112.0-4.el8_10 (CVE-2020-12413, CVE-2024-7531), gawk-4.2.1-4.el8 (CVE-2023-4156), file-libs-5.33-27.el8_10 (CVE-2019-8906), python3-pip-wheel-9.0.3-24.el8 (CVE-2018-20225), nss-softokn-3.112.0-4.el8_10 (CVE-2020-12413, CVE-2024-7531), glibc-common-2.28-251.el8_10.31 (CVE-2026-4438), zlib-1.2.11-25.el8 (CVE-2026-27171), glib2-2.56.4-168.el8_10 (CVE-2023-29499, CVE-2023-32611, CVE-2023-32636, CVE-2023-32665, CVE-2025-3360, CVE-2025-7039, CVE-2026-0988, CVE-2026-1485), libgcc-8.5.0-28.el8_10 (CVE-2018-20657, CVE-2019-14250, CVE-2022-27943), glibc-minimal-langpack-2.28-251.el8_10.31 (CVE-2026-4438), libarchive-3.3.3-6.el8_10 (CVE-2018-1000879, CVE-2018-1000880, CVE-2025-1632, CVE-2025-5915, CVE-2025-5916, CVE-2025-5917, CVE-2025-5918), nss-3.112.0-4.el8_10 (CVE-2020-12413, CVE-2024-7531), curl-7.61.1-34.el8_10.11 (CVE-2023-27534, CVE-2024-11053, CVE-2024-7264, CVE-2025-14524, CVE-2025-14819, CVE-2025-15079, CVE-2025-15224), nss-softokn-freebl-3.112.0-4.el8_10 (CVE-2020-12413, CVE-2024-7531), gnutls-3.6.16-8.el8_10.5 (CVE-2021-4209), tar-2:1.30-11.el8_10 (CVE-2019-9923, CVE-2021-20193, CVE-2023-39804), openssl-libs-1:1.1.1k-15.el8_6 (CVE-2023-0464, CVE-2023-0465, CVE-2023-2650, CVE-2024-0727, CVE-2024-13176, CVE-2024-2511, CVE-2024-41996, CVE-2024-4741, CVE-2025-15468, CVE-2025-15469, CVE-2025-68160, CVE-2025-69418, CVE-2025-69420, CVE-2025-69421, CVE-2026-22795, CVE-2026-22796, CVE-2026-2673, CVE-2026-28386, CVE-2026-28388, CVE-2026-28389, CVE-2026-31789), shadow-utils-2:4.6-23.el8_10 (CVE-2024-56433), java-17-openjdk-headless-1:17.0.18.0.8-1.el8 (CVE-2022-3857, CVE-2026-27171), platform-python-3.6.8-75.el8_10 (CVE-2019-9674, CVE-2024-0397, CVE-2024-7592, CVE-2025-1795, CVE-2025-6075, CVE-2026-2297, CVE-2026-3479), libxml2-2.9.7-21.el8_10.3 (CVE-2023-45322, CVE-2024-34459, CVE-2025-27113, CVE-2025-6170, CVE-2026-0989, CVE-2026-0992), glibc-2.28-251.el8_10.31 (CVE-2026-4438), nss-util-3.112.0-4.el8_10 (CVE-2020-12413, CVE-2024-7531), pcre2-10.32-3.el8_6 (CVE-2022-41409), avahi-libs-0.7-27.el8_10.1 (CVE-2017-6519)", "name": "clair_unpatched_low_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 148 } } ] } ] {"vulnerabilities":{"critical":0,"high":1,"medium":1,"low":0,"unknown":0},"unpatched_vulnerabilities":{"critical":0,"high":8,"medium":120,"low":148,"unknown":0}} {"image": {"pullspec": "quay.io/redhat-appstudio-qe/gitlab-rep-ehhc/test-comp-pac-gitlab-axhyxp:on-pr-6b9cafb5b333281f9bcc7367785e0b17ad4ca3d2", "digests": ["sha256:579b3888d3459c75ee05081412d0ad0cace947df03745963ec5124fd4a16e6fa"]}} {"result":"SUCCESS","timestamp":"2026-04-19T13:59:51+00:00","note":"Task clair-scan completed: Refer to Tekton task result SCAN_OUTPUT for vulnerabilities scanned by Clair.","namespace":"default","successes":0,"failures":0,"warnings":0} pod: test-comp-pac-gitlab-axhyxp9a38f83d8636c6ca87bb8a2e1af8eec9-pod | init container: prepare 2026/04/19 13:57:43 Entrypoint initialization pod: test-comp-pac-gitlab-axhyxp9a38f83d8636c6ca87bb8a2e1af8eec9-pod | init container: place-scripts 2026/04/19 13:57:44 Decoded script /tekton/scripts/script-0-4gfwd 2026/04/19 13:57:44 Decoded script /tekton/scripts/script-1-rrfnt 2026/04/19 13:57:44 Decoded script /tekton/scripts/script-2-cjfk5 2026/04/19 13:57:44 Decoded script /tekton/scripts/script-3-2rvp9 2026/04/19 13:57:44 Decoded script /tekton/scripts/script-4-m8x6k 2026/04/19 13:57:44 Decoded script /tekton/scripts/script-5-xss4h pod: test-comp-pac-gitlab-axhyxp9a38f83d8636c6ca87bb8a2e1af8eec9-pod | container step-introspect: Artifact type will be determined by introspection. Checking the media type of the OCI artifact... [retry] executing: skopeo inspect --raw --retry-times 3 docker://quay.io/redhat-appstudio-qe/gitlab-rep-ehhc/test-comp-pac-gitlab-axhyxp:on-pr-6b9cafb5b333281f9bcc7367785e0b17ad4ca3d2 The media type of the OCI artifact is application/vnd.docker.distribution.manifest.v2+json. Looking for image labels that indicate this might be an operator bundle... [retry] executing: skopeo inspect --retry-times 3 docker://quay.io/redhat-appstudio-qe/gitlab-rep-ehhc/test-comp-pac-gitlab-axhyxp:on-pr-6b9cafb5b333281f9bcc7367785e0b17ad4ca3d2 Found 0 matching labels. Expecting 3 or more to identify this image as an operator bundle. Introspection concludes that this artifact is of type "application". pod: test-comp-pac-gitlab-axhyxp9a38f83d8636c6ca87bb8a2e1af8eec9-pod | container step-generate-container-auth: Selecting auth for quay.io/redhat-appstudio-qe/gitlab-rep-ehhc/test-comp-pac-gitlab-axhyxp:on-pr-6b9cafb5b333281f9bcc7367785e0b17ad4ca3d2 Using token for quay.io/redhat-appstudio-qe/gitlab-rep-ehhc/test-comp-pac-gitlab-axhyxp Auth json written to "/auth/auth.json". pod: test-comp-pac-gitlab-axhyxp9a38f83d8636c6ca87bb8a2e1af8eec9-pod | container step-set-skip-for-bundles: 2026/04/19 13:57:50 INFO Step was skipped due to when expressions were evaluated to false. pod: test-comp-pac-gitlab-axhyxp9a38f83d8636c6ca87bb8a2e1af8eec9-pod | container step-app-check: time="2026-04-19T13:57:50Z" level=info msg="certification library version" version="1.17.1 <commit: f7de82ae1c76e6c10ea94967d6b6a66f96248cbe>" time="2026-04-19T13:57:50Z" level=info msg="running checks for quay.io/redhat-appstudio-qe/gitlab-rep-ehhc/test-comp-pac-gitlab-axhyxp:on-pr-6b9cafb5b333281f9bcc7367785e0b17ad4ca3d2 for platform amd64" time="2026-04-19T13:57:50Z" level=info msg="target image" image="quay.io/redhat-appstudio-qe/gitlab-rep-ehhc/test-comp-pac-gitlab-axhyxp:on-pr-6b9cafb5b333281f9bcc7367785e0b17ad4ca3d2" time="2026-04-19T13:57:58Z" level=info msg="warning: licenses directory does not exist or all of its children are empty directories: error when checking for /licenses: stat /tmp/preflight-3041931381/fs/licenses: no such file or directory" check=HasLicense time="2026-04-19T13:57:58Z" level=info msg="check completed" check=HasLicense result=FAILED time="2026-04-19T13:57:58Z" level=info msg="check completed" check=HasUniqueTag result=PASSED time="2026-04-19T13:57:58Z" level=info msg="check completed" check=LayerCountAcceptable result=PASSED time="2026-04-19T13:57:58Z" level=info msg="check completed" check=HasNoProhibitedPackages result=PASSED time="2026-04-19T13:57:58Z" level=info msg="check completed" check=HasRequiredLabel result=PASSED time="2026-04-19T13:57:58Z" level=info msg="USER 185 specified that is non-root" check=RunAsNonRoot time="2026-04-19T13:57:58Z" level=info msg="check completed" check=RunAsNonRoot result=PASSED time="2026-04-19T13:58:07Z" level=info msg="check completed" check=HasModifiedFiles result=PASSED time="2026-04-19T13:58:07Z" level=info msg="check completed" check=BasedOnUbi result=PASSED time="2026-04-19T13:58:07Z" level=info msg="This image's tag on-pr-6b9cafb5b333281f9bcc7367785e0b17ad4ca3d2 will be paired with digest sha256:579b3888d3459c75ee05081412d0ad0cace947df03745963ec5124fd4a16e6fa once this image has been published in accordance with Red Hat Certification policy. You may then add or remove any supplemental tags through your Red Hat Connect portal as you see fit." { "image": "quay.io/redhat-appstudio-qe/gitlab-rep-ehhc/test-comp-pac-gitlab-axhyxp:on-pr-6b9cafb5b333281f9bcc7367785e0b17ad4ca3d2", "passed": false, "test_library": { "name": "github.com/redhat-openshift-ecosystem/openshift-preflight", "version": "1.17.1", "commit": "f7de82ae1c76e6c10ea94967d6b6a66f96248cbe" }, "results": { "passed": [ { "name": "HasUniqueTag", "elapsed_time": 0, "description": "Checking if container has a tag other than 'latest', so that the image can be uniquely identified." }, { "name": "LayerCountAcceptable", "elapsed_time": 0, "description": "Checking if container has less than 40 layers. Too many layers within the container images can degrade container performance." }, { "name": "HasNoProhibitedPackages", "elapsed_time": 35, "description": "Checks to ensure that the image in use does not include prohibited packages, such as Red Hat Enterprise Linux (RHEL) kernel packages." }, { "name": "HasRequiredLabel", "elapsed_time": 0, "description": "Checking if the required labels (name, vendor, version, release, summary, description, maintainer) are present in the container metadata" }, { "name": "RunAsNonRoot", "elapsed_time": 0, "description": "Checking if container runs as the root user because a container that does not specify a non-root user will fail the automatic certification, and will be subject to a manual review before the container can be approved for publication" }, { "name": "HasModifiedFiles", "elapsed_time": 8867, "description": "Checks that no files installed via RPM in the base Red Hat layer have been modified" }, { "name": "BasedOnUbi", "elapsed_time": 146, "description": "Checking if the container's base image is based upon the Red Hat Universal Base Image (UBI)" } ], "failed": [ { "name": "HasLicense", "elapsed_time": 0, "description": "Checking if terms and conditions applicable to the software including open source licensing information are present. The license must be at /licenses", "help": "Check HasLicense encountered an error. Please review the preflight.log file for more information.", "suggestion": "Create a directory named /licenses and include all relevant licensing and/or terms and conditions as text file(s) in that directory.", "knowledgebase_url": "https://access.redhat.com/documentation/en-us/red_hat_software_certification/2024/html-single/red_hat_openshift_software_certification_policy_guide/index#assembly-requirements-for-container-images_openshift-sw-cert-policy-introduction", "check_url": "https://access.redhat.com/documentation/en-us/red_hat_software_certification/2024/html-single/red_hat_openshift_software_certification_policy_guide/index#assembly-requirements-for-container-images_openshift-sw-cert-policy-introduction" } ], "errors": [] } } time="2026-04-19T13:58:07Z" level=info msg="Preflight result: FAILED" pod: test-comp-pac-gitlab-axhyxp9a38f83d8636c6ca87bb8a2e1af8eec9-pod | container step-app-set-outcome: {"result":"FAILURE","timestamp":"1776607087","note":"Task preflight is a FAILURE: Refer to Tekton task logs for more information","successes":7,"failures":1,"warnings":0}[retry] executing: skopeo inspect --raw --retry-times 3 docker://quay.io/redhat-appstudio-qe/gitlab-rep-ehhc/test-comp-pac-gitlab-axhyxp:on-pr-6b9cafb5b333281f9bcc7367785e0b17ad4ca3d2 pod: test-comp-pac-gitlab-axhyxp9a38f83d8636c6ca87bb8a2e1af8eec9-pod | container step-final-outcome: + [[ ! -f /mount/konflux.results.json ]] + tee /tekton/steps/step-final-outcome/results/test-output {"result":"FAILURE","timestamp":"1776607087","note":"Task preflight is a FAILURE: Refer to Tekton task logs for more information","successes":7,"failures":1,"warnings":0} pod: test-comp-pac-gitlab-axhyxpbbbc9bb9fd165241236b845b7225a833-pod | init container: prepare 2026/04/19 13:56:44 Entrypoint initialization pod: test-comp-pac-gitlab-axhyxpbbbc9bb9fd165241236b845b7225a833-pod | container step-apply-additional-tags: time="2026-04-19T13:56:47Z" level=info msg="[param] image-url: quay.io/redhat-appstudio-qe/gitlab-rep-ehhc/test-comp-pac-gitlab-axhyxp:on-pr-6b9cafb5b333281f9bcc7367785e0b17ad4ca3d2" time="2026-04-19T13:56:47Z" level=info msg="[param] digest: sha256:579b3888d3459c75ee05081412d0ad0cace947df03745963ec5124fd4a16e6fa" time="2026-04-19T13:56:47Z" level=info msg="[param] tags-from-image-label: konflux.additional-tags" time="2026-04-19T13:56:48Z" level=warning msg="No tags given in 'konflux.additional-tags' image label" {"tags":[]} pod: test-comp-pac-gitlab-axhyxpf532a7dc04794b7ae334ed4148bcf871-pod | init container: prepare 2026/04/19 13:57:42 Entrypoint initialization pod: test-comp-pac-gitlab-axhyxpf532a7dc04794b7ae334ed4148bcf871-pod | init container: place-scripts 2026/04/19 13:57:43 Decoded script /tekton/scripts/script-0-kmmzj 2026/04/19 13:57:43 Decoded script /tekton/scripts/script-1-vm977 pod: test-comp-pac-gitlab-axhyxpf532a7dc04794b7ae334ed4148bcf871-pod | container step-extract-and-scan-image: Starting clamd ... clamd is ready! Detecting artifact type for quay.io/redhat-appstudio-qe/gitlab-rep-ehhc/test-comp-pac-gitlab-axhyxp@sha256:579b3888d3459c75ee05081412d0ad0cace947df03745963ec5124fd4a16e6fa. Detected container image. Processing image manifests. Running "oc image extract" on image of arch amd64 Scanning image for arch amd64. This operation may take a while. ----------- SCAN SUMMARY ----------- Infected files: 0 Time: 44.601 sec (0 m 44 s) Start Date: 2026:04:19 13:58:01 End Date: 2026:04:19 13:58:46 Executed-on: Scan was executed on clamsdcan version - ClamAV 1.4.3/27975/Sat Apr 18 06:26:10 2026 Database version: 27975 [ { "filename": "/work/logs/clamscan-result-log-amd64.json", "namespace": "required_checks", "successes": 2 } ] {"timestamp":"1776607126","namespace":"required_checks","successes":2,"failures":0,"warnings":0,"result":"SUCCESS","note":"All checks passed successfully"} {"timestamp":"1776607126","namespace":"required_checks","successes":2,"failures":0,"warnings":0,"result":"SUCCESS","note":"All checks passed successfully"} {"timestamp":"1776607126","namespace":"required_checks","successes":2,"failures":0,"warnings":0,"result":"SUCCESS","note":"All checks passed successfully"} {"image": {"pullspec": "quay.io/redhat-appstudio-qe/gitlab-rep-ehhc/test-comp-pac-gitlab-axhyxp:on-pr-6b9cafb5b333281f9bcc7367785e0b17ad4ca3d2", "digests": ["sha256:579b3888d3459c75ee05081412d0ad0cace947df03745963ec5124fd4a16e6fa"]}} pod: test-comp-pac-gitlab-axhyxpf532a7dc04794b7ae334ed4148bcf871-pod | container step-upload: Selecting auth Using token for quay.io/redhat-appstudio-qe/gitlab-rep-ehhc/test-comp-pac-gitlab-axhyxp Attaching to quay.io/redhat-appstudio-qe/gitlab-rep-ehhc/test-comp-pac-gitlab-axhyxp:on-pr-6b9cafb5b333281f9bcc7367785e0b17ad4ca3d2 Executing: oras attach --no-tty --registry-config /home/oras/auth.json --artifact-type application/vnd.clamav quay.io/redhat-appstudio-qe/gitlab-rep-ehhc/test-comp-pac-gitlab-axhyxp:on-pr-6b9cafb5b333281f9bcc7367785e0b17ad4ca3d2@sha256:579b3888d3459c75ee05081412d0ad0cace947df03745963ec5124fd4a16e6fa clamscan-result-amd64.log:text/vnd.clamav clamscan-ec-test-amd64.json:application/vnd.konflux.test_output+json Preparing clamscan-result-amd64.log Preparing clamscan-ec-test-amd64.json Uploading 732589a20cc6 clamscan-result-amd64.log Uploading 32585a880790 clamscan-ec-test-amd64.json Exists 44136fa355b3 application/vnd.oci.empty.v1+json Uploaded 32585a880790 clamscan-ec-test-amd64.json Uploaded 732589a20cc6 clamscan-result-amd64.log Uploading 98f1dcbc1646 application/vnd.oci.image.manifest.v1+json Uploaded 98f1dcbc1646 application/vnd.oci.image.manifest.v1+json Attached to [registry] quay.io/redhat-appstudio-qe/gitlab-rep-ehhc/test-comp-pac-gitlab-axhyxp:on-pr-6b9cafb5b333281f9bcc7367785e0b17ad4ca3d2@sha256:579b3888d3459c75ee05081412d0ad0cace947df03745963ec5124fd4a16e6fa Digest: sha256:98f1dcbc1646e245e591fa8913a9e19263c5a9915bd575288b534cb6dd2cf7d7 New PipelineRun test-comp-pac-gitlab-axhyxp-on-pull-request-bph5k found after retrigger for component gitlab-rep-ehhc/test-comp-pac-gitlab-axhyxp PipelineRun test-comp-pac-gitlab-axhyxp-on-pull-request-bph5k found for Component gitlab-rep-ehhc/test-comp-pac-gitlab-axhyxp PipelineRun test-comp-pac-gitlab-axhyxp-on-pull-request-bph5k reason: ResolvingTaskRef PipelineRun test-comp-pac-gitlab-axhyxp-on-pull-request-bph5k reason: Running PipelineRun test-comp-pac-gitlab-axhyxp-on-pull-request-bph5k reason: Running PipelineRun test-comp-pac-gitlab-axhyxp-on-pull-request-bph5k reason: Running PipelineRun test-comp-pac-gitlab-axhyxp-on-pull-request-bph5k reason: Running PipelineRun test-comp-pac-gitlab-axhyxp-on-pull-request-bph5k reason: Running PipelineRun test-comp-pac-gitlab-axhyxp-on-pull-request-bph5k reason: Running PipelineRun test-comp-pac-gitlab-axhyxp-on-pull-request-bph5k reason: Running PipelineRun test-comp-pac-gitlab-axhyxp-on-pull-request-bph5k reason: Running PipelineRun test-comp-pac-gitlab-axhyxp-on-pull-request-bph5k reason: Running PipelineRun test-comp-pac-gitlab-axhyxp-on-pull-request-bph5k reason: Completed < Exit [It] should lead to build PipelineRun finishing successfully - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:148 @ 04/19/26 14:03:38.959 (11m32.513s) > Enter [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 14:03:38.959 < Exit [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 14:03:38.959 (0s) > Enter [It] should have a related PaC init MR is created - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:153 @ 04/19/26 14:03:38.96 < Exit [It] should have a related PaC init MR is created - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:153 @ 04/19/26 14:03:39.666 (706ms) > Enter [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 14:03:39.666 < Exit [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 14:03:39.666 (0s) > Enter [It] the PipelineRun should eventually finish successfully for component - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:172 @ 04/19/26 14:03:39.666 PipelineRun my-integration-test-home-486c4 found for Component gitlab-rep-ehhc/test-comp-pac-gitlab-axhyxp PipelineRun my-integration-test-home-486c4 reason: Running PipelineRun my-integration-test-home-486c4 reason: Succeeded < Exit [It] the PipelineRun should eventually finish successfully for component - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:172 @ 04/19/26 14:03:59.688 (20.021s) > Enter [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 14:03:59.688 < Exit [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 14:03:59.688 (0s) > Enter [It] checks if the BuildPipelineRun have the annotation of chains signed - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:179 @ 04/19/26 14:03:59.688 < Exit [It] checks if the BuildPipelineRun have the annotation of chains signed - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:179 @ 04/19/26 14:03:59.88 (191ms) > Enter [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 14:03:59.88 < Exit [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 14:03:59.88 (0s) > Enter [It] checks if the Snapshot is created - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:183 @ 04/19/26 14:03:59.88 < Exit [It] checks if the Snapshot is created - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:183 @ 04/19/26 14:03:59.888 (7ms) > Enter [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 14:03:59.888 < Exit [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 14:03:59.888 (0s) > Enter [It] checks if the Build PipelineRun got annotated with Snapshot name - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:188 @ 04/19/26 14:03:59.888 < Exit [It] checks if the Build PipelineRun got annotated with Snapshot name - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:188 @ 04/19/26 14:03:59.986 (98ms) > Enter [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 14:03:59.987 < Exit [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 14:03:59.987 (0s) > Enter [It] should find the Integration Test Scenario PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:194 @ 04/19/26 14:03:59.987 < Exit [It] should find the Integration Test Scenario PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:194 @ 04/19/26 14:04:00.077 (89ms) > Enter [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 14:04:00.077 < Exit [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 14:04:00.077 (0s) > Enter [It] should eventually complete successfully - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:207 @ 04/19/26 14:04:00.077 PipelineRun my-integration-test-home-486c4 reason: Succeeded PipelineRun my-integration-test-sbds-nxdz9 reason: Succeeded < Exit [It] should eventually complete successfully - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:207 @ 04/19/26 14:04:00.291 (213ms) > Enter [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 14:04:00.291 < Exit [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 14:04:00.291 (0s) > Enter [It] validates the Integration test scenario PipelineRun is reported to merge request CommitStatus, and it pass - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:212 @ 04/19/26 14:04:00.291 < Exit [It] validates the Integration test scenario PipelineRun is reported to merge request CommitStatus, and it pass - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:212 @ 04/19/26 14:04:00.465 (174ms) > Enter [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 14:04:00.465 < Exit [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 14:04:00.465 (0s) > Enter [It] eventually leads to the integration test PipelineRun's Pass status reported at MR commit status - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:229 @ 04/19/26 14:04:00.466 < Exit [It] eventually leads to the integration test PipelineRun's Pass status reported at MR commit status - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:229 @ 04/19/26 14:04:00.832 (366ms) > Enter [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 14:04:00.832 < Exit [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 14:04:00.832 (0s) > Enter [It] validates the Integration test scenario PipelineRun is reported to merge request CommitStatus, and it fails - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:233 @ 04/19/26 14:04:00.833 < Exit [It] validates the Integration test scenario PipelineRun is reported to merge request CommitStatus, and it fails - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:233 @ 04/19/26 14:04:00.98 (148ms) > Enter [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 14:04:00.98 < Exit [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 14:04:00.98 (0s) > Enter [It] eventually leads to the integration test PipelineRun's Fail status reported at MR commit status - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:250 @ 04/19/26 14:04:00.981 < Exit [It] eventually leads to the integration test PipelineRun's Fail status reported at MR commit status - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:250 @ 04/19/26 14:04:01.364 (383ms) > Enter [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 14:04:01.364 < Exit [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 14:04:01.364 (0s) > Enter [It] validates at least one MR note contains the final integration test result - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:254 @ 04/19/26 14:04:01.365 < Exit [It] validates at least one MR note contains the final integration test result - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:254 @ 04/19/26 14:04:01.612 (247ms) > Enter [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 14:04:01.612 < Exit [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 14:04:01.612 (0s) > Enter [It] merging the PR should be successful - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:278 @ 04/19/26 14:04:01.613 merged result sha: aa21dacba715d2abdabfe0c1e132aba96d1c791d for MR #17342 < Exit [It] merging the PR should be successful - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:278 @ 04/19/26 14:04:02.92 (1.307s) > Enter [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 14:04:02.92 < Exit [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 14:04:02.92 (0s) > Enter [It] leads to triggering on push PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:288 @ 04/19/26 14:04:02.921 < Exit [It] leads to triggering on push PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:288 @ 04/19/26 14:04:02.937 (17ms) > Enter [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 14:04:02.938 < Exit [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 14:04:02.938 (0s) > Enter [It] should eventually complete successfully - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:303 @ 04/19/26 14:04:02.938 PipelineRun my-integration-test-home-486c4 reason: Succeeded PipelineRun my-integration-test-sbds-nxdz9 reason: Succeeded < Exit [It] should eventually complete successfully - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:303 @ 04/19/26 14:04:03.034 (96ms) > Enter [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 14:04:03.034 < Exit [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 14:04:03.034 (0s) > Enter [It] validates the Integration test scenario PipelineRun is reported to merge request CommitStatus, and it pass - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:308 @ 04/19/26 14:04:03.034 < Exit [It] validates the Integration test scenario PipelineRun is reported to merge request CommitStatus, and it pass - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:308 @ 04/19/26 14:04:03.204 (169ms) > Enter [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 14:04:03.204 < Exit [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 14:04:03.204 (0s) > Enter [It] eventually leads to the integration test PipelineRun's Pass status reported at MR commit status - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:325 @ 04/19/26 14:04:03.204 < Exit [It] eventually leads to the integration test PipelineRun's Pass status reported at MR commit status - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:325 @ 04/19/26 14:04:03.551 (347ms) > Enter [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 14:04:03.551 < Exit [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 14:04:03.551 (0s) > Enter [It] validates the Integration test scenario PipelineRun is reported to merge request CommitStatus, and it fails - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:329 @ 04/19/26 14:04:03.552 < Exit [It] validates the Integration test scenario PipelineRun is reported to merge request CommitStatus, and it fails - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:329 @ 04/19/26 14:04:03.753 (201ms) > Enter [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 14:04:03.753 < Exit [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 14:04:03.753 (0s) > Enter [It] eventually leads to the integration test PipelineRun's Fail status reported at MR commit status - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:346 @ 04/19/26 14:04:03.754 < Exit [It] eventually leads to the integration test PipelineRun's Fail status reported at MR commit status - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:346 @ 04/19/26 14:04:04.122 (368ms) > Enter [AfterAll] Gitlab with status reporting of Integration tests in the assosiated merge request - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:94 @ 04/19/26 14:04:04.122 < Exit [AfterAll] Gitlab with status reporting of Integration tests in the assosiated merge request - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:94 @ 04/19/26 14:04:07.788 (3.666s) > Enter [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 14:04:07.788 < Exit [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/19/26 14:04:07.789 (0s) > Enter [BeforeAll] with happy path for general flow of Integration service - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:52 @ 04/19/26 13:50:24.37 Image repository for component test-component-pac-ixoxue in namespace integration1-rywh do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Image repository for component test-component-pac-ixoxue in namespace integration1-rywh do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. < Exit [BeforeAll] with happy path for general flow of Integration service - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:52 @ 04/19/26 13:51:03.674 (39.304s) > Enter [It] triggers a build PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:85 @ 04/19/26 13:51:03.674 no pipelinerun found for component test-component-pac-ixoxue (application: integ-app-zfwm, namespace: integration1-rywh)no pipelinerun found for component test-component-pac-ixoxue (application: integ-app-zfwm, namespace: integration1-rywh) < Exit [It] triggers a build PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:85 @ 04/19/26 13:51:43.7 (40.025s) > Enter [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 13:51:43.7 < Exit [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 13:51:43.7 (0s) > Enter [It] verifies if the build PipelineRun contains the finalizer - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:90 @ 04/19/26 13:51:43.7 < Exit [It] verifies if the build PipelineRun contains the finalizer - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:90 @ 04/19/26 13:51:43.795 (95ms) > Enter [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 13:51:43.795 < Exit [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 13:51:43.795 (0s) > Enter [It] waits for build PipelineRun to succeed - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:101 @ 04/19/26 13:51:43.796 PipelineRun test-component-pac-ixoxue-on-pull-request-t6978 found for Component integration1-rywh/test-component-pac-ixoxue PipelineRun test-component-pac-ixoxue-on-pull-request-t6978 reason: Running PipelineRun test-component-pac-ixoxue-on-pull-request-t6978 reason: Running PipelineRun test-component-pac-ixoxue-on-pull-request-t6978 reason: Running PipelineRun test-component-pac-ixoxue-on-pull-request-t6978 reason: Running PipelineRun test-component-pac-ixoxue-on-pull-request-t6978 reason: Running PipelineRun test-component-pac-ixoxue-on-pull-request-t6978 reason: Running PipelineRun test-component-pac-ixoxue-on-pull-request-t6978 reason: Running PipelineRun test-component-pac-ixoxue-on-pull-request-t6978 reason: Running PipelineRun test-component-pac-ixoxue-on-pull-request-t6978 reason: Running PipelineRun test-component-pac-ixoxue-on-pull-request-t6978 reason: Running PipelineRun test-component-pac-ixoxue-on-pull-request-t6978 reason: Running PipelineRun test-component-pac-ixoxue-on-pull-request-t6978 reason: Running PipelineRun test-component-pac-ixoxue-on-pull-request-t6978 reason: Running PipelineRun test-component-pac-ixoxue-on-pull-request-t6978 reason: Running PipelineRun test-component-pac-ixoxue-on-pull-request-t6978 reason: Running PipelineRun test-component-pac-ixoxue-on-pull-request-t6978 reason: Running PipelineRun test-component-pac-ixoxue-on-pull-request-t6978 reason: Running PipelineRun test-component-pac-ixoxue-on-pull-request-t6978 reason: Running PipelineRun test-component-pac-ixoxue-on-pull-request-t6978 reason: Running PipelineRun test-component-pac-ixoxue-on-pull-request-t6978 reason: Running PipelineRun test-component-pac-ixoxue-on-pull-request-t6978 reason: Running PipelineRun test-component-pac-ixoxue-on-pull-request-t6978 reason: Running PipelineRun test-component-pac-ixoxue-on-pull-request-t6978 reason: Running PipelineRun test-component-pac-ixoxue-on-pull-request-t6978 reason: Running PipelineRun test-component-pac-ixoxue-on-pull-request-t6978 reason: Running PipelineRun test-component-pac-ixoxue-on-pull-request-t6978 reason: Running PipelineRun test-component-pac-ixoxue-on-pull-request-t6978 reason: Running PipelineRun test-component-pac-ixoxue-on-pull-request-t6978 reason: Running PipelineRun test-component-pac-ixoxue-on-pull-request-t6978 reason: Running PipelineRun my-integration-test-rlko-jvg2n reason: Succeeded < Exit [It] waits for build PipelineRun to succeed - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:101 @ 04/19/26 14:01:23.817 (9m40.021s) > Enter [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:01:23.817 < Exit [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:01:23.817 (0s) > Enter [It] should have a related PaC init PR created - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:107 @ 04/19/26 14:01:23.818 < Exit [It] should have a related PaC init PR created - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:107 @ 04/19/26 14:01:24.062 (244ms) > Enter [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:01:24.062 < Exit [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:01:24.062 (0s) > Enter [It] checks if the BuildPipelineRun have the annotation of chains signed - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:128 @ 04/19/26 14:01:24.063 < Exit [It] checks if the BuildPipelineRun have the annotation of chains signed - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:128 @ 04/19/26 14:01:24.081 (18ms) > Enter [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:01:24.081 < Exit [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:01:24.081 (0s) > Enter [It] checks if the Snapshot is created - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:132 @ 04/19/26 14:01:24.081 < Exit [It] checks if the Snapshot is created - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:132 @ 04/19/26 14:01:24.088 (7ms) > Enter [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:01:24.088 < Exit [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:01:24.088 (0s) > Enter [It] checks if the Build PipelineRun got annotated with Snapshot name - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:137 @ 04/19/26 14:01:24.089 < Exit [It] checks if the Build PipelineRun got annotated with Snapshot name - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:137 @ 04/19/26 14:01:24.105 (16ms) > Enter [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:01:24.105 < Exit [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:01:24.105 (0s) > Enter [It] verifies that the finalizer has been removed from the build pipelinerun - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:141 @ 04/19/26 14:01:24.105 < Exit [It] verifies that the finalizer has been removed from the build pipelinerun - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:141 @ 04/19/26 14:01:24.114 (8ms) > Enter [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:01:24.114 < Exit [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:01:24.114 (0s) > Enter [It] checks if all of the integrationPipelineRuns passed - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:154 @ 04/19/26 14:01:24.114 Integration test scenario my-integration-test-rlko is found PipelineRun my-integration-test-rlko-jvg2n reason: Succeeded < Exit [It] checks if all of the integrationPipelineRuns passed - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:154 @ 04/19/26 14:01:24.127 (13ms) > Enter [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:01:24.127 < Exit [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:01:24.127 (0s) > Enter [It] checks if the passed status of integration test is reported in the Snapshot - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:158 @ 04/19/26 14:01:24.128 < Exit [It] checks if the passed status of integration test is reported in the Snapshot - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:158 @ 04/19/26 14:01:24.135 (7ms) > Enter [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:01:24.135 < Exit [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:01:24.135 (0s) > Enter [It] checks if the skipped integration test is absent from the Snapshot's status annotation - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:173 @ 04/19/26 14:01:24.136 < Exit [It] checks if the skipped integration test is absent from the Snapshot's status annotation - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:173 @ 04/19/26 14:01:24.142 (7ms) > Enter [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:01:24.143 < Exit [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:01:24.143 (0s) > Enter [It] checks if the finalizer was removed from all of the related Integration pipelineRuns - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:183 @ 04/19/26 14:01:24.143 Integration test scenario my-integration-test-rlko is found < Exit [It] checks if the finalizer was removed from all of the related Integration pipelineRuns - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:183 @ 04/19/26 14:01:24.155 (12ms) > Enter [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:01:24.155 < Exit [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:01:24.155 (0s) > Enter [It] creates a ReleasePlan - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:188 @ 04/19/26 14:01:24.156 IntegrationTestScenario my-integration-test-rlko is found IntegrationTestScenario skipped-its is found < Exit [It] creates a ReleasePlan - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:188 @ 04/19/26 14:01:24.221 (65ms) > Enter [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:01:24.221 < Exit [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:01:24.221 (0s) > Enter [It] creates an snapshot of push event - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:198 @ 04/19/26 14:01:24.222 < Exit [It] creates an snapshot of push event - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:198 @ 04/19/26 14:01:24.241 (19ms) > Enter [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:01:24.241 < Exit [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:01:24.241 (0s) > Enter [It] checks if the global candidate is updated after push event - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:205 @ 04/19/26 14:01:24.242 < Exit [It] checks if the global candidate is updated after push event - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:205 @ 04/19/26 14:01:24.254 (12ms) > Enter [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:01:24.255 < Exit [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:01:24.255 (0s) > Enter [It] checks if all of the integrationPipelineRuns created by push event passed - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:218 @ 04/19/26 14:01:24.255 Integration test scenario my-integration-test-rlko is found PipelineRun my-integration-test-rlko-bqpk9 reason: PipelineRun my-integration-test-rlko-bqpk9 reason: Succeeded < Exit [It] checks if all of the integrationPipelineRuns created by push event passed - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:218 @ 04/19/26 14:01:44.338 (20.082s) > Enter [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:01:44.338 < Exit [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:01:44.338 (0s) > Enter [It] checks if a Release is created successfully - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:222 @ 04/19/26 14:01:44.338 < Exit [It] checks if a Release is created successfully - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:222 @ 04/19/26 14:01:44.346 (7ms) > Enter [AfterAll] with happy path for general flow of Integration service - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:68 @ 04/19/26 14:01:44.346 < Exit [AfterAll] with happy path for general flow of Integration service - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:68 @ 04/19/26 14:01:47.685 (3.34s) > Enter [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:01:47.686 < Exit [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:01:47.686 (0s) > Enter [BeforeAll] with an integration test fail - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:234 @ 04/19/26 14:01:47.686 < Exit [BeforeAll] with an integration test fail - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:234 @ 04/19/26 14:02:00.389 (12.702s) > Enter [It] triggers a build PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:266 @ 04/19/26 14:02:00.389 no pipelinerun found for component test-component-pac-aztgyh (application: integ-app-aikj, namespace: integration2-wnik)PipelineRun test-component-pac-aztgyh-on-pull-request-s4mf4 found for Component integration2-wnik/test-component-pac-aztgyh PipelineRun test-component-pac-aztgyh-on-pull-request-s4mf4 reason: ResolvingTaskRef PipelineRun test-component-pac-aztgyh-on-pull-request-s4mf4 reason: Running PipelineRun test-component-pac-aztgyh-on-pull-request-s4mf4 reason: Running PipelineRun test-component-pac-aztgyh-on-pull-request-s4mf4 reason: Running PipelineRun test-component-pac-aztgyh-on-pull-request-s4mf4 reason: Running PipelineRun test-component-pac-aztgyh-on-pull-request-s4mf4 reason: Running PipelineRun test-component-pac-aztgyh-on-pull-request-s4mf4 reason: Running PipelineRun test-component-pac-aztgyh-on-pull-request-s4mf4 reason: Running PipelineRun test-component-pac-aztgyh-on-pull-request-s4mf4 reason: Running PipelineRun test-component-pac-aztgyh-on-pull-request-s4mf4 reason: Running PipelineRun test-component-pac-aztgyh-on-pull-request-s4mf4 reason: Running PipelineRun test-component-pac-aztgyh-on-pull-request-s4mf4 reason: Running PipelineRun test-component-pac-aztgyh-on-pull-request-s4mf4 reason: Running PipelineRun my-integration-test-yoai-tnqqf reason: Running PipelineRun my-integration-test-yoai-tnqqf reason: Succeeded < Exit [It] triggers a build PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:266 @ 04/19/26 14:07:00.494 (5m0.105s) > Enter [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:07:00.494 < Exit [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:07:00.494 (0s) > Enter [It] should have a related PaC init PR created - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:273 @ 04/19/26 14:07:00.495 < Exit [It] should have a related PaC init PR created - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:273 @ 04/19/26 14:07:00.743 (248ms) > Enter [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:07:00.743 < Exit [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:07:00.743 (0s) > Enter [It] checks if the BuildPipelineRun have the annotation of chains signed - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:292 @ 04/19/26 14:07:00.744 < Exit [It] checks if the BuildPipelineRun have the annotation of chains signed - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:292 @ 04/19/26 14:07:00.76 (16ms) > Enter [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:07:00.76 < Exit [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:07:00.761 (0s) > Enter [It] checks if the Snapshot is created - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:296 @ 04/19/26 14:07:00.761 < Exit [It] checks if the Snapshot is created - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:296 @ 04/19/26 14:07:00.768 (7ms) > Enter [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:07:00.768 < Exit [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:07:00.768 (0s) > Enter [It] checks if the Build PipelineRun got annotated with Snapshot name - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:301 @ 04/19/26 14:07:00.769 < Exit [It] checks if the Build PipelineRun got annotated with Snapshot name - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:301 @ 04/19/26 14:07:00.786 (17ms) > Enter [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:07:00.786 < Exit [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:07:00.786 (0s) > Enter [It] checks if all of the integrationPipelineRuns finished - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:305 @ 04/19/26 14:07:00.787 Integration test scenario my-integration-test-yoai is found PipelineRun my-integration-test-yoai-tnqqf reason: Succeeded < Exit [It] checks if all of the integrationPipelineRuns finished - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:305 @ 04/19/26 14:07:00.799 (12ms) > Enter [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:07:00.8 < Exit [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:07:00.8 (0s) > Enter [It] checks if the failed status of integration test is reported in the Snapshot - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:309 @ 04/19/26 14:07:00.8 < Exit [It] checks if the failed status of integration test is reported in the Snapshot - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:309 @ 04/19/26 14:07:00.81 (9ms) > Enter [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:07:00.81 < Exit [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:07:00.81 (0s) > Enter [It] checks if the skipped integration test is absent from the Snapshot's status annotation - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:324 @ 04/19/26 14:07:00.81 < Exit [It] checks if the skipped integration test is absent from the Snapshot's status annotation - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:324 @ 04/19/26 14:07:00.818 (7ms) > Enter [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:07:00.818 < Exit [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:07:00.818 (0s) > Enter [It] checks if snapshot is marked as failed - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:334 @ 04/19/26 14:07:00.819 < Exit [It] checks if snapshot is marked as failed - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:334 @ 04/19/26 14:07:00.826 (7ms) > Enter [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:07:00.826 < Exit [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:07:00.826 (0s) > Enter [It] checks if the finalizer was removed from all of the related Integration pipelineRuns - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:340 @ 04/19/26 14:07:00.826 Integration test scenario my-integration-test-yoai is found < Exit [It] checks if the finalizer was removed from all of the related Integration pipelineRuns - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:340 @ 04/19/26 14:07:00.902 (75ms) > Enter [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:07:00.902 < Exit [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:07:00.902 (0s) > Enter [It] creates a new IntegrationTestScenario - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:344 @ 04/19/26 14:07:00.903 < Exit [It] creates a new IntegrationTestScenario - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:344 @ 04/19/26 14:07:00.968 (66ms) > Enter [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:07:00.969 < Exit [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:07:00.969 (0s) > Enter [It] updates the Snapshot with the re-run label for the new scenario - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:349 @ 04/19/26 14:07:00.969 < Exit [It] updates the Snapshot with the re-run label for the new scenario - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:349 @ 04/19/26 14:07:00.998 (29ms) > Enter [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:07:00.998 < Exit [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:07:00.998 (0s) > Enter [It] checks if the new integration pipelineRun started - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:358 @ 04/19/26 14:07:00.999 PipelineRun has not been created yet for test scenario %s and snapshot %s/%s my-integration-test-zxmc integration2-wnik integ-app-aikj-20260419-140208-000 < Exit [It] checks if the new integration pipelineRun started - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:358 @ 04/19/26 14:07:21.032 (20.034s) > Enter [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:07:21.032 < Exit [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:07:21.032 (0s) > Enter [It] checks if the re-run label was removed from the Snapshot - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:364 @ 04/19/26 14:07:21.033 < Exit [It] checks if the re-run label was removed from the Snapshot - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:364 @ 04/19/26 14:07:21.04 (7ms) > Enter [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:07:21.04 < Exit [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:07:21.04 (0s) > Enter [It] checks if all integration pipelineRuns finished successfully - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:378 @ 04/19/26 14:07:21.04 Integration test scenario my-integration-test-yoai is found PipelineRun my-integration-test-yoai-tnqqf reason: Succeeded Integration test scenario my-integration-test-zxmc is found PipelineRun my-integration-test-zxmc-slfrw reason: Succeeded < Exit [It] checks if all integration pipelineRuns finished successfully - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:378 @ 04/19/26 14:07:21.06 (20ms) > Enter [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:07:21.06 < Exit [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:07:21.06 (0s) > Enter [It] checks if the name of the re-triggered pipelinerun is reported in the Snapshot - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:382 @ 04/19/26 14:07:21.061 < Exit [It] checks if the name of the re-triggered pipelinerun is reported in the Snapshot - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:382 @ 04/19/26 14:07:21.126 (65ms) > Enter [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:07:21.126 < Exit [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:07:21.126 (0s) > Enter [It] checks if snapshot is still marked as failed - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:399 @ 04/19/26 14:07:21.126 < Exit [It] checks if snapshot is still marked as failed - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:399 @ 04/19/26 14:07:21.134 (7ms) > Enter [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:07:21.134 < Exit [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:07:21.134 (0s) > Enter [It] creates an snapshot of push event - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:406 @ 04/19/26 14:07:21.134 < Exit [It] creates an snapshot of push event - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:406 @ 04/19/26 14:07:21.16 (26ms) > Enter [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:07:21.16 < Exit [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:07:21.16 (0s) > Enter [It] checks no Release CRs are created - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:413 @ 04/19/26 14:07:21.161 < Exit [It] checks no Release CRs are created - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:413 @ 04/19/26 14:07:21.168 (7ms) > Enter [AfterAll] with an integration test fail - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:250 @ 04/19/26 14:07:21.168 < Exit [AfterAll] with an integration test fail - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:250 @ 04/19/26 14:07:25.26 (4.092s) > Enter [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:07:25.26 < Exit [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/integration.go:49 @ 04/19/26 14:07:25.26 (0s) > Enter [BeforeAll] test pac with multiple components using same repository - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:40 @ 04/19/26 13:50:24.373 < Exit [BeforeAll] test pac with multiple components using same repository - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:40 @ 04/19/26 13:50:28.998 (4.625s) > Enter [It] creates component with context directory go-component - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:106 @ 04/19/26 13:50:28.998 Image repository for component go-component-rlpywd in namespace build-e2e-wtjb do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Image repository for component go-component-rlpywd in namespace build-e2e-wtjb do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Image repository for component go-component-rlpywd in namespace build-e2e-wtjb do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. < Exit [It] creates component with context directory go-component - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:106 @ 04/19/26 13:51:09.274 (40.275s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:28 @ 04/19/26 13:51:09.274 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:28 @ 04/19/26 13:51:09.274 (0s) > Enter [It] triggers a PipelineRun for component go-component-rlpywd - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:125 @ 04/19/26 13:51:09.274 PipelineRun has not been created yet for the component build-e2e-wtjb/go-component-rlpywd PipelineRun has not been created yet for the component build-e2e-wtjb/go-component-rlpywd PipelineRun has not been created yet for the component build-e2e-wtjb/go-component-rlpywd PipelineRun has not been created yet for the component build-e2e-wtjb/go-component-rlpywd < Exit [It] triggers a PipelineRun for component go-component-rlpywd - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:125 @ 04/19/26 13:52:29.34 (1m20.065s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:28 @ 04/19/26 13:52:29.34 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:28 @ 04/19/26 13:52:29.34 (0s) > Enter [It] should lead to a PaC PR creation for component go-component-rlpywd - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:140 @ 04/19/26 13:52:29.341 < Exit [It] should lead to a PaC PR creation for component go-component-rlpywd - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:140 @ 04/19/26 13:52:29.714 (374ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:28 @ 04/19/26 13:52:29.714 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:28 @ 04/19/26 13:52:29.714 (0s) > Enter [It] the PipelineRun should eventually finish successfully for component go-component-rlpywd - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:159 @ 04/19/26 13:52:29.715 PipelineRun go-component-rlpywd-on-pull-request-4bgs8 found for Component build-e2e-wtjb/go-component-rlpywd PipelineRun go-component-rlpywd-on-pull-request-4bgs8 reason: Running PipelineRun go-component-rlpywd-on-pull-request-4bgs8 reason: Running PipelineRun go-component-rlpywd-on-pull-request-4bgs8 reason: Running PipelineRun go-component-rlpywd-on-pull-request-4bgs8 reason: Running PipelineRun go-component-rlpywd-on-pull-request-4bgs8 reason: Running PipelineRun go-component-rlpywd-on-pull-request-4bgs8 reason: Running PipelineRun go-component-rlpywd-on-pull-request-4bgs8 reason: Running PipelineRun go-component-rlpywd-on-pull-request-4bgs8 reason: Running PipelineRun go-component-rlpywd-on-pull-request-4bgs8 reason: Running PipelineRun go-component-rlpywd-on-pull-request-4bgs8 reason: Running PipelineRun go-component-rlpywd-on-pull-request-4bgs8 reason: Running PipelineRun go-component-rlpywd-on-pull-request-4bgs8 reason: Running PipelineRun go-component-rlpywd-on-pull-request-4bgs8 reason: Running PipelineRun go-component-rlpywd-on-pull-request-4bgs8 reason: Running PipelineRun go-component-rlpywd-on-pull-request-4bgs8 reason: Running PipelineRun go-component-rlpywd-on-pull-request-4bgs8 reason: Running PipelineRun go-component-rlpywd-on-pull-request-4bgs8 reason: Running PipelineRun go-component-rlpywd-on-pull-request-4bgs8 reason: Running PipelineRun go-component-rlpywd-on-pull-request-4bgs8 reason: Running PipelineRun go-component-rlpywd-on-pull-request-4bgs8 reason: Running PipelineRun go-component-rlpywd-on-pull-request-4bgs8 reason: Running PipelineRun go-component-rlpywd-on-pull-request-4bgs8 reason: Running PipelineRun go-component-rlpywd-on-pull-request-4bgs8 reason: Running PipelineRun go-component-rlpywd-on-pull-request-4bgs8 reason: Running PipelineRun go-component-rlpywd-on-pull-request-4bgs8 reason: Running PipelineRun go-component-rlpywd-on-pull-request-4bgs8 reason: Completed < Exit [It] the PipelineRun should eventually finish successfully for component go-component-rlpywd - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:159 @ 04/19/26 14:00:49.736 (8m20.022s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:28 @ 04/19/26 14:00:49.737 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:28 @ 04/19/26 14:00:49.737 (0s) > Enter [It] merging the PR should be successful - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:164 @ 04/19/26 14:00:49.737 merged result sha: 64cb2bed56e4dedee4e8b7c0aa9f71fb6cb7726c for PR #32444 < Exit [It] merging the PR should be successful - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:164 @ 04/19/26 14:00:51.365 (1.628s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:28 @ 04/19/26 14:00:51.366 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:28 @ 04/19/26 14:00:51.366 (0s) > Enter [It] leads to triggering on push PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:174 @ 04/19/26 14:00:51.366 Push PipelineRun has not been created yet for the component build-e2e-wtjb/go-component-rlpywd < Exit [It] leads to triggering on push PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:174 @ 04/19/26 14:01:11.39 (20.024s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:28 @ 04/19/26 14:01:11.39 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:28 @ 04/19/26 14:01:11.39 (0s) > Enter [It] creates component with context directory python-component - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:106 @ 04/19/26 14:01:11.391 < Exit [It] creates component with context directory python-component - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:106 @ 04/19/26 14:01:21.445 (10.054s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:28 @ 04/19/26 14:01:21.445 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:28 @ 04/19/26 14:01:21.445 (0s) > Enter [It] triggers a PipelineRun for component python-component-ioyxjl - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:125 @ 04/19/26 14:01:21.446 PipelineRun has not been created yet for the component build-e2e-wtjb/python-component-ioyxjl < Exit [It] triggers a PipelineRun for component python-component-ioyxjl - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:125 @ 04/19/26 14:01:41.465 (20.019s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:28 @ 04/19/26 14:01:41.465 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:28 @ 04/19/26 14:01:41.465 (0s) > Enter [It] should lead to a PaC PR creation for component python-component-ioyxjl - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:140 @ 04/19/26 14:01:41.466 < Exit [It] should lead to a PaC PR creation for component python-component-ioyxjl - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:140 @ 04/19/26 14:01:41.771 (306ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:28 @ 04/19/26 14:01:41.772 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:28 @ 04/19/26 14:01:41.772 (0s) > Enter [It] the PipelineRun should eventually finish successfully for component python-component-ioyxjl - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:159 @ 04/19/26 14:01:41.772 PipelineRun python-component-ioyxjl-on-pull-request-9gxj5 found for Component build-e2e-wtjb/python-component-ioyxjl PipelineRun python-component-ioyxjl-on-pull-request-9gxj5 reason: Running PipelineRun python-component-ioyxjl-on-pull-request-9gxj5 reason: Running PipelineRun python-component-ioyxjl-on-pull-request-9gxj5 reason: Running PipelineRun python-component-ioyxjl-on-pull-request-9gxj5 reason: Running PipelineRun python-component-ioyxjl-on-pull-request-9gxj5 reason: Running PipelineRun python-component-ioyxjl-on-pull-request-9gxj5 reason: Running PipelineRun python-component-ioyxjl-on-pull-request-9gxj5 reason: Running PipelineRun python-component-ioyxjl-on-pull-request-9gxj5 reason: Running PipelineRun python-component-ioyxjl-on-pull-request-9gxj5 reason: Running PipelineRun python-component-ioyxjl-on-pull-request-9gxj5 reason: Running PipelineRun python-component-ioyxjl-on-pull-request-9gxj5 reason: Running PipelineRun python-component-ioyxjl-on-pull-request-9gxj5 reason: Running PipelineRun python-component-ioyxjl-on-pull-request-9gxj5 reason: Running PipelineRun python-component-ioyxjl-on-pull-request-9gxj5 reason: Running PipelineRun python-component-ioyxjl-on-pull-request-9gxj5 reason: Running PipelineRun python-component-ioyxjl-on-pull-request-9gxj5 reason: Running PipelineRun python-component-ioyxjl-on-pull-request-9gxj5 reason: Completed < Exit [It] the PipelineRun should eventually finish successfully for component python-component-ioyxjl - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:159 @ 04/19/26 14:07:01.791 (5m20.019s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:28 @ 04/19/26 14:07:01.791 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:28 @ 04/19/26 14:07:01.791 (0s) > Enter [It] merging the PR should be successful - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:164 @ 04/19/26 14:07:01.792 merged result sha: dce24a3a7721f8144f201e13dd35786b8f9538ea for PR #32445 < Exit [It] merging the PR should be successful - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:164 @ 04/19/26 14:07:03.385 (1.593s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:28 @ 04/19/26 14:07:03.385 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:28 @ 04/19/26 14:07:03.385 (0s) > Enter [It] leads to triggering on push PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:174 @ 04/19/26 14:07:03.385 Push PipelineRun has not been created yet for the component build-e2e-wtjb/python-component-ioyxjl < Exit [It] leads to triggering on push PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:174 @ 04/19/26 14:07:23.472 (20.086s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:28 @ 04/19/26 14:07:23.472 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:28 @ 04/19/26 14:07:23.472 (0s) > Enter [It] only one component is changed - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:190 @ 04/19/26 14:07:23.472 PR #32446 got created with sha 80bfb42555fec4d2a6a785b366037a29c6c47f8e < Exit [It] only one component is changed - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:190 @ 04/19/26 14:07:26.13 (2.658s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:28 @ 04/19/26 14:07:26.131 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:28 @ 04/19/26 14:07:26.131 (0s) > Enter [It] only related pipelinerun should be triggered - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:205 @ 04/19/26 14:07:26.131 on pull PiplelineRun has not been created yet for the PR < Exit [It] only related pipelinerun should be triggered - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:205 @ 04/19/26 14:07:46.152 (20.021s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:28 @ 04/19/26 14:07:46.153 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:28 @ 04/19/26 14:07:46.153 (0s) > Enter [BeforeAll] when a components is created with same git url in different namespace - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:223 @ 04/19/26 14:07:46.153 < Exit [BeforeAll] when a components is created with same git url in different namespace - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:223 @ 04/19/26 14:07:57.867 (11.714s) > Enter [It] should fail to configure PaC for the component - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:264 @ 04/19/26 14:07:57.868 build status annotation value: {"pac":{"state":"error","error-id":53,"error-message":"53: Git repository is already handled by Pipelines as Code"},"message":"done"} build status: &{State:error MergeUrl: ConfigurationTime: ErrorInfo:{ErrId:53 ErrMessage:53: Git repository is already handled by Pipelines as Code}} < Exit [It] should fail to configure PaC for the component - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:264 @ 04/19/26 14:07:57.875 (8ms) > Enter [AfterAll] when a components is created with same git url in different namespace - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:253 @ 04/19/26 14:07:57.875 < Exit [AfterAll] when a components is created with same git url in different namespace - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:253 @ 04/19/26 14:07:57.997 (122ms) > Enter [AfterAll] test pac with multiple components using same repository - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:68 @ 04/19/26 14:07:57.997 < Exit [AfterAll] test pac with multiple components using same repository - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:68 @ 04/19/26 14:08:03.963 (5.966s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:28 @ 04/19/26 14:08:03.963 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/multi_component.go:28 @ 04/19/26 14:08:03.963 (0s) > Enter [BeforeAll] HACBS pipelines - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:237 @ 04/19/26 13:50:24.372 "level"=0 "msg"="found credentials for image ref quay.io/redhat-appstudio-qe/test-images:pipeline-bundle-1776606630-gpyr -> user: redhat-appstudio-qe+redhat_appstudio_quality" Image repository for component test-comp-iwsw in namespace build-e2e-kzwe do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Image repository for component test-comp-iwsw in namespace build-e2e-kzwe do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Image repository for component test-comp-iwsw in namespace build-e2e-kzwe do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Created component for scenario sample-python-basic-oci: component: test-comp-iwsw, repo: https://github.com/redhat-appstudio-qe/devfile-sample-python-basic, baseBranchName: base-kubfzl, pacBranchName: konflux-test-comp-iwsw "level"=0 "msg"="found credentials for image ref quay.io/redhat-appstudio-qe/test-images:pipeline-bundle-1776606672-meot -> user: redhat-appstudio-qe+redhat_appstudio_quality" Image repository for component test-comp-yssu in namespace build-e2e-kzwe do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Image repository for component test-comp-yssu in namespace build-e2e-kzwe do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Created component for scenario sample-python-basic-oci: component: test-comp-yssu, repo: https://github.com/redhat-appstudio-qe/devfile-sample-python-basic, baseBranchName: base-zzyuef, pacBranchName: konflux-test-comp-yssu "level"=0 "msg"="found credentials for image ref quay.io/redhat-appstudio-qe/test-images:pipeline-bundle-1776606705-incg -> user: redhat-appstudio-qe+redhat_appstudio_quality" Image repository for component test-comp-lskn in namespace build-e2e-kzwe do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Created component for scenario sample-python-basic-oci: component: test-comp-lskn, repo: https://github.com/redhat-appstudio-qe/devfile-sample-python-basic, baseBranchName: base-qildeb, pacBranchName: konflux-test-comp-lskn Created component for scenario sample-python-basic-oci: component: test-symlink-comp-fbve, repo: https://github.com/redhat-appstudio-qe/devfile-sample-python-basic, baseBranchName: base-jgidmp, pacBranchName: konflux-test-symlink-comp-fbve < Exit [BeforeAll] HACBS pipelines - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:237 @ 04/19/26 13:52:17.735 (1m53.363s) > Enter [It] triggers PipelineRun for symlink component with source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic with component name test-symlink-comp-fbve - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:325 @ 04/19/26 13:52:17.736 PipelineRun has not been created yet for Component build-e2e-kzwe/test-symlink-comp-fbve PipelineRun has not been created yet for Component build-e2e-kzwe/test-symlink-comp-fbve < Exit [It] triggers PipelineRun for symlink component with source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic with component name test-symlink-comp-fbve - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:325 @ 04/19/26 13:52:57.973 (40.237s) > Enter [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 13:52:57.973 < Exit [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 13:52:57.973 (0s) > Enter [It] scenario sample-python-basic-oci triggers PipelineRun for component with source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic and Pipeline docker-build - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:338 @ 04/19/26 13:52:57.974 < Exit [It] scenario sample-python-basic-oci triggers PipelineRun for component with source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic and Pipeline docker-build - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:338 @ 04/19/26 13:52:58.057 (84ms) > Enter [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 13:52:58.057 < Exit [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 13:52:58.057 (0s) > Enter [It] scenario sample-python-basic-oci triggers PipelineRun for component with source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic and Pipeline docker-build-oci-ta - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:338 @ 04/19/26 13:52:58.058 < Exit [It] scenario sample-python-basic-oci triggers PipelineRun for component with source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic and Pipeline docker-build-oci-ta - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:338 @ 04/19/26 13:52:58.156 (98ms) > Enter [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 13:52:58.156 < Exit [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 13:52:58.156 (0s) > Enter [It] scenario sample-python-basic-oci triggers PipelineRun for component with source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic and Pipeline docker-build-oci-ta-min - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:338 @ 04/19/26 13:52:58.157 < Exit [It] scenario sample-python-basic-oci triggers PipelineRun for component with source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic and Pipeline docker-build-oci-ta-min - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:338 @ 04/19/26 13:52:58.248 (91ms) > Enter [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 13:52:58.248 < Exit [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 13:52:58.248 (0s) > Enter [It] should eventually finish successfully for component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic and Pipeline docker-build-oci-ta-min - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:356 @ 04/19/26 13:52:58.249 PipelineRun test-comp-lskn-on-pull-request-6vp5r found for Component build-e2e-kzwe/test-comp-lskn PipelineRun test-comp-lskn-on-pull-request-6vp5r reason: Running PipelineRun test-comp-lskn-on-pull-request-6vp5r reason: Running PipelineRun test-comp-lskn-on-pull-request-6vp5r reason: Running PipelineRun test-comp-lskn-on-pull-request-6vp5r reason: Running PipelineRun test-comp-lskn-on-pull-request-6vp5r reason: Running PipelineRun test-comp-lskn-on-pull-request-6vp5r reason: Running PipelineRun test-comp-lskn-on-pull-request-6vp5r reason: Running PipelineRun test-comp-lskn-on-pull-request-6vp5r reason: Running PipelineRun test-comp-lskn-on-pull-request-6vp5r reason: Running PipelineRun test-comp-lskn-on-pull-request-6vp5r reason: Running PipelineRun test-comp-lskn-on-pull-request-6vp5r reason: Running PipelineRun test-comp-lskn-on-pull-request-6vp5r reason: Running PipelineRun test-comp-lskn-on-pull-request-6vp5r reason: Running PipelineRun test-comp-lskn-on-pull-request-6vp5r reason: Running PipelineRun test-comp-lskn-on-pull-request-6vp5r reason: Running PipelineRun test-comp-lskn-on-pull-request-6vp5r reason: Running PipelineRun test-comp-lskn-on-pull-request-6vp5r reason: Running PipelineRun test-comp-lskn-on-pull-request-6vp5r reason: Running PipelineRun test-comp-lskn-on-pull-request-6vp5r reason: Running PipelineRun test-comp-lskn-on-pull-request-6vp5r reason: Running PipelineRun test-comp-lskn-on-pull-request-6vp5r reason: Running PipelineRun test-comp-lskn-on-pull-request-6vp5r reason: Running PipelineRun test-comp-lskn-on-pull-request-6vp5r reason: Running PipelineRun test-comp-lskn-on-pull-request-6vp5r reason: Running PipelineRun test-comp-lskn-on-pull-request-6vp5r reason: Running PipelineRun test-comp-lskn-on-pull-request-6vp5r reason: Running PipelineRun test-comp-lskn-on-pull-request-6vp5r reason: Succeeded < Exit [It] should eventually finish successfully for component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic and Pipeline docker-build-oci-ta-min - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:356 @ 04/19/26 14:01:38.279 (8m40.03s) > Enter [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:01:38.279 < Exit [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:01:38.279 (0s) > Enter [It] should push Dockerfile to registry - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:366 @ 04/19/26 14:01:38.28 [SKIPPED] Skipping DockerBuildOciTAMin build, which does not push Dockerfile to registry In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:369 @ 04/19/26 14:01:38.28 < Exit [It] should push Dockerfile to registry - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:366 @ 04/19/26 14:01:38.28 (0s) > Enter [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:01:38.28 < Exit [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:01:38.28 (0s) > Enter [It] floating tags are created successfully - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:378 @ 04/19/26 14:01:38.28 [SKIPPED] floating tag validation is not needed for: https://github.com/redhat-appstudio-qe/devfile-sample-python-basic In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:380 @ 04/19/26 14:01:38.28 < Exit [It] floating tags are created successfully - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:378 @ 04/19/26 14:01:38.28 (0s) > Enter [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:01:38.28 < Exit [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:01:38.28 (0s) > Enter [It] image manifest mediaType is correct - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:395 @ 04/19/26 14:01:38.281 < Exit [It] image manifest mediaType is correct - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:395 @ 04/19/26 14:01:38.624 (344ms) > Enter [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:01:38.625 < Exit [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:01:38.625 (0s) > Enter [It] check for source images if enabled in pipeline - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:420 @ 04/19/26 14:01:38.625 This is DockerBuildOciTAMin build, which does not require source container build. [SKIPPED] Skiping DockerBuildOciTAMin build test-comp-lskn-on-pull-request-6vp5r In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:433 @ 04/19/26 14:01:38.638 < Exit [It] check for source images if enabled in pipeline - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:420 @ 04/19/26 14:01:38.638 (13ms) > Enter [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:01:38.638 < Exit [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:01:38.638 (0s) > Enter [BeforeAll] when Pipeline Results are stored for component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic and Pipeline docker-build-oci-ta-min - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:477 @ 04/19/26 14:01:38.639 < Exit [BeforeAll] when Pipeline Results are stored for component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic and Pipeline docker-build-oci-ta-min - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:477 @ 04/19/26 14:01:38.738 (99ms) > Enter [It] should have Pipeline Records - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:498 @ 04/19/26 14:01:38.738 records for PipelineRun test-comp-lskn-on-pull-request-6vp5r: &{[{build-e2e-kzwe/results/b599ba39-f6b4-4448-832d-a8b64e99e8e3/records/adf72067-289e-483d-ac2e-ab5c88f9f3ec 0aaa3c3e-cbde-483d-b5ad-6908f19a01d8 0aaa3c3e-cbde-483d-b5ad-6908f19a01d8} {build-e2e-kzwe/results/b599ba39-f6b4-4448-832d-a8b64e99e8e3/records/93089984-1ff9-4236-8f0b-b478c4806919 3413539e-da90-4c5b-affe-aedd92d4f88e 3413539e-da90-4c5b-affe-aedd92d4f88e} {build-e2e-kzwe/results/b599ba39-f6b4-4448-832d-a8b64e99e8e3/records/2f7df007-8020-4d63-bc75-c1a7c5ca3f35 4398becf-1b74-4008-b21e-9176256b7c0d 4398becf-1b74-4008-b21e-9176256b7c0d} {build-e2e-kzwe/results/b599ba39-f6b4-4448-832d-a8b64e99e8e3/records/07e5d634-cc74-405b-867b-ad962bfd58b0 5321e3a5-13e2-4396-90b3-7ca51af3328e 5321e3a5-13e2-4396-90b3-7ca51af3328e} {build-e2e-kzwe/results/b599ba39-f6b4-4448-832d-a8b64e99e8e3/records/be57db25-5995-4a40-bdc0-46954133e963 55c52d23-d6bc-412b-9f34-54ab47f1ef45 55c52d23-d6bc-412b-9f34-54ab47f1ef45} {build-e2e-kzwe/results/b599ba39-f6b4-4448-832d-a8b64e99e8e3/records/011bf613-b358-4d62-b4a1-702c2564293b 5923ef46-43df-41a6-843a-3a283a4998b4 5923ef46-43df-41a6-843a-3a283a4998b4} {build-e2e-kzwe/results/b599ba39-f6b4-4448-832d-a8b64e99e8e3/records/d50f39fd-6233-475a-898f-7f3968e2104d 87b50412-b7c4-4371-8509-2f4824b163a9 87b50412-b7c4-4371-8509-2f4824b163a9} {build-e2e-kzwe/results/b599ba39-f6b4-4448-832d-a8b64e99e8e3/records/776658d4-5533-4a92-b9f8-b679e37736ae da819d30-96cf-4330-986a-eac04850db2d da819d30-96cf-4330-986a-eac04850db2d} {build-e2e-kzwe/results/b599ba39-f6b4-4448-832d-a8b64e99e8e3/records/0b8edf28-f1f8-4a2c-b293-52b9d1c2acf5 eef95652-5957-4a4b-aad4-bd1039fc6b0b eef95652-5957-4a4b-aad4-bd1039fc6b0b} {build-e2e-kzwe/results/b599ba39-f6b4-4448-832d-a8b64e99e8e3/records/d877b2df-442a-4a75-8b1c-f2444ed1d64f f06b6b2e-8c38-49c9-bc2d-acefdb6df617 f06b6b2e-8c38-49c9-bc2d-acefdb6df617}]} < Exit [It] should have Pipeline Records - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:498 @ 04/19/26 14:01:38.854 (116ms) > Enter [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:01:38.854 < Exit [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:01:38.854 (0s) > Enter [It] should validate tekton taskrun test results for component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic and Pipeline docker-build-oci-ta-min - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:540 @ 04/19/26 14:01:38.855 < Exit [It] should validate tekton taskrun test results for component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic and Pipeline docker-build-oci-ta-min - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:540 @ 04/19/26 14:01:38.886 (31ms) > Enter [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:01:38.886 < Exit [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:01:38.886 (0s) > Enter [BeforeAll] when the container image for component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic is created and pushed to container registry - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:550 @ 04/19/26 14:01:38.887 < Exit [BeforeAll] when the container image for component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic is created and pushed to container registry - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:550 @ 04/19/26 14:01:38.896 (10ms) > Enter [It] should have Hermeto content in the SBOM in case the build was hermetic - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:661 @ 04/19/26 14:01:38.896 [SKIPPED] Hermetic build is not enabled, skipping the test In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:663 @ 04/19/26 14:01:38.897 < Exit [It] should have Hermeto content in the SBOM in case the build was hermetic - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:661 @ 04/19/26 14:01:38.897 (0s) > Enter [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:01:38.897 < Exit [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:01:38.897 (0s) > Enter [It] should eventually finish successfully for component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic and Pipeline docker-build - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:356 @ 04/19/26 14:01:38.897 PipelineRun test-comp-iwsw-on-pull-request-cqm7h found for Component build-e2e-kzwe/test-comp-iwsw PipelineRun test-comp-iwsw-on-pull-request-cqm7h reason: Failed attempt 1/3: PipelineRun "test-comp-iwsw-on-pull-request-cqm7h" failed: pod: test-comp-iwsw-on-pull-requ54bccf7c5d7974d43404e79366fafcb9-pod | init container: prepare 2026/04/19 13:54:50 Entrypoint initialization pod: test-comp-iwsw-on-pull-requ54bccf7c5d7974d43404e79366fafcb9-pod | init container: place-scripts 2026/04/19 13:54:51 Decoded script /tekton/scripts/script-0-nxkvr 2026/04/19 13:54:51 Decoded script /tekton/scripts/script-1-zkwr4 2026/04/19 13:54:51 Decoded script /tekton/scripts/script-2-ztl7r 2026/04/19 13:54:51 Decoded script /tekton/scripts/script-3-kcb2t 2026/04/19 13:54:51 Decoded script /tekton/scripts/script-4-shhxd 2026/04/19 13:54:51 Decoded script /tekton/scripts/script-5-knjv9 pod: test-comp-iwsw-on-pull-requ54bccf7c5d7974d43404e79366fafcb9-pod | container step-introspect: Artifact type will be determined by introspection. Checking the media type of the OCI artifact... [retry] executing: skopeo inspect --raw --retry-times 3 docker://quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw:on-pr-d2388fe1871d355bc27342e92fa9ff21797dba3e The media type of the OCI artifact is application/vnd.oci.image.manifest.v1+json. Looking for image labels that indicate this might be an operator bundle... [retry] executing: skopeo inspect --retry-times 3 docker://quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw:on-pr-d2388fe1871d355bc27342e92fa9ff21797dba3e Found 0 matching labels. Expecting 3 or more to identify this image as an operator bundle. Introspection concludes that this artifact is of type "application". pod: test-comp-iwsw-on-pull-requ54bccf7c5d7974d43404e79366fafcb9-pod | container step-generate-container-auth: Selecting auth for quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw:on-pr-d2388fe1871d355bc27342e92fa9ff21797dba3e Using token for quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw Auth json written to "/auth/auth.json". pod: test-comp-iwsw-on-pull-requ54bccf7c5d7974d43404e79366fafcb9-pod | container step-set-skip-for-bundles: 2026/04/19 13:56:50 INFO Step was skipped due to when expressions were evaluated to false. pod: test-comp-iwsw-on-pull-requ54bccf7c5d7974d43404e79366fafcb9-pod | container step-app-check: time="2026-04-19T13:56:51Z" level=info msg="certification library version" version="1.17.1 <commit: f7de82ae1c76e6c10ea94967d6b6a66f96248cbe>" time="2026-04-19T13:56:51Z" level=info msg="running checks for quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw:on-pr-d2388fe1871d355bc27342e92fa9ff21797dba3e for platform amd64" time="2026-04-19T13:56:51Z" level=info msg="target image" image="quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw:on-pr-d2388fe1871d355bc27342e92fa9ff21797dba3e" time="2026-04-19T13:56:56Z" level=error msg="could not get rpm list, continuing without it" error="could not find rpm db/packages: stat /tmp/preflight-2698635784/fs/usr/lib/sysimage/rpm/rpmdb.sqlite: no such file or directory\nstat /tmp/preflight-2698635784/fs/var/lib/rpm/rpmdb.sqlite: no such file or directory\nstat /tmp/preflight-2698635784/fs/var/lib/rpm/Packages: no such file or directory" time="2026-04-19T13:56:56Z" level=info msg="warning: licenses directory does not exist or all of its children are empty directories: error when checking for /licenses: stat /tmp/preflight-2698635784/fs/licenses: no such file or directory" check=HasLicense time="2026-04-19T13:56:56Z" level=info msg="check completed" check=HasLicense result=FAILED time="2026-04-19T13:56:56Z" level=info msg="check completed" check=HasUniqueTag result=PASSED time="2026-04-19T13:56:56Z" level=info msg="check completed" check=LayerCountAcceptable result=PASSED time="2026-04-19T13:56:56Z" level=info msg="check completed" check=HasNoProhibitedPackages err="unable to get a list of all packages in the image: could not get rpm list: could not find rpm db/packages: stat /tmp/preflight-2698635784/fs/usr/lib/sysimage/rpm/rpmdb.sqlite: no such file or directory\nstat /tmp/preflight-2698635784/fs/var/lib/rpm/rpmdb.sqlite: no such file or directory\nstat /tmp/preflight-2698635784/fs/var/lib/rpm/Packages: no such file or directory" result=ERROR time="2026-04-19T13:56:56Z" level=info msg="check completed" check=HasRequiredLabel result=FAILED time="2026-04-19T13:56:56Z" level=info msg="detected empty USER. Presumed to be running as root" check=RunAsNonRoot time="2026-04-19T13:56:56Z" level=info msg="USER value must be provided and be a non-root value for this check to pass" check=RunAsNonRoot time="2026-04-19T13:56:56Z" level=info msg="check completed" check=RunAsNonRoot result=FAILED time="2026-04-19T13:57:01Z" level=info msg="check completed" check=HasModifiedFiles result=PASSED time="2026-04-19T13:57:01Z" level=info msg="check completed" check=BasedOnUbi result=FAILED time="2026-04-19T13:57:01Z" level=info msg="This image's tag on-pr-d2388fe1871d355bc27342e92fa9ff21797dba3e will be paired with digest sha256:adf29095c733ccbf19246873768b13ac251c03ff8802aa304c072f44803c27e6 once this image has been published in accordance with Red Hat Certification policy. You may then add or remove any supplemental tags through your Red Hat Connect portal as you see fit." { "image": "quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw:on-pr-d2388fe1871d355bc27342e92fa9ff21797dba3e", "passed": false, "test_library": { "name": "github.com/redhat-openshift-ecosystem/openshift-preflight", "version": "1.17.1", "commit": "f7de82ae1c76e6c10ea94967d6b6a66f96248cbe" }, "results": { "passed": [ { "name": "HasUniqueTag", "elapsed_time": 0, "description": "Checking if container has a tag other than 'latest', so that the image can be uniquely identified." }, { "name": "LayerCountAcceptable", "elapsed_time": 0, "description": "Checking if container has less than 40 layers. Too many layers within the container images can degrade container performance." }, { "name": "HasModifiedFiles", "elapsed_time": 4426, "description": "Checks that no files installed via RPM in the base Red Hat layer have been modified" } ], "failed": [ { "name": "HasLicense", "elapsed_time": 0, "description": "Checking if terms and conditions applicable to the software including open source licensing information are present. The license must be at /licenses", "help": "Check HasLicense encountered an error. Please review the preflight.log file for more information.", "suggestion": "Create a directory named /licenses and include all relevant licensing and/or terms and conditions as text file(s) in that directory.", "knowledgebase_url": "https://access.redhat.com/documentation/en-us/red_hat_software_certification/2024/html-single/red_hat_openshift_software_certification_policy_guide/index#assembly-requirements-for-container-images_openshift-sw-cert-policy-introduction", "check_url": "https://access.redhat.com/documentation/en-us/red_hat_software_certification/2024/html-single/red_hat_openshift_software_certification_policy_guide/index#assembly-requirements-for-container-images_openshift-sw-cert-policy-introduction" }, { "name": "HasRequiredLabel", "elapsed_time": 0, "description": "Checking if the required labels (name, vendor, version, release, summary, description, maintainer) are present in the container metadata", "help": "Check HasRequiredLabel encountered an error. Please review the preflight.log file for more information.", "suggestion": "Add the following labels to your Dockerfile or Containerfile: name, vendor, version, release, summary, description, maintainer.", "knowledgebase_url": "https://access.redhat.com/documentation/en-us/red_hat_software_certification/2024/html-single/red_hat_openshift_software_certification_policy_guide/index#assembly-requirements-for-container-images_openshift-sw-cert-policy-introduction", "check_url": "https://access.redhat.com/documentation/en-us/red_hat_software_certification/2024/html-single/red_hat_openshift_software_certification_policy_guide/index#assembly-requirements-for-container-images_openshift-sw-cert-policy-introduction" }, { "name": "RunAsNonRoot", "elapsed_time": 0, "description": "Checking if container runs as the root user because a container that does not specify a non-root user will fail the automatic certification, and will be subject to a manual review before the container can be approved for publication", "help": "Check RunAsNonRoot encountered an error. Please review the preflight.log file for more information.", "suggestion": "Indicate a specific USER in the dockerfile or containerfile", "knowledgebase_url": "https://access.redhat.com/documentation/en-us/red_hat_software_certification/2024/html-single/red_hat_openshift_software_certification_policy_guide/index#assembly-requirements-for-container-images_openshift-sw-cert-policy-introduction", "check_url": "https://access.redhat.com/documentation/en-us/red_hat_software_certification/2024/html-single/red_hat_openshift_software_certification_policy_guide/index#assembly-requirements-for-container-images_openshift-sw-cert-policy-introduction" }, { "name": "BasedOnUbi", "elapsed_time": 404, "description": "Checking if the container's base image is based upon the Red Hat Universal Base Image (UBI)", "help": "Check BasedOnUbi encountered an error. Please review the preflight.log file for more information.", "suggestion": "Change the FROM directive in your Dockerfile or Containerfile, for the latest list of images and details refer to: https://catalog.redhat.com/software/base-images", "knowledgebase_url": "https://access.redhat.com/documentation/en-us/red_hat_software_certification/2024/html-single/red_hat_openshift_software_certification_policy_guide/index#assembly-requirements-for-container-images_openshift-sw-cert-policy-introduction", "check_url": "https://access.redhat.com/documentation/en-us/red_hat_software_certification/2024/html-single/red_hat_openshift_software_certification_policy_guide/index#assembly-requirements-for-container-images_openshift-sw-cert-policy-introduction" } ], "errors": [ { "name": "HasNoProhibitedPackages", "elapsed_time": 0, "description": "Checks to ensure that the image in use does not include prohibited packages, such as Red Hat Enterprise Linux (RHEL) kernel packages.", "help": "Check HasNoProhibitedPackages encountered an error. Please review the preflight.log file for more information." } ] } } time="2026-04-19T13:57:01Z" level=info msg="Preflight result: FAILED" pod: test-comp-iwsw-on-pull-requ54bccf7c5d7974d43404e79366fafcb9-pod | container step-app-set-outcome: {"result":"ERROR","timestamp":"1776607021","note":"Task preflight is a ERROR: Refer to Tekton task logs for more information","successes":3,"failures":4,"warnings":0}[retry] executing: skopeo inspect --raw --retry-times 3 docker://quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw:on-pr-d2388fe1871d355bc27342e92fa9ff21797dba3e pod: test-comp-iwsw-on-pull-requ54bccf7c5d7974d43404e79366fafcb9-pod | container step-final-outcome: + [[ ! -f /mount/konflux.results.json ]] + tee /tekton/steps/step-final-outcome/results/test-output {"result":"ERROR","timestamp":"1776607021","note":"Task preflight is a ERROR: Refer to Tekton task logs for more information","successes":3,"failures":4,"warnings":0} pod: test-comp-iwsw-on-pull-request-cqm7h-apply-tags-pod | init container: prepare 2026/04/19 13:54:50 Entrypoint initialization pod: test-comp-iwsw-on-pull-request-cqm7h-apply-tags-pod | container step-apply-additional-tags: time="2026-04-19T13:54:53Z" level=info msg="[param] image-url: quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw:on-pr-d2388fe1871d355bc27342e92fa9ff21797dba3e" time="2026-04-19T13:54:53Z" level=info msg="[param] digest: sha256:adf29095c733ccbf19246873768b13ac251c03ff8802aa304c072f44803c27e6" time="2026-04-19T13:54:53Z" level=info msg="[param] tags-from-image-label: konflux.additional-tags" time="2026-04-19T13:54:54Z" level=warning msg="No tags given in 'konflux.additional-tags' image label" {"tags":[]} pod: test-comp-iwsw-on-pull-request-cqm7h-build-container-pod | init container: prepare 2026/04/19 13:53:06 Entrypoint initialization pod: test-comp-iwsw-on-pull-request-cqm7h-build-container-pod | init container: place-scripts 2026/04/19 13:53:07 Decoded script /tekton/scripts/script-0-hbpsf 2026/04/19 13:53:07 Decoded script /tekton/scripts/script-1-4wbww 2026/04/19 13:53:07 Decoded script /tekton/scripts/script-2-c7glj 2026/04/19 13:53:07 Decoded script /tekton/scripts/script-3-gsg96 2026/04/19 13:53:07 Decoded script /tekton/scripts/script-4-fwz85 pod: test-comp-iwsw-on-pull-request-cqm7h-build-container-pod | init container: working-dir-initializer pod: test-comp-iwsw-on-pull-request-cqm7h-build-container-pod | container step-build: [2026-04-19T13:53:12,317040219+00:00] Validate context path [2026-04-19T13:53:12,320681271+00:00] Update CA trust [2026-04-19T13:53:12,322019999+00:00] Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2026-04-19T13:53:14,540991839+00:00] Prepare Dockerfile Checking if /var/workdir/cachi2/output/bom.json exists. Could not find prefetched sbom. No content_sets found for ICM [2026-04-19T13:53:14,548074635+00:00] Prepare system (architecture: x86_64) [2026-04-19T13:53:14,658762091+00:00] Setup prefetched Trying to pull quay.io/devfile/python:slim... Getting image source signatures Copying blob sha256:0f372def914e585a52a46de64d0ed00b960c02f5f81a307d673e73b404203d61 Copying blob sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb Copying blob sha256:2f9c09f7c02f4403f9ec5313e53e63eafe6cd43993457b810ce1b9642812daec Copying blob sha256:778656c04542093db6d3b6e07bffbcf6ec4b24709276be7cdf177fcb3666663a Copying blob sha256:30fb943195a7f7cee90a9c67461c338d1d76a7004d2f94792b774ef71d875a02 Copying config sha256:04f51101c1b979fb8a45a5332bfa8ed2c60f613ea396c3edd40f3d91702b24ef Writing manifest to image destination [2026-04-19T13:53:33,033658287+00:00] Unsetting proxy { "architecture": "x86_64", "vcs-type": "git", "vcs-ref": "d2388fe1871d355bc27342e92fa9ff21797dba3e", "org.opencontainers.image.revision": "d2388fe1871d355bc27342e92fa9ff21797dba3e", "org.opencontainers.image.source": "https://github.com/redhat-appstudio-qe/devfile-sample-python-basic", "quay.expires-after": "6h", "build-date": "2026-04-19T13:53:14Z", "org.opencontainers.image.created": "2026-04-19T13:53:14Z", "io.buildah.version": "1.42.2" } [2026-04-19T13:53:33,096318114+00:00] Register sub-man Adding the entitlement to the build [2026-04-19T13:53:33,100848492+00:00] Add secrets [2026-04-19T13:53:33,110667699+00:00] Run buildah build [2026-04-19T13:53:33,112201129+00:00] buildah build --volume /tmp/entitlement:/etc/pki/entitlement --security-opt=unmask=/proc/interrupts --label architecture=x86_64 --label vcs-type=git --label vcs-ref=d2388fe1871d355bc27342e92fa9ff21797dba3e --label org.opencontainers.image.revision=d2388fe1871d355bc27342e92fa9ff21797dba3e --label org.opencontainers.image.source=https://github.com/redhat-appstudio-qe/devfile-sample-python-basic --label quay.expires-after=6h --label build-date=2026-04-19T13:53:14Z --label org.opencontainers.image.created=2026-04-19T13:53:14Z --annotation org.opencontainers.image.revision=d2388fe1871d355bc27342e92fa9ff21797dba3e --annotation org.opencontainers.image.source=https://github.com/redhat-appstudio-qe/devfile-sample-python-basic --annotation org.opencontainers.image.created=2026-04-19T13:53:14Z --tls-verify=true --no-cache --ulimit nofile=4096:4096 --http-proxy=false -f /tmp/Dockerfile.nvUrdO -t quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw:on-pr-d2388fe1871d355bc27342e92fa9ff21797dba3e . STEP 1/11: FROM quay.io/devfile/python:slim STEP 2/11: EXPOSE 8081/tcp STEP 3/11: ENV FLASK_PORT=8081 STEP 4/11: WORKDIR /projects STEP 5/11: COPY requirements.txt . STEP 6/11: RUN pip install -r requirements.txt Collecting Flask==2.1.0 Downloading Flask-2.1.0-py3-none-any.whl (95 kB) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 95.2/95.2 kB 22.7 MB/s eta 0:00:00 Collecting Werkzeug>=2.0 Downloading werkzeug-3.1.8-py3-none-any.whl (226 kB) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 226.5/226.5 kB 94.6 MB/s eta 0:00:00 Collecting Jinja2>=3.0 Downloading jinja2-3.1.6-py3-none-any.whl (134 kB) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 134.9/134.9 kB 96.5 MB/s eta 0:00:00 Collecting itsdangerous>=2.0 Downloading itsdangerous-2.2.0-py3-none-any.whl (16 kB) Collecting click>=8.0 Downloading click-8.3.2-py3-none-any.whl (108 kB) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 108.4/108.4 kB 71.0 MB/s eta 0:00:00 Collecting MarkupSafe>=2.0 Downloading markupsafe-3.0.3-cp311-cp311-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl (22 kB) Installing collected packages: MarkupSafe, itsdangerous, click, Werkzeug, Jinja2, Flask Successfully installed Flask-2.1.0 Jinja2-3.1.6 MarkupSafe-3.0.3 Werkzeug-3.1.8 click-8.3.2 itsdangerous-2.2.0 WARNING: Running pip as the 'root' user can result in broken permissions and conflicting behaviour with the system package manager. It is recommended to use a virtual environment instead: https://pip.pypa.io/warnings/venv [notice] A new release of pip available: 22.3.1 -> 26.0.1 [notice] To update, run: pip install --upgrade pip STEP 7/11: COPY . . STEP 8/11: CMD [ "python", "./app.py" ] STEP 9/11: COPY labels.json /usr/share/buildinfo/labels.json STEP 10/11: COPY labels.json /root/buildinfo/labels.json STEP 11/11: LABEL "architecture"="x86_64" "vcs-type"="git" "vcs-ref"="d2388fe1871d355bc27342e92fa9ff21797dba3e" "org.opencontainers.image.revision"="d2388fe1871d355bc27342e92fa9ff21797dba3e" "org.opencontainers.image.source"="https://github.com/redhat-appstudio-qe/devfile-sample-python-basic" "quay.expires-after"="6h" "build-date"="2026-04-19T13:53:14Z" "org.opencontainers.image.created"="2026-04-19T13:53:14Z" COMMIT quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw:on-pr-d2388fe1871d355bc27342e92fa9ff21797dba3e --> a9cb738a84c6 Successfully tagged quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw:on-pr-d2388fe1871d355bc27342e92fa9ff21797dba3e a9cb738a84c62f7fd16213bb35e2d674152e86320a80c133f85257194e821bf8 [2026-04-19T13:53:37,618007623+00:00] Unsetting proxy [2026-04-19T13:53:37,619921405+00:00] Add metadata Recording base image digests used quay.io/devfile/python:slim quay.io/devfile/python:slim@sha256:54924a2ee4a2ef17028ae076ce38e59b3f4054353a5c9f9318dfaee60377532c Getting image source signatures Copying blob sha256:a47feb245a29b23fa654ddd0be06af9fe75cd7f7000b5fd8ddf733bc64cafdc4 Copying blob sha256:d9892173749de078dfb702835e9e3858aff86e7447fb11c5a2f2c6bb10f882f6 Copying blob sha256:0a7eaca7a2e7e116a5658c409ea2ceb98226b7481a3b0f90c8d94d9f230fe238 Copying blob sha256:b5ebffba54d3e3f7fd80435fcdc34c4a96fdb2ecab0f0a298fe08f74c2f69d29 Copying blob sha256:d326469892d974408d96f1e02d64dce10d20f88613688af11e99e3e22523beeb Copying blob sha256:609bcd29c7943a6667e3204bfa5b86a07d255f78ebc26d4c4e8981b335ac3b9a Copying config sha256:a9cb738a84c62f7fd16213bb35e2d674152e86320a80c133f85257194e821bf8 Writing manifest to image destination [2026-04-19T13:53:39,648636387+00:00] End build pod: test-comp-iwsw-on-pull-request-cqm7h-build-container-pod | container step-push: [2026-04-19T13:53:39,685217185+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2026-04-19T13:53:42,054421586+00:00] Convert image [2026-04-19T13:53:42,055481099+00:00] Push image with unique tag Pushing to quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw:test-comp-iwsw-on-pull-request-cqm7h-build-container [retry] executing: buildah push --format=oci --retry 3 --tls-verify=true quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw:on-pr-d2388fe1871d355bc27342e92fa9ff21797dba3e docker://quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw:test-comp-iwsw-on-pull-request-cqm7h-build-container Getting image source signatures Copying blob sha256:a47feb245a29b23fa654ddd0be06af9fe75cd7f7000b5fd8ddf733bc64cafdc4 Copying blob sha256:d9892173749de078dfb702835e9e3858aff86e7447fb11c5a2f2c6bb10f882f6 Copying blob sha256:b5ebffba54d3e3f7fd80435fcdc34c4a96fdb2ecab0f0a298fe08f74c2f69d29 Copying blob sha256:d326469892d974408d96f1e02d64dce10d20f88613688af11e99e3e22523beeb Copying blob sha256:0a7eaca7a2e7e116a5658c409ea2ceb98226b7481a3b0f90c8d94d9f230fe238 Copying blob sha256:609bcd29c7943a6667e3204bfa5b86a07d255f78ebc26d4c4e8981b335ac3b9a Copying config sha256:a9cb738a84c62f7fd16213bb35e2d674152e86320a80c133f85257194e821bf8 Writing manifest to image destination [2026-04-19T13:54:00,755871956+00:00] Push image with git revision Pushing to quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw:on-pr-d2388fe1871d355bc27342e92fa9ff21797dba3e [retry] executing: buildah push --format=oci --retry 3 --tls-verify=true --digestfile /workspace/source/image-digest quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw:on-pr-d2388fe1871d355bc27342e92fa9ff21797dba3e docker://quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw:on-pr-d2388fe1871d355bc27342e92fa9ff21797dba3e Getting image source signatures Copying blob sha256:a47feb245a29b23fa654ddd0be06af9fe75cd7f7000b5fd8ddf733bc64cafdc4 Copying blob sha256:0a7eaca7a2e7e116a5658c409ea2ceb98226b7481a3b0f90c8d94d9f230fe238 Copying blob sha256:d326469892d974408d96f1e02d64dce10d20f88613688af11e99e3e22523beeb Copying blob sha256:d9892173749de078dfb702835e9e3858aff86e7447fb11c5a2f2c6bb10f882f6 Copying blob sha256:b5ebffba54d3e3f7fd80435fcdc34c4a96fdb2ecab0f0a298fe08f74c2f69d29 Copying blob sha256:609bcd29c7943a6667e3204bfa5b86a07d255f78ebc26d4c4e8981b335ac3b9a Copying config sha256:a9cb738a84c62f7fd16213bb35e2d674152e86320a80c133f85257194e821bf8 Writing manifest to image destination sha256:adf29095c733ccbf19246873768b13ac251c03ff8802aa304c072f44803c27e6quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw:on-pr-d2388fe1871d355bc27342e92fa9ff21797dba3e [retry] executing: kubectl get configmap cluster-config -n konflux-info -o json Keyless signing is disabled (none of rekorInternalUrl, fulcioInternalUrl, defaultOIDCIssuer, tufInternalUrl are configured in the konflux-info/cluster-config configmap) [2026-04-19T13:54:02,474672664+00:00] End push pod: test-comp-iwsw-on-pull-request-cqm7h-build-container-pod | container step-sbom-syft-generate: [2026-04-19T13:54:03,019854456+00:00] Generate SBOM Running syft on the image Running syft on the source code [0000] WARN no explicit name and version provided for directory source, deriving artifact ID from the given path (which is not ideal) [2026-04-19T13:54:09,973909069+00:00] End sbom-syft-generate pod: test-comp-iwsw-on-pull-request-cqm7h-build-container-pod | container step-prepare-sboms: [2026-04-19T13:54:10,285918298+00:00] Prepare SBOM [2026-04-19T13:54:10,289678842+00:00] Generate SBOM with mobster Skipping SBOM validation 2026-04-19 13:54:11,416 [INFO] mobster.log: Logging level set to 20 2026-04-19 13:54:11,495 [INFO] mobster.oci: Fetching manifest for quay.io/devfile/python@sha256:54924a2ee4a2ef17028ae076ce38e59b3f4054353a5c9f9318dfaee60377532c 2026-04-19 13:54:12,161 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type spdxjson failed for quay.io/devfile/python@sha256:54924a2ee4a2ef17028ae076ce38e59b3f4054353a5c9f9318dfaee60377532c with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-19 13:54:12,348 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type cyclonedx failed for quay.io/devfile/python@sha256:54924a2ee4a2ef17028ae076ce38e59b3f4054353a5c9f9318dfaee60377532c with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-19 13:54:12,767 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type spdxjson failed for quay.io/devfile/python@sha256:54924a2ee4a2ef17028ae076ce38e59b3f4054353a5c9f9318dfaee60377532c with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-19 13:54:12,983 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type cyclonedx failed for quay.io/devfile/python@sha256:54924a2ee4a2ef17028ae076ce38e59b3f4054353a5c9f9318dfaee60377532c with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-19 13:54:13,394 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type spdxjson failed for quay.io/devfile/python@sha256:54924a2ee4a2ef17028ae076ce38e59b3f4054353a5c9f9318dfaee60377532c with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-19 13:54:13,616 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type cyclonedx failed for quay.io/devfile/python@sha256:54924a2ee4a2ef17028ae076ce38e59b3f4054353a5c9f9318dfaee60377532c with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-19 13:54:14,174 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type spdxjson failed for quay.io/devfile/python@sha256:54924a2ee4a2ef17028ae076ce38e59b3f4054353a5c9f9318dfaee60377532c with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-19 13:54:14,405 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type cyclonedx failed for quay.io/devfile/python@sha256:54924a2ee4a2ef17028ae076ce38e59b3f4054353a5c9f9318dfaee60377532c with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-19 13:54:14,405 [INFO] mobster.cmd.generate.oci_image.contextual_sbom.contextualize: Contextual mechanism won't be used, there is no parent image SBOM. 2026-04-19 13:54:14,405 [INFO] mobster.cmd.generate.oci_image: Contextual SBOM workflow finished successfully. 2026-04-19 13:54:14,406 [INFO] mobster.log: Contextual workflow completed in 2.92s 2026-04-19 13:54:14,436 [INFO] mobster.main: Exiting with code 0. [2026-04-19T13:54:14,540496468+00:00] End prepare-sboms pod: test-comp-iwsw-on-pull-request-cqm7h-build-container-pod | container step-upload-sbom: [2026-04-19T13:54:14,559128771+00:00] Upload SBOM INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' Using token for quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw Pushing sbom to registry [retry] executing: cosign attach sbom --sbom sbom.json --type spdx quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw:on-pr-d2388fe1871d355bc27342e92fa9ff21797dba3e@sha256:adf29095c733ccbf19246873768b13ac251c03ff8802aa304c072f44803c27e6 WARNING: SBOM attachments are deprecated and support will be removed in a Cosign release soon after 2024-02-22 (see https://github.com/sigstore/cosign/issues/2755). Instead, please use SBOM attestations. WARNING: Attaching SBOMs this way does not sign them. To sign them, use 'cosign attest --predicate sbom.json --key <key path>'. Uploading SBOM file for [quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw@sha256:adf29095c733ccbf19246873768b13ac251c03ff8802aa304c072f44803c27e6] to [quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw:sha256-adf29095c733ccbf19246873768b13ac251c03ff8802aa304c072f44803c27e6.sbom] with mediaType [text/spdx+json]. quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw@sha256:4d01863e146fd57434de1e09fe5610192c6dff42237b5a3383e6fd70f6d60a25 [2026-04-19T13:54:18,969918730+00:00] End upload-sbom pod: test-comp-iwsw-on-pull-request-cqm7h-build-image-index-pod | init container: prepare 2026/04/19 13:54:22 Entrypoint initialization pod: test-comp-iwsw-on-pull-request-cqm7h-build-image-index-pod | init container: place-scripts 2026/04/19 13:54:22 Decoded script /tekton/scripts/script-0-4bcgr 2026/04/19 13:54:22 Decoded script /tekton/scripts/script-1-jd4wh 2026/04/19 13:54:22 Decoded script /tekton/scripts/script-2-vj998 pod: test-comp-iwsw-on-pull-request-cqm7h-build-image-index-pod | container step-build: [2026-04-19T13:54:43,397266812+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' Running konflux-build-cli time="2026-04-19T13:54:45Z" level=info msg="[param] image: quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw:on-pr-d2388fe1871d355bc27342e92fa9ff21797dba3e" time="2026-04-19T13:54:45Z" level=info msg="[param] images: [quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw:on-pr-d2388fe1871d355bc27342e92fa9ff21797dba3e@sha256:adf29095c733ccbf19246873768b13ac251c03ff8802aa304c072f44803c27e6]" time="2026-04-19T13:54:45Z" level=info msg="[param] buildah-format: oci" time="2026-04-19T13:54:45Z" level=info msg="[param] always-build-index: false" time="2026-04-19T13:54:45Z" level=info msg="[param] additional-tags: [test-comp-iwsw-on-pull-request-cqm7h-build-image-index]" time="2026-04-19T13:54:45Z" level=info msg="[param] output-manifest-path: /index-build-data/manifest_data.json" time="2026-04-19T13:54:45Z" level=info msg="[param] result-path-image-digest: /tekton/results/IMAGE_DIGEST" time="2026-04-19T13:54:45Z" level=info msg="[param] result-path-image-url: /tekton/results/IMAGE_URL" time="2026-04-19T13:54:45Z" level=info msg="[param] result-path-image-ref: /tekton/results/IMAGE_REF" time="2026-04-19T13:54:45Z" level=info msg="[param] result-path-images: /tekton/results/IMAGES" time="2026-04-19T13:54:45Z" level=info msg="Creating manifest list: quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw:on-pr-d2388fe1871d355bc27342e92fa9ff21797dba3e" time="2026-04-19T13:54:45Z" level=info msg="buildah [stdout] a8a337e0fdf5d714bf16d03fa5bce190ccd7a7f992cdf28de1bdfd54341dd495" logger=CliExecutor time="2026-04-19T13:54:45Z" level=info msg="Skipping image index generation. Returning results for single image." {"image_digest":"sha256:adf29095c733ccbf19246873768b13ac251c03ff8802aa304c072f44803c27e6","image_url":"quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw:on-pr-d2388fe1871d355bc27342e92fa9ff21797dba3e","image_ref":"quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw@sha256:adf29095c733ccbf19246873768b13ac251c03ff8802aa304c072f44803c27e6","images":"quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw@sha256:adf29095c733ccbf19246873768b13ac251c03ff8802aa304c072f44803c27e6"} pod: test-comp-iwsw-on-pull-request-cqm7h-build-image-index-pod | container step-create-sbom: The manifest_data.json file does not exist. Skipping the SBOM creation... pod: test-comp-iwsw-on-pull-request-cqm7h-build-image-index-pod | container step-upload-sbom: [2026-04-19T13:54:45,556263789+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' The index.spdx.json file does not exists. Skipping the SBOM upload... pod: test-comp-iwsw-on-pull-request-cqm7h-clair-scan-pod | init container: prepare 2026/04/19 13:54:50 Entrypoint initialization pod: test-comp-iwsw-on-pull-request-cqm7h-clair-scan-pod | init container: place-scripts 2026/04/19 13:54:50 Decoded script /tekton/scripts/script-0-qqrx2 2026/04/19 13:54:50 Decoded script /tekton/scripts/script-1-cx9qm 2026/04/19 13:54:50 Decoded script /tekton/scripts/script-2-nmzkk 2026/04/19 13:54:50 Decoded script /tekton/scripts/script-3-wtkrc pod: test-comp-iwsw-on-pull-request-cqm7h-clair-scan-pod | container step-get-image-manifests: Inspecting raw image manifest quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw@sha256:adf29095c733ccbf19246873768b13ac251c03ff8802aa304c072f44803c27e6. pod: test-comp-iwsw-on-pull-request-cqm7h-clair-scan-pod | container step-get-vulnerabilities: Running clair-action on amd64 image manifest... �[90m2026-04-19T13:58:57Z�[0m �[32mINF�[0m �[1mmatchers created�[0m �[36mcomponent=�[0mlibvuln/New �[36mmatchers=�[0m[{"docs":"https://pkg.go.dev/github.com/quay/claircore/ubuntu","name":"ubuntu-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/rhel","name":"rhel"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/python","name":"python"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/ruby","name":"ruby-gem"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/alpine","name":"alpine-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/gobin","name":"gobin"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/photon","name":"photon"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/rhel/rhcc","name":"rhel-container-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/aws","name":"aws-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/java","name":"java-maven"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/suse","name":"suse"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/debian","name":"debian-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/oracle","name":"oracle"}] �[90m2026-04-19T13:58:57Z�[0m �[32mINF�[0m �[1mlibvuln initialized�[0m �[36mcomponent=�[0mlibvuln/New �[90m2026-04-19T13:58:58Z�[0m �[32mINF�[0m �[1mregistered configured scanners�[0m �[36mcomponent=�[0mlibindex/New �[90m2026-04-19T13:58:58Z�[0m �[32mINF�[0m �[1mNewLayerScanner: constructing a new layer-scanner�[0m �[36mcomponent=�[0mindexer.NewLayerScanner �[90m2026-04-19T13:58:58Z�[0m �[32mINF�[0m �[1mindex request start�[0m �[36mcomponent=�[0mlibindex/Libindex.Index �[36mmanifest=�[0msha256:adf29095c733ccbf19246873768b13ac251c03ff8802aa304c072f44803c27e6 �[90m2026-04-19T13:58:58Z�[0m �[32mINF�[0m �[1mstarting scan�[0m �[36mcomponent=�[0mindexer/controller/Controller.Index �[36mmanifest=�[0msha256:adf29095c733ccbf19246873768b13ac251c03ff8802aa304c072f44803c27e6 �[90m2026-04-19T13:58:58Z�[0m �[32mINF�[0m �[1mmanifest to be scanned�[0m �[36mcomponent=�[0mindexer/controller/Controller.Index �[36mmanifest=�[0msha256:adf29095c733ccbf19246873768b13ac251c03ff8802aa304c072f44803c27e6 �[36mstate=�[0mCheckManifest �[90m2026-04-19T13:58:58Z�[0m �[32mINF�[0m �[1mlayers fetch start�[0m �[36mcomponent=�[0mindexer/controller/Controller.Index �[36mmanifest=�[0msha256:adf29095c733ccbf19246873768b13ac251c03ff8802aa304c072f44803c27e6 �[36mstate=�[0mFetchLayers �[90m2026-04-19T13:58:59Z�[0m �[32mINF�[0m �[1mlayers fetch success�[0m �[36mcomponent=�[0mindexer/controller/Controller.Index �[36mmanifest=�[0msha256:adf29095c733ccbf19246873768b13ac251c03ff8802aa304c072f44803c27e6 �[36mstate=�[0mFetchLayers �[90m2026-04-19T13:58:59Z�[0m �[32mINF�[0m �[1mlayers fetch done�[0m �[36mcomponent=�[0mindexer/controller/Controller.Index �[36mmanifest=�[0msha256:adf29095c733ccbf19246873768b13ac251c03ff8802aa304c072f44803c27e6 �[36mstate=�[0mFetchLayers �[90m2026-04-19T13:58:59Z�[0m �[32mINF�[0m �[1mlayers scan start�[0m �[36mcomponent=�[0mindexer/controller/Controller.Index �[36mmanifest=�[0msha256:adf29095c733ccbf19246873768b13ac251c03ff8802aa304c072f44803c27e6 �[36mstate=�[0mScanLayers �[90m2026-04-19T13:58:59Z�[0m �[32mINF�[0m �[1mlayers scan done�[0m �[36mcomponent=�[0mindexer/controller/Controller.Index �[36mmanifest=�[0msha256:adf29095c733ccbf19246873768b13ac251c03ff8802aa304c072f44803c27e6 �[36mstate=�[0mScanLayers �[90m2026-04-19T13:58:59Z�[0m �[32mINF�[0m �[1mstarting index manifest�[0m �[36mcomponent=�[0mindexer/controller/Controller.Index �[36mmanifest=�[0msha256:adf29095c733ccbf19246873768b13ac251c03ff8802aa304c072f44803c27e6 �[36mstate=�[0mIndexManifest �[90m2026-04-19T13:58:59Z�[0m �[32mINF�[0m �[1mfinishing scan�[0m �[36mcomponent=�[0mindexer/controller/Controller.Index �[36mmanifest=�[0msha256:adf29095c733ccbf19246873768b13ac251c03ff8802aa304c072f44803c27e6 �[36mstate=�[0mIndexFinished �[90m2026-04-19T13:58:59Z�[0m �[32mINF�[0m �[1mmanifest successfully scanned�[0m �[36mcomponent=�[0mindexer/controller/Controller.Index �[36mmanifest=�[0msha256:adf29095c733ccbf19246873768b13ac251c03ff8802aa304c072f44803c27e6 �[36mstate=�[0mIndexFinished �[90m2026-04-19T13:59:00Z�[0m �[32mINF�[0m �[1mindex request done�[0m �[36mcomponent=�[0mlibindex/Libindex.Index �[36mmanifest=�[0msha256:adf29095c733ccbf19246873768b13ac251c03ff8802aa304c072f44803c27e6 { "manifest_hash": "sha256:adf29095c733ccbf19246873768b13ac251c03ff8802aa304c072f44803c27e6", "packages": { "+GDQTbek1zYvATiVR/wBCA==": { "id": "+GDQTbek1zYvATiVR/wBCA==", "name": "gzip", "version": "1.10-4+deb11u1", "kind": "binary", "source": { "id": "", "name": "gzip", "version": "1.10-4+deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "+aaqENN9U+Kuxcb1tQ8Utg==": { "id": "+aaqENN9U+Kuxcb1tQ8Utg==", "name": "netbase", "version": "6.3", "kind": "binary", "source": { "id": "", "name": "netbase", "version": "6.3", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "all", "cpe": "" }, "+ol9cHiNc+RWiD7Kw3TLCg==": { "id": "+ol9cHiNc+RWiD7Kw3TLCg==", "name": "libcom-err2", "version": "1.46.2-2", "kind": "binary", "source": { "id": "", "name": "e2fsprogs", "version": "1.46.2-2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "05vApGRmP6ko1S0ji87IIQ==": { "id": "05vApGRmP6ko1S0ji87IIQ==", "name": "libunistring2", "version": "0.9.10-4", "kind": "binary", "source": { "id": "", "name": "libunistring", "version": "0.9.10-4", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "0jMyX7UCIuSpntMN1r7Ofg==": { "id": "0jMyX7UCIuSpntMN1r7Ofg==", "name": "libzstd1", "version": "1.4.8+dfsg-2.1", "kind": "binary", "source": { "id": "", "name": "libzstd", "version": "1.4.8+dfsg-2.1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "1jyJPCL93kiEbfmNKeyz3g==": { "id": "1jyJPCL93kiEbfmNKeyz3g==", "name": "jinja2", "version": "3.1.6", "kind": "binary", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "pep440:0.3.1.6.0.0.0.0.0.0", "cpe": "" }, "2MObxiEVNllmUEzdVZM5qw==": { "id": "2MObxiEVNllmUEzdVZM5qw==", "name": "apt", "version": "2.2.4", "kind": "binary", "source": { "id": "", "name": "apt", "version": "2.2.4", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "3f992oeEQfSQxRA0nlq8Wg==": { "id": "3f992oeEQfSQxRA0nlq8Wg==", "name": "libgcrypt20", "version": "1.8.7-6", "kind": "binary", "source": { "id": "", "name": "libgcrypt20", "version": "1.8.7-6", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "4672uZtn8TnHDEzWVyhfjw==": { "id": "4672uZtn8TnHDEzWVyhfjw==", "name": "base-files", "version": "11.1+deb11u5", "kind": "binary", "source": { "id": "", "name": "base-files", "version": "11.1+deb11u5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "4jCPzhS6OWt4agz9d/cfTw==": { "id": "4jCPzhS6OWt4agz9d/cfTw==", "name": "ncurses-base", "version": "6.2+20201114-2", "kind": "binary", "source": { "id": "", "name": "ncurses", "version": "6.2+20201114-2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "all", "cpe": "" }, "5zxxTA220k9gPCegfDHkag==": { "id": "5zxxTA220k9gPCegfDHkag==", "name": "libgmp10", "version": "2:6.2.1+dfsg-1+deb11u1", "kind": "binary", "source": { "id": "", "name": "gmp", "version": "2:6.2.1+dfsg-1+deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "7a3yla6TRFZrhmAreU7f8Q==": { "id": "7a3yla6TRFZrhmAreU7f8Q==", "name": "libexpat1", "version": "2.2.10-2+deb11u5", "kind": "binary", "source": { "id": "", "name": "expat", "version": "2.2.10-2+deb11u5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "8alfBYUr5uWbAyB5PrY8Hg==": { "id": "8alfBYUr5uWbAyB5PrY8Hg==", "name": "libudev1", "version": "247.3-7+deb11u1", "kind": "binary", "source": { "id": "", "name": "systemd", "version": "247.3-7+deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "9snKXrH4dQy2IXHQ01Lg0A==": { "id": "9snKXrH4dQy2IXHQ01Lg0A==", "name": "libaudit1", "version": "1:3.0-2", "kind": "binary", "source": { "id": "", "name": "audit", "version": "1:3.0-2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "Akbft1KN+9FKNhh1tM25eA==": { "id": "Akbft1KN+9FKNhh1tM25eA==", "name": "mount", "version": "2.36.1-8+deb11u1", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.36.1-8+deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "BJL42acLPAR8bEnmM1Z3mg==": { "id": "BJL42acLPAR8bEnmM1Z3mg==", "name": "libblkid1", "version": "2.36.1-8+deb11u1", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.36.1-8+deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "CBzoMmlXBcyP54HOnauO0g==": { "id": "CBzoMmlXBcyP54HOnauO0g==", "name": "libpam-runtime", "version": "1.4.0-9+deb11u1", "kind": "binary", "source": { "id": "", "name": "pam", "version": "1.4.0-9+deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "all", "cpe": "" }, "CpILSbg3p6D7Gsp8sCW1Rg==": { "id": "CpILSbg3p6D7Gsp8sCW1Rg==", "name": "libsemanage1", "version": "3.1-1+b2", "kind": "binary", "source": { "id": "", "name": "libsemanage", "version": "3.1-1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "D0G6c/ML9XX4eoGHgx1jeQ==": { "id": "D0G6c/ML9XX4eoGHgx1jeQ==", "name": "libc6", "version": "2.31-13+deb11u5", "kind": "binary", "source": { "id": "", "name": "glibc", "version": "2.31-13+deb11u5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "DY5Co0gkGtbgwDlkjfJLWA==": { "id": "DY5Co0gkGtbgwDlkjfJLWA==", "name": "markupsafe", "version": "3.0.3", "kind": "binary", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "pep440:0.3.0.3.0.0.0.0.0.0", "cpe": "" }, "DtMxcnDA8Je9vAHjmzagaA==": { "id": "DtMxcnDA8Je9vAHjmzagaA==", "name": "e2fsprogs", "version": "1.46.2-2", "kind": "binary", "source": { "id": "", "name": "e2fsprogs", "version": "1.46.2-2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "EVGnnBfWyiVHhoIR4vEpgg==": { "id": "EVGnnBfWyiVHhoIR4vEpgg==", "name": "libbz2-1.0", "version": "1.0.8-4", "kind": "binary", "source": { "id": "", "name": "bzip2", "version": "1.0.8-4", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "ExYxXcgoIRjAjUObwDE4jA==": { "id": "ExYxXcgoIRjAjUObwDE4jA==", "name": "libk5crypto3", "version": "1.18.3-6+deb11u3", "kind": "binary", "source": { "id": "", "name": "krb5", "version": "1.18.3-6+deb11u3", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "FJIijlwFNqvdoVBcfTF/pg==": { "id": "FJIijlwFNqvdoVBcfTF/pg==", "name": "login", "version": "1:4.8.1-1", "kind": "binary", "source": { "id": "", "name": "shadow", "version": "1:4.8.1-1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "FOAAB3KiNsLyi03hQsjRTA==": { "id": "FOAAB3KiNsLyi03hQsjRTA==", "name": "libcrypt1", "version": "1:4.4.18-4", "kind": "binary", "source": { "id": "", "name": "libxcrypt", "version": "1:4.4.18-4", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "FrUy4mOCaHm5aGT53as3JQ==": { "id": "FrUy4mOCaHm5aGT53as3JQ==", "name": "diffutils", "version": "1:3.7-5", "kind": "binary", "source": { "id": "", "name": "diffutils", "version": "1:3.7-5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "G/7q+D+DsqYAVnohcyuzgQ==": { "id": "G/7q+D+DsqYAVnohcyuzgQ==", "name": "libssl1.1", "version": "1.1.1n-0+deb11u3", "kind": "binary", "source": { "id": "", "name": "openssl", "version": "1.1.1n-0+deb11u3", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "GGaavnLgXX31qx9chfhdOQ==": { "id": "GGaavnLgXX31qx9chfhdOQ==", "name": "libaudit-common", "version": "1:3.0-2", "kind": "binary", "source": { "id": "", "name": "audit", "version": "1:3.0-2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "all", "cpe": "" }, "Gm6VA87iOnaQ0rWR6oO9eA==": { "id": "Gm6VA87iOnaQ0rWR6oO9eA==", "name": "libpcre2-8-0", "version": "10.36-2+deb11u1", "kind": "binary", "source": { "id": "", "name": "pcre2", "version": "10.36-2+deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "HFwGHerHwgvY8vkjr3x1Pg==": { "id": "HFwGHerHwgvY8vkjr3x1Pg==", "name": "itsdangerous", "version": "2.2.0", "kind": "binary", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "pep440:0.2.2.0.0.0.0.0.0.0", "cpe": "" }, "IQfQp74RcAWE7jHtQsMLHg==": { "id": "IQfQp74RcAWE7jHtQsMLHg==", "name": "bsdutils", "version": "1:2.36.1-8+deb11u1", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.36.1-8+deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "IiJKm8T4olfm6rhuKayFOw==": { "id": "IiJKm8T4olfm6rhuKayFOw==", "name": "lsb-base", "version": "11.1.0", "kind": "binary", "source": { "id": "", "name": "lsb", "version": "11.1.0", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "all", "cpe": "" }, "Jg2vDvx1JxyPDIrUzzR9NQ==": { "id": "Jg2vDvx1JxyPDIrUzzR9NQ==", "name": "grep", "version": "3.6-1", "kind": "binary", "source": { "id": "", "name": "grep", "version": "3.6-1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "LOfpAnA/2f7zE4SFJCrxVg==": { "id": "LOfpAnA/2f7zE4SFJCrxVg==", "name": "zlib1g", "version": "1:1.2.11.dfsg-2+deb11u2", "kind": "binary", "source": { "id": "", "name": "zlib", "version": "1:1.2.11.dfsg-2+deb11u2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "LVHVhWoZgWwWvOspyUwb1w==": { "id": "LVHVhWoZgWwWvOspyUwb1w==", "name": "libreadline8", "version": "8.1-1", "kind": "binary", "source": { "id": "", "name": "readline", "version": "8.1-1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "MvKvHHnD0jaLaWpyHvkhgQ==": { "id": "MvKvHHnD0jaLaWpyHvkhgQ==", "name": "passwd", "version": "1:4.8.1-1", "kind": "binary", "source": { "id": "", "name": "shadow", "version": "1:4.8.1-1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "NA4G2YrIZ73fsX7d5r5rGw==": { "id": "NA4G2YrIZ73fsX7d5r5rGw==", "name": "debconf", "version": "1.5.77", "kind": "binary", "source": { "id": "", "name": "debconf", "version": "1.5.77", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "all", "cpe": "" }, "NzkVb7F31E+Vxxz3PCS6tg==": { "id": "NzkVb7F31E+Vxxz3PCS6tg==", "name": "libkrb5support0", "version": "1.18.3-6+deb11u3", "kind": "binary", "source": { "id": "", "name": "krb5", "version": "1.18.3-6+deb11u3", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "OgJFdUXRfF1Ls8u1+eOivw==": { "id": "OgJFdUXRfF1Ls8u1+eOivw==", "name": "libgpg-error0", "version": "1.38-2", "kind": "binary", "source": { "id": "", "name": "libgpg-error", "version": "1.38-2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "PaaRbD/FkW3JARtSKQgRcQ==": { "id": "PaaRbD/FkW3JARtSKQgRcQ==", "name": "libattr1", "version": "1:2.4.48-6", "kind": "binary", "source": { "id": "", "name": "attr", "version": "1:2.4.48-6", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "PgPY5hWnihXRN45byvzY0g==": { "id": "PgPY5hWnihXRN45byvzY0g==", "name": "libncursesw6", "version": "6.2+20201114-2", "kind": "binary", "source": { "id": "", "name": "ncurses", "version": "6.2+20201114-2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "R1TkRM71ql+JWgz0VF5ESQ==": { "id": "R1TkRM71ql+JWgz0VF5ESQ==", "name": "libsepol1", "version": "3.1-1", "kind": "binary", "source": { "id": "", "name": "libsepol", "version": "3.1-1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "RAMuXEdVU4AJ/z4aiK/NNg==": { "id": "RAMuXEdVU4AJ/z4aiK/NNg==", "name": "setuptools", "version": "65.5.0", "kind": "binary", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "pep440:0.65.5.0.0.0.0.0.0.0", "cpe": "" }, "RYsqO4ROpGMzzCO5WaTrlw==": { "id": "RYsqO4ROpGMzzCO5WaTrlw==", "name": "dpkg", "version": "1.20.12", "kind": "binary", "source": { "id": "", "name": "dpkg", "version": "1.20.12", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "RgdwX+VC70nXZ2E527PXaA==": { "id": "RgdwX+VC70nXZ2E527PXaA==", "name": "logsave", "version": "1.46.2-2", "kind": "binary", "source": { "id": "", "name": "e2fsprogs", "version": "1.46.2-2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "SWnjL4fWu+WMpxhSCWLhZQ==": { "id": "SWnjL4fWu+WMpxhSCWLhZQ==", "name": "base-passwd", "version": "3.5.51", "kind": "binary", "source": { "id": "", "name": "base-passwd", "version": "3.5.51", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "T5NuX1yinNyGoZNN2r9u4Q==": { "id": "T5NuX1yinNyGoZNN2r9u4Q==", "name": "ca-certificates", "version": "20210119", "kind": "binary", "source": { "id": "", "name": "ca-certificates", "version": "20210119", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "all", "cpe": "" }, "VVXsYlCxogg17Ti1iR03Mw==": { "id": "VVXsYlCxogg17Ti1iR03Mw==", "name": "libseccomp2", "version": "2.5.1-1+deb11u1", "kind": "binary", "source": { "id": "", "name": "libseccomp", "version": "2.5.1-1+deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "VbNyM3GfR5vEmJdFAiKqrA==": { "id": "VbNyM3GfR5vEmJdFAiKqrA==", "name": "gcc-9-base", "version": "9.3.0-22", "kind": "binary", "source": { "id": "", "name": "gcc-9", "version": "9.3.0-22", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "Wi4oa03apqVdR6okNeZiNA==": { "id": "Wi4oa03apqVdR6okNeZiNA==", "name": "libgnutls30", "version": "3.7.1-5+deb11u2", "kind": "binary", "source": { "id": "", "name": "gnutls28", "version": "3.7.1-5+deb11u2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "ZPlAztePXX+uFLVDX2lgNQ==": { "id": "ZPlAztePXX+uFLVDX2lgNQ==", "name": "libsemanage-common", "version": "3.1-1", "kind": "binary", "source": { "id": "", "name": "libsemanage", "version": "3.1-1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "all", "cpe": "" }, "ZWeYh81MRCu1nh3mOyptIA==": { "id": "ZWeYh81MRCu1nh3mOyptIA==", "name": "libmount1", "version": "2.36.1-8+deb11u1", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.36.1-8+deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "bGWj1aSf0wvrecU/pdTv5A==": { "id": "bGWj1aSf0wvrecU/pdTv5A==", "name": "gcc-10-base", "version": "10.2.1-6", "kind": "binary", "source": { "id": "", "name": "gcc-10", "version": "10.2.1-6", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "bHkSxcl6e1quNxLGb6uX8A==": { "id": "bHkSxcl6e1quNxLGb6uX8A==", "name": "coreutils", "version": "8.32-4+b1", "kind": "binary", "source": { "id": "", "name": "coreutils", "version": "8.32-4", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "bTSLWiizipO2axtmvXFuVg==": { "id": "bTSLWiizipO2axtmvXFuVg==", "name": "libtasn1-6", "version": "4.16.0-2", "kind": "binary", "source": { "id": "", "name": "libtasn1-6", "version": "4.16.0-2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "be3s5y0dx4bgsQboIoDduw==": { "id": "be3s5y0dx4bgsQboIoDduw==", "name": "libp11-kit0", "version": "0.23.22-1", "kind": "binary", "source": { "id": "", "name": "p11-kit", "version": "0.23.22-1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "brvvAQ6V7yp7QbUuk+W5Hg==": { "id": "brvvAQ6V7yp7QbUuk+W5Hg==", "name": "libext2fs2", "version": "1.46.2-2", "kind": "binary", "source": { "id": "", "name": "e2fsprogs", "version": "1.46.2-2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "d4b/e0nx+/vPWuPB7oDzPw==": { "id": "d4b/e0nx+/vPWuPB7oDzPw==", "name": "libc-bin", "version": "2.31-13+deb11u5", "kind": "binary", "source": { "id": "", "name": "glibc", "version": "2.31-13+deb11u5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "dRfu6Up2F2Ze+gJ21oSeug==": { "id": "dRfu6Up2F2Ze+gJ21oSeug==", "name": "libgdbm6", "version": "1.19-2", "kind": "binary", "source": { "id": "", "name": "gdbm", "version": "1.19-2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "dUT53gagQO5Ac9Bdlu5dAw==": { "id": "dUT53gagQO5Ac9Bdlu5dAw==", "name": "sysvinit-utils", "version": "2.96-7+deb11u1", "kind": "binary", "source": { "id": "", "name": "sysvinit", "version": "2.96-7+deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "dXglURzzdbLnOf14mab1Hg==": { "id": "dXglURzzdbLnOf14mab1Hg==", "name": "tar", "version": "1.34+dfsg-1", "kind": "binary", "source": { "id": "", "name": "tar", "version": "1.34+dfsg-1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "dobmrwm7aq9puvFHwNgXxw==": { "id": "dobmrwm7aq9puvFHwNgXxw==", "name": "libstdc++6", "version": "10.2.1-6", "kind": "binary", "source": { "id": "", "name": "gcc-10", "version": "10.2.1-6", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "dv3AlW8tBL4D0mEPW7/Z2Q==": { "id": "dv3AlW8tBL4D0mEPW7/Z2Q==", "name": "libpam-modules-bin", "version": "1.4.0-9+deb11u1", "kind": "binary", "source": { "id": "", "name": "pam", "version": "1.4.0-9+deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "eF2QIdrTmJlWmjQTkhntow==": { "id": "eF2QIdrTmJlWmjQTkhntow==", "name": "wheel", "version": "0.38.4", "kind": "binary", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "pep440:0.0.38.4.0.0.0.0.0.0", "cpe": "" }, "elSR7m8uLWd/kMl2jxTm/A==": { "id": "elSR7m8uLWd/kMl2jxTm/A==", "name": "libpam-modules", "version": "1.4.0-9+deb11u1", "kind": "binary", "source": { "id": "", "name": "pam", "version": "1.4.0-9+deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "evNF5YpSAxyFV7iWv3lSVw==": { "id": "evNF5YpSAxyFV7iWv3lSVw==", "name": "openssl", "version": "1.1.1n-0+deb11u3", "kind": "binary", "source": { "id": "", "name": "openssl", "version": "1.1.1n-0+deb11u3", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "fCmdLCR2Ix0ldnZL1Fa52A==": { "id": "fCmdLCR2Ix0ldnZL1Fa52A==", "name": "bash", "version": "5.1-2+deb11u1", "kind": "binary", "source": { "id": "", "name": "bash", "version": "5.1-2+deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "fqwKjkzVNvsxh6040zt05g==": { "id": "fqwKjkzVNvsxh6040zt05g==", "name": "hostname", "version": "3.23", "kind": "binary", "source": { "id": "", "name": "hostname", "version": "3.23", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "fyM9Y65kt8cTfJv4LKF7bg==": { "id": "fyM9Y65kt8cTfJv4LKF7bg==", "name": "libcap-ng0", "version": "0.7.9-2.2+b1", "kind": "binary", "source": { "id": "", "name": "libcap-ng", "version": "0.7.9-2.2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "gP9HgvZWct50Kw/hM7BCKg==": { "id": "gP9HgvZWct50Kw/hM7BCKg==", "name": "libtirpc-common", "version": "1.3.1-1+deb11u1", "kind": "binary", "source": { "id": "", "name": "libtirpc", "version": "1.3.1-1+deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "all", "cpe": "" }, "gv6x84VyNacZgvJrC59jbQ==": { "id": "gv6x84VyNacZgvJrC59jbQ==", "name": "libffi7", "version": "3.3-6", "kind": "binary", "source": { "id": "", "name": "libffi", "version": "3.3-6", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "hdNUjYIlrdEAtBWAggakAw==": { "id": "hdNUjYIlrdEAtBWAggakAw==", "name": "perl-base", "version": "5.32.1-4+deb11u2", "kind": "binary", "source": { "id": "", "name": "perl", "version": "5.32.1-4+deb11u2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "i4JkQ9JgSpZVyPFWOY5Bxw==": { "id": "i4JkQ9JgSpZVyPFWOY5Bxw==", "name": "liblz4-1", "version": "1.9.3-2", "kind": "binary", "source": { "id": "", "name": "lz4", "version": "1.9.3-2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "iWqdRZmp08/Tx22qEtmjJg==": { "id": "iWqdRZmp08/Tx22qEtmjJg==", "name": "libpcre3", "version": "2:8.39-13", "kind": "binary", "source": { "id": "", "name": "pcre3", "version": "2:8.39-13", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "jErhz6PtXvAy/EPWJ425rA==": { "id": "jErhz6PtXvAy/EPWJ425rA==", "name": "libuuid1", "version": "2.36.1-8+deb11u1", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.36.1-8+deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "jKa8Us2cqGejhOc2/n5DDA==": { "id": "jKa8Us2cqGejhOc2/n5DDA==", "name": "libsmartcols1", "version": "2.36.1-8+deb11u1", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.36.1-8+deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "kq4lGEwi4agkgAJAkDs9Ng==": { "id": "kq4lGEwi4agkgAJAkDs9Ng==", "name": "flask", "version": "2.1.0", "kind": "binary", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "pep440:0.2.1.0.0.0.0.0.0.0", "cpe": "" }, "krch6TQqNWzRi5F/dDkF+Q==": { "id": "krch6TQqNWzRi5F/dDkF+Q==", "name": "ncurses-bin", "version": "6.2+20201114-2", "kind": "binary", "source": { "id": "", "name": "ncurses", "version": "6.2+20201114-2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "l5lCPjtOmPM8/LLh9+NjeQ==": { "id": "l5lCPjtOmPM8/LLh9+NjeQ==", "name": "gpgv", "version": "2.2.27-2+deb11u2", "kind": "binary", "source": { "id": "", "name": "gnupg2", "version": "2.2.27-2+deb11u2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "l89yAZ/vyULk4EoaRdbg9w==": { "id": "l89yAZ/vyULk4EoaRdbg9w==", "name": "click", "version": "8.3.2", "kind": "binary", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "pep440:0.8.3.2.0.0.0.0.0.0", "cpe": "" }, "lCjIskl1HulEHShaXtgmwQ==": { "id": "lCjIskl1HulEHShaXtgmwQ==", "name": "libtinfo6", "version": "6.2+20201114-2", "kind": "binary", "source": { "id": "", "name": "ncurses", "version": "6.2+20201114-2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "lvz5sq0NbU6sy/F1tg9uiQ==": { "id": "lvz5sq0NbU6sy/F1tg9uiQ==", "name": "libkeyutils1", "version": "1.6.1-2", "kind": "binary", "source": { "id": "", "name": "keyutils", "version": "1.6.1-2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "mlFDx1iAC2OWpmYHut2JHw==": { "id": "mlFDx1iAC2OWpmYHut2JHw==", "name": "libnettle8", "version": "3.7.3-1", "kind": "binary", "source": { "id": "", "name": "nettle", "version": "3.7.3-1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "nV87o429QBKIpM8DyOv4wg==": { "id": "nV87o429QBKIpM8DyOv4wg==", "name": "debian-archive-keyring", "version": "2021.1.1", "kind": "binary", "source": { "id": "", "name": "debian-archive-keyring", "version": "2021.1.1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "all", "cpe": "" }, "ngOu/a+sfrdDkZtETF1mgg==": { "id": "ngOu/a+sfrdDkZtETF1mgg==", "name": "libselinux1", "version": "3.1-3", "kind": "binary", "source": { "id": "", "name": "libselinux", "version": "3.1-3", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "nmd/xrCD27AKRWAzA5JZCA==": { "id": "nmd/xrCD27AKRWAzA5JZCA==", "name": "mawk", "version": "1.3.4.20200120-2", "kind": "binary", "source": { "id": "", "name": "mawk", "version": "1.3.4.20200120-2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "npX4tBmidkxp2QJN/c3Ktw==": { "id": "npX4tBmidkxp2QJN/c3Ktw==", "name": "libdebconfclient0", "version": "0.260", "kind": "binary", "source": { "id": "", "name": "cdebconf", "version": "0.260", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "nwapLKtbHTjy1u8+aA0X+Q==": { "id": "nwapLKtbHTjy1u8+aA0X+Q==", "name": "pip", "version": "22.3.1", "kind": "binary", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "pep440:0.22.3.1.0.0.0.0.0.0", "cpe": "" }, "oH9T0w9ZyXDCGJ6Np6n1Iw==": { "id": "oH9T0w9ZyXDCGJ6Np6n1Iw==", "name": "init-system-helpers", "version": "1.60", "kind": "binary", "source": { "id": "", "name": "init-system-helpers", "version": "1.60", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "all", "cpe": "" }, "ozJ983JkaV259+RUbqutzw==": { "id": "ozJ983JkaV259+RUbqutzw==", "name": "dash", "version": "0.5.11+git20200708+dd9ef66-5", "kind": "binary", "source": { "id": "", "name": "dash", "version": "0.5.11+git20200708+dd9ef66-5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "p+J9YgA22NC8PDODpTSxgw==": { "id": "p+J9YgA22NC8PDODpTSxgw==", "name": "libidn2-0", "version": "2.3.0-5", "kind": "binary", "source": { "id": "", "name": "libidn2", "version": "2.3.0-5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "pHAWej2qVWZtoCQ5DGoRcQ==": { "id": "pHAWej2qVWZtoCQ5DGoRcQ==", "name": "tzdata", "version": "2021a-1+deb11u8", "kind": "binary", "source": { "id": "", "name": "tzdata", "version": "2021a-1+deb11u8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "all", "cpe": "" }, "pZoLgWqHDgjhYQPevrtwdg==": { "id": "pZoLgWqHDgjhYQPevrtwdg==", "name": "libss2", "version": "1.46.2-2", "kind": "binary", "source": { "id": "", "name": "e2fsprogs", "version": "1.46.2-2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "q78XIEiJs5tQHLZtjoU3Fg==": { "id": "q78XIEiJs5tQHLZtjoU3Fg==", "name": "adduser", "version": "3.118", "kind": "binary", "source": { "id": "", "name": "adduser", "version": "3.118", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "all", "cpe": "" }, "qN2BSWBeEFRJnExMNJ1S0A==": { "id": "qN2BSWBeEFRJnExMNJ1S0A==", "name": "libsqlite3-0", "version": "3.34.1-3", "kind": "binary", "source": { "id": "", "name": "sqlite3", "version": "3.34.1-3", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "qrPZzwjmppjOiQbrGk5IQA==": { "id": "qrPZzwjmppjOiQbrGk5IQA==", "name": "libgssapi-krb5-2", "version": "1.18.3-6+deb11u3", "kind": "binary", "source": { "id": "", "name": "krb5", "version": "1.18.3-6+deb11u3", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "rJ4UB7yOdBPwgrk5WLwIQw==": { "id": "rJ4UB7yOdBPwgrk5WLwIQw==", "name": "libhogweed6", "version": "3.7.3-1", "kind": "binary", "source": { "id": "", "name": "nettle", "version": "3.7.3-1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "rUyBCRoo9C2erJrGUkvuDQ==": { "id": "rUyBCRoo9C2erJrGUkvuDQ==", "name": "libtirpc3", "version": "1.3.1-1+deb11u1", "kind": "binary", "source": { "id": "", "name": "libtirpc", "version": "1.3.1-1+deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "s66OGd0F2Pbemhmyrg2R9w==": { "id": "s66OGd0F2Pbemhmyrg2R9w==", "name": "libsystemd0", "version": "247.3-7+deb11u1", "kind": "binary", "source": { "id": "", "name": "systemd", "version": "247.3-7+deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "sU05gaIadSYQd4+DxTnInw==": { "id": "sU05gaIadSYQd4+DxTnInw==", "name": "libacl1", "version": "2.2.53-10", "kind": "binary", "source": { "id": "", "name": "acl", "version": "2.2.53-10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "sXwy5mmgqLM9WC30BdKwTA==": { "id": "sXwy5mmgqLM9WC30BdKwTA==", "name": "readline-common", "version": "8.1-1", "kind": "binary", "source": { "id": "", "name": "readline", "version": "8.1-1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "all", "cpe": "" }, "tNSJ6slY9zv+TZ6de2MVDQ==": { "id": "tNSJ6slY9zv+TZ6de2MVDQ==", "name": "liblzma5", "version": "5.2.5-2.1~deb11u1", "kind": "binary", "source": { "id": "", "name": "xz-utils", "version": "5.2.5-2.1~deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "tYADP/V07/lE8Qno1R/hhg==": { "id": "tYADP/V07/lE8Qno1R/hhg==", "name": "libgcc-s1", "version": "10.2.1-6", "kind": "binary", "source": { "id": "", "name": "gcc-10", "version": "10.2.1-6", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "uRB+svwXXxpR9DkvUVmAUQ==": { "id": "uRB+svwXXxpR9DkvUVmAUQ==", "name": "werkzeug", "version": "3.1.8", "kind": "binary", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "pep440:0.3.1.8.0.0.0.0.0.0", "cpe": "" }, "uXsuLx/plg6mDddGlE/9EA==": { "id": "uXsuLx/plg6mDddGlE/9EA==", "name": "libxxhash0", "version": "0.8.0-2", "kind": "binary", "source": { "id": "", "name": "xxhash", "version": "0.8.0-2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "vqKK+x/7cGHNjLr4L7x4uQ==": { "id": "vqKK+x/7cGHNjLr4L7x4uQ==", "name": "libdb5.3", "version": "5.3.28+dfsg1-0.8", "kind": "binary", "source": { "id": "", "name": "db5.3", "version": "5.3.28+dfsg1-0.8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "wkuBBC4B84P3b4K0fGF0OQ==": { "id": "wkuBBC4B84P3b4K0fGF0OQ==", "name": "util-linux", "version": "2.36.1-8+deb11u1", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.36.1-8+deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "xaMEpa2lawXi7R9jqzX8hA==": { "id": "xaMEpa2lawXi7R9jqzX8hA==", "name": "findutils", "version": "4.8.0-1", "kind": "binary", "source": { "id": "", "name": "findutils", "version": "4.8.0-1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "yYcMjCGhY/mc+KraTEHSJg==": { "id": "yYcMjCGhY/mc+KraTEHSJg==", "name": "libkrb5-3", "version": "1.18.3-6+deb11u3", "kind": "binary", "source": { "id": "", "name": "krb5", "version": "1.18.3-6+deb11u3", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "zL6jHnohFUDkhEaUeTlPOQ==": { "id": "zL6jHnohFUDkhEaUeTlPOQ==", "name": "sed", "version": "4.7-1", "kind": "binary", "source": { "id": "", "name": "sed", "version": "4.7-1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "zQ8wKwnOqSw7e/gsx76vLQ==": { "id": "zQ8wKwnOqSw7e/gsx76vLQ==", "name": "debianutils", "version": "4.11.2", "kind": "binary", "source": { "id": "", "name": "debianutils", "version": "4.11.2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "zRv/Q67g6qJWTz0qqj4+BA==": { "id": "zRv/Q67g6qJWTz0qqj4+BA==", "name": "libnsl2", "version": "1.3.0-2", "kind": "binary", "source": { "id": "", "name": "libnsl", "version": "1.3.0-2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "zV4ikAKeqBYFSvXnkFMYgg==": { "id": "zV4ikAKeqBYFSvXnkFMYgg==", "name": "libpam0g", "version": "1.4.0-9+deb11u1", "kind": "binary", "source": { "id": "", "name": "pam", "version": "1.4.0-9+deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "zw9OGAXs3mWkBkmfKzbfqg==": { "id": "zw9OGAXs3mWkBkmfKzbfqg==", "name": "libapt-pkg6.0", "version": "2.2.4", "kind": "binary", "source": { "id": "", "name": "apt", "version": "2.2.4", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" } }, "distributions": { "f8f0df61-18a0-4bee-b91a-5c96e483c6a8": { "id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" } }, "repository": { "4cb23620-3eb6-4784-9563-fbc7ef0bd7bb": { "id": "4cb23620-3eb6-4784-9563-fbc7ef0bd7bb", "name": "pypi", "uri": "https://pypi.org/simple", "cpe": "" } }, "environments": { "+GDQTbek1zYvATiVR/wBCA==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "+aaqENN9U+Kuxcb1tQ8Utg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:778656c04542093db6d3b6e07bffbcf6ec4b24709276be7cdf177fcb3666663a", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "+ol9cHiNc+RWiD7Kw3TLCg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "05vApGRmP6ko1S0ji87IIQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "0jMyX7UCIuSpntMN1r7Ofg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "1jyJPCL93kiEbfmNKeyz3g==": [ { "package_db": "python:usr/local/lib/python3.11/site-packages", "introduced_in": "sha256:f5adaff7db1ec9a20f6a98872b33de25d280dbd99bce7996e9fbd6f3aa6777a9", "distribution_id": "", "repository_ids": [ "4cb23620-3eb6-4784-9563-fbc7ef0bd7bb" ] } ], "2MObxiEVNllmUEzdVZM5qw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "3f992oeEQfSQxRA0nlq8Wg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "4672uZtn8TnHDEzWVyhfjw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "4jCPzhS6OWt4agz9d/cfTw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "5zxxTA220k9gPCegfDHkag==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "7a3yla6TRFZrhmAreU7f8Q==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:2f9c09f7c02f4403f9ec5313e53e63eafe6cd43993457b810ce1b9642812daec", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "8alfBYUr5uWbAyB5PrY8Hg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "9snKXrH4dQy2IXHQ01Lg0A==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "Akbft1KN+9FKNhh1tM25eA==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "BJL42acLPAR8bEnmM1Z3mg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "CBzoMmlXBcyP54HOnauO0g==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "CpILSbg3p6D7Gsp8sCW1Rg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "D0G6c/ML9XX4eoGHgx1jeQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "DY5Co0gkGtbgwDlkjfJLWA==": [ { "package_db": "python:usr/local/lib/python3.11/site-packages", "introduced_in": "sha256:f5adaff7db1ec9a20f6a98872b33de25d280dbd99bce7996e9fbd6f3aa6777a9", "distribution_id": "", "repository_ids": [ "4cb23620-3eb6-4784-9563-fbc7ef0bd7bb" ] } ], "DtMxcnDA8Je9vAHjmzagaA==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "EVGnnBfWyiVHhoIR4vEpgg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "ExYxXcgoIRjAjUObwDE4jA==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "FJIijlwFNqvdoVBcfTF/pg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "FOAAB3KiNsLyi03hQsjRTA==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "FrUy4mOCaHm5aGT53as3JQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "G/7q+D+DsqYAVnohcyuzgQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "GGaavnLgXX31qx9chfhdOQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "Gm6VA87iOnaQ0rWR6oO9eA==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "HFwGHerHwgvY8vkjr3x1Pg==": [ { "package_db": "python:usr/local/lib/python3.11/site-packages", "introduced_in": "sha256:f5adaff7db1ec9a20f6a98872b33de25d280dbd99bce7996e9fbd6f3aa6777a9", "distribution_id": "", "repository_ids": [ "4cb23620-3eb6-4784-9563-fbc7ef0bd7bb" ] } ], "IQfQp74RcAWE7jHtQsMLHg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "IiJKm8T4olfm6rhuKayFOw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "Jg2vDvx1JxyPDIrUzzR9NQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "LOfpAnA/2f7zE4SFJCrxVg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "LVHVhWoZgWwWvOspyUwb1w==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:2f9c09f7c02f4403f9ec5313e53e63eafe6cd43993457b810ce1b9642812daec", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "MvKvHHnD0jaLaWpyHvkhgQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "NA4G2YrIZ73fsX7d5r5rGw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "NzkVb7F31E+Vxxz3PCS6tg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "OgJFdUXRfF1Ls8u1+eOivw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "PaaRbD/FkW3JARtSKQgRcQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "PgPY5hWnihXRN45byvzY0g==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:2f9c09f7c02f4403f9ec5313e53e63eafe6cd43993457b810ce1b9642812daec", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "R1TkRM71ql+JWgz0VF5ESQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "RAMuXEdVU4AJ/z4aiK/NNg==": [ { "package_db": "python:usr/local/lib/python3.11/site-packages", "introduced_in": "sha256:0f372def914e585a52a46de64d0ed00b960c02f5f81a307d673e73b404203d61", "distribution_id": "", "repository_ids": [ "4cb23620-3eb6-4784-9563-fbc7ef0bd7bb" ] } ], "RYsqO4ROpGMzzCO5WaTrlw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "RgdwX+VC70nXZ2E527PXaA==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "SWnjL4fWu+WMpxhSCWLhZQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "T5NuX1yinNyGoZNN2r9u4Q==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:778656c04542093db6d3b6e07bffbcf6ec4b24709276be7cdf177fcb3666663a", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "VVXsYlCxogg17Ti1iR03Mw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "VbNyM3GfR5vEmJdFAiKqrA==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "Wi4oa03apqVdR6okNeZiNA==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "ZPlAztePXX+uFLVDX2lgNQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "ZWeYh81MRCu1nh3mOyptIA==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "bGWj1aSf0wvrecU/pdTv5A==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "bHkSxcl6e1quNxLGb6uX8A==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "bTSLWiizipO2axtmvXFuVg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "be3s5y0dx4bgsQboIoDduw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "brvvAQ6V7yp7QbUuk+W5Hg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "d4b/e0nx+/vPWuPB7oDzPw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "dRfu6Up2F2Ze+gJ21oSeug==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:2f9c09f7c02f4403f9ec5313e53e63eafe6cd43993457b810ce1b9642812daec", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "dUT53gagQO5Ac9Bdlu5dAw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "dXglURzzdbLnOf14mab1Hg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "dobmrwm7aq9puvFHwNgXxw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "dv3AlW8tBL4D0mEPW7/Z2Q==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "eF2QIdrTmJlWmjQTkhntow==": [ { "package_db": "python:usr/local/lib/python3.11/site-packages", "introduced_in": "sha256:0f372def914e585a52a46de64d0ed00b960c02f5f81a307d673e73b404203d61", "distribution_id": "", "repository_ids": [ "4cb23620-3eb6-4784-9563-fbc7ef0bd7bb" ] } ], "elSR7m8uLWd/kMl2jxTm/A==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "evNF5YpSAxyFV7iWv3lSVw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:778656c04542093db6d3b6e07bffbcf6ec4b24709276be7cdf177fcb3666663a", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "fCmdLCR2Ix0ldnZL1Fa52A==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "fqwKjkzVNvsxh6040zt05g==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "fyM9Y65kt8cTfJv4LKF7bg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "gP9HgvZWct50Kw/hM7BCKg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "gv6x84VyNacZgvJrC59jbQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "hdNUjYIlrdEAtBWAggakAw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "i4JkQ9JgSpZVyPFWOY5Bxw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "iWqdRZmp08/Tx22qEtmjJg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "jErhz6PtXvAy/EPWJ425rA==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "jKa8Us2cqGejhOc2/n5DDA==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "kq4lGEwi4agkgAJAkDs9Ng==": [ { "package_db": "python:usr/local/lib/python3.11/site-packages", "introduced_in": "sha256:f5adaff7db1ec9a20f6a98872b33de25d280dbd99bce7996e9fbd6f3aa6777a9", "distribution_id": "", "repository_ids": [ "4cb23620-3eb6-4784-9563-fbc7ef0bd7bb" ] } ], "krch6TQqNWzRi5F/dDkF+Q==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "l5lCPjtOmPM8/LLh9+NjeQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "l89yAZ/vyULk4EoaRdbg9w==": [ { "package_db": "python:usr/local/lib/python3.11/site-packages", "introduced_in": "sha256:f5adaff7db1ec9a20f6a98872b33de25d280dbd99bce7996e9fbd6f3aa6777a9", "distribution_id": "", "repository_ids": [ "4cb23620-3eb6-4784-9563-fbc7ef0bd7bb" ] } ], "lCjIskl1HulEHShaXtgmwQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "lvz5sq0NbU6sy/F1tg9uiQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "mlFDx1iAC2OWpmYHut2JHw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "nV87o429QBKIpM8DyOv4wg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "ngOu/a+sfrdDkZtETF1mgg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "nmd/xrCD27AKRWAzA5JZCA==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "npX4tBmidkxp2QJN/c3Ktw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "nwapLKtbHTjy1u8+aA0X+Q==": [ { "package_db": "python:usr/local/lib/python3.11/site-packages", "introduced_in": "sha256:0f372def914e585a52a46de64d0ed00b960c02f5f81a307d673e73b404203d61", "distribution_id": "", "repository_ids": [ "4cb23620-3eb6-4784-9563-fbc7ef0bd7bb" ] } ], "oH9T0w9ZyXDCGJ6Np6n1Iw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "ozJ983JkaV259+RUbqutzw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "p+J9YgA22NC8PDODpTSxgw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "pHAWej2qVWZtoCQ5DGoRcQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "pZoLgWqHDgjhYQPevrtwdg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "q78XIEiJs5tQHLZtjoU3Fg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "qN2BSWBeEFRJnExMNJ1S0A==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:2f9c09f7c02f4403f9ec5313e53e63eafe6cd43993457b810ce1b9642812daec", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "qrPZzwjmppjOiQbrGk5IQA==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "rJ4UB7yOdBPwgrk5WLwIQw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "rUyBCRoo9C2erJrGUkvuDQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "s66OGd0F2Pbemhmyrg2R9w==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "sU05gaIadSYQd4+DxTnInw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "sXwy5mmgqLM9WC30BdKwTA==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:2f9c09f7c02f4403f9ec5313e53e63eafe6cd43993457b810ce1b9642812daec", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "tNSJ6slY9zv+TZ6de2MVDQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "tYADP/V07/lE8Qno1R/hhg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "uRB+svwXXxpR9DkvUVmAUQ==": [ { "package_db": "python:usr/local/lib/python3.11/site-packages", "introduced_in": "sha256:f5adaff7db1ec9a20f6a98872b33de25d280dbd99bce7996e9fbd6f3aa6777a9", "distribution_id": "", "repository_ids": [ "4cb23620-3eb6-4784-9563-fbc7ef0bd7bb" ] } ], "uXsuLx/plg6mDddGlE/9EA==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "vqKK+x/7cGHNjLr4L7x4uQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "wkuBBC4B84P3b4K0fGF0OQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "xaMEpa2lawXi7R9jqzX8hA==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "yYcMjCGhY/mc+KraTEHSJg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "zL6jHnohFUDkhEaUeTlPOQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "zQ8wKwnOqSw7e/gsx76vLQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "zRv/Q67g6qJWTz0qqj4+BA==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "zV4ikAKeqBYFSvXnkFMYgg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ], "zw9OGAXs3mWkBkmfKzbfqg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "f8f0df61-18a0-4bee-b91a-5c96e483c6a8", "repository_ids": null } ] }, "vulnerabilities": { "+N61/5529gFt7RkD8ooeKQ==": { "id": "+N61/5529gFt7RkD8ooeKQ==", "updater": "debian/updater", "name": "CVE-2023-0465", "description": "Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skipped for that certificate. A malicious CA could use this to deliberately assert invalid certificate policies in order to circumvent policy checking on the certificate altogether. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-0465", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1n-0+deb11u5" }, "+x9OyXfXk9PrekfsnPKwlg==": { "id": "+x9OyXfXk9PrekfsnPKwlg==", "updater": "debian/updater", "name": "CVE-2020-13529", "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2020-13529", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "/7UJLAHsMPxTtTxvuPgrzA==": { "id": "/7UJLAHsMPxTtTxvuPgrzA==", "updater": "debian/updater", "name": "CVE-2024-45491", "description": "An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX).", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-45491", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "2.2.10-2+deb11u6" }, "/YwO4YLRGgF2uWU55V6+MQ==": { "id": "/YwO4YLRGgF2uWU55V6+MQ==", "updater": "debian/updater", "name": "CVE-2019-1010022", "description": "GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2019-1010022", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "08pa4udz9bnA9IOsE208DA==": { "id": "08pa4udz9bnA9IOsE208DA==", "updater": "debian/updater", "name": "CVE-2023-4039", "description": "**DISPUTED**A failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in dynamically-sized local variables in your application without this being detected. This stack-protector failure only applies to C99-style dynamically-sized local variables or those created using alloca(). The stack-protector operates as intended for statically-sized local variables. The default behavior when the stack-protector detects an overflow is to terminate your application, resulting in controlled loss of availability. An attacker who can exploit a buffer overflow without triggering the stack-protector might be able to change program flow control to cause an uncontrolled loss of availability or to go further and affect confidentiality or integrity. NOTE: The GCC project argues that this is a missed hardening bug and not a vulnerability by itself.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-4039", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "gcc-10", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "0H/7BkE/Q7YVSZhEABXg6w==": { "id": "0H/7BkE/Q7YVSZhEABXg6w==", "updater": "debian/updater", "name": "CVE-2024-26458", "description": "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-26458", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "krb5", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "0q/btA3zBEGWWmFxU7cNig==": { "id": "0q/btA3zBEGWWmFxU7cNig==", "updater": "debian/updater", "name": "CVE-2026-40225", "description": "In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-40225", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "247.3-7+deb11u8" }, "1U/zi3CEao+52y8LKU0uvw==": { "id": "1U/zi3CEao+52y8LKU0uvw==", "updater": "debian/updater", "name": "CVE-2021-36084", "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and __cil_pre_verify_helper).", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2021-36084", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "libsepol", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "3.1-1+deb11u1" }, "1VnWeA5AZgybyD8+PiXyiw==": { "id": "1VnWeA5AZgybyD8+PiXyiw==", "updater": "debian/updater", "name": "CVE-2025-70873", "description": "An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows attackers to obtain heap memory via supplying a crafted ZIP file.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-70873", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "sqlite3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "1dwwvWkARnFe67yAAGVglQ==": { "id": "1dwwvWkARnFe67yAAGVglQ==", "updater": "debian/updater", "name": "CVE-2023-31438", "description": "An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent \"a reply denying that any of the finding was a security vulnerability.\"", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-31438", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "27BVJE6xR0Z84LzifDnFYA==": { "id": "27BVJE6xR0Z84LzifDnFYA==", "updater": "debian/updater", "name": "CVE-2022-48303", "description": "GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2022-48303", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "tar", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.34+dfsg-1+deb11u1" }, "3QDeWfKuntq5YxjjCuZXRQ==": { "id": "3QDeWfKuntq5YxjjCuZXRQ==", "updater": "debian/updater", "name": "CVE-2025-68160", "description": "Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based out-of-bounds write. Impact summary: This out-of-bounds write can cause memory corruption which typically results in a crash, leading to Denial of Service for an application. The line-buffering BIO filter (BIO_f_linebuffer) is not used by default in TLS/SSL data paths. In OpenSSL command-line applications, it is typically only pushed onto stdout/stderr on VMS systems. Third-party applications that explicitly use this filter with a BIO chain that can short-write and that write large, newline-free data influenced by an attacker would be affected. However, the circumstances where this could happen are unlikely to be under attacker control, and BIO_f_linebuffer is unlikely to be handling non-curated data controlled by an attacker. For that reason the issue was assessed as Low severity. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the BIO implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-68160", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1w-0+deb11u5" }, "3Z3QMUqCN4dQV+f8cjn1eA==": { "id": "3Z3QMUqCN4dQV+f8cjn1eA==", "updater": "debian/updater", "name": "CVE-2025-69420", "description": "Issue summary: A type confusion vulnerability exists in the TimeStamp Response verification code where an ASN1_TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference when processing a malformed TimeStamp Response file. Impact summary: An application calling TS_RESP_verify_response() with a malformed TimeStamp Response can be caused to dereference an invalid or NULL pointer when reading, resulting in a Denial of Service. The functions ossl_ess_get_signing_cert() and ossl_ess_get_signing_cert_v2() access the signing cert attribute value without validating its type. When the type is not V_ASN1_SEQUENCE, this results in accessing invalid memory through the ASN1_TYPE union, causing a crash. Exploiting this vulnerability requires an attacker to provide a malformed TimeStamp Response to an application that verifies timestamp responses. The TimeStamp protocol (RFC 3161) is not widely used and the impact of the exploit is just a Denial of Service. For these reasons the issue was assessed as Low severity. The FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the TimeStamp Response implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue. OpenSSL 1.0.2 is not affected by this issue.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-69420", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1w-0+deb11u5" }, "3cBlPR7Tm4BIC/+wflldAg==": { "id": "3cBlPR7Tm4BIC/+wflldAg==", "updater": "debian/updater", "name": "CVE-2024-12243", "description": "A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to send a specially crafted certificate, causing GnuTLS to become unresponsive or slow, resulting in a denial-of-service condition.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-12243", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "gnutls28", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "3.7.1-5+deb11u7" }, "5+uzHCKkmvMK8jl2uJkFqQ==": { "id": "5+uzHCKkmvMK8jl2uJkFqQ==", "updater": "debian/updater", "name": "CVE-2026-32777", "description": "libexpat before 2.7.5 allows an infinite loop while parsing DTD content.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-32777", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "59rfj7X7Q9O1jyg5L5a5zQ==": { "id": "59rfj7X7Q9O1jyg5L5a5zQ==", "updater": "debian/updater", "name": "CVE-2024-37370", "description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-37370", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "krb5", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.18.3-6+deb11u5" }, "5Cmp5KJXv+nVwwcs5/Kz7w==": { "id": "5Cmp5KJXv+nVwwcs5/Kz7w==", "updater": "debian/updater", "name": "CVE-2024-50602", "description": "An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-50602", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "2.2.10-2+deb11u7" }, "5IA1PesIyj05J2Yx0YB4tQ==": { "id": "5IA1PesIyj05J2Yx0YB4tQ==", "updater": "osv/pypi", "name": "ECHO-3d34-cec5-cf72", "description": "", "issued": "2026-01-23T11:00:38Z", "links": "https://advisory.echohq.com/cve/CVE-2026-24049", "severity": "", "normalized_severity": "Unknown", "package": { "id": "", "name": "wheel", "version": "", "kind": "binary", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "pypi", "uri": "https://pypi.org/", "cpe": "" }, "fixed_in_version": "fixed=0.45.1%2Becho.1" }, "5OqCQlhu6kV+tAsgGEGuwQ==": { "id": "5OqCQlhu6kV+tAsgGEGuwQ==", "updater": "debian/updater", "name": "CVE-2026-27171", "description": "zlib before 1.3.2 allows CPU consumption via crc32_combine64 and crc32_combine_gen64 because x2nmodp can do right shifts within a loop that has no termination condition.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-27171", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "zlib", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "5rGwN3bKZLMvxcM/W4jj+A==": { "id": "5rGwN3bKZLMvxcM/W4jj+A==", "updater": "debian/updater", "name": "CVE-2026-29111", "description": "systemd, a system and service manager, (as PID 1) hits an assert and freezes execution when an unprivileged IPC API call is made with spurious data. On version v249 and older the effect is not an assert, but stack overwriting, with the attacker controlled content. From version v250 and newer this is not possible as the safety check causes an assert instead. This IPC call was added in v239, so versions older than that are not affected. Versions 260-rc1, 259.2, 258.5, and 257.11 contain patches. No known workarounds are available.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-29111", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "247.3-7+deb11u8" }, "6j23t/n6B77cQMxfCeLKzA==": { "id": "6j23t/n6B77cQMxfCeLKzA==", "updater": "debian/updater", "name": "CVE-2024-12133", "description": "A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate, causing a denial of service attack.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-12133", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "libtasn1-6", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "4.16.0-2+deb11u2" }, "6jg3v7lJ92IZCQpZydR2sA==": { "id": "6jg3v7lJ92IZCQpZydR2sA==", "updater": "debian/updater", "name": "CVE-2024-28757", "description": "libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-28757", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "7DtFnnE8FjIpCQKunutpeg==": { "id": "7DtFnnE8FjIpCQKunutpeg==", "updater": "debian/updater", "name": "CVE-2020-16156", "description": "CPAN 2.28 allows Signature Verification Bypass.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2020-16156", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "perl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "5.32.1-4+deb11u4" }, "9JIazCQjSvYhpG9KE6d7Pg==": { "id": "9JIazCQjSvYhpG9KE6d7Pg==", "updater": "debian/updater", "name": "CVE-2025-8058", "description": "The regcomp function in the GNU C library version from 2.4 to 2.41 is subject to a double free if some previous allocation fails. It can be accomplished either by a malloc failure or by using an interposed malloc that injects random malloc failures. The double free can allow buffer manipulation depending of how the regex is constructed. This issue affects all architectures and ABIs supported by the GNU C library.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-8058", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "9ThuL3zLKpmduvKpiDZ60w==": { "id": "9ThuL3zLKpmduvKpiDZ60w==", "updater": "debian/updater", "name": "CVE-2026-24515", "description": "In libexpat before 2.7.4, XML_ExternalEntityParserCreate does not copy unknown encoding handler user data.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-24515", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "9sNDKQtqg7Z3gJr//JQlvg==": { "id": "9sNDKQtqg7Z3gJr//JQlvg==", "updater": "debian/updater", "name": "CVE-2025-32990", "description": "A heap-buffer-overflow (off-by-one) flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds (OOB) NULL pointer write, resulting in memory corruption and a denial-of-service (DoS) that could potentially crash the system.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-32990", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "gnutls28", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "3.7.1-5+deb11u8" }, "9xk1p07t4ZV999E3HyfhVA==": { "id": "9xk1p07t4ZV999E3HyfhVA==", "updater": "debian/updater", "name": "CVE-2026-5704", "description": "A flaw was found in tar. A remote attacker could exploit this vulnerability by crafting a malicious archive, leading to hidden file injection with fully attacker-controlled content. This bypasses pre-extraction inspection mechanisms, potentially allowing an attacker to introduce malicious files onto a system without detection.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-5704", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "tar", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "ANq7+l7+5U6IDt9eU02u5w==": { "id": "ANq7+l7+5U6IDt9eU02u5w==", "updater": "debian/updater", "name": "CVE-2022-3219", "description": "GnuPG can be made to spin on a relatively small input by (for example) crafting a public key with thousands of signatures attached, compressed down to just a few KB.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2022-3219", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "ASrdm9EROwWp9Ip2w7HH5w==": { "id": "ASrdm9EROwWp9Ip2w7HH5w==", "updater": "debian/updater", "name": "CVE-2022-3821", "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2022-3821", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "247.3-7+deb11u2" }, "AvPdNumiwGnBie+lo1du3A==": { "id": "AvPdNumiwGnBie+lo1du3A==", "updater": "debian/updater", "name": "CVE-2023-31486", "description": "HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-31486", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "perl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "B78vSIll2muNDyY3F7urzw==": { "id": "B78vSIll2muNDyY3F7urzw==", "updater": "debian/updater", "name": "CVE-2026-34743", "description": "XZ Utils provide a general-purpose data-compression library plus command-line tools. Prior to version 5.8.3, if lzma_index_decoder() was used to decode an Index that contained no Records, the resulting lzma_index was left in a state where where a subsequent lzma_index_append() would allocate too little memory, and a buffer overflow would occur. This issue has been patched in version 5.8.3.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-34743", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "xz-utils", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "Ba+eHoq0U7aq9Kxwg98r8Q==": { "id": "Ba+eHoq0U7aq9Kxwg98r8Q==", "updater": "debian/updater", "name": "CVE-2025-8941", "description": "A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a \"complete\" fix for CVE-2025-6020.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-8941", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "pam", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "BtqRPc7F47wJWygPNOxw1w==": { "id": "BtqRPc7F47wJWygPNOxw1w==", "updater": "debian/updater", "name": "CVE-2026-32778", "description": "libexpat before 2.7.5 allows a NULL pointer dereference in the function setContext on retry after an earlier ouf-of-memory condition.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-32778", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "BxMnseA9J6OW2RWxSrlbyQ==": { "id": "BxMnseA9J6OW2RWxSrlbyQ==", "updater": "debian/updater", "name": "CVE-2021-36690", "description": "A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report because a sqlite3.exe user already has full privileges (e.g., is intentionally allowed to execute commands). This report does NOT imply any problem in the SQLite library.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2021-36690", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "sqlite3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "3.34.1-3+deb11u1" }, "CaLsKNvkpKlxKVBlUnje9Q==": { "id": "CaLsKNvkpKlxKVBlUnje9Q==", "updater": "debian/updater", "name": "CVE-2021-36087", "description": "The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2021-36087", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "libsepol", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "3.1-1+deb11u1" }, "CfS0L/tTata7W0FXXtQ4EQ==": { "id": "CfS0L/tTata7W0FXXtQ4EQ==", "updater": "debian/updater", "name": "CVE-2026-4438", "description": "Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the caller in violation of the DNS specification.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-4438", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "CtYegggqGbMfg16G/qfITQ==": { "id": "CtYegggqGbMfg16G/qfITQ==", "updater": "debian/updater", "name": "CVE-2013-4235", "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2013-4235", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "shadow", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "DJOf0vCfrT4GvRr/tBJhbg==": { "id": "DJOf0vCfrT4GvRr/tBJhbg==", "updater": "debian/updater", "name": "CVE-2024-33601", "description": "nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a memory allocation failure resulting in a denial of service to the clients. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-33601", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "2.31-13+deb11u10" }, "DRKFIYYNzLumACBV1CW/rw==": { "id": "DRKFIYYNzLumACBV1CW/rw==", "updater": "debian/updater", "name": "CVE-2022-35737", "description": "SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2022-35737", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "sqlite3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "DS2nhayHHtinLlFzZheSwg==": { "id": "DS2nhayHHtinLlFzZheSwg==", "updater": "debian/updater", "name": "CVE-2025-66382", "description": "In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-66382", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "DfxJWBpJUY1aHu0ZUSilDg==": { "id": "DfxJWBpJUY1aHu0ZUSilDg==", "updater": "debian/updater", "name": "CVE-2018-6829", "description": "cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for Libgcrypt's ElGamal implementation.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2018-6829", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "libgcrypt20", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "DkvPjH9ZM3anH55rsU+i3w==": { "id": "DkvPjH9ZM3anH55rsU+i3w==", "updater": "debian/updater", "name": "CVE-2026-41080", "description": "libexpat before 2.7.6 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-41080", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "ELw1b1vO2YOtV7qNQijgCw==": { "id": "ELw1b1vO2YOtV7qNQijgCw==", "updater": "debian/updater", "name": "CVE-2026-4437", "description": "Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from the configured DNS server, result in a violation of the DNS specification that causes the application to treat a non-answer section of the DNS response as a valid answer.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-4437", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "EYo03ICovWfCjw2cKpwx4Q==": { "id": "EYo03ICovWfCjw2cKpwx4Q==", "updater": "debian/updater", "name": "CVE-2005-2541", "description": "Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2005-2541", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "tar", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "EajCJi704nU1+LqESNMC1w==": { "id": "EajCJi704nU1+LqESNMC1w==", "updater": "debian/updater", "name": "CVE-2024-0727", "description": "Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summary: Applications loading files in the PKCS12 format from untrusted sources might terminate abruptly. A file in PKCS12 format can contain certificates and keys and may come from an untrusted source. The PKCS12 specification allows certain fields to be NULL, but OpenSSL does not correctly check for this case. This can lead to a NULL pointer dereference that results in OpenSSL crashing. If an application processes PKCS12 files from an untrusted source using the OpenSSL APIs then that application will be vulnerable to this issue. OpenSSL APIs that are vulnerable to this are: PKCS12_parse(), PKCS12_unpack_p7data(), PKCS12_unpack_p7encdata(), PKCS12_unpack_authsafes() and PKCS12_newpass(). We have also fixed a similar issue in SMIME_write_PKCS7(). However since this function is related to writing data we do not consider it security significant. The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-0727", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1w-0+deb11u2" }, "EvarhwbaAMrD3meGYFByGg==": { "id": "EvarhwbaAMrD3meGYFByGg==", "updater": "debian/updater", "name": "CVE-2023-50495", "description": "NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-50495", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "F0zkrLGlbsix59P9mqoAOg==": { "id": "F0zkrLGlbsix59P9mqoAOg==", "updater": "debian/updater", "name": "CVE-2025-30258", "description": "In GnuPG before 2.5.5, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that has incorrect usage flags, the user loses the ability to verify signatures made from certain other signing keys, aka a \"verification DoS.\"", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-30258", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "G45dR+E8Wb+bEhCdwuqUDg==": { "id": "G45dR+E8Wb+bEhCdwuqUDg==", "updater": "debian/updater", "name": "CVE-2019-20838", "description": "libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \\X or \\R has more than one fixed quantifier, a related issue to CVE-2019-20454.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2019-20838", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "pcre3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "GPLYq884jQKVksfMc+b7OQ==": { "id": "GPLYq884jQKVksfMc+b7OQ==", "updater": "debian/updater", "name": "CVE-2022-1304", "description": "An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2022-1304", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "e2fsprogs", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.46.2-2+deb11u1" }, "GRlufCZFwHNK64OQNCFIcg==": { "id": "GRlufCZFwHNK64OQNCFIcg==", "updater": "debian/updater", "name": "CVE-2013-4392", "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2013-4392", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "GezxxUl3QPWUTitg/VHmlQ==": { "id": "GezxxUl3QPWUTitg/VHmlQ==", "updater": "debian/updater", "name": "CVE-2019-1010024", "description": "GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2019-1010024", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "GmBi7n85v8sX6ItoMSgvlQ==": { "id": "GmBi7n85v8sX6ItoMSgvlQ==", "updater": "debian/updater", "name": "CVE-2025-9230", "description": "Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds write can cause a memory corruption which can have various consequences including a Denial of Service or Execution of attacker-supplied code. Although the consequences of a successful exploit of this vulnerability could be severe, the probability that the attacker would be able to perform it is low. Besides, password based (PWRI) encryption support in CMS messages is very rarely used. For that reason the issue was assessed as Moderate severity according to our Security Policy. The FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this issue, as the CMS implementation is outside the OpenSSL FIPS module boundary.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-9230", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1w-0+deb11u4" }, "HuTBrVHKx7uaMtQjiqifKQ==": { "id": "HuTBrVHKx7uaMtQjiqifKQ==", "updater": "debian/updater", "name": "CVE-2024-0567", "description": "A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to initiate a denial of service attack.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-0567", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "gnutls28", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "3.7.1-5+deb11u5" }, "IJPGr43VMeLym6tW3EWgdg==": { "id": "IJPGr43VMeLym6tW3EWgdg==", "updater": "debian/updater", "name": "CVE-2024-8176", "description": "A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-8176", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "IvA5abshk33BAuuBar/pVQ==": { "id": "IvA5abshk33BAuuBar/pVQ==", "updater": "debian/updater", "name": "CVE-2024-45492", "description": "An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX).", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-45492", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "2.2.10-2+deb11u6" }, "IwuADin5bagOGQErETBgWw==": { "id": "IwuADin5bagOGQErETBgWw==", "updater": "debian/updater", "name": "CVE-2026-4046", "description": "The iconv() function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely crash an application. This vulnerability can be trivially mitigated by removing the IBM1390 and IBM1399 character sets from systems that do not need them.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-4046", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "Jl0PQIP9L3ufSvQ2j71iww==": { "id": "Jl0PQIP9L3ufSvQ2j71iww==", "updater": "osv/pypi", "name": "GHSA-r9hx-vwmv-q579", "description": "pypa/setuptools vulnerable to Regular Expression Denial of Service (ReDoS)", "issued": "2022-12-23T00:30:23Z", "links": "https://nvd.nist.gov/vuln/detail/CVE-2022-40897 https://github.com/pypa/setuptools/issues/3659 https://github.com/pypa/setuptools/commit/43a9c9bfa6aa626ec2a22540bea28d2ca77964be https://setuptools.pypa.io/en/latest https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20230214-0001 https://pyup.io/vulnerabilities/CVE-2022-40897/52495 https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YNA2BAH2ACBZ4TVJZKFLCR7L23BG5C3H https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ADES3NLOE5QJKBLGNZNI2RGVOSQXA37R https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YNA2BAH2ACBZ4TVJZKFLCR7L23BG5C3H https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ADES3NLOE5QJKBLGNZNI2RGVOSQXA37R https://lists.debian.org/debian-lts-announce/2024/09/msg00018.html https://github.com/pypa/setuptools/compare/v65.5.0...v65.5.1 https://github.com/pypa/setuptools/blob/fe8a98e696241487ba6ac9f91faa38ade939ec5d/setuptools/package_index.py#L200 https://github.com/pypa/setuptools https://github.com/pypa/advisory-database/tree/main/vulns/setuptools/PYSEC-2022-43012.yaml", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "High", "package": { "id": "", "name": "setuptools", "version": "", "kind": "binary", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "pypi", "uri": "https://pypi.org/", "cpe": "" }, "fixed_in_version": "fixed=65.5.1" }, "KLrAiYCJHdmWQ2RaqUywlA==": { "id": "KLrAiYCJHdmWQ2RaqUywlA==", "updater": "debian/updater", "name": "CVE-2022-4304", "description": "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2022-4304", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1n-0+deb11u4" }, "KZ3Jt7zkiM272dGLstI4XA==": { "id": "KZ3Jt7zkiM272dGLstI4XA==", "updater": "debian/updater", "name": "CVE-2013-0340", "description": "expat before version 2.4.0 does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a crafted XML document, aka an XML External Entity (XXE) issue. NOTE: it could be argued that because expat already provides the ability to disable external entity expansion, the responsibility for resolving this issue lies with application developers; according to this argument, this entry should be REJECTed, and each affected application would need its own CVE.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2013-0340", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "KaoEuixR8E5nnpGZ1pG25w==": { "id": "KaoEuixR8E5nnpGZ1pG25w==", "updater": "debian/updater", "name": "CVE-2024-0553", "description": "A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK key exchange, potentially leading to the leakage of sensitive data. CVE-2024-0553 is designated as an incomplete resolution for CVE-2023-5981.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-0553", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "gnutls28", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "3.7.1-5+deb11u5" }, "KvTZOL1MGCoBHaXdBx1RcA==": { "id": "KvTZOL1MGCoBHaXdBx1RcA==", "updater": "debian/updater", "name": "CVE-2024-10041", "description": "A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input (stdin). As this occurs, the attacker can train the branch predictor to execute an ROP chain speculatively. This flaw could result in leaked passwords, such as those found in /etc/shadow while performing authentications.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-10041", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "pam", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "KwgIGMm765S+zvIBAwM9+g==": { "id": "KwgIGMm765S+zvIBAwM9+g==", "updater": "debian/updater", "name": "CVE-2022-4899", "description": "A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2022-4899", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "libzstd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "LD4zPH3rZZkbSPN5ojHClA==": { "id": "LD4zPH3rZZkbSPN5ojHClA==", "updater": "debian/updater", "name": "TEMP-0628843-DBAD28", "description": "", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/TEMP-0628843-DBAD28", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "shadow", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "MDmWztEMrTY+VyVp5c+Fvw==": { "id": "MDmWztEMrTY+VyVp5c+Fvw==", "updater": "debian/updater", "name": "TEMP-0841856-B18BAF", "description": "", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/TEMP-0841856-B18BAF", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "bash", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "MXRm//dBCnWFem5zffvqmA==": { "id": "MXRm//dBCnWFem5zffvqmA==", "updater": "debian/updater", "name": "CVE-2022-3715", "description": "A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. This issue may lead to memory problems.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2022-3715", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "bash", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "MYYkxlB4Ank1zsdIh41apg==": { "id": "MYYkxlB4Ank1zsdIh41apg==", "updater": "debian/updater", "name": "CVE-2024-2961", "description": "The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-2961", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "2.31-13+deb11u9" }, "MdrEi+/OrLlW3zDrheID2Q==": { "id": "MdrEi+/OrLlW3zDrheID2Q==", "updater": "debian/updater", "name": "CVE-2025-59375", "description": "libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-59375", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "Mmh4dm/jzK4QVSJqQVsCDw==": { "id": "Mmh4dm/jzK4QVSJqQVsCDw==", "updater": "debian/updater", "name": "CVE-2026-22796", "description": "Issue summary: A type confusion vulnerability exists in the signature verification of signed PKCS#7 data where an ASN1_TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference when processing malformed PKCS#7 data. Impact summary: An application performing signature verification of PKCS#7 data or calling directly the PKCS7_digest_from_attributes() function can be caused to dereference an invalid or NULL pointer when reading, resulting in a Denial of Service. The function PKCS7_digest_from_attributes() accesses the message digest attribute value without validating its type. When the type is not V_ASN1_OCTET_STRING, this results in accessing invalid memory through the ASN1_TYPE union, causing a crash. Exploiting this vulnerability requires an attacker to provide a malformed signed PKCS#7 to an application that verifies it. The impact of the exploit is just a Denial of Service, the PKCS7 API is legacy and applications should be using the CMS API instead. For these reasons the issue was assessed as Low severity. The FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the PKCS#7 parsing implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-22796", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1w-0+deb11u5" }, "Mnnh2CmlXNNRCBXvqdG9ig==": { "id": "Mnnh2CmlXNNRCBXvqdG9ig==", "updater": "debian/updater", "name": "CVE-2026-28387", "description": "Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may result in a use-after-free and/or double-free on the client side. Impact summary: A use after free can have a range of potential consequences such as the corruption of valid data, crashes or execution of arbitrary code. However, the issue only affects clients that make use of TLSA records with both the PKIX-TA(0/PKIX-EE(1) certificate usages and the DANE-TA(2) certificate usage. By far the most common deployment of DANE is in SMTP MTAs for which RFC7672 recommends that clients treat as 'unusable' any TLSA records that have the PKIX certificate usages. These SMTP (or other similar) clients are not vulnerable to this issue. Conversely, any clients that support only the PKIX usages, and ignore the DANE-TA(2) usage are also not vulnerable. The client would also need to be communicating with a server that publishes a TLSA RRset with both types of TLSA records. No FIPS modules are affected by this issue, the problem code is outside the FIPS module boundary.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-28387", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "Mxv06g47iCk7QIqi7Xbojw==": { "id": "Mxv06g47iCk7QIqi7Xbojw==", "updater": "debian/updater", "name": "CVE-2023-45853", "description": "MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an affected zlib version, and exposes the applicable MiniZip code through its compress API.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-45853", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "zlib", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "NYWveHKKsIYIKl+vE8UEhw==": { "id": "NYWveHKKsIYIKl+vE8UEhw==", "updater": "debian/updater", "name": "TEMP-0517018-A83CE6", "description": "", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/TEMP-0517018-A83CE6", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "sysvinit", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "Ns8JH9Yqo6xZiGzihN4B3g==": { "id": "Ns8JH9Yqo6xZiGzihN4B3g==", "updater": "debian/updater", "name": "CVE-2024-22365", "description": "linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-22365", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "pam", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.4.0-9+deb11u2" }, "Nzgd66Rt/zG5Z8ZfbjecYA==": { "id": "Nzgd66Rt/zG5Z8ZfbjecYA==", "updater": "debian/updater", "name": "CVE-2024-26461", "description": "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-26461", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "krb5", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "OB48XTRaksNPWPm0dVHJmQ==": { "id": "OB48XTRaksNPWPm0dVHJmQ==", "updater": "debian/updater", "name": "CVE-2025-3576", "description": "A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This may lead to unauthorized message tampering.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-3576", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "krb5", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.18.3-6+deb11u7" }, "OTqcMsspao5I6JZMETZ06w==": { "id": "OTqcMsspao5I6JZMETZ06w==", "updater": "debian/updater", "name": "CVE-2026-0915", "description": "Calling getnetbyaddr or getnetbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend for networks and queries for a zero-valued network in the GNU C Library version 2.0 to version 2.42 can leak stack contents to the configured DNS resolver.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-0915", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "P4mYk7npVU6t91mlbAb8QA==": { "id": "P4mYk7npVU6t91mlbAb8QA==", "updater": "debian/updater", "name": "CVE-2024-2511", "description": "Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem can occur in TLSv1.3 if the non-default SSL_OP_NO_TICKET option is being used (but not if early_data support is also configured and the default anti-replay protection is in use). In this case, under certain conditions, the session cache can get into an incorrect state and it will fail to flush properly as it fills. The session cache will continue to grow in an unbounded manner. A malicious client could deliberately create the scenario for this failure to force a Denial of Service. It may also happen by accident in normal operation. This issue only affects TLS servers supporting TLSv1.3. It does not affect TLS clients. The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue. OpenSSL 1.0.2 is also not affected by this issue.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-2511", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1w-0+deb11u2" }, "PJI8cpGpF5+qVan9H5W87Q==": { "id": "PJI8cpGpF5+qVan9H5W87Q==", "updater": "debian/updater", "name": "CVE-2024-28085", "description": "wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-28085", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "util-linux", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "2.36.1-8+deb11u2" }, "PUY4fn57nsAU2qBLtgRtdw==": { "id": "PUY4fn57nsAU2qBLtgRtdw==", "updater": "osv/pypi", "name": "GHSA-6vgw-5pg2-w6jp", "description": "pip Path Traversal vulnerability", "issued": "2026-02-02T15:30:34Z", "links": "https://nvd.nist.gov/vuln/detail/CVE-2026-1703 https://github.com/pypa/pip/pull/13777 https://github.com/pypa/pip/commit/8e227a9be4faa9594e05d02ca05a413a2a4e7735 https://github.com/pypa/pip https://mail.python.org/archives/list/security-announce@python.org/thread/WIEA34D4TABF2UNQJAOMXKCICSPBE2DJ", "severity": "LOW", "normalized_severity": "Low", "package": { "id": "", "name": "pip", "version": "", "kind": "binary", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "pypi", "uri": "https://pypi.org/", "cpe": "" }, "fixed_in_version": "fixed=26.0" }, "Pj9V3uC2c9o+P6lTpzzGeA==": { "id": "Pj9V3uC2c9o+P6lTpzzGeA==", "updater": "osv/pypi", "name": "PYSEC-2025-49", "description": "", "issued": "2025-05-17T16:15:19Z", "links": "https://github.com/pypa/setuptools/security/advisories/GHSA-5rjg-fvgr-3xxf https://lists.debian.org/debian-lts-announce/2025/05/msg00035.html https://github.com/pypa/setuptools/issues/4946 https://github.com/pypa/setuptools/commit/250a6d17978f9f6ac3ac887091f2d32886fbbb0b https://github.com/pypa/setuptools/blob/6ead555c5fb29bc57fe6105b1bffc163f56fd558/setuptools/package_index.py#L810C1-L825C88", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "setuptools", "version": "", "kind": "binary", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "pypi", "uri": "https://pypi.org/", "cpe": "" }, "fixed_in_version": "fixed=78.1.1" }, "QEROZuK4q+zt8UbP6ZV8wg==": { "id": "QEROZuK4q+zt8UbP6ZV8wg==", "updater": "debian/updater", "name": "CVE-2025-69418", "description": "Issue summary: When using the low-level OCB API directly with AES-NI or\u003cbr\u003eother hardware-accelerated code paths, inputs whose length is not a multiple\u003cbr\u003eof 16 bytes can leave the final partial block unencrypted and unauthenticated.\u003cbr\u003e\u003cbr\u003eImpact summary: The trailing 1-15 bytes of a message may be exposed in\u003cbr\u003ecleartext on encryption and are not covered by the authentication tag,\u003cbr\u003eallowing an attacker to read or tamper with those bytes without detection.\u003cbr\u003e\u003cbr\u003eThe low-level OCB encrypt and decrypt routines in the hardware-accelerated\u003cbr\u003estream path process full 16-byte blocks but do not advance the input/output\u003cbr\u003epointers. The subsequent tail-handling code then operates on the original\u003cbr\u003ebase pointers, effectively reprocessing the beginning of the buffer while\u003cbr\u003eleaving the actual trailing bytes unprocessed. The authentication checksum\u003cbr\u003ealso excludes the true tail bytes.\u003cbr\u003e\u003cbr\u003eHowever, typical OpenSSL consumers using EVP are not affected because the\u003cbr\u003ehigher-level EVP and provider OCB implementations split inputs so that full\u003cbr\u003eblocks and trailing partial blocks are processed in separate calls, avoiding\u003cbr\u003ethe problematic code path. Additionally, TLS does not use OCB ciphersuites.\u003cbr\u003eThe vulnerability only affects applications that call the low-level\u003cbr\u003eCRYPTO_ocb128_encrypt() or CRYPTO_ocb128_decrypt() functions directly with\u003cbr\u003enon-block-aligned lengths in a single call on hardware-accelerated builds.\u003cbr\u003eFor these reasons the issue was assessed as Low severity.\u003cbr\u003e\u003cbr\u003eThe FIPS modules in 3.6, 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected\u003cbr\u003eby this issue, as OCB mode is not a FIPS-approved algorithm.\u003cbr\u003e\u003cbr\u003eOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue.\u003cbr\u003e\u003cbr\u003eOpenSSL 1.0.2 is not affected by this issue.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-69418", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1w-0+deb11u5" }, "QGq5D5QwQKPerzYOBVoSsg==": { "id": "QGq5D5QwQKPerzYOBVoSsg==", "updater": "osv/pypi", "name": "GHSA-cx63-2mw6-8hw5", "description": "setuptools vulnerable to Command Injection via package URL", "issued": "2024-07-15T03:30:57Z", "links": "https://nvd.nist.gov/vuln/detail/CVE-2024-6345 https://github.com/pypa/setuptools/pull/4332 https://github.com/pypa/setuptools/commit/88807c7062788254f654ea8c03427adc859321f0 https://github.com/pypa/setuptools https://huntr.com/bounties/d6362117-ad57-4e83-951f-b8141c6e7ca5 https://lists.debian.org/debian-lts-announce/2024/09/msg00018.html", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "setuptools", "version": "", "kind": "binary", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "pypi", "uri": "https://pypi.org/", "cpe": "" }, "fixed_in_version": "fixed=70.0.0" }, "Qd2XnJZ3qaQ3AbyDXUaR2A==": { "id": "Qd2XnJZ3qaQ3AbyDXUaR2A==", "updater": "osv/pypi", "name": "PYSEC-2022-43012", "description": "", "issued": "2022-12-23T00:15:00Z", "links": "https://github.com/pypa/setuptools/blob/fe8a98e696241487ba6ac9f91faa38ade939ec5d/setuptools/package_index.py#L200 https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages/ https://github.com/pypa/setuptools/compare/v65.5.0...v65.5.1 https://github.com/pypa/setuptools/commit/43a9c9bfa6aa626ec2a22540bea28d2ca77964be https://pyup.io/vulnerabilities/CVE-2022-40897/52495/", "severity": "", "normalized_severity": "Unknown", "package": { "id": "", "name": "setuptools", "version": "", "kind": "binary", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "pypi", "uri": "https://pypi.org/", "cpe": "" }, "fixed_in_version": "fixed=65.5.1" }, "QopvyNp/5Ata9NdAUhFygw==": { "id": "QopvyNp/5Ata9NdAUhFygw==", "updater": "debian/updater", "name": "CVE-2025-5278", "description": "A flaw was found in GNU Coreutils. The sort utility's begfield() function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitive data.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-5278", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "coreutils", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "SNR1VT02i1HBHxqGRTeBAQ==": { "id": "SNR1VT02i1HBHxqGRTeBAQ==", "updater": "debian/updater", "name": "CVE-2025-9820", "description": "A flaw was found in the GnuTLS library, specifically in the gnutls_pkcs11_token_init() function that handles PKCS#11 token initialization. When a token label longer than expected is processed, the function writes past the end of a fixed-size stack buffer. This programming error can cause the application using GnuTLS to crash or, in certain conditions, be exploited for code execution. As a result, systems or applications relying on GnuTLS may be vulnerable to a denial of service or local privilege escalation attacks.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-9820", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "gnutls28", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "3.7.1-5+deb11u9" }, "T2SiDOPpMK0bU0Y0qkOm1A==": { "id": "T2SiDOPpMK0bU0Y0qkOm1A==", "updater": "debian/updater", "name": "CVE-2019-1010025", "description": "GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is \"ASLR bypass itself is not a vulnerability.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "T4I8pNAq5VIHzHdHBx3kMA==": { "id": "T4I8pNAq5VIHzHdHBx3kMA==", "updater": "debian/updater", "name": "CVE-2025-24528", "description": "In MIT Kerberos 5 (aka krb5) before 1.22 (with incremental propagation), there is an integer overflow for a large update size to resize() in kdb_log.c. An authenticated attacker can cause an out-of-bounds write and kadmind daemon crash.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-24528", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "krb5", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.18.3-6+deb11u6" }, "TN8d5UGyH2D+dtBNYjKyKg==": { "id": "TN8d5UGyH2D+dtBNYjKyKg==", "updater": "osv/pypi", "name": "ECHO-ffe1-1d3c-d9bc", "description": "", "issued": "2025-09-25T13:30:24Z", "links": "https://advisory.echohq.com/cve/CVE-2025-8869", "severity": "", "normalized_severity": "Unknown", "package": { "id": "", "name": "pip", "version": "", "kind": "binary", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "pypi", "uri": "https://pypi.org/", "cpe": "" }, "fixed_in_version": "fixed=25.2%2Becho.1" }, "Tcuyjettc5LT9G5wj3mSxw==": { "id": "Tcuyjettc5LT9G5wj3mSxw==", "updater": "debian/updater", "name": "CVE-2022-4450", "description": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the \"name\" (e.g. \"CERTIFICATE\"), any header data and the payload data. If the function succeeds then the \"name_out\", \"header\" and \"data\" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2022-4450", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1n-0+deb11u4" }, "TgHh5yPuwUnIt8v9WawGYw==": { "id": "TgHh5yPuwUnIt8v9WawGYw==", "updater": "debian/updater", "name": "CVE-2025-6141", "description": "A vulnerability has been found in GNU ncurses up to 6.5-20250322 and classified as problematic. This vulnerability affects the function postprocess_termcap of the file tinfo/parse_entry.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. Upgrading to version 6.5-20250329 is able to address this issue. It is recommended to upgrade the affected component.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-6141", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "U3JbUhrT2SqWNuYU5d13cQ==": { "id": "U3JbUhrT2SqWNuYU5d13cQ==", "updater": "debian/updater", "name": "CVE-2021-33560", "description": "Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2021-33560", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "libgcrypt20", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "U5598afGvRaltva6Rjqnug==": { "id": "U5598afGvRaltva6Rjqnug==", "updater": "debian/updater", "name": "CVE-2026-4105", "description": "A flaw was found in systemd. The systemd-machined service contains an Improper Access Control vulnerability due to insufficient validation of the class parameter in the RegisterMachine D-Bus (Desktop Bus) method. A local unprivileged user can exploit this by attempting to register a machine with a specific class value, which may leave behind a usable, attacker-controlled machine object. This allows the attacker to invoke methods on the privileged object, leading to the execution of arbitrary commands with root privileges on the host system.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-4105", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "247.3-7+deb11u8" }, "Ud6njM/DPIrfSPiFct82Lw==": { "id": "Ud6njM/DPIrfSPiFct82Lw==", "updater": "debian/updater", "name": "CVE-2023-52426", "description": "libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-52426", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "UdV1OleGh/0MAkug0ZAlcQ==": { "id": "UdV1OleGh/0MAkug0ZAlcQ==", "updater": "debian/updater", "name": "CVE-2026-25210", "description": "In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-25210", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "VzolVkOS5HseGzVTLzDMfA==": { "id": "VzolVkOS5HseGzVTLzDMfA==", "updater": "debian/updater", "name": "CVE-2023-39804", "description": "In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-39804", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "tar", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.34+dfsg-1+deb11u1" }, "WCGqond4znYKCRcm4xyPrg==": { "id": "WCGqond4znYKCRcm4xyPrg==", "updater": "debian/updater", "name": "CVE-2007-5686", "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2007-5686", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "shadow", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "WG/hQnqUufOh6/5/mlRi/Q==": { "id": "WG/hQnqUufOh6/5/mlRi/Q==", "updater": "debian/updater", "name": "CVE-2023-31439", "description": "An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent \"a reply denying that any of the finding was a security vulnerability.\"", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-31439", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "WHvU12ysgz1Ai1y1KSOiLA==": { "id": "WHvU12ysgz1Ai1y1KSOiLA==", "updater": "debian/updater", "name": "CVE-2024-33599", "description": "nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-33599", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "2.31-13+deb11u10" }, "WWnQMI7f7f75SgC9Dcl+QQ==": { "id": "WWnQMI7f7f75SgC9Dcl+QQ==", "updater": "debian/updater", "name": "TEMP-0290435-0B57B5", "description": "", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/TEMP-0290435-0B57B5", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "tar", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "WcYPrwv9PSVoVoof5MRsxQ==": { "id": "WcYPrwv9PSVoVoof5MRsxQ==", "updater": "osv/pypi", "name": "PYSEC-2023-228", "description": "", "issued": "2023-10-25T18:17:00Z", "links": "https://mail.python.org/archives/list/security-announce@python.org/thread/F4PL35U6X4VVHZ5ILJU3PWUWN7H7LZXL/ https://github.com/pypa/pip/pull/12306", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "pip", "version": "", "kind": "binary", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "pypi", "uri": "https://pypi.org/", "cpe": "" }, "fixed_in_version": "fixed=23.3" }, "WxlxRC1KqAo8Mejv03fZGA==": { "id": "WxlxRC1KqAo8Mejv03fZGA==", "updater": "debian/updater", "name": "CVE-2025-68972", "description": "In GnuPG through 2.4.8, if a signed message has \\f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an \"invalid armor\" message is printed during verification). This is related to use of \\f as a marker to denote truncation of a long plaintext line.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-68972", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "Xce4H7xsVfrtYV2aXED7xA==": { "id": "Xce4H7xsVfrtYV2aXED7xA==", "updater": "debian/updater", "name": "CVE-2017-18018", "description": "In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX \"-R -L\" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2017-18018", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "coreutils", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "XtT5+z5+yMbpdsyfkLItzA==": { "id": "XtT5+z5+yMbpdsyfkLItzA==", "updater": "debian/updater", "name": "CVE-2025-6395", "description": "A NULL pointer dereference flaw was found in the GnuTLS software in _gnutls_figure_common_ciphersuite().", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-6395", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "gnutls28", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "3.7.1-5+deb11u8" }, "Y++3+aMTeU3vX7BI4/zG6w==": { "id": "Y++3+aMTeU3vX7BI4/zG6w==", "updater": "debian/updater", "name": "CVE-2025-14831", "description": "A flaw was found in GnuTLS. This vulnerability allows a denial of service (DoS) by excessive CPU (Central Processing Unit) and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names (SANs).", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-14831", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "gnutls28", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "3.7.1-5+deb11u9" }, "Y4A2Zm5xcsipvfluZVH5fA==": { "id": "Y4A2Zm5xcsipvfluZVH5fA==", "updater": "debian/updater", "name": "CVE-2026-0861", "description": "Passing too large an alignment to the memalign suite of functions (memalign, posix_memalign, aligned_alloc) in the GNU C Library version 2.30 to 2.42 may result in an integer overflow, which could consequently result in a heap corruption. Note that the attacker must have control over both, the size as well as the alignment arguments of the memalign function to be able to exploit this. The size parameter must be close enough to PTRDIFF_MAX so as to overflow size_t along with the large alignment argument. This limits the malicious inputs for the alignment for memalign to the range [1\u003c\u003c62+ 1, 1\u003c\u003c63] and exactly 1\u003c\u003c63 for posix_memalign and aligned_alloc. Typically the alignment argument passed to such functions is a known constrained quantity (e.g. page size, block size, struct sizes) and is not attacker controlled, because of which this may not be easily exploitable in practice. An application bug could potentially result in the input alignment being too large, e.g. due to a different buffer overflow or integer overflow in the application or its dependent libraries, but that is again an uncommon usage pattern given typical sources of alignments.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-0861", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "YXTNVVKQsWY/LFuomB715g==": { "id": "YXTNVVKQsWY/LFuomB715g==", "updater": "debian/updater", "name": "CVE-2025-13151", "description": "Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a buffer overflow in asn1_expend_octet_string.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-13151", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "libtasn1-6", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "ZbWtFXr0WyByV4kCb3M6FA==": { "id": "ZbWtFXr0WyByV4kCb3M6FA==", "updater": "debian/updater", "name": "CVE-2023-5981", "description": "A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-5981", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "gnutls28", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "3.7.1-5+deb11u4" }, "ZdGgPSEZdeQ3XJo0+ZpAXQ==": { "id": "ZdGgPSEZdeQ3XJo0+ZpAXQ==", "updater": "debian/updater", "name": "CVE-2019-1010023", "description": "GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2019-1010023", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "ZrZi02myDWWW0L5oPQj/cg==": { "id": "ZrZi02myDWWW0L5oPQj/cg==", "updater": "debian/updater", "name": "CVE-2017-11164", "description": "In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2017-11164", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "pcre3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "ZxTVeoHgmvhWXsV+xLzphA==": { "id": "ZxTVeoHgmvhWXsV+xLzphA==", "updater": "debian/updater", "name": "CVE-2023-4813", "description": "A flaw has been identified in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-4813", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "aWm6E1ULjtuw0ydmFnsI4A==": { "id": "aWm6E1ULjtuw0ydmFnsI4A==", "updater": "debian/updater", "name": "CVE-2025-6297", "description": "It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given automated and repeated execution of dpkg-deb commands on adversarial .deb packages or with well compressible files, placed inside a directory with permissions not allowing removal by a non-root user, this can end up in a DoS scenario due to causing disk quota exhaustion or disk full conditions.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-6297", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "dpkg", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "afNm575eldgXY3DOGUNdqQ==": { "id": "afNm575eldgXY3DOGUNdqQ==", "updater": "debian/updater", "name": "CVE-2026-28388", "description": "Issue summary: When a delta CRL that contains a Delta CRL Indicator extension is processed a NULL pointer dereference might happen if the required CRL Number extension is missing. Impact summary: A NULL pointer dereference can trigger a crash which leads to a Denial of Service for an application. When CRL processing and delta CRL processing is enabled during X.509 certificate verification, the delta CRL processing does not check whether the CRL Number extension is NULL before dereferencing it. When a malformed delta CRL file is being processed, this parameter can be NULL, causing a NULL pointer dereference. Exploiting this issue requires the X509_V_FLAG_USE_DELTAS flag to be enabled in the verification context, the certificate being verified to contain a freshestCRL extension or the base CRL to have the EXFLAG_FRESHEST flag set, and an attacker to provide a malformed CRL to an application that processes it. The vulnerability is limited to Denial of Service and cannot be escalated to achieve code execution or memory disclosure. For that reason the issue was assessed as Low severity according to our Security Policy. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-28388", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "aqMHDRnPT+3QNU/8tSwsog==": { "id": "aqMHDRnPT+3QNU/8tSwsog==", "updater": "debian/updater", "name": "CVE-2019-9192", "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2019-9192", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "b2D8D2g8yPwuRhswdqF0Rw==": { "id": "b2D8D2g8yPwuRhswdqF0Rw==", "updater": "debian/updater", "name": "CVE-2023-3446", "description": "Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. One of those checks confirms that the modulus ('p' parameter) is not too large. Trying to use a very large modulus is slow and OpenSSL will not normally use a modulus which is over 10,000 bits in length. However the DH_check() function checks numerous aspects of the key or parameters that have been supplied. Some of those checks use the supplied modulus value even if it has already been found to be too large. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulernable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the '-check' option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-3446", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1v-0~deb11u1" }, "bBymk1eoEM+tVYB+/Crz+g==": { "id": "bBymk1eoEM+tVYB+/Crz+g==", "updater": "debian/updater", "name": "CVE-2024-28835", "description": "A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the \"certtool --verify-chain\" command.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-28835", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "gnutls28", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "3.7.1-5+deb11u6" }, "bNvH54V1y9cXsGaCXVwFVw==": { "id": "bNvH54V1y9cXsGaCXVwFVw==", "updater": "osv/pypi", "name": "GHSA-5rjg-fvgr-3xxf", "description": "setuptools has a path traversal vulnerability in PackageIndex.download that leads to Arbitrary File Write", "issued": "2025-05-19T16:52:43Z", "links": "https://github.com/pypa/setuptools/security/advisories/GHSA-5rjg-fvgr-3xxf https://nvd.nist.gov/vuln/detail/CVE-2025-47273 https://github.com/pypa/setuptools/issues/4946 https://github.com/pypa/setuptools/commit/250a6d17978f9f6ac3ac887091f2d32886fbbb0b https://github.com/pypa/advisory-database/tree/main/vulns/setuptools/PYSEC-2025-49.yaml https://github.com/pypa/setuptools https://github.com/pypa/setuptools/blob/6ead555c5fb29bc57fe6105b1bffc163f56fd558/setuptools/package_index.py#L810C1-L825C88 https://lists.debian.org/debian-lts-announce/2025/05/msg00035.html", "severity": "HIGH", "normalized_severity": "High", "package": { "id": "", "name": "setuptools", "version": "", "kind": "binary", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "pypi", "uri": "https://pypi.org/", "cpe": "" }, "fixed_in_version": "fixed=78.1.1" }, "bX7iB3AnaRh9Z+itWa3Xyw==": { "id": "bX7iB3AnaRh9Z+itWa3Xyw==", "updater": "debian/updater", "name": "CVE-2026-31789", "description": "Issue summary: Converting an excessively large OCTET STRING value to a hexadecimal string leads to a heap buffer overflow on 32 bit platforms. Impact summary: A heap buffer overflow may lead to a crash or possibly an attacker controlled code execution or other undefined behavior. If an attacker can supply a crafted X.509 certificate with an excessively large OCTET STRING value in extensions such as the Subject Key Identifier (SKID) or Authority Key Identifier (AKID) which are being converted to hex, the size of the buffer needed for the result is calculated as multiplication of the input length by 3. On 32 bit platforms, this multiplication may overflow resulting in the allocation of a smaller buffer and a heap buffer overflow. Applications and services that print or log contents of untrusted X.509 certificates are vulnerable to this issue. As the certificates would have to have sizes of over 1 Gigabyte, printing or logging such certificates is a fairly unlikely operation and only 32 bit platforms are affected, this issue was assigned Low severity. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-31789", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "bZ2m6J3EIvmTdjYJprlOKA==": { "id": "bZ2m6J3EIvmTdjYJprlOKA==", "updater": "debian/updater", "name": "CVE-2021-36085", "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map).", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2021-36085", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "libsepol", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "3.1-1+deb11u1" }, "bjAyJcmSN59FnAeiA6RMIg==": { "id": "bjAyJcmSN59FnAeiA6RMIg==", "updater": "debian/updater", "name": "CVE-2026-28389", "description": "Issue summary: During processing of a crafted CMS EnvelopedData message with KeyAgreeRecipientInfo a NULL pointer dereference can happen. Impact summary: Applications that process attacker-controlled CMS data may crash before authentication or cryptographic operations occur resulting in Denial of Service. When a CMS EnvelopedData message that uses KeyAgreeRecipientInfo is processed, the optional parameters field of KeyEncryptionAlgorithmIdentifier is examined without checking for its presence. This results in a NULL pointer dereference if the field is missing. Applications and services that call CMS_decrypt() on untrusted input (e.g., S/MIME processing or CMS-based protocols) are vulnerable. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-28389", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "brAAPyN4siIQT5bxa9xu4g==": { "id": "brAAPyN4siIQT5bxa9xu4g==", "updater": "debian/updater", "name": "CVE-2023-47038", "description": "A vulnerability was found in perl 5.30.0 through 5.38.0. This issue occurs when a crafted regular expression is compiled by perl, which can allow an attacker controlled byte buffer overflow in a heap allocated buffer.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-47038", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "perl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "5.32.1-4+deb11u3" }, "c9VxNhSZmjnQmY3rI/q1PA==": { "id": "c9VxNhSZmjnQmY3rI/q1PA==", "updater": "debian/updater", "name": "CVE-2025-15281", "description": "Calling wordexp with WRDE_REUSE in conjunction with WRDE_APPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized memory in the we_wordv member, which on subsequent calls to wordfree may abort the process.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-15281", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "cHpKoxiUOXPYUJX1ihMLDg==": { "id": "cHpKoxiUOXPYUJX1ihMLDg==", "updater": "debian/updater", "name": "CVE-2018-5709", "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable \"dbentry-\u003en_key_data\" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a \"u4\" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2018-5709", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "krb5", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "cZD87tDO2q60EFy3BAZ33g==": { "id": "cZD87tDO2q60EFy3BAZ33g==", "updater": "debian/updater", "name": "CVE-2023-0464", "description": "A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial-of-service (DoS) attack on affected systems. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-0464", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1n-0+deb11u5" }, "ce9B0jxjyNiCfG4VtZhnVw==": { "id": "ce9B0jxjyNiCfG4VtZhnVw==", "updater": "debian/updater", "name": "CVE-2011-4116", "description": "_is_safe in the File::Temp module for Perl does not properly handle symlinks.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2011-4116", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "perl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "d1D8ilhRqv7A6eAzRE4Ojw==": { "id": "d1D8ilhRqv7A6eAzRE4Ojw==", "updater": "debian/updater", "name": "CVE-2023-29491", "description": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-29491", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "6.2+20201114-2+deb11u2" }, "dFbvYO8avXWxbjXnm5ACqQ==": { "id": "dFbvYO8avXWxbjXnm5ACqQ==", "updater": "debian/updater", "name": "CVE-2023-36054", "description": "lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-36054", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "krb5", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.18.3-6+deb11u4" }, "dUTZP+bcDNUqytJV02E1dQ==": { "id": "dUTZP+bcDNUqytJV02E1dQ==", "updater": "debian/updater", "name": "CVE-2025-6965", "description": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-6965", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "sqlite3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "dZ/H1sYv9QSX9VO93tlGLw==": { "id": "dZ/H1sYv9QSX9VO93tlGLw==", "updater": "osv/pypi", "name": "GHSA-4xh5-x5gv-qwph", "description": "pip's fallback tar extraction doesn't check symbolic links point to extraction directory", "issued": "2025-09-24T15:31:14Z", "links": "https://nvd.nist.gov/vuln/detail/CVE-2025-8869 https://github.com/pypa/pip/pull/13550 https://github.com/pypa/pip/commit/f2b92314da012b9fffa36b3f3e67748a37ef464a https://github.com/pypa/pip https://lists.debian.org/debian-lts-announce/2025/10/msg00028.html https://mail.python.org/archives/list/security-announce@python.org/thread/IF5A3GCJY3VH7BVHJKOWOJFKTW7VFQEN https://pip.pypa.io/en/stable/news/#v25-2", "severity": "MODERATE", "normalized_severity": "Medium", "package": { "id": "", "name": "pip", "version": "", "kind": "binary", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "pypi", "uri": "https://pypi.org/", "cpe": "" }, "fixed_in_version": "fixed=25.3" }, "eietxU2AL+GdeSQwh6n6XA==": { "id": "eietxU2AL+GdeSQwh6n6XA==", "updater": "debian/updater", "name": "CVE-2023-0215", "description": "The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions, for example if a CMS recipient public key is invalid, the new filter BIO is freed and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO then a use-after-free will occur. This will most likely result in a crash. This scenario occurs directly in the internal function B64_write_ASN1() which may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on the BIO. This internal function is in turn called by the public API functions PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. Other public API functions that may be impacted by this include i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and i2d_PKCS7_bio_stream. The OpenSSL cms and smime command line applications are similarly affected.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-0215", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1n-0+deb11u4" }, "epkSU4TSX3BVrueh1mbRzg==": { "id": "epkSU4TSX3BVrueh1mbRzg==", "updater": "debian/updater", "name": "CVE-2024-13176", "description": "Issue summary: A timing side-channel which could potentially allow recovering the private key exists in the ECDSA signature computation. Impact summary: A timing side-channel in ECDSA signature computations could allow recovering the private key by an attacker. However, measuring the timing would require either local access to the signing application or a very fast network connection with low latency. There is a timing signal of around 300 nanoseconds when the top word of the inverted ECDSA nonce value is zero. This can happen with significant probability only for some of the supported elliptic curves. In particular the NIST P-521 curve is affected. To be able to measure this leak, the attacker process must either be located in the same physical computer or must have a very fast network connection with low latency. For that reason the severity of this vulnerability is Low. The FIPS modules in 3.4, 3.3, 3.2, 3.1 and 3.0 are affected by this issue.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-13176", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1w-0+deb11u3" }, "f6s0c0I4Eo7U1vb/8R9ATg==": { "id": "f6s0c0I4Eo7U1vb/8R9ATg==", "updater": "debian/updater", "name": "CVE-2025-6020", "description": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-6020", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "pam", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.4.0-9+deb11u2" }, "fUdim7gaWpwZtynNz5GiKg==": { "id": "fUdim7gaWpwZtynNz5GiKg==", "updater": "debian/updater", "name": "CVE-2023-0361", "description": "A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-0361", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "gnutls28", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "3.7.1-5+deb11u3" }, "fXJD4KsFmfzjgWJPYHqTrQ==": { "id": "fXJD4KsFmfzjgWJPYHqTrQ==", "updater": "debian/updater", "name": "CVE-2019-8457", "description": "SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2019-8457", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "db5.3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "fharKhY7OXyx+gXJAwiegw==": { "id": "fharKhY7OXyx+gXJAwiegw==", "updater": "debian/updater", "name": "CVE-2025-29088", "description": "In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3_db_config (in the C-language API) can cause a denial of service (application crash). An sz*nBig multiplication is not cast to a 64-bit integer, and consequently some memory allocations may be incorrect.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-29088", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "sqlite3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "fkr6aZMLVO7g6mTdU91lcg==": { "id": "fkr6aZMLVO7g6mTdU91lcg==", "updater": "debian/updater", "name": "CVE-2026-3184", "description": "A flaw was found in util-linux. Improper hostname canonicalization in the `login(1)` utility, when invoked with the `-h` option, can modify the supplied remote hostname before setting `PAM_RHOST`. A remote attacker could exploit this by providing a specially crafted hostname, potentially bypassing host-based Pluggable Authentication Modules (PAM) access control rules that rely on fully qualified domain names. This could lead to unauthorized access.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-3184", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "util-linux", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "g44foSnimIkShQZtpEhjbQ==": { "id": "g44foSnimIkShQZtpEhjbQ==", "updater": "debian/updater", "name": "CVE-2011-3389", "description": "The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a \"BEAST\" attack.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2011-3389", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "gnutls28", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "g9KEtrzigl5TCrpvLCQU5A==": { "id": "g9KEtrzigl5TCrpvLCQU5A==", "updater": "debian/updater", "name": "CVE-2025-69419", "description": "Issue summary: Calling PKCS12_get_friendlyname() function on a maliciously crafted PKCS#12 file with a BMPString (UTF-16BE) friendly name containing non-ASCII BMP code point can trigger a one byte write before the allocated buffer. Impact summary: The out-of-bounds write can cause a memory corruption which can have various consequences including a Denial of Service. The OPENSSL_uni2utf8() function performs a two-pass conversion of a PKCS#12 BMPString (UTF-16BE) to UTF-8. In the second pass, when emitting UTF-8 bytes, the helper function bmp_to_utf8() incorrectly forwards the remaining UTF-16 source byte count as the destination buffer capacity to UTF8_putc(). For BMP code points above U+07FF, UTF-8 requires three bytes, but the forwarded capacity can be just two bytes. UTF8_putc() then returns -1, and this negative value is added to the output length without validation, causing the length to become negative. The subsequent trailing NUL byte is then written at a negative offset, causing write outside of heap allocated buffer. The vulnerability is reachable via the public PKCS12_get_friendlyname() API when parsing attacker-controlled PKCS#12 files. While PKCS12_parse() uses a different code path that avoids this issue, PKCS12_get_friendlyname() directly invokes the vulnerable function. Exploitation requires an attacker to provide a malicious PKCS#12 file to be parsed by the application and the attacker can just trigger a one zero byte write before the allocated buffer. For that reason the issue was assessed as Low severity according to our Security Policy. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the PKCS#12 implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue. OpenSSL 1.0.2 is not affected by this issue.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-69419", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1w-0+deb11u5" }, "gMRlXKqXSfP5n8UiPW430Q==": { "id": "gMRlXKqXSfP5n8UiPW430Q==", "updater": "debian/updater", "name": "CVE-2024-33602", "description": "nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory when the NSS callback does not store all strings in the provided buffer. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-33602", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "2.31-13+deb11u10" }, "h35IL7k4erNtmTSolINnjA==": { "id": "h35IL7k4erNtmTSolINnjA==", "updater": "osv/pypi", "name": "ECHO-7db2-03aa-5591", "description": "", "issued": "2026-02-03T08:35:22Z", "links": "https://advisory.echohq.com/cve/CVE-2026-1703", "severity": "", "normalized_severity": "Unknown", "package": { "id": "", "name": "pip", "version": "", "kind": "binary", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "pypi", "uri": "https://pypi.org/", "cpe": "" }, "fixed_in_version": "fixed=25.2%2Becho.1" }, "h7Lhy275V3QLvnBLGAulbw==": { "id": "h7Lhy275V3QLvnBLGAulbw==", "updater": "osv/pypi", "name": "PYSEC-2023-62", "description": "", "issued": "2023-05-02T18:15:00Z", "links": "https://github.com/pallets/flask/commit/70f906c51ce49c485f1d355703e9cc3386b1cc2b https://github.com/pallets/flask/releases/tag/2.3.2 https://github.com/pallets/flask/releases/tag/2.2.5 https://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq https://github.com/pallets/flask/commit/afd63b16170b7c047f5758eb910c416511e9c965", "severity": "", "normalized_severity": "Unknown", "package": { "id": "", "name": "flask", "version": "", "kind": "binary", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "pypi", "uri": "https://pypi.org/", "cpe": "" }, "fixed_in_version": "fixed=2.2.5" }, "hb+m0qlWxENYdrb1R811qA==": { "id": "hb+m0qlWxENYdrb1R811qA==", "updater": "debian/updater", "name": "CVE-2026-32776", "description": "libexpat before 2.7.5 allows a NULL pointer dereference with empty external parameter entity content.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-32776", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "jJNc2KwFwVg03DlaNN1nbA==": { "id": "jJNc2KwFwVg03DlaNN1nbA==", "updater": "debian/updater", "name": "CVE-2023-4806", "description": "A flaw has been identified in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-4806", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "jS/WQ+ua63nFUvjSzoQw1g==": { "id": "jS/WQ+ua63nFUvjSzoQw1g==", "updater": "debian/updater", "name": "CVE-2024-2236", "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-2236", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "libgcrypt20", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "k6VTDL+fxGnbqAk/IPGlnQ==": { "id": "k6VTDL+fxGnbqAk/IPGlnQ==", "updater": "debian/updater", "name": "CVE-2023-29383", "description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that \"cat /etc/passwd\" shows a rogue user account.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-29383", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "shadow", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1:4.8.1-1+deb11u1" }, "k6fjQGJuJ+9NXMFLa5+CgA==": { "id": "k6fjQGJuJ+9NXMFLa5+CgA==", "updater": "debian/updater", "name": "CVE-2016-2781", "description": "chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2016-2781", "severity": "low", "normalized_severity": "Medium", "package": { "id": "", "name": "coreutils", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "k82HOcJqNkts86KJ0glvow==": { "id": "k82HOcJqNkts86KJ0glvow==", "updater": "debian/updater", "name": "CVE-2023-31484", "description": "CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-31484", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "perl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "5.32.1-4+deb11u4" }, "kgqUyyy6Fd5CUNREC3t1jg==": { "id": "kgqUyyy6Fd5CUNREC3t1jg==", "updater": "debian/updater", "name": "CVE-2025-32988", "description": "A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name (SAN) entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1_delete_structure() on an ASN.1 node it does not own, leading to a double-free condition when the parent function or caller later attempts to free the same structure. This vulnerability can be triggered using only public GnuTLS APIs and may result in denial of service or memory corruption, depending on allocator behavior.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-32988", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "gnutls28", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "3.7.1-5+deb11u8" }, "khiBNMMi17UID6UagXI8LA==": { "id": "khiBNMMi17UID6UagXI8LA==", "updater": "debian/updater", "name": "CVE-2021-36086", "description": "The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list).", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2021-36086", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "libsepol", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "3.1-1+deb11u1" }, "kwKUYCnvi/GndNgicLw/RQ==": { "id": "kwKUYCnvi/GndNgicLw/RQ==", "updater": "debian/updater", "name": "CVE-2023-0466", "description": "The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with invalid or incorrect policies to pass the certificate verification. As suddenly enabling the policy check could break existing deployments it was decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() function. Instead the applications that require OpenSSL to perform certificate policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly enable the policy check by calling X509_VERIFY_PARAM_set_flags() with the X509_V_FLAG_POLICY_CHECK flag argument. Certificate policy checks are disabled by default in OpenSSL and are not commonly used by applications.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-0466", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1n-0+deb11u5" }, "kwonOUycdcBenNhjZ1b//Q==": { "id": "kwonOUycdcBenNhjZ1b//Q==", "updater": "osv/pypi", "name": "GHSA-68rp-wp8r-4726", "description": "Flask session does not add `Vary: Cookie` header when accessed in some ways", "issued": "2026-02-19T20:45:41Z", "links": "https://github.com/pallets/flask/security/advisories/GHSA-68rp-wp8r-4726 https://nvd.nist.gov/vuln/detail/CVE-2026-27205 https://github.com/pallets/flask/commit/089cb86dd22bff589a4eafb7ab8e42dc357623b4 https://github.com/pallets/flask https://github.com/pallets/flask/releases/tag/3.1.3", "severity": "LOW", "normalized_severity": "Low", "package": { "id": "", "name": "flask", "version": "", "kind": "binary", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "pypi", "uri": "https://pypi.org/", "cpe": "" }, "fixed_in_version": "fixed=3.1.3" }, "l6iyFrb04z9eZxh35gAtVA==": { "id": "l6iyFrb04z9eZxh35gAtVA==", "updater": "debian/updater", "name": "CVE-2025-0395", "description": "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-0395", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "2.31-13+deb11u12" }, "l8HSGkC4gSxCEUDns7KKfQ==": { "id": "l8HSGkC4gSxCEUDns7KKfQ==", "updater": "debian/updater", "name": "CVE-2011-3374", "description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2011-3374", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "apt", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "lAYsMZ/1tV9arAE2k+zsAQ==": { "id": "lAYsMZ/1tV9arAE2k+zsAQ==", "updater": "debian/updater", "name": "CVE-2023-31437", "description": "An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent \"a reply denying that any of the finding was a security vulnerability.\"", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-31437", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "lShmgiPGgmUIO0VwzhSBRA==": { "id": "lShmgiPGgmUIO0VwzhSBRA==", "updater": "debian/updater", "name": "CVE-2023-2650", "description": "Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJ_obj2txt() directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience notable to very long delays when processing those messages, which may lead to a Denial of Service. An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - most of which have no size limit. OBJ_obj2txt() may be used to translate an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL type ASN1_OBJECT) to its canonical numeric text form, which are the sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by periods. When one of the sub-identifiers in the OBJECT IDENTIFIER is very large (these are sizes that are seen as absurdly large, taking up tens or hundreds of KiBs), the translation to a decimal number in text may take a very long time. The time complexity is O(n^2) with 'n' being the size of the sub-identifiers in bytes (*). With OpenSSL 3.0, support to fetch cryptographic algorithms using names / identifiers in string form was introduced. This includes using OBJECT IDENTIFIERs in canonical numeric text form as identifiers for fetching algorithms. Such OBJECT IDENTIFIERs may be received through the ASN.1 structure AlgorithmIdentifier, which is commonly used in multiple protocols to specify what cryptographic algorithm should be used to sign or verify, encrypt or decrypt, or digest passed data. Applications that call OBJ_obj2txt() directly with untrusted data are affected, with any version of OpenSSL. If the use is for the mere purpose of display, the severity is considered low. In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 certificates, including simple things like verifying its signature. The impact on TLS is relatively low, because all versions of OpenSSL have a 100KiB limit on the peer's certificate chain. Additionally, this only impacts clients, or servers that have explicitly enabled client authentication. In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, such as X.509 certificates. This is assumed to not happen in such a way that it would cause a Denial of Service, so these versions are considered not affected by this issue in such a way that it would be cause for concern, and the severity is therefore considered low.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-2650", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1n-0+deb11u5" }, "lnMcIzRPoETIbrbgdDGINA==": { "id": "lnMcIzRPoETIbrbgdDGINA==", "updater": "debian/updater", "name": "CVE-2021-46848", "description": "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2021-46848", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "libtasn1-6", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "4.16.0-2+deb11u1" }, "m619DfZfUke+jaTAnoZ2Xw==": { "id": "m619DfZfUke+jaTAnoZ2Xw==", "updater": "debian/updater", "name": "CVE-2023-7008", "description": "A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-7008", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "247.3-7+deb11u6" }, "m8d/cgBRVljmHKGy6mUUXw==": { "id": "m8d/cgBRVljmHKGy6mUUXw==", "updater": "debian/updater", "name": "CVE-2025-40909", "description": "Perl threads have a working directory race condition where file operations may target unintended paths. If a directory handle is open at thread creation, the process-wide current working directory is temporarily changed in order to clone that handle for the new thread, which is visible from any third (or more) thread already running. This may lead to unintended operations such as loading code or accessing files from unexpected locations, which a local attacker may be able to exploit. The bug was introduced in commit 11a11ecf4bea72b17d250cfb43c897be1341861e and released in Perl version 5.13.6", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-40909", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "perl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "5.32.1-4+deb11u5" }, "mJA9Uto8Hh0tElNp2qoYaA==": { "id": "mJA9Uto8Hh0tElNp2qoYaA==", "updater": "debian/updater", "name": "CVE-2017-7245", "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 4) or possibly have unspecified other impact via a crafted file.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2017-7245", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "pcre3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "meQYB1JR+XE3En/RrDfPvA==": { "id": "meQYB1JR+XE3En/RrDfPvA==", "updater": "debian/updater", "name": "CVE-2022-4415", "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2022-4415", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "247.3-7+deb11u2" }, "mj6UKCnVoHnC6YBWJGf/Ug==": { "id": "mj6UKCnVoHnC6YBWJGf/Ug==", "updater": "osv/pypi", "name": "GHSA-mq26-g339-26xf", "description": "Command Injection in pip when used with Mercurial", "issued": "2023-10-25T18:32:26Z", "links": "https://nvd.nist.gov/vuln/detail/CVE-2023-5752 https://github.com/pypa/pip/pull/12306 https://github.com/pypa/pip/commit/389cb799d0da9a840749fcd14878928467ed49b4 https://github.com/pypa/advisory-database/tree/main/vulns/pip/PYSEC-2023-228.yaml https://github.com/pypa/pip https://lists.debian.org/debian-lts-announce/2025/10/msg00028.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/622OZXWG72ISQPLM5Y57YCVIMWHD4C3U https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/65UKKF5LBHEFDCUSPBHUN4IHYX7SRMHH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FXUVMJM25PUAZRQZBF54OFVKTY3MINPW https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KFC2SPFG5FLCZBYY2K3T5MFW2D22NG6E https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YBSB3SUPQ3VIFYUMHPO3MEQI4BJAXKCZ https://mail.python.org/archives/list/security-announce@python.org/thread/F4PL35U6X4VVHZ5ILJU3PWUWN7H7LZXL", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "pip", "version": "", "kind": "binary", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "pypi", "uri": "https://pypi.org/", "cpe": "" }, "fixed_in_version": "fixed=23.3" }, "mnGTl6DWEAI0reOCEqb0jw==": { "id": "mnGTl6DWEAI0reOCEqb0jw==", "updater": "debian/updater", "name": "CVE-2022-0563", "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an \"INPUTRC\" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2022-0563", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "util-linux", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "n+1p0npJfBZ4vUpG1OFi6w==": { "id": "n+1p0npJfBZ4vUpG1OFi6w==", "updater": "debian/updater", "name": "CVE-2023-50868", "description": "The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) via DNSSEC responses in a random subdomain attack, aka the \"NSEC3\" issue. The RFC 5155 specification implies that an algorithm must perform thousands of iterations of a hash function in certain situations.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-50868", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "247.3-7+deb11u6" }, "nApP7wP3SU/Fk79xF589WA==": { "id": "nApP7wP3SU/Fk79xF589WA==", "updater": "debian/updater", "name": "CVE-2026-40226", "description": "In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-40226", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "247.3-7+deb11u8" }, "o75dmeL6883s7llfbkU+PA==": { "id": "o75dmeL6883s7llfbkU+PA==", "updater": "debian/updater", "name": "CVE-2024-45490", "description": "An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-45490", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "2.2.10-2+deb11u6" }, "oeIf5WAd0bERBmJCeLsqIg==": { "id": "oeIf5WAd0bERBmJCeLsqIg==", "updater": "debian/updater", "name": "CVE-2017-7246", "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unspecified other impact via a crafted file.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2017-7246", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "pcre3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "pa+2016jZIT5xycgFHsAsQ==": { "id": "pa+2016jZIT5xycgFHsAsQ==", "updater": "debian/updater", "name": "CVE-2018-20796", "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2018-20796", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "pmcR65l6CQ+6Qdh99gUtFQ==": { "id": "pmcR65l6CQ+6Qdh99gUtFQ==", "updater": "debian/updater", "name": "CVE-2023-52425", "description": "libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-52425", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "2.2.10-2+deb11u6" }, "pu8XvxoOXeKAI0tvpRRucg==": { "id": "pu8XvxoOXeKAI0tvpRRucg==", "updater": "debian/updater", "name": "CVE-2023-5678", "description": "Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. While DH_check() performs all the necessary checks (as of CVE-2023-3817), DH_check_pub_key() doesn't make any of these checks, and is therefore vulnerable for excessively large P and Q parameters. Likewise, while DH_generate_key() performs a check for an excessively large P, it doesn't check for an excessively large Q. An application that calls DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. DH_generate_key() and DH_check_pub_key() are also called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate(). Also vulnerable are the OpenSSL pkey command line application when using the \"-pubcheck\" option, as well as the OpenSSL genpkey command line application. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-5678", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1w-0+deb11u2" }, "qDLWFSo6NpfxWPhSeAS8zQ==": { "id": "qDLWFSo6NpfxWPhSeAS8zQ==", "updater": "debian/updater", "name": "CVE-2024-28834", "description": "A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noticeable step in nonce size from 513 to 512 bits, exposing a potential timing side-channel.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-28834", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "gnutls28", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "3.7.1-5+deb11u6" }, "qICU5RK5Z4CLAC7/kEZ48Q==": { "id": "qICU5RK5Z4CLAC7/kEZ48Q==", "updater": "debian/updater", "name": "CVE-2025-14104", "description": "A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-14104", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "util-linux", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "qhu8cH6U47vSCL4GXDHHtA==": { "id": "qhu8cH6U47vSCL4GXDHHtA==", "updater": "debian/updater", "name": "CVE-2023-4641", "description": "A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from the memory.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-4641", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "shadow", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1:4.8.1-1+deb11u1" }, "qx22MhFBEwd9c5PrW7vjKw==": { "id": "qx22MhFBEwd9c5PrW7vjKw==", "updater": "debian/updater", "name": "CVE-2025-69720", "description": "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-69720", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "s55QOTlka9E4jTdGv0d/FA==": { "id": "s55QOTlka9E4jTdGv0d/FA==", "updater": "debian/updater", "name": "CVE-2025-4802", "description": "Untrusted LD_LIBRARY_PATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen (including internal dlopen calls after setlocale or calls to NSS functions such as getaddrinfo).", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-4802", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "2.31-13+deb11u13" }, "srcIw8ffB6famHHqmqImEw==": { "id": "srcIw8ffB6famHHqmqImEw==", "updater": "debian/updater", "name": "CVE-2023-3817", "description": "Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. After fixing CVE-2023-3446 it was discovered that a large q parameter value can also trigger an overly long computation during some of these checks. A correct q value, if present, cannot be larger than the modulus p parameter, thus it is unnecessary to perform these checks if q is larger than p. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the \"-check\" option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-3817", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1v-0~deb11u1" }, "svo9ZP0wOZ7IXZp//n2f7g==": { "id": "svo9ZP0wOZ7IXZp//n2f7g==", "updater": "osv/pypi", "name": "GHSA-m2qf-hxjv-5gpq", "description": "Flask vulnerable to possible disclosure of permanent session cookie due to missing Vary: Cookie header", "issued": "2023-05-01T19:22:20Z", "links": "https://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq https://nvd.nist.gov/vuln/detail/CVE-2023-30861 https://github.com/pallets/flask/commit/70f906c51ce49c485f1d355703e9cc3386b1cc2b https://github.com/pallets/flask/commit/afd63b16170b7c047f5758eb910c416511e9c965 https://github.com/pallets/flask https://github.com/pallets/flask/releases/tag/2.2.5 https://github.com/pallets/flask/releases/tag/2.3.2 https://github.com/pypa/advisory-database/tree/main/vulns/flask/PYSEC-2023-62.yaml https://lists.debian.org/debian-lts-announce/2023/08/msg00024.html https://security.netapp.com/advisory/ntap-20230818-0006 https://www.debian.org/security/2023/dsa-5442", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "High", "package": { "id": "", "name": "flask", "version": "", "kind": "binary", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "pypi", "uri": "https://pypi.org/", "cpe": "" }, "fixed_in_version": "fixed=2.2.5" }, "swQXHeTg1VEUQHser/6eEQ==": { "id": "swQXHeTg1VEUQHser/6eEQ==", "updater": "debian/updater", "name": "CVE-2023-50387", "description": "Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the \"KeyTrap\" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-50387", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "247.3-7+deb11u6" }, "t3CEDp5fZQ6D+aOizMiuSg==": { "id": "t3CEDp5fZQ6D+aOizMiuSg==", "updater": "debian/updater", "name": "CVE-2023-0286", "description": "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-0286", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1n-0+deb11u4" }, "tBbOIOCaKVlwik7hH/baMQ==": { "id": "tBbOIOCaKVlwik7hH/baMQ==", "updater": "debian/updater", "name": "CVE-2021-45346", "description": "A Memory Leak vulnerability exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries (made via editing the Database File), it is possible to query a record, and leak subsequent bytes of memory that extend beyond the record, which could let a malicious user obtain sensitive information. NOTE: The developer disputes this as a vulnerability stating that If you give SQLite a corrupted database file and submit a query against the database, it might read parts of the database that you did not intend or expect.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2021-45346", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "sqlite3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "tjx9raP+v/Zzj6SBJct3WA==": { "id": "tjx9raP+v/Zzj6SBJct3WA==", "updater": "debian/updater", "name": "CVE-2023-7104", "description": "A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-248999.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-7104", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "sqlite3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "3.34.1-3+deb11u1" }, "tne7uZ2E+Ev6QI7ctt3PxA==": { "id": "tne7uZ2E+Ev6QI7ctt3PxA==", "updater": "debian/updater", "name": "CVE-2024-33600", "description": "nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's (nscd) cache fails to add a not-found netgroup response to the cache, the client request can result in a null pointer dereference. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-33600", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "2.31-13+deb11u10" }, "u+ya+p/mAtLPAYAgbSPTTw==": { "id": "u+ya+p/mAtLPAYAgbSPTTw==", "updater": "debian/updater", "name": "CVE-2022-41409", "description": "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2022-41409", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "pcre2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "u4BvRhFacDxQuC7pVeExQg==": { "id": "u4BvRhFacDxQuC7pVeExQg==", "updater": "debian/updater", "name": "CVE-2026-27456", "description": "util-linux is a random collection of Linux utilities. Prior to version 2.41.4, a TOCTOU (Time-of-Check-Time-of-Use) vulnerability has been identified in the SUID binary /usr/bin/mount from util-linux. The mount binary, when setting up loop devices, validates the source file path with user privileges via fork() + setuid() + realpath(), but subsequently re-canonicalizes and opens it with root privileges (euid=0) without verifying that the path has not been replaced between both operations. Neither O_NOFOLLOW, nor inode comparison, nor post-open fstat() are employed. This allows a local unprivileged user to replace the source file with a symlink pointing to any root-owned file or device during the race window, causing the SUID binary to open and mount it as root. Exploitation requires an /etc/fstab entry with user,loop options whose path points to a directory where the attacker has write permission, and that /usr/bin/mount has the SUID bit set (the default configuration on virtually all Linux distributions). The impact is unauthorized read access to root-protected files and block devices, including backup images, disk volumes, and any file containing a valid filesystem. This issue has been patched in version 2.41.4.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-27456", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "util-linux", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "uEg5UAxE9NNjF71OxdO7uQ==": { "id": "uEg5UAxE9NNjF71OxdO7uQ==", "updater": "debian/updater", "name": "CVE-2017-16231", "description": "In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match() in pcre_exec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is used", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2017-16231", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "pcre3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "uTSYWROavw8Bf2n+4djlMg==": { "id": "uTSYWROavw8Bf2n+4djlMg==", "updater": "debian/updater", "name": "CVE-2025-4598", "description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-4598", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "247.3-7+deb11u7" }, "ugZgSJOxFzPCX6LQaJzM3A==": { "id": "ugZgSJOxFzPCX6LQaJzM3A==", "updater": "debian/updater", "name": "CVE-2024-5535", "description": "Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty supported client protocols buffer may cause a crash or memory contents to be sent to the peer. Impact summary: A buffer overread can have a range of potential consequences such as unexpected application beahviour or a crash. In particular this issue could result in up to 255 bytes of arbitrary private data from memory being sent to the peer leading to a loss of confidentiality. However, only applications that directly call the SSL_select_next_proto function with a 0 length list of supported client protocols are affected by this issue. This would normally never be a valid scenario and is typically not under attacker control but may occur by accident in the case of a configuration or programming error in the calling application. The OpenSSL API function SSL_select_next_proto is typically used by TLS applications that support ALPN (Application Layer Protocol Negotiation) or NPN (Next Protocol Negotiation). NPN is older, was never standardised and is deprecated in favour of ALPN. We believe that ALPN is significantly more widely deployed than NPN. The SSL_select_next_proto function accepts a list of protocols from the server and a list of protocols from the client and returns the first protocol that appears in the server list that also appears in the client list. In the case of no overlap between the two lists it returns the first item in the client list. In either case it will signal whether an overlap between the two lists was found. In the case where SSL_select_next_proto is called with a zero length client list it fails to notice this condition and returns the memory immediately following the client list pointer (and reports that there was no overlap in the lists). This function is typically called from a server side application callback for ALPN or a client side application callback for NPN. In the case of ALPN the list of protocols supplied by the client is guaranteed by libssl to never be zero in length. The list of server protocols comes from the application and should never normally be expected to be of zero length. In this case if the SSL_select_next_proto function has been called as expected (with the list supplied by the client passed in the client/client_len parameters), then the application will not be vulnerable to this issue. If the application has accidentally been configured with a zero length server list, and has accidentally passed that zero length server list in the client/client_len parameters, and has additionally failed to correctly handle a \"no overlap\" response (which would normally result in a handshake failure in ALPN) then it will be vulnerable to this problem. In the case of NPN, the protocol permits the client to opportunistically select a protocol when there is no overlap. OpenSSL returns the first client protocol in the no overlap case in support of this. The list of client protocols comes from the application and should never normally be expected to be of zero length. However if the SSL_select_next_proto function is accidentally called with a client_len of 0 then an invalid memory pointer will be returned instead. If the application uses this output as the opportunistic protocol then the loss of confidentiality will occur. This issue has been assessed as Low severity because applications are most likely to be vulnerable if they are using NPN instead of ALPN - but NPN is not widely used. It also requires an application configuration or programming error. Finally, this issue would not typically be under attacker control making active exploitation unlikely. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue. Due to the low severity of this issue we are not issuing new releases of OpenSSL at this time. The fix will be included in the next releases when they become available.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-5535", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1w-0+deb11u2" }, "uspznaGFEzt4cX0xZ36sYw==": { "id": "uspznaGFEzt4cX0xZ36sYw==", "updater": "debian/updater", "name": "CVE-2026-28390", "description": "Issue summary: During processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo a NULL pointer dereference can happen. Impact summary: Applications that process attacker-controlled CMS data may crash before authentication or cryptographic operations occur resulting in Denial of Service. When a CMS EnvelopedData message that uses KeyTransportRecipientInfo with RSA-OAEP encryption is processed, the optional parameters field of RSA-OAEP SourceFunc algorithm identifier is examined without checking for its presence. This results in a NULL pointer dereference if the field is missing. Applications and services that call CMS_decrypt() on untrusted input (e.g., S/MIME processing or CMS-based protocols) are vulnerable. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-28390", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "uwoSIcSlln9YRd7N1Kc3KQ==": { "id": "uwoSIcSlln9YRd7N1Kc3KQ==", "updater": "debian/updater", "name": "CVE-2026-40228", "description": "In systemd 259, systemd-journald can send ANSI escape sequences to the terminals of arbitrary users when a \"logger -p emerg\" command is executed, if ForwardToWall=yes is set.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-40228", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "vcYYj1nbYwczzoLG255iZQ==": { "id": "vcYYj1nbYwczzoLG255iZQ==", "updater": "debian/updater", "name": "CVE-2023-4039", "description": "**DISPUTED**A failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in dynamically-sized local variables in your application without this being detected. This stack-protector failure only applies to C99-style dynamically-sized local variables or those created using alloca(). The stack-protector operates as intended for statically-sized local variables. The default behavior when the stack-protector detects an overflow is to terminate your application, resulting in controlled loss of availability. An attacker who can exploit a buffer overflow without triggering the stack-protector might be able to change program flow control to cause an uncontrolled loss of availability or to go further and affect confidentiality or integrity. NOTE: The GCC project argues that this is a missed hardening bug and not a vulnerability by itself.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-4039", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "gcc-9", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "vmet9boOEsf+RUsh5rJnEw==": { "id": "vmet9boOEsf+RUsh5rJnEw==", "updater": "debian/updater", "name": "CVE-2024-4741", "description": "Issue summary: Calling the OpenSSL API function SSL_free_buffers may cause memory to be accessed that was previously freed in some situations Impact summary: A use after free can have a range of potential consequences such as the corruption of valid data, crashes or execution of arbitrary code. However, only applications that directly call the SSL_free_buffers function are affected by this issue. Applications that do not call this function are not vulnerable. Our investigations indicate that this function is rarely used by applications. The SSL_free_buffers function is used to free the internal OpenSSL buffer used when processing an incoming record from the network. The call is only expected to succeed if the buffer is not currently in use. However, two scenarios have been identified where the buffer is freed even when still in use. The first scenario occurs where a record header has been received from the network and processed by OpenSSL, but the full record body has not yet arrived. In this case calling SSL_free_buffers will succeed even though a record has only been partially processed and the buffer is still in use. The second scenario occurs where a full record containing application data has been received and processed by OpenSSL but the application has only read part of this data. Again a call to SSL_free_buffers will succeed even though the buffer is still in use. While these scenarios could occur accidentally during normal operation a malicious attacker could attempt to engineer a stituation where this occurs. We are not aware of this issue being actively exploited. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-4741", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1w-0+deb11u2" }, "w4Wr213OT8TRxlHAy3MwPQ==": { "id": "w4Wr213OT8TRxlHAy3MwPQ==", "updater": "debian/updater", "name": "CVE-2010-4756", "description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2010-4756", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "wFMwqYmfC1KjDKz8vyBr4A==": { "id": "wFMwqYmfC1KjDKz8vyBr4A==", "updater": "debian/updater", "name": "CVE-2023-4911", "description": "A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-4911", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "2.31-13+deb11u7" }, "wzv81XuYHOFtlrLHaamjZg==": { "id": "wzv81XuYHOFtlrLHaamjZg==", "updater": "debian/updater", "name": "CVE-2024-37371", "description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-37371", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "krb5", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.18.3-6+deb11u5" }, "x3SWTcEL2lgEvouAhmt6fQ==": { "id": "x3SWTcEL2lgEvouAhmt6fQ==", "updater": "debian/updater", "name": "CVE-2025-27587", "description": "OpenSSL 3.0.0 through 3.3.2 on the PowerPC architecture is vulnerable to a Minerva attack, exploitable by measuring the time of signing of random messages using the EVP_DigestSign API, and then using the private key to extract the K value (nonce) from the signatures. Next, based on the bit size of the extracted nonce, one can compare the signing time of full-sized nonces to signatures that used smaller nonces, via statistical tests. There is a side-channel in the P-364 curve that allows private key extraction (also, there is a dependency between the bit size of K and the size of the side channel). NOTE: This CVE is disputed because the OpenSSL security policy explicitly notes that any side channels which require same physical system to be detected are outside of the threat model for the software. The timing signal is so small that it is infeasible to be detected without having the attacking process running on the same physical system.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-27587", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "xZI5XEFq7Cuk3Mu3KyTdmg==": { "id": "xZI5XEFq7Cuk3Mu3KyTdmg==", "updater": "debian/updater", "name": "CVE-2024-56433", "description": "shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g., uid 100000 through 165535 for the first user account) that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by leveraging newuidmap for access to an NFS home directory (or same-host resources in the case of remote logins by these local network users). NOTE: it may also be argued that system administrators should not have assigned uids, within local networks, that are within the range that can occur in /etc/subuid.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-56433", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "shadow", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "y2mOh8WlJTCvA6wlULAyvA==": { "id": "y2mOh8WlJTCvA6wlULAyvA==", "updater": "debian/updater", "name": "CVE-2025-68973", "description": "In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-68973", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "2.2.27-2+deb11u3" }, "ySGl3ADUS8EeTeweiO86Aw==": { "id": "ySGl3ADUS8EeTeweiO86Aw==", "updater": "debian/updater", "name": "CVE-2024-9143", "description": "Issue summary: Use of the low-level GF(2^m) elliptic curve APIs with untrusted explicit values for the field polynomial can lead to out-of-bounds memory reads or writes. Impact summary: Out of bound memory writes can lead to an application crash or even a possibility of a remote code execution, however, in all the protocols involving Elliptic Curve Cryptography that we're aware of, either only \"named curves\" are supported, or, if explicit curve parameters are supported, they specify an X9.62 encoding of binary (GF(2^m)) curves that can't represent problematic input values. Thus the likelihood of existence of a vulnerable application is low. In particular, the X9.62 encoding is used for ECC keys in X.509 certificates, so problematic inputs cannot occur in the context of processing X.509 certificates. Any problematic use-cases would have to be using an \"exotic\" curve encoding. The affected APIs include: EC_GROUP_new_curve_GF2m(), EC_GROUP_new_from_params(), and various supporting BN_GF2m_*() functions. Applications working with \"exotic\" explicit binary (GF(2^m)) curve parameters, that make it possible to represent invalid field polynomials with a zero constant term, via the above or similar APIs, may terminate abruptly as a result of reading or writing outside of array bounds. Remote code execution cannot easily be ruled out. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-9143", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1w-0+deb11u2" }, "yyExMMKc3SPW2jNE01wTug==": { "id": "yyExMMKc3SPW2jNE01wTug==", "updater": "debian/updater", "name": "CVE-2026-22795", "description": "Issue summary: An invalid or NULL pointer dereference can happen in an application processing a malformed PKCS#12 file. Impact summary: An application processing a malformed PKCS#12 file can be caused to dereference an invalid or NULL pointer on memory read, resulting in a Denial of Service. A type confusion vulnerability exists in PKCS#12 parsing code where an ASN1_TYPE union member is accessed without first validating the type, causing an invalid pointer read. The location is constrained to a 1-byte address space, meaning any attempted pointer manipulation can only target addresses between 0x00 and 0xFF. This range corresponds to the zero page, which is unmapped on most modern operating systems and will reliably result in a crash, leading only to a Denial of Service. Exploiting this issue also requires a user or application to process a maliciously crafted PKCS#12 file. It is uncommon to accept untrusted PKCS#12 files in applications as they are usually used to store private keys which are trusted by definition. For these reasons, the issue was assessed as Low severity. The FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the PKCS12 implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue. OpenSSL 1.0.2 is not affected by this issue.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-22795", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1w-0+deb11u5" }, "yyhzQNC9UPFT5NwvhGsvqg==": { "id": "yyhzQNC9UPFT5NwvhGsvqg==", "updater": "debian/updater", "name": "CVE-2022-2097", "description": "AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of \"in place\" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p).", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2022-2097", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1n-0+deb11u4" }, "zL8eGifGE7B+wAjTOBjRgQ==": { "id": "zL8eGifGE7B+wAjTOBjRgQ==", "updater": "debian/updater", "name": "CVE-2022-29458", "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2022-29458", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "6.2+20201114-2+deb11u1" }, "ziMZexwNoFxp4mgVOJVBNQ==": { "id": "ziMZexwNoFxp4mgVOJVBNQ==", "updater": "debian/updater", "name": "CVE-2025-69421", "description": "Issue summary: Processing a malformed PKCS#12 file can trigger a NULL pointer dereference in the PKCS12_item_decrypt_d2i_ex() function. Impact summary: A NULL pointer dereference can trigger a crash which leads to Denial of Service for an application processing PKCS#12 files. The PKCS12_item_decrypt_d2i_ex() function does not check whether the oct parameter is NULL before dereferencing it. When called from PKCS12_unpack_p7encdata() with a malformed PKCS#12 file, this parameter can be NULL, causing a crash. The vulnerability is limited to Denial of Service and cannot be escalated to achieve code execution or memory disclosure. Exploiting this issue requires an attacker to provide a malformed PKCS#12 file to an application that processes it. For that reason the issue was assessed as Low severity according to our Security Policy. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the PKCS#12 implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-69421", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1w-0+deb11u5" } }, "package_vulnerabilities": { "+ol9cHiNc+RWiD7Kw3TLCg==": [ "GPLYq884jQKVksfMc+b7OQ==" ], "0jMyX7UCIuSpntMN1r7Ofg==": [ "KwgIGMm765S+zvIBAwM9+g==" ], "2MObxiEVNllmUEzdVZM5qw==": [ "l8HSGkC4gSxCEUDns7KKfQ==" ], "3f992oeEQfSQxRA0nlq8Wg==": [ "DfxJWBpJUY1aHu0ZUSilDg==", "U3JbUhrT2SqWNuYU5d13cQ==", "jS/WQ+ua63nFUvjSzoQw1g==" ], "4jCPzhS6OWt4agz9d/cfTw==": [ "d1D8ilhRqv7A6eAzRE4Ojw==", "qx22MhFBEwd9c5PrW7vjKw==", "EvarhwbaAMrD3meGYFByGg==", "TgHh5yPuwUnIt8v9WawGYw==", "zL8eGifGE7B+wAjTOBjRgQ==" ], "7a3yla6TRFZrhmAreU7f8Q==": [ "IvA5abshk33BAuuBar/pVQ==", "BtqRPc7F47wJWygPNOxw1w==", "6jg3v7lJ92IZCQpZydR2sA==", "o75dmeL6883s7llfbkU+PA==", "IJPGr43VMeLym6tW3EWgdg==", "DS2nhayHHtinLlFzZheSwg==", "5Cmp5KJXv+nVwwcs5/Kz7w==", "hb+m0qlWxENYdrb1R811qA==", "9ThuL3zLKpmduvKpiDZ60w==", "UdV1OleGh/0MAkug0ZAlcQ==", "pmcR65l6CQ+6Qdh99gUtFQ==", "/7UJLAHsMPxTtTxvuPgrzA==", "DkvPjH9ZM3anH55rsU+i3w==", "Ud6njM/DPIrfSPiFct82Lw==", "5+uzHCKkmvMK8jl2uJkFqQ==", "KZ3Jt7zkiM272dGLstI4XA==", "MdrEi+/OrLlW3zDrheID2Q==" ], "8alfBYUr5uWbAyB5PrY8Hg==": [ "uTSYWROavw8Bf2n+4djlMg==", "5rGwN3bKZLMvxcM/W4jj+A==", "ASrdm9EROwWp9Ip2w7HH5w==", "lAYsMZ/1tV9arAE2k+zsAQ==", "uwoSIcSlln9YRd7N1Kc3KQ==", "m619DfZfUke+jaTAnoZ2Xw==", "WG/hQnqUufOh6/5/mlRi/Q==", "swQXHeTg1VEUQHser/6eEQ==", "nApP7wP3SU/Fk79xF589WA==", "U5598afGvRaltva6Rjqnug==", "n+1p0npJfBZ4vUpG1OFi6w==", "1dwwvWkARnFe67yAAGVglQ==", "0q/btA3zBEGWWmFxU7cNig==", "meQYB1JR+XE3En/RrDfPvA==", "GRlufCZFwHNK64OQNCFIcg==", "+x9OyXfXk9PrekfsnPKwlg==" ], "Akbft1KN+9FKNhh1tM25eA==": [ "PJI8cpGpF5+qVan9H5W87Q==", "fkr6aZMLVO7g6mTdU91lcg==", "qICU5RK5Z4CLAC7/kEZ48Q==", "u4BvRhFacDxQuC7pVeExQg==", "mnGTl6DWEAI0reOCEqb0jw==" ], "BJL42acLPAR8bEnmM1Z3mg==": [ "PJI8cpGpF5+qVan9H5W87Q==", "fkr6aZMLVO7g6mTdU91lcg==", "qICU5RK5Z4CLAC7/kEZ48Q==", "u4BvRhFacDxQuC7pVeExQg==", "mnGTl6DWEAI0reOCEqb0jw==" ], "CBzoMmlXBcyP54HOnauO0g==": [ "f6s0c0I4Eo7U1vb/8R9ATg==", "Ns8JH9Yqo6xZiGzihN4B3g==", "KvTZOL1MGCoBHaXdBx1RcA==", "Ba+eHoq0U7aq9Kxwg98r8Q==" ], "D0G6c/ML9XX4eoGHgx1jeQ==": [ "9JIazCQjSvYhpG9KE6d7Pg==", "ZxTVeoHgmvhWXsV+xLzphA==", "WHvU12ysgz1Ai1y1KSOiLA==", "DJOf0vCfrT4GvRr/tBJhbg==", "Y4A2Zm5xcsipvfluZVH5fA==", "GezxxUl3QPWUTitg/VHmlQ==", "jJNc2KwFwVg03DlaNN1nbA==", "w4Wr213OT8TRxlHAy3MwPQ==", "tne7uZ2E+Ev6QI7ctt3PxA==", "pa+2016jZIT5xycgFHsAsQ==", "l6iyFrb04z9eZxh35gAtVA==", "gMRlXKqXSfP5n8UiPW430Q==", "ZdGgPSEZdeQ3XJo0+ZpAXQ==", "IwuADin5bagOGQErETBgWw==", "CfS0L/tTata7W0FXXtQ4EQ==", "MYYkxlB4Ank1zsdIh41apg==", "c9VxNhSZmjnQmY3rI/q1PA==", "s55QOTlka9E4jTdGv0d/FA==", "OTqcMsspao5I6JZMETZ06w==", "ELw1b1vO2YOtV7qNQijgCw==", "aqMHDRnPT+3QNU/8tSwsog==", "T2SiDOPpMK0bU0Y0qkOm1A==", "wFMwqYmfC1KjDKz8vyBr4A==", "/YwO4YLRGgF2uWU55V6+MQ==" ], "DtMxcnDA8Je9vAHjmzagaA==": [ "GPLYq884jQKVksfMc+b7OQ==" ], "ExYxXcgoIRjAjUObwDE4jA==": [ "T4I8pNAq5VIHzHdHBx3kMA==", "0H/7BkE/Q7YVSZhEABXg6w==", "wzv81XuYHOFtlrLHaamjZg==", "59rfj7X7Q9O1jyg5L5a5zQ==", "Nzgd66Rt/zG5Z8ZfbjecYA==", "OB48XTRaksNPWPm0dVHJmQ==", "cHpKoxiUOXPYUJX1ihMLDg==", "dFbvYO8avXWxbjXnm5ACqQ==" ], "FJIijlwFNqvdoVBcfTF/pg==": [ "WCGqond4znYKCRcm4xyPrg==", "CtYegggqGbMfg16G/qfITQ==", "qhu8cH6U47vSCL4GXDHHtA==", "xZI5XEFq7Cuk3Mu3KyTdmg==", "LD4zPH3rZZkbSPN5ojHClA==", "k6VTDL+fxGnbqAk/IPGlnQ==" ], "G/7q+D+DsqYAVnohcyuzgQ==": [ "yyhzQNC9UPFT5NwvhGsvqg==", "ugZgSJOxFzPCX6LQaJzM3A==", "g9KEtrzigl5TCrpvLCQU5A==", "lShmgiPGgmUIO0VwzhSBRA==", "pu8XvxoOXeKAI0tvpRRucg==", "+N61/5529gFt7RkD8ooeKQ==", "Mmh4dm/jzK4QVSJqQVsCDw==", "vmet9boOEsf+RUsh5rJnEw==", "ziMZexwNoFxp4mgVOJVBNQ==", "t3CEDp5fZQ6D+aOizMiuSg==", "P4mYk7npVU6t91mlbAb8QA==", "eietxU2AL+GdeSQwh6n6XA==", "kwKUYCnvi/GndNgicLw/RQ==", "Mnnh2CmlXNNRCBXvqdG9ig==", "3Z3QMUqCN4dQV+f8cjn1eA==", "QEROZuK4q+zt8UbP6ZV8wg==", "ySGl3ADUS8EeTeweiO86Aw==", "uspznaGFEzt4cX0xZ36sYw==", "KLrAiYCJHdmWQ2RaqUywlA==", "Tcuyjettc5LT9G5wj3mSxw==", "afNm575eldgXY3DOGUNdqQ==", "epkSU4TSX3BVrueh1mbRzg==", "EajCJi704nU1+LqESNMC1w==", "b2D8D2g8yPwuRhswdqF0Rw==", "3QDeWfKuntq5YxjjCuZXRQ==", "bX7iB3AnaRh9Z+itWa3Xyw==", "srcIw8ffB6famHHqmqImEw==", "yyExMMKc3SPW2jNE01wTug==", "cZD87tDO2q60EFy3BAZ33g==", "x3SWTcEL2lgEvouAhmt6fQ==", "GmBi7n85v8sX6ItoMSgvlQ==", "bjAyJcmSN59FnAeiA6RMIg==" ], "Gm6VA87iOnaQ0rWR6oO9eA==": [ "u+ya+p/mAtLPAYAgbSPTTw==" ], "IQfQp74RcAWE7jHtQsMLHg==": [ "fkr6aZMLVO7g6mTdU91lcg==", "qICU5RK5Z4CLAC7/kEZ48Q==", "u4BvRhFacDxQuC7pVeExQg==", "mnGTl6DWEAI0reOCEqb0jw==" ], "LOfpAnA/2f7zE4SFJCrxVg==": [ "5OqCQlhu6kV+tAsgGEGuwQ==", "Mxv06g47iCk7QIqi7Xbojw==" ], "MvKvHHnD0jaLaWpyHvkhgQ==": [ "WCGqond4znYKCRcm4xyPrg==", "CtYegggqGbMfg16G/qfITQ==", "qhu8cH6U47vSCL4GXDHHtA==", "xZI5XEFq7Cuk3Mu3KyTdmg==", "LD4zPH3rZZkbSPN5ojHClA==", "k6VTDL+fxGnbqAk/IPGlnQ==" ], "NzkVb7F31E+Vxxz3PCS6tg==": [ "T4I8pNAq5VIHzHdHBx3kMA==", "0H/7BkE/Q7YVSZhEABXg6w==", "wzv81XuYHOFtlrLHaamjZg==", "59rfj7X7Q9O1jyg5L5a5zQ==", "Nzgd66Rt/zG5Z8ZfbjecYA==", "OB48XTRaksNPWPm0dVHJmQ==", "cHpKoxiUOXPYUJX1ihMLDg==", "dFbvYO8avXWxbjXnm5ACqQ==" ], "PgPY5hWnihXRN45byvzY0g==": [ "d1D8ilhRqv7A6eAzRE4Ojw==", "qx22MhFBEwd9c5PrW7vjKw==", "EvarhwbaAMrD3meGYFByGg==", "TgHh5yPuwUnIt8v9WawGYw==", "zL8eGifGE7B+wAjTOBjRgQ==" ], "R1TkRM71ql+JWgz0VF5ESQ==": [ "1U/zi3CEao+52y8LKU0uvw==", "bZ2m6J3EIvmTdjYJprlOKA==", "khiBNMMi17UID6UagXI8LA==", "CaLsKNvkpKlxKVBlUnje9Q==" ], "RAMuXEdVU4AJ/z4aiK/NNg==": [ "bNvH54V1y9cXsGaCXVwFVw==", "QGq5D5QwQKPerzYOBVoSsg==", "Jl0PQIP9L3ufSvQ2j71iww==", "Qd2XnJZ3qaQ3AbyDXUaR2A==", "Pj9V3uC2c9o+P6lTpzzGeA==" ], "RYsqO4ROpGMzzCO5WaTrlw==": [ "aWm6E1ULjtuw0ydmFnsI4A==" ], "RgdwX+VC70nXZ2E527PXaA==": [ "GPLYq884jQKVksfMc+b7OQ==" ], "VbNyM3GfR5vEmJdFAiKqrA==": [ "vcYYj1nbYwczzoLG255iZQ==" ], "Wi4oa03apqVdR6okNeZiNA==": [ "KaoEuixR8E5nnpGZ1pG25w==", "kgqUyyy6Fd5CUNREC3t1jg==", "SNR1VT02i1HBHxqGRTeBAQ==", "9sNDKQtqg7Z3gJr//JQlvg==", "HuTBrVHKx7uaMtQjiqifKQ==", "3cBlPR7Tm4BIC/+wflldAg==", "bBymk1eoEM+tVYB+/Crz+g==", "ZbWtFXr0WyByV4kCb3M6FA==", "XtT5+z5+yMbpdsyfkLItzA==", "Y++3+aMTeU3vX7BI4/zG6w==", "fUdim7gaWpwZtynNz5GiKg==", "qDLWFSo6NpfxWPhSeAS8zQ==", "g44foSnimIkShQZtpEhjbQ==" ], "ZWeYh81MRCu1nh3mOyptIA==": [ "PJI8cpGpF5+qVan9H5W87Q==", "fkr6aZMLVO7g6mTdU91lcg==", "qICU5RK5Z4CLAC7/kEZ48Q==", "u4BvRhFacDxQuC7pVeExQg==", "mnGTl6DWEAI0reOCEqb0jw==" ], "bGWj1aSf0wvrecU/pdTv5A==": [ "08pa4udz9bnA9IOsE208DA==" ], "bHkSxcl6e1quNxLGb6uX8A==": [ "QopvyNp/5Ata9NdAUhFygw==", "k6fjQGJuJ+9NXMFLa5+CgA==", "Xce4H7xsVfrtYV2aXED7xA==" ], "bTSLWiizipO2axtmvXFuVg==": [ "YXTNVVKQsWY/LFuomB715g==", "lnMcIzRPoETIbrbgdDGINA==", "6j23t/n6B77cQMxfCeLKzA==" ], "brvvAQ6V7yp7QbUuk+W5Hg==": [ "GPLYq884jQKVksfMc+b7OQ==" ], "d4b/e0nx+/vPWuPB7oDzPw==": [ "9JIazCQjSvYhpG9KE6d7Pg==", "ZxTVeoHgmvhWXsV+xLzphA==", "WHvU12ysgz1Ai1y1KSOiLA==", "DJOf0vCfrT4GvRr/tBJhbg==", "Y4A2Zm5xcsipvfluZVH5fA==", "GezxxUl3QPWUTitg/VHmlQ==", "jJNc2KwFwVg03DlaNN1nbA==", "w4Wr213OT8TRxlHAy3MwPQ==", "tne7uZ2E+Ev6QI7ctt3PxA==", "pa+2016jZIT5xycgFHsAsQ==", "l6iyFrb04z9eZxh35gAtVA==", "gMRlXKqXSfP5n8UiPW430Q==", "ZdGgPSEZdeQ3XJo0+ZpAXQ==", "IwuADin5bagOGQErETBgWw==", "CfS0L/tTata7W0FXXtQ4EQ==", "MYYkxlB4Ank1zsdIh41apg==", "c9VxNhSZmjnQmY3rI/q1PA==", "s55QOTlka9E4jTdGv0d/FA==", "OTqcMsspao5I6JZMETZ06w==", "ELw1b1vO2YOtV7qNQijgCw==", "aqMHDRnPT+3QNU/8tSwsog==", "T2SiDOPpMK0bU0Y0qkOm1A==", "wFMwqYmfC1KjDKz8vyBr4A==", "/YwO4YLRGgF2uWU55V6+MQ==" ], "dUT53gagQO5Ac9Bdlu5dAw==": [ "NYWveHKKsIYIKl+vE8UEhw==" ], "dXglURzzdbLnOf14mab1Hg==": [ "EYo03ICovWfCjw2cKpwx4Q==", "VzolVkOS5HseGzVTLzDMfA==", "9xk1p07t4ZV999E3HyfhVA==", "27BVJE6xR0Z84LzifDnFYA==", "WWnQMI7f7f75SgC9Dcl+QQ==" ], "dobmrwm7aq9puvFHwNgXxw==": [ "08pa4udz9bnA9IOsE208DA==" ], "dv3AlW8tBL4D0mEPW7/Z2Q==": [ "f6s0c0I4Eo7U1vb/8R9ATg==", "Ns8JH9Yqo6xZiGzihN4B3g==", "KvTZOL1MGCoBHaXdBx1RcA==", "Ba+eHoq0U7aq9Kxwg98r8Q==" ], "eF2QIdrTmJlWmjQTkhntow==": [ "5IA1PesIyj05J2Yx0YB4tQ==" ], "elSR7m8uLWd/kMl2jxTm/A==": [ "f6s0c0I4Eo7U1vb/8R9ATg==", "Ns8JH9Yqo6xZiGzihN4B3g==", "KvTZOL1MGCoBHaXdBx1RcA==", "Ba+eHoq0U7aq9Kxwg98r8Q==" ], "evNF5YpSAxyFV7iWv3lSVw==": [ "yyhzQNC9UPFT5NwvhGsvqg==", "ugZgSJOxFzPCX6LQaJzM3A==", "g9KEtrzigl5TCrpvLCQU5A==", "lShmgiPGgmUIO0VwzhSBRA==", "pu8XvxoOXeKAI0tvpRRucg==", "+N61/5529gFt7RkD8ooeKQ==", "Mmh4dm/jzK4QVSJqQVsCDw==", "vmet9boOEsf+RUsh5rJnEw==", "ziMZexwNoFxp4mgVOJVBNQ==", "t3CEDp5fZQ6D+aOizMiuSg==", "P4mYk7npVU6t91mlbAb8QA==", "eietxU2AL+GdeSQwh6n6XA==", "kwKUYCnvi/GndNgicLw/RQ==", "Mnnh2CmlXNNRCBXvqdG9ig==", "3Z3QMUqCN4dQV+f8cjn1eA==", "QEROZuK4q+zt8UbP6ZV8wg==", "ySGl3ADUS8EeTeweiO86Aw==", "uspznaGFEzt4cX0xZ36sYw==", "KLrAiYCJHdmWQ2RaqUywlA==", "Tcuyjettc5LT9G5wj3mSxw==", "afNm575eldgXY3DOGUNdqQ==", "epkSU4TSX3BVrueh1mbRzg==", "EajCJi704nU1+LqESNMC1w==", "b2D8D2g8yPwuRhswdqF0Rw==", "3QDeWfKuntq5YxjjCuZXRQ==", "bX7iB3AnaRh9Z+itWa3Xyw==", "srcIw8ffB6famHHqmqImEw==", "yyExMMKc3SPW2jNE01wTug==", "cZD87tDO2q60EFy3BAZ33g==", "x3SWTcEL2lgEvouAhmt6fQ==", "GmBi7n85v8sX6ItoMSgvlQ==", "bjAyJcmSN59FnAeiA6RMIg==" ], "fCmdLCR2Ix0ldnZL1Fa52A==": [ "MXRm//dBCnWFem5zffvqmA==", "MDmWztEMrTY+VyVp5c+Fvw==" ], "hdNUjYIlrdEAtBWAggakAw==": [ "brAAPyN4siIQT5bxa9xu4g==", "7DtFnnE8FjIpCQKunutpeg==", "m8d/cgBRVljmHKGy6mUUXw==", "ce9B0jxjyNiCfG4VtZhnVw==", "k82HOcJqNkts86KJ0glvow==", "AvPdNumiwGnBie+lo1du3A==" ], "iWqdRZmp08/Tx22qEtmjJg==": [ "mJA9Uto8Hh0tElNp2qoYaA==", "oeIf5WAd0bERBmJCeLsqIg==", "ZrZi02myDWWW0L5oPQj/cg==", "uEg5UAxE9NNjF71OxdO7uQ==", "G45dR+E8Wb+bEhCdwuqUDg==" ], "jErhz6PtXvAy/EPWJ425rA==": [ "PJI8cpGpF5+qVan9H5W87Q==", "fkr6aZMLVO7g6mTdU91lcg==", "qICU5RK5Z4CLAC7/kEZ48Q==", "u4BvRhFacDxQuC7pVeExQg==", "mnGTl6DWEAI0reOCEqb0jw==" ], "jKa8Us2cqGejhOc2/n5DDA==": [ "PJI8cpGpF5+qVan9H5W87Q==", "fkr6aZMLVO7g6mTdU91lcg==", "qICU5RK5Z4CLAC7/kEZ48Q==", "u4BvRhFacDxQuC7pVeExQg==", "mnGTl6DWEAI0reOCEqb0jw==" ], "kq4lGEwi4agkgAJAkDs9Ng==": [ "kwonOUycdcBenNhjZ1b//Q==", "svo9ZP0wOZ7IXZp//n2f7g==", "h7Lhy275V3QLvnBLGAulbw==" ], "krch6TQqNWzRi5F/dDkF+Q==": [ "d1D8ilhRqv7A6eAzRE4Ojw==", "qx22MhFBEwd9c5PrW7vjKw==", "EvarhwbaAMrD3meGYFByGg==", "TgHh5yPuwUnIt8v9WawGYw==", "zL8eGifGE7B+wAjTOBjRgQ==" ], "l5lCPjtOmPM8/LLh9+NjeQ==": [ "WxlxRC1KqAo8Mejv03fZGA==", "ANq7+l7+5U6IDt9eU02u5w==", "y2mOh8WlJTCvA6wlULAyvA==", "F0zkrLGlbsix59P9mqoAOg==" ], "lCjIskl1HulEHShaXtgmwQ==": [ "d1D8ilhRqv7A6eAzRE4Ojw==", "qx22MhFBEwd9c5PrW7vjKw==", "EvarhwbaAMrD3meGYFByGg==", "TgHh5yPuwUnIt8v9WawGYw==", "zL8eGifGE7B+wAjTOBjRgQ==" ], "nwapLKtbHTjy1u8+aA0X+Q==": [ "h35IL7k4erNtmTSolINnjA==", "TN8d5UGyH2D+dtBNYjKyKg==", "dZ/H1sYv9QSX9VO93tlGLw==", "PUY4fn57nsAU2qBLtgRtdw==", "mj6UKCnVoHnC6YBWJGf/Ug==", "WcYPrwv9PSVoVoof5MRsxQ==" ], "pZoLgWqHDgjhYQPevrtwdg==": [ "GPLYq884jQKVksfMc+b7OQ==" ], "qN2BSWBeEFRJnExMNJ1S0A==": [ "fharKhY7OXyx+gXJAwiegw==", "DRKFIYYNzLumACBV1CW/rw==", "dUTZP+bcDNUqytJV02E1dQ==", "tjx9raP+v/Zzj6SBJct3WA==", "BxMnseA9J6OW2RWxSrlbyQ==", "tBbOIOCaKVlwik7hH/baMQ==", "1VnWeA5AZgybyD8+PiXyiw==" ], "qrPZzwjmppjOiQbrGk5IQA==": [ "T4I8pNAq5VIHzHdHBx3kMA==", "0H/7BkE/Q7YVSZhEABXg6w==", "wzv81XuYHOFtlrLHaamjZg==", "59rfj7X7Q9O1jyg5L5a5zQ==", "Nzgd66Rt/zG5Z8ZfbjecYA==", "OB48XTRaksNPWPm0dVHJmQ==", "cHpKoxiUOXPYUJX1ihMLDg==", "dFbvYO8avXWxbjXnm5ACqQ==" ], "s66OGd0F2Pbemhmyrg2R9w==": [ "uTSYWROavw8Bf2n+4djlMg==", "5rGwN3bKZLMvxcM/W4jj+A==", "ASrdm9EROwWp9Ip2w7HH5w==", "lAYsMZ/1tV9arAE2k+zsAQ==", "uwoSIcSlln9YRd7N1Kc3KQ==", "m619DfZfUke+jaTAnoZ2Xw==", "WG/hQnqUufOh6/5/mlRi/Q==", "swQXHeTg1VEUQHser/6eEQ==", "nApP7wP3SU/Fk79xF589WA==", "U5598afGvRaltva6Rjqnug==", "n+1p0npJfBZ4vUpG1OFi6w==", "1dwwvWkARnFe67yAAGVglQ==", "0q/btA3zBEGWWmFxU7cNig==", "meQYB1JR+XE3En/RrDfPvA==", "GRlufCZFwHNK64OQNCFIcg==", "+x9OyXfXk9PrekfsnPKwlg==" ], "tNSJ6slY9zv+TZ6de2MVDQ==": [ "B78vSIll2muNDyY3F7urzw==" ], "tYADP/V07/lE8Qno1R/hhg==": [ "08pa4udz9bnA9IOsE208DA==" ], "vqKK+x/7cGHNjLr4L7x4uQ==": [ "fXJD4KsFmfzjgWJPYHqTrQ==" ], "wkuBBC4B84P3b4K0fGF0OQ==": [ "PJI8cpGpF5+qVan9H5W87Q==", "fkr6aZMLVO7g6mTdU91lcg==", "qICU5RK5Z4CLAC7/kEZ48Q==", "u4BvRhFacDxQuC7pVeExQg==", "mnGTl6DWEAI0reOCEqb0jw==" ], "yYcMjCGhY/mc+KraTEHSJg==": [ "T4I8pNAq5VIHzHdHBx3kMA==", "0H/7BkE/Q7YVSZhEABXg6w==", "wzv81XuYHOFtlrLHaamjZg==", "59rfj7X7Q9O1jyg5L5a5zQ==", "Nzgd66Rt/zG5Z8ZfbjecYA==", "OB48XTRaksNPWPm0dVHJmQ==", "cHpKoxiUOXPYUJX1ihMLDg==", "dFbvYO8avXWxbjXnm5ACqQ==" ], "zV4ikAKeqBYFSvXnkFMYgg==": [ "f6s0c0I4Eo7U1vb/8R9ATg==", "Ns8JH9Yqo6xZiGzihN4B3g==", "KvTZOL1MGCoBHaXdBx1RcA==", "Ba+eHoq0U7aq9Kxwg98r8Q==" ], "zw9OGAXs3mWkBkmfKzbfqg==": [ "l8HSGkC4gSxCEUDns7KKfQ==" ] }, "enrichments": {} } pod: test-comp-iwsw-on-pull-request-cqm7h-clair-scan-pod | container step-oci-attach-report: Selecting auth Using token for quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw Attaching clair-report-amd64.json to quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw@sha256:adf29095c733ccbf19246873768b13ac251c03ff8802aa304c072f44803c27e6 Executing: oras attach --no-tty --format go-template={{.digest}} --registry-config /home/oras/auth.json --artifact-type application/vnd.redhat.clair-report+json quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw@sha256:adf29095c733ccbf19246873768b13ac251c03ff8802aa304c072f44803c27e6 clair-report-amd64.json:application/vnd.redhat.clair-report+json pod: test-comp-iwsw-on-pull-request-cqm7h-clair-scan-pod | container step-conftest-vulnerabilities: [ { "filename": "/tekton/home/clair-result-amd64.json", "namespace": "required_checks", "successes": 7, "warnings": [ { "msg": "Found packages with unpatched medium vulnerabilities. These vulnerabilities don't have a known fix at this time.", "metadata": { "details": { "description": "Vulnerabilities found: coreutils-8.32-4+b1 (CVE-2016-2781)", "name": "clair_unpatched_medium_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 1 } }, { "msg": "Found packages with unpatched low/negligible vulnerabilities. These vulnerabilities don't have a known fix at this time.", "metadata": { "details": { "description": "Vulnerabilities found: libexpat1-2.2.10-2+deb11u5 (CVE-2013-0340, CVE-2023-52426, CVE-2024-28757), libk5crypto3-1.18.3-6+deb11u3 (CVE-2018-5709, CVE-2024-26458, CVE-2024-26461), passwd-1:4.8.1-1 (CVE-2007-5686, CVE-2013-4235, TEMP-0628843-DBAD28), libsystemd0-247.3-7+deb11u1 (CVE-2013-4392, CVE-2020-13529, CVE-2023-31437, CVE-2023-31438, CVE-2023-31439), gcc-9-base-9.3.0-22 (CVE-2023-4039), sysvinit-utils-2.96-7+deb11u1 (TEMP-0517018-A83CE6), libudev1-247.3-7+deb11u1 (CVE-2013-4392, CVE-2020-13529, CVE-2023-31437, CVE-2023-31438, CVE-2023-31439), tar-1.34+dfsg-1 (CVE-2005-2541, TEMP-0290435-0B57B5), libgcc-s1-10.2.1-6 (CVE-2023-4039), coreutils-8.32-4+b1 (CVE-2017-18018, CVE-2025-5278), perl-base-5.32.1-4+deb11u2 (CVE-2011-4116, CVE-2023-31486), libssl1.1-1.1.1n-0+deb11u3 (CVE-2025-27587), libblkid1-2.36.1-8+deb11u1 (CVE-2022-0563, CVE-2025-14104), login-1:4.8.1-1 (CVE-2007-5686, CVE-2013-4235, TEMP-0628843-DBAD28), libkrb5-3-1.18.3-6+deb11u3 (CVE-2018-5709, CVE-2024-26458, CVE-2024-26461), apt-2.2.4 (CVE-2011-3374), libc6-2.31-13+deb11u5 (CVE-2010-4756, CVE-2018-20796, CVE-2019-1010022, CVE-2019-1010023, CVE-2019-1010024, CVE-2019-1010025, CVE-2019-9192), libgnutls30-3.7.1-5+deb11u2 (CVE-2011-3389), openssl-1.1.1n-0+deb11u3 (CVE-2025-27587), libpcre3-2:8.39-13 (CVE-2017-11164, CVE-2017-16231, CVE-2017-7245, CVE-2017-7246, CVE-2019-20838), libstdc++6-10.2.1-6 (CVE-2023-4039), gpgv-2.2.27-2+deb11u2 (CVE-2022-3219), libsmartcols1-2.36.1-8+deb11u1 (CVE-2022-0563, CVE-2025-14104), libapt-pkg6.0-2.2.4 (CVE-2011-3374), libgssapi-krb5-2-1.18.3-6+deb11u3 (CVE-2018-5709, CVE-2024-26458, CVE-2024-26461), libsqlite3-0-3.34.1-3 (CVE-2021-45346, CVE-2022-35737, CVE-2025-29088, CVE-2025-70873), mount-2.36.1-8+deb11u1 (CVE-2022-0563, CVE-2025-14104), libuuid1-2.36.1-8+deb11u1 (CVE-2022-0563, CVE-2025-14104), libkrb5support0-1.18.3-6+deb11u3 (CVE-2018-5709, CVE-2024-26458, CVE-2024-26461), libgcrypt20-1.8.7-6 (CVE-2018-6829, CVE-2024-2236), bash-5.1-2+deb11u1 (TEMP-0841856-B18BAF), bsdutils-1:2.36.1-8+deb11u1 (CVE-2022-0563, CVE-2025-14104), util-linux-2.36.1-8+deb11u1 (CVE-2022-0563, CVE-2025-14104), gcc-10-base-10.2.1-6 (CVE-2023-4039), libpcre2-8-0-10.36-2+deb11u1 (CVE-2022-41409), libmount1-2.36.1-8+deb11u1 (CVE-2022-0563, CVE-2025-14104), libc-bin-2.31-13+deb11u5 (CVE-2010-4756, CVE-2018-20796, CVE-2019-1010022, CVE-2019-1010023, CVE-2019-1010024, CVE-2019-1010025, CVE-2019-9192)", "name": "clair_unpatched_low_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 89 } }, { "msg": "Found packages with unpatched unknown vulnerabilities. These vulnerabilities don't have a known fix at this time.", "metadata": { "details": { "description": "Vulnerabilities found: libexpat1-2.2.10-2+deb11u5 (CVE-2024-8176, CVE-2025-59375, CVE-2025-66382, CVE-2026-24515, CVE-2026-25210, CVE-2026-32776, CVE-2026-32777, CVE-2026-32778, CVE-2026-41080), libdb5.3-5.3.28+dfsg1-0.8 (CVE-2019-8457), passwd-1:4.8.1-1 (CVE-2024-56433), libsystemd0-247.3-7+deb11u1 (CVE-2026-40228), libudev1-247.3-7+deb11u1 (CVE-2026-40228), tar-1.34+dfsg-1 (CVE-2026-5704), libzstd1-1.4.8+dfsg-2.1 (CVE-2022-4899), ncurses-bin-6.2+20201114-2 (CVE-2023-50495, CVE-2025-6141, CVE-2025-69720), libssl1.1-1.1.1n-0+deb11u3 (CVE-2026-28387, CVE-2026-28388, CVE-2026-28389, CVE-2026-28390, CVE-2026-31789), libblkid1-2.36.1-8+deb11u1 (CVE-2026-27456, CVE-2026-3184), login-1:4.8.1-1 (CVE-2024-56433), libtinfo6-6.2+20201114-2 (CVE-2023-50495, CVE-2025-6141, CVE-2025-69720), libc6-2.31-13+deb11u5 (CVE-2023-4806, CVE-2023-4813, CVE-2025-15281, CVE-2025-8058, CVE-2026-0861, CVE-2026-0915, CVE-2026-4046, CVE-2026-4437, CVE-2026-4438), openssl-1.1.1n-0+deb11u3 (CVE-2026-28387, CVE-2026-28388, CVE-2026-28389, CVE-2026-28390, CVE-2026-31789), libpam0g-1.4.0-9+deb11u1 (CVE-2024-10041, CVE-2025-8941), libncursesw6-6.2+20201114-2 (CVE-2023-50495, CVE-2025-6141, CVE-2025-69720), libtasn1-6-4.16.0-2 (CVE-2025-13151), gpgv-2.2.27-2+deb11u2 (CVE-2025-30258, CVE-2025-68972), liblzma5-5.2.5-2.1~deb11u1 (CVE-2026-34743), zlib1g-1:1.2.11.dfsg-2+deb11u2 (CVE-2023-45853, CVE-2026-27171), libpam-modules-1.4.0-9+deb11u1 (CVE-2024-10041, CVE-2025-8941), libsmartcols1-2.36.1-8+deb11u1 (CVE-2026-27456, CVE-2026-3184), dpkg-1.20.12 (CVE-2025-6297), libsqlite3-0-3.34.1-3 (CVE-2025-6965), mount-2.36.1-8+deb11u1 (CVE-2026-27456, CVE-2026-3184), libuuid1-2.36.1-8+deb11u1 (CVE-2026-27456, CVE-2026-3184), libpam-modules-bin-1.4.0-9+deb11u1 (CVE-2024-10041, CVE-2025-8941), libgcrypt20-1.8.7-6 (CVE-2021-33560), libpam-runtime-1.4.0-9+deb11u1 (CVE-2024-10041, CVE-2025-8941), bash-5.1-2+deb11u1 (CVE-2022-3715), bsdutils-1:2.36.1-8+deb11u1 (CVE-2026-27456, CVE-2026-3184), util-linux-2.36.1-8+deb11u1 (CVE-2026-27456, CVE-2026-3184), ncurses-base-6.2+20201114-2 (CVE-2023-50495, CVE-2025-6141, CVE-2025-69720), libmount1-2.36.1-8+deb11u1 (CVE-2026-27456, CVE-2026-3184), libc-bin-2.31-13+deb11u5 (CVE-2023-4806, CVE-2023-4813, CVE-2025-15281, CVE-2025-8058, CVE-2026-0861, CVE-2026-0915, CVE-2026-4046, CVE-2026-4437, CVE-2026-4438)", "name": "clair_unpatched_unknown_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 88 } } ] } ] {"vulnerabilities":{"critical":0,"high":0,"medium":0,"low":0,"unknown":0},"unpatched_vulnerabilities":{"critical":0,"high":0,"medium":1,"low":89,"unknown":88}} {"image": {"pullspec": "quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw:on-pr-d2388fe1871d355bc27342e92fa9ff21797dba3e", "digests": ["sha256:adf29095c733ccbf19246873768b13ac251c03ff8802aa304c072f44803c27e6"]}} {"result":"SUCCESS","timestamp":"2026-04-19T13:59:07+00:00","note":"Task clair-scan completed: Refer to Tekton task result SCAN_OUTPUT for vulnerabilities scanned by Clair.","namespace":"default","successes":0,"failures":0,"warnings":0} pod: test-comp-iwsw-on-pull-request-cqm7h-clamav-scan-pod | init container: prepare 2026/04/19 13:54:50 Entrypoint initialization pod: test-comp-iwsw-on-pull-request-cqm7h-clamav-scan-pod | init container: place-scripts 2026/04/19 13:54:51 Decoded script /tekton/scripts/script-0-ctk8n 2026/04/19 13:54:51 Decoded script /tekton/scripts/script-1-pvl4v pod: test-comp-iwsw-on-pull-request-cqm7h-clamav-scan-pod | container step-extract-and-scan-image: Starting clamd ... clamd is ready! Detecting artifact type for quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw@sha256:adf29095c733ccbf19246873768b13ac251c03ff8802aa304c072f44803c27e6. Detected container image. Processing image manifests. Running "oc image extract" on image of arch amd64 Scanning image for arch amd64. This operation may take a while. ----------- SCAN SUMMARY ----------- Infected files: 0 Time: 33.479 sec (0 m 33 s) Start Date: 2026:04:19 13:55:27 End Date: 2026:04:19 13:56:01 Executed-on: Scan was executed on clamsdcan version - ClamAV 1.4.3/27975/Sat Apr 18 06:26:10 2026 Database version: 27975 [ { "filename": "/work/logs/clamscan-result-log-amd64.json", "namespace": "required_checks", "successes": 2 } ] {"timestamp":"1776606961","namespace":"required_checks","successes":2,"failures":0,"warnings":0,"result":"SUCCESS","note":"All checks passed successfully"} {"timestamp":"1776606961","namespace":"required_checks","successes":2,"failures":0,"warnings":0,"result":"SUCCESS","note":"All checks passed successfully"} {"timestamp":"1776606961","namespace":"required_checks","successes":2,"failures":0,"warnings":0,"result":"SUCCESS","note":"All checks passed successfully"} {"image": {"pullspec": "quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw:on-pr-d2388fe1871d355bc27342e92fa9ff21797dba3e", "digests": ["sha256:adf29095c733ccbf19246873768b13ac251c03ff8802aa304c072f44803c27e6"]}} pod: test-comp-iwsw-on-pull-request-cqm7h-clamav-scan-pod | container step-upload: Selecting auth Using token for quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw Attaching to quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw:on-pr-d2388fe1871d355bc27342e92fa9ff21797dba3e Executing: oras attach --no-tty --registry-config /home/oras/auth.json --artifact-type application/vnd.clamav quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw:on-pr-d2388fe1871d355bc27342e92fa9ff21797dba3e@sha256:adf29095c733ccbf19246873768b13ac251c03ff8802aa304c072f44803c27e6 clamscan-result-amd64.log:text/vnd.clamav clamscan-ec-test-amd64.json:application/vnd.konflux.test_output+json Preparing clamscan-result-amd64.log Preparing clamscan-ec-test-amd64.json Uploading 1ef7a77e82c3 clamscan-ec-test-amd64.json Exists 44136fa355b3 application/vnd.oci.empty.v1+json Uploading 834fcb188831 clamscan-result-amd64.log Uploaded 834fcb188831 clamscan-result-amd64.log Uploaded 1ef7a77e82c3 clamscan-ec-test-amd64.json Uploading ea7b91450426 application/vnd.oci.image.manifest.v1+json Uploaded ea7b91450426 application/vnd.oci.image.manifest.v1+json Attached to [registry] quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw:on-pr-d2388fe1871d355bc27342e92fa9ff21797dba3e@sha256:adf29095c733ccbf19246873768b13ac251c03ff8802aa304c072f44803c27e6 Digest: sha256:ea7b914504261312c2fa2091793feae0815be51bed624741174fb149c79c5236 pod: test-comp-iwsw-on-pull-request-cqm7h-clone-repository-pod | init container: prepare 2026/04/19 13:52:44 Entrypoint initialization pod: test-comp-iwsw-on-pull-request-cqm7h-clone-repository-pod | init container: place-scripts 2026/04/19 13:52:44 Decoded script /tekton/scripts/script-0-js75p 2026/04/19 13:52:44 Decoded script /tekton/scripts/script-1-t24cb pod: test-comp-iwsw-on-pull-request-cqm7h-clone-repository-pod | container step-clone: INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt {"level":"info","ts":1776606769.0220954,"caller":"git/git.go:394","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1776606769.2501888,"caller":"git/git.go:223","msg":"Successfully cloned https://github.com/redhat-appstudio-qe/devfile-sample-python-basic @ d2388fe1871d355bc27342e92fa9ff21797dba3e (grafted, HEAD) in path /workspace/output/source"} {"level":"info","ts":1776606769.2502394,"caller":"git/git.go:394","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1776606769.2793224,"caller":"git/git.go:277","msg":"Successfully initialized and updated submodules in path /workspace/output/source"} Merge option disabled. Using checked-out revision d2388fe1871d355bc27342e92fa9ff21797dba3e directly. pod: test-comp-iwsw-on-pull-request-cqm7h-clone-repository-pod | container step-symlink-check: Running symlink check pod: test-comp-iwsw-on-pull-request-cqm7h-init-pod | init container: prepare 2026/04/19 13:52:32 Entrypoint initialization pod: test-comp-iwsw-on-pull-request-cqm7h-init-pod | container step-init: time="2026-04-19T13:52:34Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-19T13:52:34Z" level=info msg="[param] enable: false" time="2026-04-19T13:52:34Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-19T13:52:34Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-19T13:52:34Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-19T13:52:34Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-19T13:52:34Z" level=info msg="Cache proxy is disabled in param or in backend" time="2026-04-19T13:52:34Z" level=info msg="[result] HTTP PROXY: " time="2026-04-19T13:52:34Z" level=info msg="[result] NO PROXY: " pod: test-comp-iwsw-on-pull-request-cqm7h-prefetch-dependencies-pod | init container: prepare 2026/04/19 13:52:54 Entrypoint initialization pod: test-comp-iwsw-on-pull-request-cqm7h-prefetch-dependencies-pod | init container: place-scripts 2026/04/19 13:52:55 Decoded script /tekton/scripts/script-0-7jh9l pod: test-comp-iwsw-on-pull-request-cqm7h-prefetch-dependencies-pod | container step-prefetch-dependencies: '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' time="2026-04-19T13:53:01Z" level=debug msg="Starting prefetch-dependencies" time="2026-04-19T13:53:01Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-19T13:53:01Z" level=info msg="Not using package registry proxy because allow-package-registry-proxy is not set to `true` on the cluster level" logger=PrefetchDependencies time="2026-04-19T13:53:01Z" level=info msg="[param] source-dir: /workspace/source/source" time="2026-04-19T13:53:01Z" level=info msg="[param] output-dir: /workspace/source/cachi2/output" time="2026-04-19T13:53:01Z" level=info msg="[param] sbom-format: spdx" time="2026-04-19T13:53:01Z" level=info msg="[param] mode: strict" time="2026-04-19T13:53:01Z" level=info msg="[param] output-dir-mount-point: /cachi2/output" time="2026-04-19T13:53:01Z" level=info msg="[param] env-files: [/workspace/source/cachi2/cachi2.env]" time="2026-04-19T13:53:01Z" level=info msg="[param] git-auth-directory: /workspace/git-basic-auth" time="2026-04-19T13:53:02Z" level=info msg="hermeto [stdout] hermeto 0.50.1" logger=CliExecutor time="2026-04-19T13:53:02Z" level=warning msg="No input provided; skipping prefetch-dependencies" logger=PrefetchDependencies time="2026-04-19T13:53:02Z" level=debug msg="Finished prefetch-dependencies" pod: test-comp-iwsw-on-pull-request-cqm7h-push-dockerfile-pod | init container: prepare 2026/04/19 13:54:56 Entrypoint initialization pod: test-comp-iwsw-on-pull-request-cqm7h-push-dockerfile-pod | init container: working-dir-initializer pod: test-comp-iwsw-on-pull-request-cqm7h-push-dockerfile-pod | container step-push: time="2026-04-19T13:55:11Z" level=info msg="[param] image-url: quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw:on-pr-d2388fe1871d355bc27342e92fa9ff21797dba3e" time="2026-04-19T13:55:11Z" level=info msg="[param] image-digest: sha256:adf29095c733ccbf19246873768b13ac251c03ff8802aa304c072f44803c27e6" time="2026-04-19T13:55:11Z" level=info msg="[param] containerfile: docker/Dockerfile" time="2026-04-19T13:55:11Z" level=info msg="[param] context: ." time="2026-04-19T13:55:11Z" level=info msg="[param] tag-suffix: .dockerfile" time="2026-04-19T13:55:11Z" level=info msg="[param] artifact-type: application/vnd.konflux.dockerfile" time="2026-04-19T13:55:11Z" level=info msg="[param] source: source" time="2026-04-19T13:55:11Z" level=info msg="[param] result-path-image-ref: /tekton/results/IMAGE_REF" time="2026-04-19T13:55:11Z" level=info msg="[param] alternative-filename: Dockerfile" time="2026-04-19T13:55:13Z" level=info msg="oras [stdout] quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw@sha256:27fc36bb85db42d22d7fed5e98194399a41a12df3f5bcbd99fde66af0d475ab3" logger=CliExecutor time="2026-04-19T13:55:13Z" level=info msg="Containerfile '/workspace/workspace/source/docker/Dockerfile' is pushed to registry with tag: sha256-adf29095c733ccbf19246873768b13ac251c03ff8802aa304c072f44803c27e6.dockerfile" {"image_ref":"quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw@sha256:27fc36bb85db42d22d7fed5e98194399a41a12df3f5bcbd99fde66af0d475ab3"} pod: test-comp-iwsw-on-pull-request-cqm7h-sast-shell-check-pod | init container: prepare 2026/04/19 13:54:53 Entrypoint initialization pod: test-comp-iwsw-on-pull-request-cqm7h-sast-shell-check-pod | init container: place-scripts 2026/04/19 13:54:56 Decoded script /tekton/scripts/script-0-g7kwb 2026/04/19 13:54:56 Decoded script /tekton/scripts/script-1-q6rhp pod: test-comp-iwsw-on-pull-request-cqm7h-sast-shell-check-pod | init container: working-dir-initializer pod: test-comp-iwsw-on-pull-request-cqm7h-sast-shell-check-pod | container step-sast-shell-check: + source /utils.sh ++ OPM_RENDER_CACHE=/tmp/konflux-test-opm-cache ++ DEFAULT_INDEX_IMAGE=registry.redhat.io/redhat/redhat-operator-index + trap 'handle_error /tekton/results/TEST_OUTPUT' EXIT + [[ -z '' ]] + PROJECT_NAME=test-comp-iwsw + echo 'INFO: The PROJECT_NAME used is: test-comp-iwsw' INFO: The PROJECT_NAME used is: test-comp-iwsw + ca_bundle=/mnt/trusted-ca/ca-bundle.crt + '[' -f /mnt/trusted-ca/ca-bundle.crt ']' + echo 'INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt' INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt + cp -vf /mnt/trusted-ca/ca-bundle.crt /etc/pki/ca-trust/source/anchors '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' + update-ca-trust ++ rpm -q --queryformat '%{NAME}-%{VERSION}-%{RELEASE}\n' ShellCheck + PACKAGE_VERSION=ShellCheck-0.10.0-3.el9 + OUTPUT_FILE=shellcheck-results.json + SOURCE_CODE_DIR=/workspace/workspace/source + declare -a ALL_TARGETS + IFS=, + read -ra TARGET_ARRAY + for d in "${TARGET_ARRAY[@]}" + potential_path=/workspace/workspace/source/. ++ realpath -m /workspace/workspace/source/. + resolved_path=/workspace/workspace/source + [[ /workspace/workspace/source == \/\w\o\r\k\s\p\a\c\e\/\w\o\r\k\s\p\a\c\e\/\s\o\u\r\c\e* ]] + ALL_TARGETS+=("$resolved_path") + '[' -z '' ']' + '[' -r /sys/fs/cgroup/cpu.max ']' + read -r quota period + '[' 800000 '!=' max ']' + '[' -n 100000 ']' + '[' 100000 -gt 0 ']' + export SC_JOBS=8 + SC_JOBS=8 INFO: Setting SC_JOBS=8 based on cgroups v2 max for run-shellcheck.sh + echo 'INFO: Setting SC_JOBS=8 based on cgroups v2 max for run-shellcheck.sh' + /usr/share/csmock/scripts/run-shellcheck.sh /workspace/workspace/source Looking for shell scripts................ done + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/commit-msg.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/applypatch-msg.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/post-update.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/prepare-commit-msg.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-applypatch.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-commit.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-merge-commit.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-push.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-rebase.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/pre-receive.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/push-to-checkout.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/sendemail-validate.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/workspace/workspace/source /workspace/workspace/source/.git/hooks/update.sample + CSGREP_OPTS=(--mode=json --strip-path-prefix="$SOURCE_CODE_DIR"/ --remove-duplicates --embed-context=3 --set-scan-prop="ShellCheck:${PACKAGE_VERSION}") + [[ true == \t\r\u\e ]] + CSGREP_EVENT_FILTER='\[SC(1020|1035|1054|1066|1068|1073|1080|1083|1099|1113|1115|1127|1128|1143|2043|2050|' + CSGREP_EVENT_FILTER+='2055|2057|2066|2069|2071|2077|2078|2091|2092|2157|2171|2193|2194|2195|2215|2216|' + CSGREP_EVENT_FILTER+='2218|2224|2225|2242|2256|2258|2261)\]$' + CSGREP_OPTS+=(--event="$CSGREP_EVENT_FILTER") + csgrep --mode=json --strip-path-prefix=/workspace/workspace/source/ --remove-duplicates --embed-context=3 --set-scan-prop=ShellCheck:ShellCheck-0.10.0-3.el9 '--event=\[SC(1020|1035|1054|1066|1068|1073|1080|1083|1099|1113|1115|1127|1128|1143|2043|2050|2055|2057|2066|2069|2071|2077|2078|2091|2092|2157|2171|2193|2194|2195|2215|2216|2218|2224|2225|2242|2256|2258|2261)\]$' ./shellcheck-results/empty.json ./shellcheck-results/sc-106.json ./shellcheck-results/sc-116.json ./shellcheck-results/sc-118.json ./shellcheck-results/sc-122.json ./shellcheck-results/sc-73.json ./shellcheck-results/sc-76.json ./shellcheck-results/sc-77.json ./shellcheck-results/sc-79.json ./shellcheck-results/sc-83.json ./shellcheck-results/sc-84.json + [[ SITE_DEFAULT == \S\I\T\E\_\D\E\F\A\U\L\T ]] + KFP_GIT_URL=https://gitlab.cee.redhat.com/osh/known-false-positives.git + PROBE_URL=https://gitlab.cee.redhat.com/osh/known-false-positives + KFP_DIR=known-false-positives + KFP_CLONED=0 + mkdir known-false-positives + [[ -n https://gitlab.cee.redhat.com/osh/known-false-positives.git ]] + echo -n 'INFO: Probing https://gitlab.cee.redhat.com/osh/known-false-positives... ' INFO: Probing https://gitlab.cee.redhat.com/osh/known-false-positives... + curl --fail --head --max-time 60 --no-progress-meter https://gitlab.cee.redhat.com/osh/known-false-positives ++ head -1 curl: (6) Could not resolve host: gitlab.cee.redhat.com + [[ 0 -eq 0 ]] + echo 'WARN: Failed to clone known-false-positives at https://gitlab.cee.redhat.com/osh/known-false-positives.git, scan results will not be filtered' WARN: Failed to clone known-false-positives at https://gitlab.cee.redhat.com/osh/known-false-positives.git, scan results will not be filtered ShellCheck results have been saved to shellcheck-results.json + echo 'ShellCheck results have been saved to shellcheck-results.json' + csgrep --mode=evtstat shellcheck-results.json + csgrep --mode=sarif shellcheck-results.json + TEST_OUTPUT= + parse_test_output sast-shell-check sarif shellcheck-results.sarif + TEST_NAME=sast-shell-check + TEST_RESULT_FORMAT=sarif + TEST_RESULT_FILE=shellcheck-results.sarif + '[' -z sast-shell-check ']' + '[' -z sarif ']' + '[' -z shellcheck-results.sarif ']' + '[' '!' -f shellcheck-results.sarif ']' + '[' sarif = sarif ']' +++ jq -rce '(if (.runs[].results | length > 0) then "FAILURE" else "SUCCESS" end)' shellcheck-results.sarif +++ jq -rce '(.runs[].results | length)' shellcheck-results.sarif ++ make_result_json -r SUCCESS -f 0 ++ local RESULT= ++ local SUCCESSES=0 ++ local FAILURES=0 ++ local WARNINGS=0 ++ local 'NOTE=For details, check Tekton task log.' ++ local NAMESPACE=default ++ local OUTPUT ++ local OPTIND opt ++ getopts :r:s:f:w:t:n: opt ++ case "${opt}" in ++ RESULT=SUCCESS ++ getopts :r:s:f:w:t:n: opt ++ case "${opt}" in ++ FAILURES=0 ++ getopts :r:s:f:w:t:n: opt ++ shift 4 ++ '[' -z SUCCESS ']' ++ case "${RESULT}" in ++++ date -u --iso-8601=seconds +++ jq -rce --arg date 2026-04-19T13:56:50+00:00 --arg result SUCCESS --arg note 'For details, check Tekton task log.' --arg namespace default --arg successes 0 --arg failures 0 --arg warnings 0 --null-input '{ result: $result, timestamp: $date, note: $note, namespace: $namespace, successes: $successes|tonumber, failures: $failures|tonumber, warnings: $warnings|tonumber }' ++ OUTPUT='{"result":"SUCCESS","timestamp":"2026-04-19T13:56:50+00:00","note":"For details, check Tekton task log.","namespace":"default","successes":0,"failures":0,"warnings":0}' ++ echo '{"result":"SUCCESS","timestamp":"2026-04-19T13:56:50+00:00","note":"For details, check Tekton task log.","namespace":"default","successes":0,"failures":0,"warnings":0}' + TEST_OUTPUT='{"result":"SUCCESS","timestamp":"2026-04-19T13:56:50+00:00","note":"For details, check Tekton task log.","namespace":"default","successes":0,"failures":0,"warnings":0}' ++ echo '{"result":"SUCCESS","timestamp":"2026-04-19T13:56:50+00:00","note":"For details, check Tekton task log.","namespace":"default","successes":0,"failures":0,"warnings":0}' ++ jq .failures + '[' 0 -gt 0 ']' + echo '{"result":"SUCCESS","timestamp":"2026-04-19T13:56:50+00:00","note":"For details, check Tekton task log.","namespace":"default","successes":0,"failures":0,"warnings":0}' + tee /tekton/results/TEST_OUTPUT {"result":"SUCCESS","timestamp":"2026-04-19T13:56:50+00:00","note":"For details, check Tekton task log.","namespace":"default","successes":0,"failures":0,"warnings":0} + handle_error /tekton/results/TEST_OUTPUT + exit_code=0 + '[' 0 -ne 0 ']' + exit 0 pod: test-comp-iwsw-on-pull-request-cqm7h-sast-shell-check-pod | container step-upload: Selecting auth Using token for quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw Attaching to quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw:on-pr-d2388fe1871d355bc27342e92fa9ff21797dba3e Executing: oras attach --no-tty --registry-config /home/oras/auth.json --artifact-type application/sarif+json quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw:on-pr-d2388fe1871d355bc27342e92fa9ff21797dba3e@sha256:adf29095c733ccbf19246873768b13ac251c03ff8802aa304c072f44803c27e6 shellcheck-results.sarif:application/sarif+json Preparing shellcheck-results.sarif Exists 44136fa355b3 application/vnd.oci.empty.v1+json Uploading 3b606a9dd3a1 shellcheck-results.sarif Uploaded 3b606a9dd3a1 shellcheck-results.sarif Uploading 99a747d3915b application/vnd.oci.image.manifest.v1+json Uploaded 99a747d3915b application/vnd.oci.image.manifest.v1+json Attached to [registry] quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw:on-pr-d2388fe1871d355bc27342e92fa9ff21797dba3e@sha256:adf29095c733ccbf19246873768b13ac251c03ff8802aa304c072f44803c27e6 Digest: sha256:99a747d3915b04b7c75ac4300bb422e0ec0cc53b18d90b27f6a093971f5d66a5 No excluded-findings.json exists. Skipping upload. pod: test-comp-iwsw-on-pull-request-cqm7h-sast-snyk-check-pod | init container: prepare 2026/04/19 13:54:53 Entrypoint initialization pod: test-comp-iwsw-on-pull-request-cqm7h-sast-snyk-check-pod | init container: place-scripts 2026/04/19 13:54:56 Decoded script /tekton/scripts/script-0-mgtgm 2026/04/19 13:54:56 Decoded script /tekton/scripts/script-1-8swlg pod: test-comp-iwsw-on-pull-request-cqm7h-sast-snyk-check-pod | init container: working-dir-initializer pod: test-comp-iwsw-on-pull-request-cqm7h-sast-snyk-check-pod | container step-sast-snyk-check: INFO: The PROJECT_NAME used is: test-comp-iwsw INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' {"result":"SKIPPED","timestamp":"2026-04-19T13:56:49+00:00","note":"Task sast-snyk-check skipped: If you wish to use the Snyk code SAST task, please create a secret name snyk-secret with the key 'snyk_token' containing the Snyk token by following the steps given [here](https://konflux-ci.dev/docs/testing/build/snyk/)","namespace":"default","successes":0,"failures":0,"warnings":0} pod: test-comp-iwsw-on-pull-request-cqm7h-sast-snyk-check-pod | container step-upload: No sast_snyk_check_out.sarif exists. Skipping upload. No excluded-findings.json exists. Skipping upload. pod: test-comp-iwsw-on-pull-request-cqm7h-sast-unicode-check-pod | init container: prepare 2026/04/19 13:54:54 Entrypoint initialization pod: test-comp-iwsw-on-pull-request-cqm7h-sast-unicode-check-pod | init container: place-scripts 2026/04/19 13:54:56 Decoded script /tekton/scripts/script-0-vq4sx 2026/04/19 13:54:56 Decoded script /tekton/scripts/script-1-xv2c4 pod: test-comp-iwsw-on-pull-request-cqm7h-sast-unicode-check-pod | init container: working-dir-initializer pod: test-comp-iwsw-on-pull-request-cqm7h-sast-unicode-check-pod | container step-sast-unicode-check: + . /utils.sh ++ OPM_RENDER_CACHE=/tmp/konflux-test-opm-cache ++ DEFAULT_INDEX_IMAGE=registry.redhat.io/redhat/redhat-operator-index + trap 'handle_error /tekton/results/TEST_OUTPUT' EXIT + [[ -z '' ]] + PROJECT_NAME=test-comp-iwsw + echo 'INFO: The PROJECT_NAME used is: test-comp-iwsw' INFO: The PROJECT_NAME used is: test-comp-iwsw + ca_bundle=/mnt/trusted-ca/ca-bundle.crt + '[' -f /mnt/trusted-ca/ca-bundle.crt ']' INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt + echo 'INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt' + cp -vf /mnt/trusted-ca/ca-bundle.crt /etc/pki/ca-trust/source/anchors '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' + update-ca-trust + SCAN_PROP=https://github.com/siddhesh/find-unicode-control.git#c2accbfbba7553a8bc1ebd97089ae08ad8347e58 + FUC_EXIT_CODE=0 + LANG=en_US.utf8 + find_unicode_control.py -p bidi -v -d -t /workspace/workspace/source + [[ 0 -ne 0 ]] + sed -i raw_sast_unicode_check_out.txt -E -e 's|(.*:[0-9]+)(.*)|\1: warning:\2|' -e 's|^|Error: UNICONTROL_WARNING:\n|' + CSGERP_OPTS=(--mode=json --remove-duplicates --embed-context=3 --set-scan-prop="${SCAN_PROP}" --strip-path-prefix="${SOURCE_CODE_DIR}"/source/) + csgrep --mode=json --remove-duplicates --embed-context=3 --set-scan-prop=https://github.com/siddhesh/find-unicode-control.git#c2accbfbba7553a8bc1ebd97089ae08ad8347e58 --strip-path-prefix=/workspace/workspace/source/ raw_sast_unicode_check_out.txt + csgrep --mode=evtstat processed_sast_unicode_check_out.json + [[ SITE_DEFAULT == \S\I\T\E\_\D\E\F\A\U\L\T ]] + KFP_GIT_URL=https://gitlab.cee.redhat.com/osh/known-false-positives.git + PROBE_URL=https://gitlab.cee.redhat.com/osh/known-false-positives + KFP_DIR=known-false-positives + KFP_CLONED=0 + mkdir known-false-positives + [[ -n https://gitlab.cee.redhat.com/osh/known-false-positives.git ]] + echo -n 'INFO: Probing https://gitlab.cee.redhat.com/osh/known-false-positives... ' INFO: Probing https://gitlab.cee.redhat.com/osh/known-false-positives... + curl --fail --head --max-time 60 --no-progress-meter https://gitlab.cee.redhat.com/osh/known-false-positives ++ head -1 curl: (6) Could not resolve host: gitlab.cee.redhat.com + [[ 0 -eq 0 ]] + echo 'WARN: Failed to clone known-false-positives at https://gitlab.cee.redhat.com/osh/known-false-positives.git, scan results will not be filtered' WARN: Failed to clone known-false-positives at https://gitlab.cee.redhat.com/osh/known-false-positives.git, scan results will not be filtered + mv processed_sast_unicode_check_out.json sast_unicode_check_out.json + csgrep --mode=sarif sast_unicode_check_out.json + [[ 0 -eq 0 ]] + note='Task sast-unicode-check success: No finding was detected' ++ make_result_json -r SUCCESS -t 'Task sast-unicode-check success: No finding was detected' ++ local RESULT= ++ local SUCCESSES=0 ++ local FAILURES=0 ++ local WARNINGS=0 ++ local 'NOTE=For details, check Tekton task log.' ++ local NAMESPACE=default ++ local OUTPUT ++ local OPTIND opt ++ getopts :r:s:f:w:t:n: opt ++ case "${opt}" in ++ RESULT=SUCCESS ++ getopts :r:s:f:w:t:n: opt ++ case "${opt}" in ++ NOTE='Task sast-unicode-check success: No finding was detected' ++ getopts :r:s:f:w:t:n: opt ++ shift 4 ++ '[' -z SUCCESS ']' ++ case "${RESULT}" in ++++ date -u --iso-8601=seconds +++ jq -rce --arg date 2026-04-19T13:56:50+00:00 --arg result SUCCESS --arg note 'Task sast-unicode-check success: No finding was detected' --arg namespace default --arg successes 0 --arg failures 0 --arg warnings 0 --null-input '{ result: $result, timestamp: $date, note: $note, namespace: $namespace, successes: $successes|tonumber, failures: $failures|tonumber, warnings: $warnings|tonumber }' ++ OUTPUT='{"result":"SUCCESS","timestamp":"2026-04-19T13:56:50+00:00","note":"Task sast-unicode-check success: No finding was detected","namespace":"default","successes":0,"failures":0,"warnings":0}' ++ echo '{"result":"SUCCESS","timestamp":"2026-04-19T13:56:50+00:00","note":"Task sast-unicode-check success: No finding was detected","namespace":"default","successes":0,"failures":0,"warnings":0}' + ERROR_OUTPUT='{"result":"SUCCESS","timestamp":"2026-04-19T13:56:50+00:00","note":"Task sast-unicode-check success: No finding was detected","namespace":"default","successes":0,"failures":0,"warnings":0}' + echo '{"result":"SUCCESS","timestamp":"2026-04-19T13:56:50+00:00","note":"Task sast-unicode-check success: No finding was detected","namespace":"default","successes":0,"failures":0,"warnings":0}' + tee /tekton/results/TEST_OUTPUT {"result":"SUCCESS","timestamp":"2026-04-19T13:56:50+00:00","note":"Task sast-unicode-check success: No finding was detected","namespace":"default","successes":0,"failures":0,"warnings":0} + handle_error /tekton/results/TEST_OUTPUT + exit_code=0 + '[' 0 -ne 0 ']' + exit 0 pod: test-comp-iwsw-on-pull-request-cqm7h-sast-unicode-check-pod | container step-upload: Selecting auth Using token for quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw Attaching to quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw:on-pr-d2388fe1871d355bc27342e92fa9ff21797dba3e Executing: oras attach --no-tty --registry-config /home/oras/auth.json --artifact-type application/sarif+json quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw:on-pr-d2388fe1871d355bc27342e92fa9ff21797dba3e@sha256:adf29095c733ccbf19246873768b13ac251c03ff8802aa304c072f44803c27e6 sast_unicode_check_out.sarif:application/sarif+json Preparing sast_unicode_check_out.sarif Exists 44136fa355b3 application/vnd.oci.empty.v1+json Uploading 1da9b99b8b41 sast_unicode_check_out.sarif Uploaded 1da9b99b8b41 sast_unicode_check_out.sarif Uploading 4457b9aab2bf application/vnd.oci.image.manifest.v1+json Uploaded 4457b9aab2bf application/vnd.oci.image.manifest.v1+json Attached to [registry] quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-iwsw:on-pr-d2388fe1871d355bc27342e92fa9ff21797dba3e@sha256:adf29095c733ccbf19246873768b13ac251c03ff8802aa304c072f44803c27e6 Digest: sha256:4457b9aab2bf6a94883a8ad09f17c22b6c9895bb37658aec30e1484eeaa85025 No excluded-findings.json exists. Skipping upload. New PipelineRun test-comp-iwsw-on-pull-request-485fb found after retrigger for component build-e2e-kzwe/test-comp-iwsw PipelineRun test-comp-iwsw-on-pull-request-485fb found for Component build-e2e-kzwe/test-comp-iwsw PipelineRun test-comp-iwsw-on-pull-request-485fb reason: ResolvingTaskRef PipelineRun test-comp-iwsw-on-pull-request-485fb reason: Running PipelineRun test-comp-iwsw-on-pull-request-485fb reason: Running PipelineRun test-comp-iwsw-on-pull-request-485fb reason: Running PipelineRun test-comp-iwsw-on-pull-request-485fb reason: Running PipelineRun test-comp-iwsw-on-pull-request-485fb reason: Running PipelineRun test-comp-iwsw-on-pull-request-485fb reason: Running PipelineRun test-comp-iwsw-on-pull-request-485fb reason: Running PipelineRun test-comp-iwsw-on-pull-request-485fb reason: Running PipelineRun test-comp-iwsw-on-pull-request-485fb reason: Completed < Exit [It] should eventually finish successfully for component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic and Pipeline docker-build - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:356 @ 04/19/26 14:04:55.659 (3m16.762s) > Enter [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:04:55.659 < Exit [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:04:55.659 (0s) > Enter [It] should push Dockerfile to registry - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:366 @ 04/19/26 14:04:55.66 < Exit [It] should push Dockerfile to registry - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:366 @ 04/19/26 14:04:59.587 (3.927s) > Enter [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:04:59.587 < Exit [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:04:59.587 (0s) > Enter [It] floating tags are created successfully - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:378 @ 04/19/26 14:04:59.588 [SKIPPED] floating tag validation is not needed for: https://github.com/redhat-appstudio-qe/devfile-sample-python-basic In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:380 @ 04/19/26 14:04:59.588 < Exit [It] floating tags are created successfully - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:378 @ 04/19/26 14:04:59.588 (0s) > Enter [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:04:59.588 < Exit [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:04:59.588 (0s) > Enter [It] image manifest mediaType is correct - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:395 @ 04/19/26 14:04:59.588 < Exit [It] image manifest mediaType is correct - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:395 @ 04/19/26 14:04:59.901 (313ms) > Enter [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:04:59.902 < Exit [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:04:59.902 (0s) > Enter [It] check for source images if enabled in pipeline - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:420 @ 04/19/26 14:04:59.902 Source build is enabled: false [SKIPPED] Skipping source image check since it is not enabled in the pipeline In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:440 @ 04/19/26 14:05:00.246 < Exit [It] check for source images if enabled in pipeline - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:420 @ 04/19/26 14:05:00.246 (344ms) > Enter [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:05:00.246 < Exit [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:05:00.247 (0s) > Enter [BeforeAll] when Pipeline Results are stored for component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic and Pipeline docker-build - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:477 @ 04/19/26 14:05:00.247 < Exit [BeforeAll] when Pipeline Results are stored for component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic and Pipeline docker-build - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:477 @ 04/19/26 14:05:00.406 (159ms) > Enter [It] should have Pipeline Records - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:498 @ 04/19/26 14:05:00.406 records for PipelineRun test-comp-iwsw-on-pull-request-485fb: &{[{build-e2e-kzwe/results/f47c0070-27be-4ae3-9cb2-2cf4a6497e57/records/8dce4a47-4170-4a1d-9738-96ee3fae1520 0e2b78e3-760b-4c32-ba70-62d5dddf4d53 0e2b78e3-760b-4c32-ba70-62d5dddf4d53} {build-e2e-kzwe/results/f47c0070-27be-4ae3-9cb2-2cf4a6497e57/records/054bc9de-7e34-4c5f-8904-b6820a3e1bf7 2cc74de6-0ffc-46e3-ad47-52b591d5d0c5 2cc74de6-0ffc-46e3-ad47-52b591d5d0c5} {build-e2e-kzwe/results/f47c0070-27be-4ae3-9cb2-2cf4a6497e57/records/b15dbfa4-1a51-45f0-8541-3771f525a99a 35537bd6-f2d6-47b6-bec5-da89560b6031 35537bd6-f2d6-47b6-bec5-da89560b6031} {build-e2e-kzwe/results/f47c0070-27be-4ae3-9cb2-2cf4a6497e57/records/b8c07688-48f7-4e58-bc81-f594bc32c263 4364ef8d-17a5-4c31-bc58-a36cfb8d5857 4364ef8d-17a5-4c31-bc58-a36cfb8d5857} {build-e2e-kzwe/results/f47c0070-27be-4ae3-9cb2-2cf4a6497e57/records/c243b07c-dd5f-46f5-b860-8d20b3dc1116 51f8d682-4769-4230-a051-4a1a288e6365 51f8d682-4769-4230-a051-4a1a288e6365} {build-e2e-kzwe/results/f47c0070-27be-4ae3-9cb2-2cf4a6497e57/records/e5c0e930-faf9-4be2-b1ea-ff17eec43f8c 6fb61ab8-a5d0-48c2-95e3-db5fbe965cec 6fb61ab8-a5d0-48c2-95e3-db5fbe965cec} {build-e2e-kzwe/results/f47c0070-27be-4ae3-9cb2-2cf4a6497e57/records/f47c0070-27be-4ae3-9cb2-2cf4a6497e57 90a717e8-037d-4d9f-9608-c86ffb4579d4 90a717e8-037d-4d9f-9608-c86ffb4579d4} {build-e2e-kzwe/results/f47c0070-27be-4ae3-9cb2-2cf4a6497e57/records/d436aaba-94b6-4084-8d34-ddaec23243ee 96d3f5ac-90dc-41b6-bc18-968ed66458e7 96d3f5ac-90dc-41b6-bc18-968ed66458e7} {build-e2e-kzwe/results/f47c0070-27be-4ae3-9cb2-2cf4a6497e57/records/3c957b6c-199d-4918-be18-c49d626ed166 a7bbbe4b-835d-433d-b635-1f03cb4777e7 a7bbbe4b-835d-433d-b635-1f03cb4777e7} {build-e2e-kzwe/results/f47c0070-27be-4ae3-9cb2-2cf4a6497e57/records/58a3cd3f-ffc6-4e1e-bd0c-fbb03e2c24aa b656b85b-0c98-412e-acc0-780edc0acec4 b656b85b-0c98-412e-acc0-780edc0acec4} {build-e2e-kzwe/results/f47c0070-27be-4ae3-9cb2-2cf4a6497e57/records/2812e0f6-4246-446d-b660-845396363fc5 bf9a93ff-d200-486f-9594-64d078df339b bf9a93ff-d200-486f-9594-64d078df339b} {build-e2e-kzwe/results/f47c0070-27be-4ae3-9cb2-2cf4a6497e57/records/81e25bfe-f03d-45b7-88a0-4e7177dc7c23 cffccb41-7d75-482c-838f-7634466c4374 cffccb41-7d75-482c-838f-7634466c4374} {build-e2e-kzwe/results/f47c0070-27be-4ae3-9cb2-2cf4a6497e57/records/327f68a3-924e-446b-af62-703f960fb81e d148e605-330b-4f3e-8782-de231f3b0e86 d148e605-330b-4f3e-8782-de231f3b0e86} {build-e2e-kzwe/results/f47c0070-27be-4ae3-9cb2-2cf4a6497e57/records/a8ac28f4-5f0f-43a1-85cc-d7812e38f7af d30ce2a7-4ee7-433e-a98e-8d1e53734679 d30ce2a7-4ee7-433e-a98e-8d1e53734679} {build-e2e-kzwe/results/f47c0070-27be-4ae3-9cb2-2cf4a6497e57/records/d0746ff9-8263-4d38-92e0-8ece26e82403 e37d6b3b-7453-45cd-874d-9be9e56a42bd e37d6b3b-7453-45cd-874d-9be9e56a42bd} {build-e2e-kzwe/results/f47c0070-27be-4ae3-9cb2-2cf4a6497e57/records/6c6158fd-c6c6-489e-a666-dee0cc15eb8a f7ac7f27-df0f-4a3f-aff7-3459d9353927 f7ac7f27-df0f-4a3f-aff7-3459d9353927}]} < Exit [It] should have Pipeline Records - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:498 @ 04/19/26 14:05:00.696 (290ms) > Enter [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:05:00.696 < Exit [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:05:00.697 (0s) > Enter [It] should validate tekton taskrun test results for component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic and Pipeline docker-build - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:540 @ 04/19/26 14:05:00.697 < Exit [It] should validate tekton taskrun test results for component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic and Pipeline docker-build - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:540 @ 04/19/26 14:05:01.054 (356ms) > Enter [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:05:01.054 < Exit [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:05:01.054 (0s) > Enter [BeforeAll] when the container image for component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic is created and pushed to container registry - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:550 @ 04/19/26 14:05:01.054 < Exit [BeforeAll] when the container image for component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic is created and pushed to container registry - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:550 @ 04/19/26 14:05:01.11 (55ms) > Enter [It] should have Hermeto content in the SBOM in case the build was hermetic - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:661 @ 04/19/26 14:05:01.11 [SKIPPED] Hermetic build is not enabled, skipping the test In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:663 @ 04/19/26 14:05:01.11 < Exit [It] should have Hermeto content in the SBOM in case the build was hermetic - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:661 @ 04/19/26 14:05:01.11 (0s) > Enter [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:05:01.11 < Exit [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:05:01.11 (0s) > Enter [It] should eventually finish successfully for component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic and Pipeline docker-build-oci-ta - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:356 @ 04/19/26 14:05:01.111 PipelineRun test-comp-yssu-on-pull-request-tfdwd found for Component build-e2e-kzwe/test-comp-yssu PipelineRun test-comp-yssu-on-pull-request-tfdwd reason: Failed attempt 1/3: PipelineRun "test-comp-yssu-on-pull-request-tfdwd" failed: pod: test-comp-yssu-on-pull-request-tfdwd-apply-tags-pod | init container: prepare 2026/04/19 13:55:00 Entrypoint initialization pod: test-comp-yssu-on-pull-request-tfdwd-apply-tags-pod | container step-apply-additional-tags: time="2026-04-19T13:55:02Z" level=info msg="[param] image-url: quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu:on-pr-d981b3febb34efc636b69c342ae5be53aa224b90" time="2026-04-19T13:55:02Z" level=info msg="[param] digest: sha256:707fe2d1b91e82dce021bea30fc8af5a2e2be21f3a62422b184d4c8e47306d37" time="2026-04-19T13:55:02Z" level=info msg="[param] tags-from-image-label: konflux.additional-tags" time="2026-04-19T13:55:03Z" level=warning msg="No tags given in 'konflux.additional-tags' image label" {"tags":[]} pod: test-comp-yssu-on-pull-request-tfdwd-build-container-pod | init container: prepare 2026/04/19 13:53:22 Entrypoint initialization pod: test-comp-yssu-on-pull-request-tfdwd-build-container-pod | init container: place-scripts 2026/04/19 13:53:31 Decoded script /tekton/scripts/script-1-fg824 2026/04/19 13:53:31 Decoded script /tekton/scripts/script-2-v2jct 2026/04/19 13:53:31 Decoded script /tekton/scripts/script-3-r7pd5 2026/04/19 13:53:31 Decoded script /tekton/scripts/script-4-pgf4r 2026/04/19 13:53:31 Decoded script /tekton/scripts/script-5-xdbbc pod: test-comp-yssu-on-pull-request-tfdwd-build-container-pod | container step-use-trusted-artifact: Using token for quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu Executing: oras blob fetch --registry-config /tmp/use-oci.sh.l8YhZy/auth-MrPMxj.json quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu@sha256:e5afa59a44d24608a15038d8e22d40e4f32f8c7e339720c865fd307e60d65abf --output - Restored artifact quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu@sha256:e5afa59a44d24608a15038d8e22d40e4f32f8c7e339720c865fd307e60d65abf to /var/workdir/source WARN: artifact URI not provided, (given: =/var/workdir/cachi2) pod: test-comp-yssu-on-pull-request-tfdwd-build-container-pod | container step-build: [2026-04-19T13:53:35,738360883+00:00] Validate context path [2026-04-19T13:53:35,741991432+00:00] Update CA trust [2026-04-19T13:53:35,743112319+00:00] Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2026-04-19T13:53:38,358620686+00:00] Prepare Dockerfile Checking if /var/workdir/cachi2/output/bom.json exists. Could not find prefetched sbom. No content_sets found for ICM [2026-04-19T13:53:38,366495394+00:00] Prepare system (architecture: x86_64) [2026-04-19T13:53:38,422279099+00:00] Setup prefetched Trying to pull quay.io/devfile/python:slim... Getting image source signatures Copying blob sha256:0f372def914e585a52a46de64d0ed00b960c02f5f81a307d673e73b404203d61 Copying blob sha256:778656c04542093db6d3b6e07bffbcf6ec4b24709276be7cdf177fcb3666663a Copying blob sha256:2f9c09f7c02f4403f9ec5313e53e63eafe6cd43993457b810ce1b9642812daec Copying blob sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb Copying blob sha256:30fb943195a7f7cee90a9c67461c338d1d76a7004d2f94792b774ef71d875a02 Copying config sha256:04f51101c1b979fb8a45a5332bfa8ed2c60f613ea396c3edd40f3d91702b24ef Writing manifest to image destination [2026-04-19T13:53:58,024462695+00:00] Unsetting proxy { "architecture": "x86_64", "vcs-type": "git", "vcs-ref": "d981b3febb34efc636b69c342ae5be53aa224b90", "org.opencontainers.image.revision": "d981b3febb34efc636b69c342ae5be53aa224b90", "org.opencontainers.image.source": "https://github.com/redhat-appstudio-qe/devfile-sample-python-basic", "quay.expires-after": "6h", "build-date": "2026-04-19T13:53:38Z", "org.opencontainers.image.created": "2026-04-19T13:53:38Z", "io.buildah.version": "1.42.2" } [2026-04-19T13:53:58,069518722+00:00] Register sub-man Adding the entitlement to the build [2026-04-19T13:53:58,072646650+00:00] Add secrets [2026-04-19T13:53:58,080044717+00:00] Run buildah build [2026-04-19T13:53:58,081123827+00:00] buildah build --volume /tmp/entitlement:/etc/pki/entitlement --security-opt=unmask=/proc/interrupts --label architecture=x86_64 --label vcs-type=git --label vcs-ref=d981b3febb34efc636b69c342ae5be53aa224b90 --label org.opencontainers.image.revision=d981b3febb34efc636b69c342ae5be53aa224b90 --label org.opencontainers.image.source=https://github.com/redhat-appstudio-qe/devfile-sample-python-basic --label quay.expires-after=6h --label build-date=2026-04-19T13:53:38Z --label org.opencontainers.image.created=2026-04-19T13:53:38Z --annotation org.opencontainers.image.revision=d981b3febb34efc636b69c342ae5be53aa224b90 --annotation org.opencontainers.image.source=https://github.com/redhat-appstudio-qe/devfile-sample-python-basic --annotation org.opencontainers.image.created=2026-04-19T13:53:38Z --tls-verify=true --no-cache --ulimit nofile=4096:4096 --http-proxy=false -f /tmp/Dockerfile.UIYFVx -t quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu:on-pr-d981b3febb34efc636b69c342ae5be53aa224b90 . STEP 1/11: FROM quay.io/devfile/python:slim STEP 2/11: EXPOSE 8081/tcp STEP 3/11: ENV FLASK_PORT=8081 STEP 4/11: WORKDIR /projects STEP 5/11: COPY requirements.txt . STEP 6/11: RUN pip install -r requirements.txt Collecting Flask==2.1.0 Downloading Flask-2.1.0-py3-none-any.whl (95 kB) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 95.2/95.2 kB 20.7 MB/s eta 0:00:00 Collecting Werkzeug>=2.0 Downloading werkzeug-3.1.8-py3-none-any.whl (226 kB) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 226.5/226.5 kB 98.4 MB/s eta 0:00:00 Collecting Jinja2>=3.0 Downloading jinja2-3.1.6-py3-none-any.whl (134 kB) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 134.9/134.9 kB 98.4 MB/s eta 0:00:00 Collecting itsdangerous>=2.0 Downloading itsdangerous-2.2.0-py3-none-any.whl (16 kB) Collecting click>=8.0 Downloading click-8.3.2-py3-none-any.whl (108 kB) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 108.4/108.4 kB 103.8 MB/s eta 0:00:00 Collecting MarkupSafe>=2.0 Downloading markupsafe-3.0.3-cp311-cp311-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl (22 kB) Installing collected packages: MarkupSafe, itsdangerous, click, Werkzeug, Jinja2, Flask Successfully installed Flask-2.1.0 Jinja2-3.1.6 MarkupSafe-3.0.3 Werkzeug-3.1.8 click-8.3.2 itsdangerous-2.2.0 WARNING: Running pip as the 'root' user can result in broken permissions and conflicting behaviour with the system package manager. It is recommended to use a virtual environment instead: https://pip.pypa.io/warnings/venv [notice] A new release of pip available: 22.3.1 -> 26.0.1 [notice] To update, run: pip install --upgrade pip STEP 7/11: COPY . . STEP 8/11: CMD [ "python", "./app.py" ] STEP 9/11: COPY labels.json /usr/share/buildinfo/labels.json STEP 10/11: COPY labels.json /root/buildinfo/labels.json STEP 11/11: LABEL "architecture"="x86_64" "vcs-type"="git" "vcs-ref"="d981b3febb34efc636b69c342ae5be53aa224b90" "org.opencontainers.image.revision"="d981b3febb34efc636b69c342ae5be53aa224b90" "org.opencontainers.image.source"="https://github.com/redhat-appstudio-qe/devfile-sample-python-basic" "quay.expires-after"="6h" "build-date"="2026-04-19T13:53:38Z" "org.opencontainers.image.created"="2026-04-19T13:53:38Z" COMMIT quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu:on-pr-d981b3febb34efc636b69c342ae5be53aa224b90 --> de628cc63a6d Successfully tagged quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu:on-pr-d981b3febb34efc636b69c342ae5be53aa224b90 de628cc63a6da9621c04175d522ccbb0d1cccefe2164aa349706ea5ceb7517be [2026-04-19T13:54:06,221453276+00:00] Unsetting proxy [2026-04-19T13:54:06,222868612+00:00] Add metadata Recording base image digests used quay.io/devfile/python:slim quay.io/devfile/python:slim@sha256:54924a2ee4a2ef17028ae076ce38e59b3f4054353a5c9f9318dfaee60377532c Getting image source signatures Copying blob sha256:cac3a446bb1e2efd42dc84569853dd5b3bc43946f9cc2fe148ace90cb2b0d446 Copying blob sha256:d326469892d974408d96f1e02d64dce10d20f88613688af11e99e3e22523beeb Copying blob sha256:d9892173749de078dfb702835e9e3858aff86e7447fb11c5a2f2c6bb10f882f6 Copying blob sha256:609bcd29c7943a6667e3204bfa5b86a07d255f78ebc26d4c4e8981b335ac3b9a Copying blob sha256:b5ebffba54d3e3f7fd80435fcdc34c4a96fdb2ecab0f0a298fe08f74c2f69d29 Copying blob sha256:0a7eaca7a2e7e116a5658c409ea2ceb98226b7481a3b0f90c8d94d9f230fe238 Copying config sha256:de628cc63a6da9621c04175d522ccbb0d1cccefe2164aa349706ea5ceb7517be Writing manifest to image destination [2026-04-19T13:54:10,503236715+00:00] End build pod: test-comp-yssu-on-pull-request-tfdwd-build-container-pod | container step-push: [2026-04-19T13:54:10,943362386+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2026-04-19T13:54:13,044981767+00:00] Convert image [2026-04-19T13:54:13,046236093+00:00] Push image with unique tag Pushing to quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu:test-comp-yssu-on-pull-request-tfdwd-build-container [retry] executing: buildah push --format=oci --retry 3 --tls-verify=true quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu:on-pr-d981b3febb34efc636b69c342ae5be53aa224b90 docker://quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu:test-comp-yssu-on-pull-request-tfdwd-build-container Getting image source signatures Copying blob sha256:cac3a446bb1e2efd42dc84569853dd5b3bc43946f9cc2fe148ace90cb2b0d446 Copying blob sha256:d9892173749de078dfb702835e9e3858aff86e7447fb11c5a2f2c6bb10f882f6 Copying blob sha256:d326469892d974408d96f1e02d64dce10d20f88613688af11e99e3e22523beeb Copying blob sha256:609bcd29c7943a6667e3204bfa5b86a07d255f78ebc26d4c4e8981b335ac3b9a Copying blob sha256:b5ebffba54d3e3f7fd80435fcdc34c4a96fdb2ecab0f0a298fe08f74c2f69d29 Copying blob sha256:0a7eaca7a2e7e116a5658c409ea2ceb98226b7481a3b0f90c8d94d9f230fe238 Copying config sha256:de628cc63a6da9621c04175d522ccbb0d1cccefe2164aa349706ea5ceb7517be Writing manifest to image destination [2026-04-19T13:54:15,922534985+00:00] Push image with git revision Pushing to quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu:on-pr-d981b3febb34efc636b69c342ae5be53aa224b90 [retry] executing: buildah push --format=oci --retry 3 --tls-verify=true --digestfile /var/workdir/image-digest quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu:on-pr-d981b3febb34efc636b69c342ae5be53aa224b90 docker://quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu:on-pr-d981b3febb34efc636b69c342ae5be53aa224b90 Getting image source signatures Copying blob sha256:cac3a446bb1e2efd42dc84569853dd5b3bc43946f9cc2fe148ace90cb2b0d446 Copying blob sha256:0a7eaca7a2e7e116a5658c409ea2ceb98226b7481a3b0f90c8d94d9f230fe238 Copying blob sha256:b5ebffba54d3e3f7fd80435fcdc34c4a96fdb2ecab0f0a298fe08f74c2f69d29 Copying blob sha256:d326469892d974408d96f1e02d64dce10d20f88613688af11e99e3e22523beeb Copying blob sha256:609bcd29c7943a6667e3204bfa5b86a07d255f78ebc26d4c4e8981b335ac3b9a Copying blob sha256:d9892173749de078dfb702835e9e3858aff86e7447fb11c5a2f2c6bb10f882f6 Copying config sha256:de628cc63a6da9621c04175d522ccbb0d1cccefe2164aa349706ea5ceb7517be Writing manifest to image destination sha256:707fe2d1b91e82dce021bea30fc8af5a2e2be21f3a62422b184d4c8e47306d37quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu:on-pr-d981b3febb34efc636b69c342ae5be53aa224b90 [retry] executing: kubectl get configmap cluster-config -n konflux-info -o json Keyless signing is disabled (none of rekorInternalUrl, fulcioInternalUrl, defaultOIDCIssuer, tufInternalUrl are configured in the konflux-info/cluster-config configmap) [2026-04-19T13:54:16,879572701+00:00] End push pod: test-comp-yssu-on-pull-request-tfdwd-build-container-pod | container step-sbom-syft-generate: [2026-04-19T13:54:17,040541746+00:00] Generate SBOM Running syft on the image Running syft on the source code [0000] WARN no explicit name and version provided for directory source, deriving artifact ID from the given path (which is not ideal) [2026-04-19T13:54:26,002706967+00:00] End sbom-syft-generate pod: test-comp-yssu-on-pull-request-tfdwd-build-container-pod | container step-prepare-sboms: [2026-04-19T13:54:26,154821125+00:00] Prepare SBOM [2026-04-19T13:54:26,158906313+00:00] Generate SBOM with mobster Skipping SBOM validation 2026-04-19 13:54:27,250 [INFO] mobster.log: Logging level set to 20 2026-04-19 13:54:27,329 [INFO] mobster.oci: Fetching manifest for quay.io/devfile/python@sha256:54924a2ee4a2ef17028ae076ce38e59b3f4054353a5c9f9318dfaee60377532c 2026-04-19 13:54:27,839 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type spdxjson failed for quay.io/devfile/python@sha256:54924a2ee4a2ef17028ae076ce38e59b3f4054353a5c9f9318dfaee60377532c with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-19 13:54:28,013 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type cyclonedx failed for quay.io/devfile/python@sha256:54924a2ee4a2ef17028ae076ce38e59b3f4054353a5c9f9318dfaee60377532c with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-19 13:54:28,403 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type spdxjson failed for quay.io/devfile/python@sha256:54924a2ee4a2ef17028ae076ce38e59b3f4054353a5c9f9318dfaee60377532c with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-19 13:54:28,602 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type cyclonedx failed for quay.io/devfile/python@sha256:54924a2ee4a2ef17028ae076ce38e59b3f4054353a5c9f9318dfaee60377532c with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-19 13:54:29,010 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type spdxjson failed for quay.io/devfile/python@sha256:54924a2ee4a2ef17028ae076ce38e59b3f4054353a5c9f9318dfaee60377532c with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-19 13:54:29,198 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type cyclonedx failed for quay.io/devfile/python@sha256:54924a2ee4a2ef17028ae076ce38e59b3f4054353a5c9f9318dfaee60377532c with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-19 13:54:29,630 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type spdxjson failed for quay.io/devfile/python@sha256:54924a2ee4a2ef17028ae076ce38e59b3f4054353a5c9f9318dfaee60377532c with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-19 13:54:29,814 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type cyclonedx failed for quay.io/devfile/python@sha256:54924a2ee4a2ef17028ae076ce38e59b3f4054353a5c9f9318dfaee60377532c with output b'Error: found no attestations\nerror during command execution: found no attestations\n' 2026-04-19 13:54:29,814 [INFO] mobster.cmd.generate.oci_image.contextual_sbom.contextualize: Contextual mechanism won't be used, there is no parent image SBOM. 2026-04-19 13:54:29,814 [INFO] mobster.cmd.generate.oci_image: Contextual SBOM workflow finished successfully. 2026-04-19 13:54:29,815 [INFO] mobster.log: Contextual workflow completed in 2.50s 2026-04-19 13:54:29,837 [INFO] mobster.main: Exiting with code 0. [2026-04-19T13:54:29,902529524+00:00] End prepare-sboms pod: test-comp-yssu-on-pull-request-tfdwd-build-container-pod | container step-upload-sbom: [2026-04-19T13:54:30,240562731+00:00] Upload SBOM INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' Using token for quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu Pushing sbom to registry [retry] executing: cosign attach sbom --sbom sbom.json --type spdx quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu:on-pr-d981b3febb34efc636b69c342ae5be53aa224b90@sha256:707fe2d1b91e82dce021bea30fc8af5a2e2be21f3a62422b184d4c8e47306d37 WARNING: SBOM attachments are deprecated and support will be removed in a Cosign release soon after 2024-02-22 (see https://github.com/sigstore/cosign/issues/2755). Instead, please use SBOM attestations. WARNING: Attaching SBOMs this way does not sign them. To sign them, use 'cosign attest --predicate sbom.json --key <key path>'. Uploading SBOM file for [quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu@sha256:707fe2d1b91e82dce021bea30fc8af5a2e2be21f3a62422b184d4c8e47306d37] to [quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu:sha256-707fe2d1b91e82dce021bea30fc8af5a2e2be21f3a62422b184d4c8e47306d37.sbom] with mediaType [text/spdx+json]. quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu@sha256:9916ea163f9be66d4611d013e74845f5a579ab2148a1771cb1106f23293542bb [2026-04-19T13:54:33,393002128+00:00] End upload-sbom pod: test-comp-yssu-on-pull-request-tfdwd-build-image-index-pod | init container: prepare 2026/04/19 13:54:45 Entrypoint initialization pod: test-comp-yssu-on-pull-request-tfdwd-build-image-index-pod | init container: place-scripts 2026/04/19 13:54:46 Decoded script /tekton/scripts/script-0-vz92m 2026/04/19 13:54:46 Decoded script /tekton/scripts/script-1-7rs7m 2026/04/19 13:54:46 Decoded script /tekton/scripts/script-2-9h69p pod: test-comp-yssu-on-pull-request-tfdwd-build-image-index-pod | container step-build: [2026-04-19T13:54:50,014509749+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' Running konflux-build-cli time="2026-04-19T13:54:52Z" level=info msg="[param] image: quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu:on-pr-d981b3febb34efc636b69c342ae5be53aa224b90" time="2026-04-19T13:54:52Z" level=info msg="[param] images: [quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu:on-pr-d981b3febb34efc636b69c342ae5be53aa224b90@sha256:707fe2d1b91e82dce021bea30fc8af5a2e2be21f3a62422b184d4c8e47306d37]" time="2026-04-19T13:54:52Z" level=info msg="[param] buildah-format: oci" time="2026-04-19T13:54:52Z" level=info msg="[param] always-build-index: false" time="2026-04-19T13:54:52Z" level=info msg="[param] additional-tags: [test-comp-yssu-on-pull-request-tfdwd-build-image-index]" time="2026-04-19T13:54:52Z" level=info msg="[param] output-manifest-path: /index-build-data/manifest_data.json" time="2026-04-19T13:54:52Z" level=info msg="[param] result-path-image-digest: /tekton/results/IMAGE_DIGEST" time="2026-04-19T13:54:52Z" level=info msg="[param] result-path-image-url: /tekton/results/IMAGE_URL" time="2026-04-19T13:54:52Z" level=info msg="[param] result-path-image-ref: /tekton/results/IMAGE_REF" time="2026-04-19T13:54:52Z" level=info msg="[param] result-path-images: /tekton/results/IMAGES" time="2026-04-19T13:54:52Z" level=info msg="Creating manifest list: quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu:on-pr-d981b3febb34efc636b69c342ae5be53aa224b90" time="2026-04-19T13:54:52Z" level=info msg="buildah [stdout] 64247682b04d2ae252de3dbb0f0feb1ac278480789d23a8575ebe9a76424db59" logger=CliExecutor time="2026-04-19T13:54:52Z" level=info msg="Skipping image index generation. Returning results for single image." {"image_digest":"sha256:707fe2d1b91e82dce021bea30fc8af5a2e2be21f3a62422b184d4c8e47306d37","image_url":"quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu:on-pr-d981b3febb34efc636b69c342ae5be53aa224b90","image_ref":"quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu@sha256:707fe2d1b91e82dce021bea30fc8af5a2e2be21f3a62422b184d4c8e47306d37","images":"quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu@sha256:707fe2d1b91e82dce021bea30fc8af5a2e2be21f3a62422b184d4c8e47306d37"} pod: test-comp-yssu-on-pull-request-tfdwd-build-image-index-pod | container step-create-sbom: The manifest_data.json file does not exist. Skipping the SBOM creation... pod: test-comp-yssu-on-pull-request-tfdwd-build-image-index-pod | container step-upload-sbom: [2026-04-19T13:54:53,140711419+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' The index.spdx.json file does not exists. Skipping the SBOM upload... pod: test-comp-yssu-on-pull-request-tfdwd-clair-scan-pod | init container: prepare 2026/04/19 13:56:59 Entrypoint initialization pod: test-comp-yssu-on-pull-request-tfdwd-clair-scan-pod | init container: place-scripts 2026/04/19 13:57:00 Decoded script /tekton/scripts/script-0-sfmps 2026/04/19 13:57:00 Decoded script /tekton/scripts/script-1-dpss8 2026/04/19 13:57:00 Decoded script /tekton/scripts/script-2-j2nqr 2026/04/19 13:57:00 Decoded script /tekton/scripts/script-3-7xrm4 pod: test-comp-yssu-on-pull-request-tfdwd-clair-scan-pod | container step-get-image-manifests: Inspecting raw image manifest quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu@sha256:707fe2d1b91e82dce021bea30fc8af5a2e2be21f3a62422b184d4c8e47306d37. pod: test-comp-yssu-on-pull-request-tfdwd-clair-scan-pod | container step-get-vulnerabilities: Running clair-action on amd64 image manifest... �[90m2026-04-19T13:59:53Z�[0m �[32mINF�[0m �[1mmatchers created�[0m �[36mcomponent=�[0mlibvuln/New �[36mmatchers=�[0m[{"docs":"https://pkg.go.dev/github.com/quay/claircore/rhel","name":"rhel"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/rhel/rhcc","name":"rhel-container-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/aws","name":"aws-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/gobin","name":"gobin"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/python","name":"python"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/ruby","name":"ruby-gem"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/suse","name":"suse"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/alpine","name":"alpine-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/oracle","name":"oracle"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/ubuntu","name":"ubuntu-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/debian","name":"debian-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/java","name":"java-maven"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/photon","name":"photon"}] �[90m2026-04-19T13:59:53Z�[0m �[32mINF�[0m �[1mlibvuln initialized�[0m �[36mcomponent=�[0mlibvuln/New �[90m2026-04-19T13:59:54Z�[0m �[32mINF�[0m �[1mregistered configured scanners�[0m �[36mcomponent=�[0mlibindex/New �[90m2026-04-19T13:59:54Z�[0m �[32mINF�[0m �[1mNewLayerScanner: constructing a new layer-scanner�[0m �[36mcomponent=�[0mindexer.NewLayerScanner �[90m2026-04-19T13:59:54Z�[0m �[32mINF�[0m �[1mindex request start�[0m �[36mcomponent=�[0mlibindex/Libindex.Index �[36mmanifest=�[0msha256:707fe2d1b91e82dce021bea30fc8af5a2e2be21f3a62422b184d4c8e47306d37 �[90m2026-04-19T13:59:54Z�[0m �[32mINF�[0m �[1mstarting scan�[0m �[36mcomponent=�[0mindexer/controller/Controller.Index �[36mmanifest=�[0msha256:707fe2d1b91e82dce021bea30fc8af5a2e2be21f3a62422b184d4c8e47306d37 �[90m2026-04-19T13:59:54Z�[0m �[32mINF�[0m �[1mmanifest to be scanned�[0m �[36mcomponent=�[0mindexer/controller/Controller.Index �[36mmanifest=�[0msha256:707fe2d1b91e82dce021bea30fc8af5a2e2be21f3a62422b184d4c8e47306d37 �[36mstate=�[0mCheckManifest �[90m2026-04-19T13:59:54Z�[0m �[32mINF�[0m �[1mlayers fetch start�[0m �[36mcomponent=�[0mindexer/controller/Controller.Index �[36mmanifest=�[0msha256:707fe2d1b91e82dce021bea30fc8af5a2e2be21f3a62422b184d4c8e47306d37 �[36mstate=�[0mFetchLayers �[90m2026-04-19T13:59:55Z�[0m �[32mINF�[0m �[1mlayers fetch success�[0m �[36mcomponent=�[0mindexer/controller/Controller.Index �[36mmanifest=�[0msha256:707fe2d1b91e82dce021bea30fc8af5a2e2be21f3a62422b184d4c8e47306d37 �[36mstate=�[0mFetchLayers �[90m2026-04-19T13:59:55Z�[0m �[32mINF�[0m �[1mlayers fetch done�[0m �[36mcomponent=�[0mindexer/controller/Controller.Index �[36mmanifest=�[0msha256:707fe2d1b91e82dce021bea30fc8af5a2e2be21f3a62422b184d4c8e47306d37 �[36mstate=�[0mFetchLayers �[90m2026-04-19T13:59:55Z�[0m �[32mINF�[0m �[1mlayers scan start�[0m �[36mcomponent=�[0mindexer/controller/Controller.Index �[36mmanifest=�[0msha256:707fe2d1b91e82dce021bea30fc8af5a2e2be21f3a62422b184d4c8e47306d37 �[36mstate=�[0mScanLayers �[90m2026-04-19T13:59:55Z�[0m �[32mINF�[0m �[1mlayers scan done�[0m �[36mcomponent=�[0mindexer/controller/Controller.Index �[36mmanifest=�[0msha256:707fe2d1b91e82dce021bea30fc8af5a2e2be21f3a62422b184d4c8e47306d37 �[36mstate=�[0mScanLayers �[90m2026-04-19T13:59:55Z�[0m �[32mINF�[0m �[1mstarting index manifest�[0m �[36mcomponent=�[0mindexer/controller/Controller.Index �[36mmanifest=�[0msha256:707fe2d1b91e82dce021bea30fc8af5a2e2be21f3a62422b184d4c8e47306d37 �[36mstate=�[0mIndexManifest �[90m2026-04-19T13:59:55Z�[0m �[32mINF�[0m �[1mfinishing scan�[0m �[36mcomponent=�[0mindexer/controller/Controller.Index �[36mmanifest=�[0msha256:707fe2d1b91e82dce021bea30fc8af5a2e2be21f3a62422b184d4c8e47306d37 �[36mstate=�[0mIndexFinished �[90m2026-04-19T13:59:55Z�[0m �[32mINF�[0m �[1mmanifest successfully scanned�[0m �[36mcomponent=�[0mindexer/controller/Controller.Index �[36mmanifest=�[0msha256:707fe2d1b91e82dce021bea30fc8af5a2e2be21f3a62422b184d4c8e47306d37 �[36mstate=�[0mIndexFinished �[90m2026-04-19T13:59:55Z�[0m �[32mINF�[0m �[1mindex request done�[0m �[36mcomponent=�[0mlibindex/Libindex.Index �[36mmanifest=�[0msha256:707fe2d1b91e82dce021bea30fc8af5a2e2be21f3a62422b184d4c8e47306d37 { "manifest_hash": "sha256:707fe2d1b91e82dce021bea30fc8af5a2e2be21f3a62422b184d4c8e47306d37", "packages": { "+GDQTbek1zYvATiVR/wBCA==": { "id": "+GDQTbek1zYvATiVR/wBCA==", "name": "gzip", "version": "1.10-4+deb11u1", "kind": "binary", "source": { "id": "", "name": "gzip", "version": "1.10-4+deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "+aaqENN9U+Kuxcb1tQ8Utg==": { "id": "+aaqENN9U+Kuxcb1tQ8Utg==", "name": "netbase", "version": "6.3", "kind": "binary", "source": { "id": "", "name": "netbase", "version": "6.3", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "all", "cpe": "" }, "+ol9cHiNc+RWiD7Kw3TLCg==": { "id": "+ol9cHiNc+RWiD7Kw3TLCg==", "name": "libcom-err2", "version": "1.46.2-2", "kind": "binary", "source": { "id": "", "name": "e2fsprogs", "version": "1.46.2-2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "05vApGRmP6ko1S0ji87IIQ==": { "id": "05vApGRmP6ko1S0ji87IIQ==", "name": "libunistring2", "version": "0.9.10-4", "kind": "binary", "source": { "id": "", "name": "libunistring", "version": "0.9.10-4", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "0jMyX7UCIuSpntMN1r7Ofg==": { "id": "0jMyX7UCIuSpntMN1r7Ofg==", "name": "libzstd1", "version": "1.4.8+dfsg-2.1", "kind": "binary", "source": { "id": "", "name": "libzstd", "version": "1.4.8+dfsg-2.1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "1jyJPCL93kiEbfmNKeyz3g==": { "id": "1jyJPCL93kiEbfmNKeyz3g==", "name": "jinja2", "version": "3.1.6", "kind": "binary", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "pep440:0.3.1.6.0.0.0.0.0.0", "cpe": "" }, "2MObxiEVNllmUEzdVZM5qw==": { "id": "2MObxiEVNllmUEzdVZM5qw==", "name": "apt", "version": "2.2.4", "kind": "binary", "source": { "id": "", "name": "apt", "version": "2.2.4", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "3f992oeEQfSQxRA0nlq8Wg==": { "id": "3f992oeEQfSQxRA0nlq8Wg==", "name": "libgcrypt20", "version": "1.8.7-6", "kind": "binary", "source": { "id": "", "name": "libgcrypt20", "version": "1.8.7-6", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "4672uZtn8TnHDEzWVyhfjw==": { "id": "4672uZtn8TnHDEzWVyhfjw==", "name": "base-files", "version": "11.1+deb11u5", "kind": "binary", "source": { "id": "", "name": "base-files", "version": "11.1+deb11u5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "4jCPzhS6OWt4agz9d/cfTw==": { "id": "4jCPzhS6OWt4agz9d/cfTw==", "name": "ncurses-base", "version": "6.2+20201114-2", "kind": "binary", "source": { "id": "", "name": "ncurses", "version": "6.2+20201114-2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "all", "cpe": "" }, "5zxxTA220k9gPCegfDHkag==": { "id": "5zxxTA220k9gPCegfDHkag==", "name": "libgmp10", "version": "2:6.2.1+dfsg-1+deb11u1", "kind": "binary", "source": { "id": "", "name": "gmp", "version": "2:6.2.1+dfsg-1+deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "7a3yla6TRFZrhmAreU7f8Q==": { "id": "7a3yla6TRFZrhmAreU7f8Q==", "name": "libexpat1", "version": "2.2.10-2+deb11u5", "kind": "binary", "source": { "id": "", "name": "expat", "version": "2.2.10-2+deb11u5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "8alfBYUr5uWbAyB5PrY8Hg==": { "id": "8alfBYUr5uWbAyB5PrY8Hg==", "name": "libudev1", "version": "247.3-7+deb11u1", "kind": "binary", "source": { "id": "", "name": "systemd", "version": "247.3-7+deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "9snKXrH4dQy2IXHQ01Lg0A==": { "id": "9snKXrH4dQy2IXHQ01Lg0A==", "name": "libaudit1", "version": "1:3.0-2", "kind": "binary", "source": { "id": "", "name": "audit", "version": "1:3.0-2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "Akbft1KN+9FKNhh1tM25eA==": { "id": "Akbft1KN+9FKNhh1tM25eA==", "name": "mount", "version": "2.36.1-8+deb11u1", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.36.1-8+deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "BJL42acLPAR8bEnmM1Z3mg==": { "id": "BJL42acLPAR8bEnmM1Z3mg==", "name": "libblkid1", "version": "2.36.1-8+deb11u1", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.36.1-8+deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "CBzoMmlXBcyP54HOnauO0g==": { "id": "CBzoMmlXBcyP54HOnauO0g==", "name": "libpam-runtime", "version": "1.4.0-9+deb11u1", "kind": "binary", "source": { "id": "", "name": "pam", "version": "1.4.0-9+deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "all", "cpe": "" }, "CpILSbg3p6D7Gsp8sCW1Rg==": { "id": "CpILSbg3p6D7Gsp8sCW1Rg==", "name": "libsemanage1", "version": "3.1-1+b2", "kind": "binary", "source": { "id": "", "name": "libsemanage", "version": "3.1-1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "D0G6c/ML9XX4eoGHgx1jeQ==": { "id": "D0G6c/ML9XX4eoGHgx1jeQ==", "name": "libc6", "version": "2.31-13+deb11u5", "kind": "binary", "source": { "id": "", "name": "glibc", "version": "2.31-13+deb11u5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "DY5Co0gkGtbgwDlkjfJLWA==": { "id": "DY5Co0gkGtbgwDlkjfJLWA==", "name": "markupsafe", "version": "3.0.3", "kind": "binary", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "pep440:0.3.0.3.0.0.0.0.0.0", "cpe": "" }, "DtMxcnDA8Je9vAHjmzagaA==": { "id": "DtMxcnDA8Je9vAHjmzagaA==", "name": "e2fsprogs", "version": "1.46.2-2", "kind": "binary", "source": { "id": "", "name": "e2fsprogs", "version": "1.46.2-2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "EVGnnBfWyiVHhoIR4vEpgg==": { "id": "EVGnnBfWyiVHhoIR4vEpgg==", "name": "libbz2-1.0", "version": "1.0.8-4", "kind": "binary", "source": { "id": "", "name": "bzip2", "version": "1.0.8-4", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "ExYxXcgoIRjAjUObwDE4jA==": { "id": "ExYxXcgoIRjAjUObwDE4jA==", "name": "libk5crypto3", "version": "1.18.3-6+deb11u3", "kind": "binary", "source": { "id": "", "name": "krb5", "version": "1.18.3-6+deb11u3", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "FJIijlwFNqvdoVBcfTF/pg==": { "id": "FJIijlwFNqvdoVBcfTF/pg==", "name": "login", "version": "1:4.8.1-1", "kind": "binary", "source": { "id": "", "name": "shadow", "version": "1:4.8.1-1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "FOAAB3KiNsLyi03hQsjRTA==": { "id": "FOAAB3KiNsLyi03hQsjRTA==", "name": "libcrypt1", "version": "1:4.4.18-4", "kind": "binary", "source": { "id": "", "name": "libxcrypt", "version": "1:4.4.18-4", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "FrUy4mOCaHm5aGT53as3JQ==": { "id": "FrUy4mOCaHm5aGT53as3JQ==", "name": "diffutils", "version": "1:3.7-5", "kind": "binary", "source": { "id": "", "name": "diffutils", "version": "1:3.7-5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "G/7q+D+DsqYAVnohcyuzgQ==": { "id": "G/7q+D+DsqYAVnohcyuzgQ==", "name": "libssl1.1", "version": "1.1.1n-0+deb11u3", "kind": "binary", "source": { "id": "", "name": "openssl", "version": "1.1.1n-0+deb11u3", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "GGaavnLgXX31qx9chfhdOQ==": { "id": "GGaavnLgXX31qx9chfhdOQ==", "name": "libaudit-common", "version": "1:3.0-2", "kind": "binary", "source": { "id": "", "name": "audit", "version": "1:3.0-2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "all", "cpe": "" }, "Gm6VA87iOnaQ0rWR6oO9eA==": { "id": "Gm6VA87iOnaQ0rWR6oO9eA==", "name": "libpcre2-8-0", "version": "10.36-2+deb11u1", "kind": "binary", "source": { "id": "", "name": "pcre2", "version": "10.36-2+deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "HFwGHerHwgvY8vkjr3x1Pg==": { "id": "HFwGHerHwgvY8vkjr3x1Pg==", "name": "itsdangerous", "version": "2.2.0", "kind": "binary", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "pep440:0.2.2.0.0.0.0.0.0.0", "cpe": "" }, "IQfQp74RcAWE7jHtQsMLHg==": { "id": "IQfQp74RcAWE7jHtQsMLHg==", "name": "bsdutils", "version": "1:2.36.1-8+deb11u1", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.36.1-8+deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "IiJKm8T4olfm6rhuKayFOw==": { "id": "IiJKm8T4olfm6rhuKayFOw==", "name": "lsb-base", "version": "11.1.0", "kind": "binary", "source": { "id": "", "name": "lsb", "version": "11.1.0", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "all", "cpe": "" }, "Jg2vDvx1JxyPDIrUzzR9NQ==": { "id": "Jg2vDvx1JxyPDIrUzzR9NQ==", "name": "grep", "version": "3.6-1", "kind": "binary", "source": { "id": "", "name": "grep", "version": "3.6-1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "LOfpAnA/2f7zE4SFJCrxVg==": { "id": "LOfpAnA/2f7zE4SFJCrxVg==", "name": "zlib1g", "version": "1:1.2.11.dfsg-2+deb11u2", "kind": "binary", "source": { "id": "", "name": "zlib", "version": "1:1.2.11.dfsg-2+deb11u2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "LVHVhWoZgWwWvOspyUwb1w==": { "id": "LVHVhWoZgWwWvOspyUwb1w==", "name": "libreadline8", "version": "8.1-1", "kind": "binary", "source": { "id": "", "name": "readline", "version": "8.1-1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "MvKvHHnD0jaLaWpyHvkhgQ==": { "id": "MvKvHHnD0jaLaWpyHvkhgQ==", "name": "passwd", "version": "1:4.8.1-1", "kind": "binary", "source": { "id": "", "name": "shadow", "version": "1:4.8.1-1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "NA4G2YrIZ73fsX7d5r5rGw==": { "id": "NA4G2YrIZ73fsX7d5r5rGw==", "name": "debconf", "version": "1.5.77", "kind": "binary", "source": { "id": "", "name": "debconf", "version": "1.5.77", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "all", "cpe": "" }, "NzkVb7F31E+Vxxz3PCS6tg==": { "id": "NzkVb7F31E+Vxxz3PCS6tg==", "name": "libkrb5support0", "version": "1.18.3-6+deb11u3", "kind": "binary", "source": { "id": "", "name": "krb5", "version": "1.18.3-6+deb11u3", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "OgJFdUXRfF1Ls8u1+eOivw==": { "id": "OgJFdUXRfF1Ls8u1+eOivw==", "name": "libgpg-error0", "version": "1.38-2", "kind": "binary", "source": { "id": "", "name": "libgpg-error", "version": "1.38-2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "PaaRbD/FkW3JARtSKQgRcQ==": { "id": "PaaRbD/FkW3JARtSKQgRcQ==", "name": "libattr1", "version": "1:2.4.48-6", "kind": "binary", "source": { "id": "", "name": "attr", "version": "1:2.4.48-6", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "PgPY5hWnihXRN45byvzY0g==": { "id": "PgPY5hWnihXRN45byvzY0g==", "name": "libncursesw6", "version": "6.2+20201114-2", "kind": "binary", "source": { "id": "", "name": "ncurses", "version": "6.2+20201114-2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "R1TkRM71ql+JWgz0VF5ESQ==": { "id": "R1TkRM71ql+JWgz0VF5ESQ==", "name": "libsepol1", "version": "3.1-1", "kind": "binary", "source": { "id": "", "name": "libsepol", "version": "3.1-1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "RAMuXEdVU4AJ/z4aiK/NNg==": { "id": "RAMuXEdVU4AJ/z4aiK/NNg==", "name": "setuptools", "version": "65.5.0", "kind": "binary", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "pep440:0.65.5.0.0.0.0.0.0.0", "cpe": "" }, "RYsqO4ROpGMzzCO5WaTrlw==": { "id": "RYsqO4ROpGMzzCO5WaTrlw==", "name": "dpkg", "version": "1.20.12", "kind": "binary", "source": { "id": "", "name": "dpkg", "version": "1.20.12", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "RgdwX+VC70nXZ2E527PXaA==": { "id": "RgdwX+VC70nXZ2E527PXaA==", "name": "logsave", "version": "1.46.2-2", "kind": "binary", "source": { "id": "", "name": "e2fsprogs", "version": "1.46.2-2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "SWnjL4fWu+WMpxhSCWLhZQ==": { "id": "SWnjL4fWu+WMpxhSCWLhZQ==", "name": "base-passwd", "version": "3.5.51", "kind": "binary", "source": { "id": "", "name": "base-passwd", "version": "3.5.51", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "T5NuX1yinNyGoZNN2r9u4Q==": { "id": "T5NuX1yinNyGoZNN2r9u4Q==", "name": "ca-certificates", "version": "20210119", "kind": "binary", "source": { "id": "", "name": "ca-certificates", "version": "20210119", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "all", "cpe": "" }, "VVXsYlCxogg17Ti1iR03Mw==": { "id": "VVXsYlCxogg17Ti1iR03Mw==", "name": "libseccomp2", "version": "2.5.1-1+deb11u1", "kind": "binary", "source": { "id": "", "name": "libseccomp", "version": "2.5.1-1+deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "VbNyM3GfR5vEmJdFAiKqrA==": { "id": "VbNyM3GfR5vEmJdFAiKqrA==", "name": "gcc-9-base", "version": "9.3.0-22", "kind": "binary", "source": { "id": "", "name": "gcc-9", "version": "9.3.0-22", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "Wi4oa03apqVdR6okNeZiNA==": { "id": "Wi4oa03apqVdR6okNeZiNA==", "name": "libgnutls30", "version": "3.7.1-5+deb11u2", "kind": "binary", "source": { "id": "", "name": "gnutls28", "version": "3.7.1-5+deb11u2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "ZPlAztePXX+uFLVDX2lgNQ==": { "id": "ZPlAztePXX+uFLVDX2lgNQ==", "name": "libsemanage-common", "version": "3.1-1", "kind": "binary", "source": { "id": "", "name": "libsemanage", "version": "3.1-1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "all", "cpe": "" }, "ZWeYh81MRCu1nh3mOyptIA==": { "id": "ZWeYh81MRCu1nh3mOyptIA==", "name": "libmount1", "version": "2.36.1-8+deb11u1", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.36.1-8+deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "bGWj1aSf0wvrecU/pdTv5A==": { "id": "bGWj1aSf0wvrecU/pdTv5A==", "name": "gcc-10-base", "version": "10.2.1-6", "kind": "binary", "source": { "id": "", "name": "gcc-10", "version": "10.2.1-6", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "bHkSxcl6e1quNxLGb6uX8A==": { "id": "bHkSxcl6e1quNxLGb6uX8A==", "name": "coreutils", "version": "8.32-4+b1", "kind": "binary", "source": { "id": "", "name": "coreutils", "version": "8.32-4", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "bTSLWiizipO2axtmvXFuVg==": { "id": "bTSLWiizipO2axtmvXFuVg==", "name": "libtasn1-6", "version": "4.16.0-2", "kind": "binary", "source": { "id": "", "name": "libtasn1-6", "version": "4.16.0-2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "be3s5y0dx4bgsQboIoDduw==": { "id": "be3s5y0dx4bgsQboIoDduw==", "name": "libp11-kit0", "version": "0.23.22-1", "kind": "binary", "source": { "id": "", "name": "p11-kit", "version": "0.23.22-1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "brvvAQ6V7yp7QbUuk+W5Hg==": { "id": "brvvAQ6V7yp7QbUuk+W5Hg==", "name": "libext2fs2", "version": "1.46.2-2", "kind": "binary", "source": { "id": "", "name": "e2fsprogs", "version": "1.46.2-2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "d4b/e0nx+/vPWuPB7oDzPw==": { "id": "d4b/e0nx+/vPWuPB7oDzPw==", "name": "libc-bin", "version": "2.31-13+deb11u5", "kind": "binary", "source": { "id": "", "name": "glibc", "version": "2.31-13+deb11u5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "dRfu6Up2F2Ze+gJ21oSeug==": { "id": "dRfu6Up2F2Ze+gJ21oSeug==", "name": "libgdbm6", "version": "1.19-2", "kind": "binary", "source": { "id": "", "name": "gdbm", "version": "1.19-2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "dUT53gagQO5Ac9Bdlu5dAw==": { "id": "dUT53gagQO5Ac9Bdlu5dAw==", "name": "sysvinit-utils", "version": "2.96-7+deb11u1", "kind": "binary", "source": { "id": "", "name": "sysvinit", "version": "2.96-7+deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "dXglURzzdbLnOf14mab1Hg==": { "id": "dXglURzzdbLnOf14mab1Hg==", "name": "tar", "version": "1.34+dfsg-1", "kind": "binary", "source": { "id": "", "name": "tar", "version": "1.34+dfsg-1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "dobmrwm7aq9puvFHwNgXxw==": { "id": "dobmrwm7aq9puvFHwNgXxw==", "name": "libstdc++6", "version": "10.2.1-6", "kind": "binary", "source": { "id": "", "name": "gcc-10", "version": "10.2.1-6", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "dv3AlW8tBL4D0mEPW7/Z2Q==": { "id": "dv3AlW8tBL4D0mEPW7/Z2Q==", "name": "libpam-modules-bin", "version": "1.4.0-9+deb11u1", "kind": "binary", "source": { "id": "", "name": "pam", "version": "1.4.0-9+deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "eF2QIdrTmJlWmjQTkhntow==": { "id": "eF2QIdrTmJlWmjQTkhntow==", "name": "wheel", "version": "0.38.4", "kind": "binary", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "pep440:0.0.38.4.0.0.0.0.0.0", "cpe": "" }, "elSR7m8uLWd/kMl2jxTm/A==": { "id": "elSR7m8uLWd/kMl2jxTm/A==", "name": "libpam-modules", "version": "1.4.0-9+deb11u1", "kind": "binary", "source": { "id": "", "name": "pam", "version": "1.4.0-9+deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "evNF5YpSAxyFV7iWv3lSVw==": { "id": "evNF5YpSAxyFV7iWv3lSVw==", "name": "openssl", "version": "1.1.1n-0+deb11u3", "kind": "binary", "source": { "id": "", "name": "openssl", "version": "1.1.1n-0+deb11u3", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "fCmdLCR2Ix0ldnZL1Fa52A==": { "id": "fCmdLCR2Ix0ldnZL1Fa52A==", "name": "bash", "version": "5.1-2+deb11u1", "kind": "binary", "source": { "id": "", "name": "bash", "version": "5.1-2+deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "fqwKjkzVNvsxh6040zt05g==": { "id": "fqwKjkzVNvsxh6040zt05g==", "name": "hostname", "version": "3.23", "kind": "binary", "source": { "id": "", "name": "hostname", "version": "3.23", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "fyM9Y65kt8cTfJv4LKF7bg==": { "id": "fyM9Y65kt8cTfJv4LKF7bg==", "name": "libcap-ng0", "version": "0.7.9-2.2+b1", "kind": "binary", "source": { "id": "", "name": "libcap-ng", "version": "0.7.9-2.2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "gP9HgvZWct50Kw/hM7BCKg==": { "id": "gP9HgvZWct50Kw/hM7BCKg==", "name": "libtirpc-common", "version": "1.3.1-1+deb11u1", "kind": "binary", "source": { "id": "", "name": "libtirpc", "version": "1.3.1-1+deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "all", "cpe": "" }, "gv6x84VyNacZgvJrC59jbQ==": { "id": "gv6x84VyNacZgvJrC59jbQ==", "name": "libffi7", "version": "3.3-6", "kind": "binary", "source": { "id": "", "name": "libffi", "version": "3.3-6", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "hdNUjYIlrdEAtBWAggakAw==": { "id": "hdNUjYIlrdEAtBWAggakAw==", "name": "perl-base", "version": "5.32.1-4+deb11u2", "kind": "binary", "source": { "id": "", "name": "perl", "version": "5.32.1-4+deb11u2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "i4JkQ9JgSpZVyPFWOY5Bxw==": { "id": "i4JkQ9JgSpZVyPFWOY5Bxw==", "name": "liblz4-1", "version": "1.9.3-2", "kind": "binary", "source": { "id": "", "name": "lz4", "version": "1.9.3-2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "iWqdRZmp08/Tx22qEtmjJg==": { "id": "iWqdRZmp08/Tx22qEtmjJg==", "name": "libpcre3", "version": "2:8.39-13", "kind": "binary", "source": { "id": "", "name": "pcre3", "version": "2:8.39-13", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "jErhz6PtXvAy/EPWJ425rA==": { "id": "jErhz6PtXvAy/EPWJ425rA==", "name": "libuuid1", "version": "2.36.1-8+deb11u1", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.36.1-8+deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "jKa8Us2cqGejhOc2/n5DDA==": { "id": "jKa8Us2cqGejhOc2/n5DDA==", "name": "libsmartcols1", "version": "2.36.1-8+deb11u1", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.36.1-8+deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "kq4lGEwi4agkgAJAkDs9Ng==": { "id": "kq4lGEwi4agkgAJAkDs9Ng==", "name": "flask", "version": "2.1.0", "kind": "binary", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "pep440:0.2.1.0.0.0.0.0.0.0", "cpe": "" }, "krch6TQqNWzRi5F/dDkF+Q==": { "id": "krch6TQqNWzRi5F/dDkF+Q==", "name": "ncurses-bin", "version": "6.2+20201114-2", "kind": "binary", "source": { "id": "", "name": "ncurses", "version": "6.2+20201114-2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "l5lCPjtOmPM8/LLh9+NjeQ==": { "id": "l5lCPjtOmPM8/LLh9+NjeQ==", "name": "gpgv", "version": "2.2.27-2+deb11u2", "kind": "binary", "source": { "id": "", "name": "gnupg2", "version": "2.2.27-2+deb11u2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "l89yAZ/vyULk4EoaRdbg9w==": { "id": "l89yAZ/vyULk4EoaRdbg9w==", "name": "click", "version": "8.3.2", "kind": "binary", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "pep440:0.8.3.2.0.0.0.0.0.0", "cpe": "" }, "lCjIskl1HulEHShaXtgmwQ==": { "id": "lCjIskl1HulEHShaXtgmwQ==", "name": "libtinfo6", "version": "6.2+20201114-2", "kind": "binary", "source": { "id": "", "name": "ncurses", "version": "6.2+20201114-2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "lvz5sq0NbU6sy/F1tg9uiQ==": { "id": "lvz5sq0NbU6sy/F1tg9uiQ==", "name": "libkeyutils1", "version": "1.6.1-2", "kind": "binary", "source": { "id": "", "name": "keyutils", "version": "1.6.1-2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "mlFDx1iAC2OWpmYHut2JHw==": { "id": "mlFDx1iAC2OWpmYHut2JHw==", "name": "libnettle8", "version": "3.7.3-1", "kind": "binary", "source": { "id": "", "name": "nettle", "version": "3.7.3-1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "nV87o429QBKIpM8DyOv4wg==": { "id": "nV87o429QBKIpM8DyOv4wg==", "name": "debian-archive-keyring", "version": "2021.1.1", "kind": "binary", "source": { "id": "", "name": "debian-archive-keyring", "version": "2021.1.1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "all", "cpe": "" }, "ngOu/a+sfrdDkZtETF1mgg==": { "id": "ngOu/a+sfrdDkZtETF1mgg==", "name": "libselinux1", "version": "3.1-3", "kind": "binary", "source": { "id": "", "name": "libselinux", "version": "3.1-3", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "nmd/xrCD27AKRWAzA5JZCA==": { "id": "nmd/xrCD27AKRWAzA5JZCA==", "name": "mawk", "version": "1.3.4.20200120-2", "kind": "binary", "source": { "id": "", "name": "mawk", "version": "1.3.4.20200120-2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "npX4tBmidkxp2QJN/c3Ktw==": { "id": "npX4tBmidkxp2QJN/c3Ktw==", "name": "libdebconfclient0", "version": "0.260", "kind": "binary", "source": { "id": "", "name": "cdebconf", "version": "0.260", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "nwapLKtbHTjy1u8+aA0X+Q==": { "id": "nwapLKtbHTjy1u8+aA0X+Q==", "name": "pip", "version": "22.3.1", "kind": "binary", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "pep440:0.22.3.1.0.0.0.0.0.0", "cpe": "" }, "oH9T0w9ZyXDCGJ6Np6n1Iw==": { "id": "oH9T0w9ZyXDCGJ6Np6n1Iw==", "name": "init-system-helpers", "version": "1.60", "kind": "binary", "source": { "id": "", "name": "init-system-helpers", "version": "1.60", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "all", "cpe": "" }, "ozJ983JkaV259+RUbqutzw==": { "id": "ozJ983JkaV259+RUbqutzw==", "name": "dash", "version": "0.5.11+git20200708+dd9ef66-5", "kind": "binary", "source": { "id": "", "name": "dash", "version": "0.5.11+git20200708+dd9ef66-5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "p+J9YgA22NC8PDODpTSxgw==": { "id": "p+J9YgA22NC8PDODpTSxgw==", "name": "libidn2-0", "version": "2.3.0-5", "kind": "binary", "source": { "id": "", "name": "libidn2", "version": "2.3.0-5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "pHAWej2qVWZtoCQ5DGoRcQ==": { "id": "pHAWej2qVWZtoCQ5DGoRcQ==", "name": "tzdata", "version": "2021a-1+deb11u8", "kind": "binary", "source": { "id": "", "name": "tzdata", "version": "2021a-1+deb11u8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "all", "cpe": "" }, "pZoLgWqHDgjhYQPevrtwdg==": { "id": "pZoLgWqHDgjhYQPevrtwdg==", "name": "libss2", "version": "1.46.2-2", "kind": "binary", "source": { "id": "", "name": "e2fsprogs", "version": "1.46.2-2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "q78XIEiJs5tQHLZtjoU3Fg==": { "id": "q78XIEiJs5tQHLZtjoU3Fg==", "name": "adduser", "version": "3.118", "kind": "binary", "source": { "id": "", "name": "adduser", "version": "3.118", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "all", "cpe": "" }, "qN2BSWBeEFRJnExMNJ1S0A==": { "id": "qN2BSWBeEFRJnExMNJ1S0A==", "name": "libsqlite3-0", "version": "3.34.1-3", "kind": "binary", "source": { "id": "", "name": "sqlite3", "version": "3.34.1-3", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "qrPZzwjmppjOiQbrGk5IQA==": { "id": "qrPZzwjmppjOiQbrGk5IQA==", "name": "libgssapi-krb5-2", "version": "1.18.3-6+deb11u3", "kind": "binary", "source": { "id": "", "name": "krb5", "version": "1.18.3-6+deb11u3", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "rJ4UB7yOdBPwgrk5WLwIQw==": { "id": "rJ4UB7yOdBPwgrk5WLwIQw==", "name": "libhogweed6", "version": "3.7.3-1", "kind": "binary", "source": { "id": "", "name": "nettle", "version": "3.7.3-1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "rUyBCRoo9C2erJrGUkvuDQ==": { "id": "rUyBCRoo9C2erJrGUkvuDQ==", "name": "libtirpc3", "version": "1.3.1-1+deb11u1", "kind": "binary", "source": { "id": "", "name": "libtirpc", "version": "1.3.1-1+deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "s66OGd0F2Pbemhmyrg2R9w==": { "id": "s66OGd0F2Pbemhmyrg2R9w==", "name": "libsystemd0", "version": "247.3-7+deb11u1", "kind": "binary", "source": { "id": "", "name": "systemd", "version": "247.3-7+deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "sU05gaIadSYQd4+DxTnInw==": { "id": "sU05gaIadSYQd4+DxTnInw==", "name": "libacl1", "version": "2.2.53-10", "kind": "binary", "source": { "id": "", "name": "acl", "version": "2.2.53-10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "sXwy5mmgqLM9WC30BdKwTA==": { "id": "sXwy5mmgqLM9WC30BdKwTA==", "name": "readline-common", "version": "8.1-1", "kind": "binary", "source": { "id": "", "name": "readline", "version": "8.1-1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "all", "cpe": "" }, "tNSJ6slY9zv+TZ6de2MVDQ==": { "id": "tNSJ6slY9zv+TZ6de2MVDQ==", "name": "liblzma5", "version": "5.2.5-2.1~deb11u1", "kind": "binary", "source": { "id": "", "name": "xz-utils", "version": "5.2.5-2.1~deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "tYADP/V07/lE8Qno1R/hhg==": { "id": "tYADP/V07/lE8Qno1R/hhg==", "name": "libgcc-s1", "version": "10.2.1-6", "kind": "binary", "source": { "id": "", "name": "gcc-10", "version": "10.2.1-6", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "uRB+svwXXxpR9DkvUVmAUQ==": { "id": "uRB+svwXXxpR9DkvUVmAUQ==", "name": "werkzeug", "version": "3.1.8", "kind": "binary", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "pep440:0.3.1.8.0.0.0.0.0.0", "cpe": "" }, "uXsuLx/plg6mDddGlE/9EA==": { "id": "uXsuLx/plg6mDddGlE/9EA==", "name": "libxxhash0", "version": "0.8.0-2", "kind": "binary", "source": { "id": "", "name": "xxhash", "version": "0.8.0-2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "vqKK+x/7cGHNjLr4L7x4uQ==": { "id": "vqKK+x/7cGHNjLr4L7x4uQ==", "name": "libdb5.3", "version": "5.3.28+dfsg1-0.8", "kind": "binary", "source": { "id": "", "name": "db5.3", "version": "5.3.28+dfsg1-0.8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "wkuBBC4B84P3b4K0fGF0OQ==": { "id": "wkuBBC4B84P3b4K0fGF0OQ==", "name": "util-linux", "version": "2.36.1-8+deb11u1", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.36.1-8+deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "xaMEpa2lawXi7R9jqzX8hA==": { "id": "xaMEpa2lawXi7R9jqzX8hA==", "name": "findutils", "version": "4.8.0-1", "kind": "binary", "source": { "id": "", "name": "findutils", "version": "4.8.0-1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "yYcMjCGhY/mc+KraTEHSJg==": { "id": "yYcMjCGhY/mc+KraTEHSJg==", "name": "libkrb5-3", "version": "1.18.3-6+deb11u3", "kind": "binary", "source": { "id": "", "name": "krb5", "version": "1.18.3-6+deb11u3", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "zL6jHnohFUDkhEaUeTlPOQ==": { "id": "zL6jHnohFUDkhEaUeTlPOQ==", "name": "sed", "version": "4.7-1", "kind": "binary", "source": { "id": "", "name": "sed", "version": "4.7-1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "zQ8wKwnOqSw7e/gsx76vLQ==": { "id": "zQ8wKwnOqSw7e/gsx76vLQ==", "name": "debianutils", "version": "4.11.2", "kind": "binary", "source": { "id": "", "name": "debianutils", "version": "4.11.2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "zRv/Q67g6qJWTz0qqj4+BA==": { "id": "zRv/Q67g6qJWTz0qqj4+BA==", "name": "libnsl2", "version": "1.3.0-2", "kind": "binary", "source": { "id": "", "name": "libnsl", "version": "1.3.0-2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "zV4ikAKeqBYFSvXnkFMYgg==": { "id": "zV4ikAKeqBYFSvXnkFMYgg==", "name": "libpam0g", "version": "1.4.0-9+deb11u1", "kind": "binary", "source": { "id": "", "name": "pam", "version": "1.4.0-9+deb11u1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" }, "zw9OGAXs3mWkBkmfKzbfqg==": { "id": "zw9OGAXs3mWkBkmfKzbfqg==", "name": "libapt-pkg6.0", "version": "2.2.4", "kind": "binary", "source": { "id": "", "name": "apt", "version": "2.2.4", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "amd64", "cpe": "" } }, "distributions": { "5ad61b23-0caf-4921-8049-6ab39bd3cb7a": { "id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" } }, "repository": { "84bc39b1-ea76-4e6c-b1b9-99ea1a0b6a1e": { "id": "84bc39b1-ea76-4e6c-b1b9-99ea1a0b6a1e", "name": "pypi", "uri": "https://pypi.org/simple", "cpe": "" } }, "environments": { "+GDQTbek1zYvATiVR/wBCA==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "+aaqENN9U+Kuxcb1tQ8Utg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:778656c04542093db6d3b6e07bffbcf6ec4b24709276be7cdf177fcb3666663a", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "+ol9cHiNc+RWiD7Kw3TLCg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "05vApGRmP6ko1S0ji87IIQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "0jMyX7UCIuSpntMN1r7Ofg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "1jyJPCL93kiEbfmNKeyz3g==": [ { "package_db": "python:usr/local/lib/python3.11/site-packages", "introduced_in": "sha256:426f79092341b48e1b019e36b0a4bfac170655f18165147df411a1ca549d85a0", "distribution_id": "", "repository_ids": [ "84bc39b1-ea76-4e6c-b1b9-99ea1a0b6a1e" ] } ], "2MObxiEVNllmUEzdVZM5qw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "3f992oeEQfSQxRA0nlq8Wg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "4672uZtn8TnHDEzWVyhfjw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "4jCPzhS6OWt4agz9d/cfTw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "5zxxTA220k9gPCegfDHkag==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "7a3yla6TRFZrhmAreU7f8Q==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:2f9c09f7c02f4403f9ec5313e53e63eafe6cd43993457b810ce1b9642812daec", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "8alfBYUr5uWbAyB5PrY8Hg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "9snKXrH4dQy2IXHQ01Lg0A==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "Akbft1KN+9FKNhh1tM25eA==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "BJL42acLPAR8bEnmM1Z3mg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "CBzoMmlXBcyP54HOnauO0g==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "CpILSbg3p6D7Gsp8sCW1Rg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "D0G6c/ML9XX4eoGHgx1jeQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "DY5Co0gkGtbgwDlkjfJLWA==": [ { "package_db": "python:usr/local/lib/python3.11/site-packages", "introduced_in": "sha256:426f79092341b48e1b019e36b0a4bfac170655f18165147df411a1ca549d85a0", "distribution_id": "", "repository_ids": [ "84bc39b1-ea76-4e6c-b1b9-99ea1a0b6a1e" ] } ], "DtMxcnDA8Je9vAHjmzagaA==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "EVGnnBfWyiVHhoIR4vEpgg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "ExYxXcgoIRjAjUObwDE4jA==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "FJIijlwFNqvdoVBcfTF/pg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "FOAAB3KiNsLyi03hQsjRTA==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "FrUy4mOCaHm5aGT53as3JQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "G/7q+D+DsqYAVnohcyuzgQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "GGaavnLgXX31qx9chfhdOQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "Gm6VA87iOnaQ0rWR6oO9eA==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "HFwGHerHwgvY8vkjr3x1Pg==": [ { "package_db": "python:usr/local/lib/python3.11/site-packages", "introduced_in": "sha256:426f79092341b48e1b019e36b0a4bfac170655f18165147df411a1ca549d85a0", "distribution_id": "", "repository_ids": [ "84bc39b1-ea76-4e6c-b1b9-99ea1a0b6a1e" ] } ], "IQfQp74RcAWE7jHtQsMLHg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "IiJKm8T4olfm6rhuKayFOw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "Jg2vDvx1JxyPDIrUzzR9NQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "LOfpAnA/2f7zE4SFJCrxVg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "LVHVhWoZgWwWvOspyUwb1w==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:2f9c09f7c02f4403f9ec5313e53e63eafe6cd43993457b810ce1b9642812daec", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "MvKvHHnD0jaLaWpyHvkhgQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "NA4G2YrIZ73fsX7d5r5rGw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "NzkVb7F31E+Vxxz3PCS6tg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "OgJFdUXRfF1Ls8u1+eOivw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "PaaRbD/FkW3JARtSKQgRcQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "PgPY5hWnihXRN45byvzY0g==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:2f9c09f7c02f4403f9ec5313e53e63eafe6cd43993457b810ce1b9642812daec", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "R1TkRM71ql+JWgz0VF5ESQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "RAMuXEdVU4AJ/z4aiK/NNg==": [ { "package_db": "python:usr/local/lib/python3.11/site-packages", "introduced_in": "sha256:0f372def914e585a52a46de64d0ed00b960c02f5f81a307d673e73b404203d61", "distribution_id": "", "repository_ids": [ "84bc39b1-ea76-4e6c-b1b9-99ea1a0b6a1e" ] } ], "RYsqO4ROpGMzzCO5WaTrlw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "RgdwX+VC70nXZ2E527PXaA==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "SWnjL4fWu+WMpxhSCWLhZQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "T5NuX1yinNyGoZNN2r9u4Q==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:778656c04542093db6d3b6e07bffbcf6ec4b24709276be7cdf177fcb3666663a", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "VVXsYlCxogg17Ti1iR03Mw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "VbNyM3GfR5vEmJdFAiKqrA==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "Wi4oa03apqVdR6okNeZiNA==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "ZPlAztePXX+uFLVDX2lgNQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "ZWeYh81MRCu1nh3mOyptIA==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "bGWj1aSf0wvrecU/pdTv5A==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "bHkSxcl6e1quNxLGb6uX8A==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "bTSLWiizipO2axtmvXFuVg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "be3s5y0dx4bgsQboIoDduw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "brvvAQ6V7yp7QbUuk+W5Hg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "d4b/e0nx+/vPWuPB7oDzPw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "dRfu6Up2F2Ze+gJ21oSeug==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:2f9c09f7c02f4403f9ec5313e53e63eafe6cd43993457b810ce1b9642812daec", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "dUT53gagQO5Ac9Bdlu5dAw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "dXglURzzdbLnOf14mab1Hg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "dobmrwm7aq9puvFHwNgXxw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "dv3AlW8tBL4D0mEPW7/Z2Q==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "eF2QIdrTmJlWmjQTkhntow==": [ { "package_db": "python:usr/local/lib/python3.11/site-packages", "introduced_in": "sha256:0f372def914e585a52a46de64d0ed00b960c02f5f81a307d673e73b404203d61", "distribution_id": "", "repository_ids": [ "84bc39b1-ea76-4e6c-b1b9-99ea1a0b6a1e" ] } ], "elSR7m8uLWd/kMl2jxTm/A==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "evNF5YpSAxyFV7iWv3lSVw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:778656c04542093db6d3b6e07bffbcf6ec4b24709276be7cdf177fcb3666663a", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "fCmdLCR2Ix0ldnZL1Fa52A==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "fqwKjkzVNvsxh6040zt05g==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "fyM9Y65kt8cTfJv4LKF7bg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "gP9HgvZWct50Kw/hM7BCKg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "gv6x84VyNacZgvJrC59jbQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "hdNUjYIlrdEAtBWAggakAw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "i4JkQ9JgSpZVyPFWOY5Bxw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "iWqdRZmp08/Tx22qEtmjJg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "jErhz6PtXvAy/EPWJ425rA==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "jKa8Us2cqGejhOc2/n5DDA==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "kq4lGEwi4agkgAJAkDs9Ng==": [ { "package_db": "python:usr/local/lib/python3.11/site-packages", "introduced_in": "sha256:426f79092341b48e1b019e36b0a4bfac170655f18165147df411a1ca549d85a0", "distribution_id": "", "repository_ids": [ "84bc39b1-ea76-4e6c-b1b9-99ea1a0b6a1e" ] } ], "krch6TQqNWzRi5F/dDkF+Q==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "l5lCPjtOmPM8/LLh9+NjeQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "l89yAZ/vyULk4EoaRdbg9w==": [ { "package_db": "python:usr/local/lib/python3.11/site-packages", "introduced_in": "sha256:426f79092341b48e1b019e36b0a4bfac170655f18165147df411a1ca549d85a0", "distribution_id": "", "repository_ids": [ "84bc39b1-ea76-4e6c-b1b9-99ea1a0b6a1e" ] } ], "lCjIskl1HulEHShaXtgmwQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "lvz5sq0NbU6sy/F1tg9uiQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "mlFDx1iAC2OWpmYHut2JHw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "nV87o429QBKIpM8DyOv4wg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "ngOu/a+sfrdDkZtETF1mgg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "nmd/xrCD27AKRWAzA5JZCA==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "npX4tBmidkxp2QJN/c3Ktw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "nwapLKtbHTjy1u8+aA0X+Q==": [ { "package_db": "python:usr/local/lib/python3.11/site-packages", "introduced_in": "sha256:0f372def914e585a52a46de64d0ed00b960c02f5f81a307d673e73b404203d61", "distribution_id": "", "repository_ids": [ "84bc39b1-ea76-4e6c-b1b9-99ea1a0b6a1e" ] } ], "oH9T0w9ZyXDCGJ6Np6n1Iw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "ozJ983JkaV259+RUbqutzw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "p+J9YgA22NC8PDODpTSxgw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "pHAWej2qVWZtoCQ5DGoRcQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "pZoLgWqHDgjhYQPevrtwdg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "q78XIEiJs5tQHLZtjoU3Fg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "qN2BSWBeEFRJnExMNJ1S0A==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:2f9c09f7c02f4403f9ec5313e53e63eafe6cd43993457b810ce1b9642812daec", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "qrPZzwjmppjOiQbrGk5IQA==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "rJ4UB7yOdBPwgrk5WLwIQw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "rUyBCRoo9C2erJrGUkvuDQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "s66OGd0F2Pbemhmyrg2R9w==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "sU05gaIadSYQd4+DxTnInw==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "sXwy5mmgqLM9WC30BdKwTA==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:2f9c09f7c02f4403f9ec5313e53e63eafe6cd43993457b810ce1b9642812daec", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "tNSJ6slY9zv+TZ6de2MVDQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "tYADP/V07/lE8Qno1R/hhg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "uRB+svwXXxpR9DkvUVmAUQ==": [ { "package_db": "python:usr/local/lib/python3.11/site-packages", "introduced_in": "sha256:426f79092341b48e1b019e36b0a4bfac170655f18165147df411a1ca549d85a0", "distribution_id": "", "repository_ids": [ "84bc39b1-ea76-4e6c-b1b9-99ea1a0b6a1e" ] } ], "uXsuLx/plg6mDddGlE/9EA==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "vqKK+x/7cGHNjLr4L7x4uQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "wkuBBC4B84P3b4K0fGF0OQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "xaMEpa2lawXi7R9jqzX8hA==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "yYcMjCGhY/mc+KraTEHSJg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "zL6jHnohFUDkhEaUeTlPOQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "zQ8wKwnOqSw7e/gsx76vLQ==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "zRv/Q67g6qJWTz0qqj4+BA==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "zV4ikAKeqBYFSvXnkFMYgg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ], "zw9OGAXs3mWkBkmfKzbfqg==": [ { "package_db": "var/lib/dpkg/status", "introduced_in": "sha256:025c56f98b679f70b7a54241917e56da7b59ab9d2defecc6ebdb0bf2750484bb", "distribution_id": "5ad61b23-0caf-4921-8049-6ab39bd3cb7a", "repository_ids": null } ] }, "vulnerabilities": { "+N61/5529gFt7RkD8ooeKQ==": { "id": "+N61/5529gFt7RkD8ooeKQ==", "updater": "debian/updater", "name": "CVE-2023-0465", "description": "Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skipped for that certificate. A malicious CA could use this to deliberately assert invalid certificate policies in order to circumvent policy checking on the certificate altogether. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-0465", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1n-0+deb11u5" }, "+x9OyXfXk9PrekfsnPKwlg==": { "id": "+x9OyXfXk9PrekfsnPKwlg==", "updater": "debian/updater", "name": "CVE-2020-13529", "description": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2020-13529", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "/7UJLAHsMPxTtTxvuPgrzA==": { "id": "/7UJLAHsMPxTtTxvuPgrzA==", "updater": "debian/updater", "name": "CVE-2024-45491", "description": "An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX).", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-45491", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "2.2.10-2+deb11u6" }, "/YwO4YLRGgF2uWU55V6+MQ==": { "id": "/YwO4YLRGgF2uWU55V6+MQ==", "updater": "debian/updater", "name": "CVE-2019-1010022", "description": "GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2019-1010022", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "08pa4udz9bnA9IOsE208DA==": { "id": "08pa4udz9bnA9IOsE208DA==", "updater": "debian/updater", "name": "CVE-2023-4039", "description": "**DISPUTED**A failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in dynamically-sized local variables in your application without this being detected. This stack-protector failure only applies to C99-style dynamically-sized local variables or those created using alloca(). The stack-protector operates as intended for statically-sized local variables. The default behavior when the stack-protector detects an overflow is to terminate your application, resulting in controlled loss of availability. An attacker who can exploit a buffer overflow without triggering the stack-protector might be able to change program flow control to cause an uncontrolled loss of availability or to go further and affect confidentiality or integrity. NOTE: The GCC project argues that this is a missed hardening bug and not a vulnerability by itself.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-4039", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "gcc-10", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "0H/7BkE/Q7YVSZhEABXg6w==": { "id": "0H/7BkE/Q7YVSZhEABXg6w==", "updater": "debian/updater", "name": "CVE-2024-26458", "description": "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-26458", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "krb5", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "0q/btA3zBEGWWmFxU7cNig==": { "id": "0q/btA3zBEGWWmFxU7cNig==", "updater": "debian/updater", "name": "CVE-2026-40225", "description": "In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-40225", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "247.3-7+deb11u8" }, "1U/zi3CEao+52y8LKU0uvw==": { "id": "1U/zi3CEao+52y8LKU0uvw==", "updater": "debian/updater", "name": "CVE-2021-36084", "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and __cil_pre_verify_helper).", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2021-36084", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "libsepol", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "3.1-1+deb11u1" }, "1VnWeA5AZgybyD8+PiXyiw==": { "id": "1VnWeA5AZgybyD8+PiXyiw==", "updater": "debian/updater", "name": "CVE-2025-70873", "description": "An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows attackers to obtain heap memory via supplying a crafted ZIP file.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-70873", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "sqlite3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "1dwwvWkARnFe67yAAGVglQ==": { "id": "1dwwvWkARnFe67yAAGVglQ==", "updater": "debian/updater", "name": "CVE-2023-31438", "description": "An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent \"a reply denying that any of the finding was a security vulnerability.\"", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-31438", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "27BVJE6xR0Z84LzifDnFYA==": { "id": "27BVJE6xR0Z84LzifDnFYA==", "updater": "debian/updater", "name": "CVE-2022-48303", "description": "GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2022-48303", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "tar", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.34+dfsg-1+deb11u1" }, "3QDeWfKuntq5YxjjCuZXRQ==": { "id": "3QDeWfKuntq5YxjjCuZXRQ==", "updater": "debian/updater", "name": "CVE-2025-68160", "description": "Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based out-of-bounds write. Impact summary: This out-of-bounds write can cause memory corruption which typically results in a crash, leading to Denial of Service for an application. The line-buffering BIO filter (BIO_f_linebuffer) is not used by default in TLS/SSL data paths. In OpenSSL command-line applications, it is typically only pushed onto stdout/stderr on VMS systems. Third-party applications that explicitly use this filter with a BIO chain that can short-write and that write large, newline-free data influenced by an attacker would be affected. However, the circumstances where this could happen are unlikely to be under attacker control, and BIO_f_linebuffer is unlikely to be handling non-curated data controlled by an attacker. For that reason the issue was assessed as Low severity. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the BIO implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-68160", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1w-0+deb11u5" }, "3Z3QMUqCN4dQV+f8cjn1eA==": { "id": "3Z3QMUqCN4dQV+f8cjn1eA==", "updater": "debian/updater", "name": "CVE-2025-69420", "description": "Issue summary: A type confusion vulnerability exists in the TimeStamp Response verification code where an ASN1_TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference when processing a malformed TimeStamp Response file. Impact summary: An application calling TS_RESP_verify_response() with a malformed TimeStamp Response can be caused to dereference an invalid or NULL pointer when reading, resulting in a Denial of Service. The functions ossl_ess_get_signing_cert() and ossl_ess_get_signing_cert_v2() access the signing cert attribute value without validating its type. When the type is not V_ASN1_SEQUENCE, this results in accessing invalid memory through the ASN1_TYPE union, causing a crash. Exploiting this vulnerability requires an attacker to provide a malformed TimeStamp Response to an application that verifies timestamp responses. The TimeStamp protocol (RFC 3161) is not widely used and the impact of the exploit is just a Denial of Service. For these reasons the issue was assessed as Low severity. The FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the TimeStamp Response implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue. OpenSSL 1.0.2 is not affected by this issue.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-69420", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1w-0+deb11u5" }, "3cBlPR7Tm4BIC/+wflldAg==": { "id": "3cBlPR7Tm4BIC/+wflldAg==", "updater": "debian/updater", "name": "CVE-2024-12243", "description": "A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to send a specially crafted certificate, causing GnuTLS to become unresponsive or slow, resulting in a denial-of-service condition.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-12243", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "gnutls28", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "3.7.1-5+deb11u7" }, "5+uzHCKkmvMK8jl2uJkFqQ==": { "id": "5+uzHCKkmvMK8jl2uJkFqQ==", "updater": "debian/updater", "name": "CVE-2026-32777", "description": "libexpat before 2.7.5 allows an infinite loop while parsing DTD content.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-32777", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "59rfj7X7Q9O1jyg5L5a5zQ==": { "id": "59rfj7X7Q9O1jyg5L5a5zQ==", "updater": "debian/updater", "name": "CVE-2024-37370", "description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-37370", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "krb5", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.18.3-6+deb11u5" }, "5Cmp5KJXv+nVwwcs5/Kz7w==": { "id": "5Cmp5KJXv+nVwwcs5/Kz7w==", "updater": "debian/updater", "name": "CVE-2024-50602", "description": "An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-50602", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "2.2.10-2+deb11u7" }, "5IA1PesIyj05J2Yx0YB4tQ==": { "id": "5IA1PesIyj05J2Yx0YB4tQ==", "updater": "osv/pypi", "name": "ECHO-3d34-cec5-cf72", "description": "", "issued": "2026-01-23T11:00:38Z", "links": "https://advisory.echohq.com/cve/CVE-2026-24049", "severity": "", "normalized_severity": "Unknown", "package": { "id": "", "name": "wheel", "version": "", "kind": "binary", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "pypi", "uri": "https://pypi.org/", "cpe": "" }, "fixed_in_version": "fixed=0.45.1%2Becho.1" }, "5OqCQlhu6kV+tAsgGEGuwQ==": { "id": "5OqCQlhu6kV+tAsgGEGuwQ==", "updater": "debian/updater", "name": "CVE-2026-27171", "description": "zlib before 1.3.2 allows CPU consumption via crc32_combine64 and crc32_combine_gen64 because x2nmodp can do right shifts within a loop that has no termination condition.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-27171", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "zlib", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "5rGwN3bKZLMvxcM/W4jj+A==": { "id": "5rGwN3bKZLMvxcM/W4jj+A==", "updater": "debian/updater", "name": "CVE-2026-29111", "description": "systemd, a system and service manager, (as PID 1) hits an assert and freezes execution when an unprivileged IPC API call is made with spurious data. On version v249 and older the effect is not an assert, but stack overwriting, with the attacker controlled content. From version v250 and newer this is not possible as the safety check causes an assert instead. This IPC call was added in v239, so versions older than that are not affected. Versions 260-rc1, 259.2, 258.5, and 257.11 contain patches. No known workarounds are available.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-29111", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "247.3-7+deb11u8" }, "6j23t/n6B77cQMxfCeLKzA==": { "id": "6j23t/n6B77cQMxfCeLKzA==", "updater": "debian/updater", "name": "CVE-2024-12133", "description": "A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate, causing a denial of service attack.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-12133", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "libtasn1-6", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "4.16.0-2+deb11u2" }, "6jg3v7lJ92IZCQpZydR2sA==": { "id": "6jg3v7lJ92IZCQpZydR2sA==", "updater": "debian/updater", "name": "CVE-2024-28757", "description": "libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-28757", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "7DtFnnE8FjIpCQKunutpeg==": { "id": "7DtFnnE8FjIpCQKunutpeg==", "updater": "debian/updater", "name": "CVE-2020-16156", "description": "CPAN 2.28 allows Signature Verification Bypass.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2020-16156", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "perl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "5.32.1-4+deb11u4" }, "9JIazCQjSvYhpG9KE6d7Pg==": { "id": "9JIazCQjSvYhpG9KE6d7Pg==", "updater": "debian/updater", "name": "CVE-2025-8058", "description": "The regcomp function in the GNU C library version from 2.4 to 2.41 is subject to a double free if some previous allocation fails. It can be accomplished either by a malloc failure or by using an interposed malloc that injects random malloc failures. The double free can allow buffer manipulation depending of how the regex is constructed. This issue affects all architectures and ABIs supported by the GNU C library.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-8058", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "9ThuL3zLKpmduvKpiDZ60w==": { "id": "9ThuL3zLKpmduvKpiDZ60w==", "updater": "debian/updater", "name": "CVE-2026-24515", "description": "In libexpat before 2.7.4, XML_ExternalEntityParserCreate does not copy unknown encoding handler user data.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-24515", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "9sNDKQtqg7Z3gJr//JQlvg==": { "id": "9sNDKQtqg7Z3gJr//JQlvg==", "updater": "debian/updater", "name": "CVE-2025-32990", "description": "A heap-buffer-overflow (off-by-one) flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds (OOB) NULL pointer write, resulting in memory corruption and a denial-of-service (DoS) that could potentially crash the system.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-32990", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "gnutls28", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "3.7.1-5+deb11u8" }, "9xk1p07t4ZV999E3HyfhVA==": { "id": "9xk1p07t4ZV999E3HyfhVA==", "updater": "debian/updater", "name": "CVE-2026-5704", "description": "A flaw was found in tar. A remote attacker could exploit this vulnerability by crafting a malicious archive, leading to hidden file injection with fully attacker-controlled content. This bypasses pre-extraction inspection mechanisms, potentially allowing an attacker to introduce malicious files onto a system without detection.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-5704", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "tar", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "ANq7+l7+5U6IDt9eU02u5w==": { "id": "ANq7+l7+5U6IDt9eU02u5w==", "updater": "debian/updater", "name": "CVE-2022-3219", "description": "GnuPG can be made to spin on a relatively small input by (for example) crafting a public key with thousands of signatures attached, compressed down to just a few KB.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2022-3219", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "ASrdm9EROwWp9Ip2w7HH5w==": { "id": "ASrdm9EROwWp9Ip2w7HH5w==", "updater": "debian/updater", "name": "CVE-2022-3821", "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2022-3821", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "247.3-7+deb11u2" }, "AvPdNumiwGnBie+lo1du3A==": { "id": "AvPdNumiwGnBie+lo1du3A==", "updater": "debian/updater", "name": "CVE-2023-31486", "description": "HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-31486", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "perl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "B78vSIll2muNDyY3F7urzw==": { "id": "B78vSIll2muNDyY3F7urzw==", "updater": "debian/updater", "name": "CVE-2026-34743", "description": "XZ Utils provide a general-purpose data-compression library plus command-line tools. Prior to version 5.8.3, if lzma_index_decoder() was used to decode an Index that contained no Records, the resulting lzma_index was left in a state where where a subsequent lzma_index_append() would allocate too little memory, and a buffer overflow would occur. This issue has been patched in version 5.8.3.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-34743", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "xz-utils", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "Ba+eHoq0U7aq9Kxwg98r8Q==": { "id": "Ba+eHoq0U7aq9Kxwg98r8Q==", "updater": "debian/updater", "name": "CVE-2025-8941", "description": "A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a \"complete\" fix for CVE-2025-6020.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-8941", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "pam", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "BtqRPc7F47wJWygPNOxw1w==": { "id": "BtqRPc7F47wJWygPNOxw1w==", "updater": "debian/updater", "name": "CVE-2026-32778", "description": "libexpat before 2.7.5 allows a NULL pointer dereference in the function setContext on retry after an earlier ouf-of-memory condition.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-32778", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "BxMnseA9J6OW2RWxSrlbyQ==": { "id": "BxMnseA9J6OW2RWxSrlbyQ==", "updater": "debian/updater", "name": "CVE-2021-36690", "description": "A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report because a sqlite3.exe user already has full privileges (e.g., is intentionally allowed to execute commands). This report does NOT imply any problem in the SQLite library.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2021-36690", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "sqlite3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "3.34.1-3+deb11u1" }, "CaLsKNvkpKlxKVBlUnje9Q==": { "id": "CaLsKNvkpKlxKVBlUnje9Q==", "updater": "debian/updater", "name": "CVE-2021-36087", "description": "The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2021-36087", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "libsepol", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "3.1-1+deb11u1" }, "CfS0L/tTata7W0FXXtQ4EQ==": { "id": "CfS0L/tTata7W0FXXtQ4EQ==", "updater": "debian/updater", "name": "CVE-2026-4438", "description": "Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the caller in violation of the DNS specification.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-4438", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "CtYegggqGbMfg16G/qfITQ==": { "id": "CtYegggqGbMfg16G/qfITQ==", "updater": "debian/updater", "name": "CVE-2013-4235", "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2013-4235", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "shadow", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "DJOf0vCfrT4GvRr/tBJhbg==": { "id": "DJOf0vCfrT4GvRr/tBJhbg==", "updater": "debian/updater", "name": "CVE-2024-33601", "description": "nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a memory allocation failure resulting in a denial of service to the clients. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-33601", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "2.31-13+deb11u10" }, "DRKFIYYNzLumACBV1CW/rw==": { "id": "DRKFIYYNzLumACBV1CW/rw==", "updater": "debian/updater", "name": "CVE-2022-35737", "description": "SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2022-35737", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "sqlite3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "DS2nhayHHtinLlFzZheSwg==": { "id": "DS2nhayHHtinLlFzZheSwg==", "updater": "debian/updater", "name": "CVE-2025-66382", "description": "In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-66382", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "DfxJWBpJUY1aHu0ZUSilDg==": { "id": "DfxJWBpJUY1aHu0ZUSilDg==", "updater": "debian/updater", "name": "CVE-2018-6829", "description": "cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for Libgcrypt's ElGamal implementation.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2018-6829", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "libgcrypt20", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "DkvPjH9ZM3anH55rsU+i3w==": { "id": "DkvPjH9ZM3anH55rsU+i3w==", "updater": "debian/updater", "name": "CVE-2026-41080", "description": "libexpat before 2.7.6 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-41080", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "ELw1b1vO2YOtV7qNQijgCw==": { "id": "ELw1b1vO2YOtV7qNQijgCw==", "updater": "debian/updater", "name": "CVE-2026-4437", "description": "Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from the configured DNS server, result in a violation of the DNS specification that causes the application to treat a non-answer section of the DNS response as a valid answer.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-4437", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "EYo03ICovWfCjw2cKpwx4Q==": { "id": "EYo03ICovWfCjw2cKpwx4Q==", "updater": "debian/updater", "name": "CVE-2005-2541", "description": "Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2005-2541", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "tar", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "EajCJi704nU1+LqESNMC1w==": { "id": "EajCJi704nU1+LqESNMC1w==", "updater": "debian/updater", "name": "CVE-2024-0727", "description": "Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summary: Applications loading files in the PKCS12 format from untrusted sources might terminate abruptly. A file in PKCS12 format can contain certificates and keys and may come from an untrusted source. The PKCS12 specification allows certain fields to be NULL, but OpenSSL does not correctly check for this case. This can lead to a NULL pointer dereference that results in OpenSSL crashing. If an application processes PKCS12 files from an untrusted source using the OpenSSL APIs then that application will be vulnerable to this issue. OpenSSL APIs that are vulnerable to this are: PKCS12_parse(), PKCS12_unpack_p7data(), PKCS12_unpack_p7encdata(), PKCS12_unpack_authsafes() and PKCS12_newpass(). We have also fixed a similar issue in SMIME_write_PKCS7(). However since this function is related to writing data we do not consider it security significant. The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-0727", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1w-0+deb11u2" }, "EvarhwbaAMrD3meGYFByGg==": { "id": "EvarhwbaAMrD3meGYFByGg==", "updater": "debian/updater", "name": "CVE-2023-50495", "description": "NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-50495", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "F0zkrLGlbsix59P9mqoAOg==": { "id": "F0zkrLGlbsix59P9mqoAOg==", "updater": "debian/updater", "name": "CVE-2025-30258", "description": "In GnuPG before 2.5.5, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that has incorrect usage flags, the user loses the ability to verify signatures made from certain other signing keys, aka a \"verification DoS.\"", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-30258", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "G45dR+E8Wb+bEhCdwuqUDg==": { "id": "G45dR+E8Wb+bEhCdwuqUDg==", "updater": "debian/updater", "name": "CVE-2019-20838", "description": "libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \\X or \\R has more than one fixed quantifier, a related issue to CVE-2019-20454.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2019-20838", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "pcre3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "GPLYq884jQKVksfMc+b7OQ==": { "id": "GPLYq884jQKVksfMc+b7OQ==", "updater": "debian/updater", "name": "CVE-2022-1304", "description": "An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2022-1304", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "e2fsprogs", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.46.2-2+deb11u1" }, "GRlufCZFwHNK64OQNCFIcg==": { "id": "GRlufCZFwHNK64OQNCFIcg==", "updater": "debian/updater", "name": "CVE-2013-4392", "description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2013-4392", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "GezxxUl3QPWUTitg/VHmlQ==": { "id": "GezxxUl3QPWUTitg/VHmlQ==", "updater": "debian/updater", "name": "CVE-2019-1010024", "description": "GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2019-1010024", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "GmBi7n85v8sX6ItoMSgvlQ==": { "id": "GmBi7n85v8sX6ItoMSgvlQ==", "updater": "debian/updater", "name": "CVE-2025-9230", "description": "Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds write can cause a memory corruption which can have various consequences including a Denial of Service or Execution of attacker-supplied code. Although the consequences of a successful exploit of this vulnerability could be severe, the probability that the attacker would be able to perform it is low. Besides, password based (PWRI) encryption support in CMS messages is very rarely used. For that reason the issue was assessed as Moderate severity according to our Security Policy. The FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this issue, as the CMS implementation is outside the OpenSSL FIPS module boundary.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-9230", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1w-0+deb11u4" }, "HuTBrVHKx7uaMtQjiqifKQ==": { "id": "HuTBrVHKx7uaMtQjiqifKQ==", "updater": "debian/updater", "name": "CVE-2024-0567", "description": "A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to initiate a denial of service attack.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-0567", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "gnutls28", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "3.7.1-5+deb11u5" }, "IJPGr43VMeLym6tW3EWgdg==": { "id": "IJPGr43VMeLym6tW3EWgdg==", "updater": "debian/updater", "name": "CVE-2024-8176", "description": "A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-8176", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "IvA5abshk33BAuuBar/pVQ==": { "id": "IvA5abshk33BAuuBar/pVQ==", "updater": "debian/updater", "name": "CVE-2024-45492", "description": "An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX).", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-45492", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "2.2.10-2+deb11u6" }, "IwuADin5bagOGQErETBgWw==": { "id": "IwuADin5bagOGQErETBgWw==", "updater": "debian/updater", "name": "CVE-2026-4046", "description": "The iconv() function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely crash an application. This vulnerability can be trivially mitigated by removing the IBM1390 and IBM1399 character sets from systems that do not need them.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-4046", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "Jl0PQIP9L3ufSvQ2j71iww==": { "id": "Jl0PQIP9L3ufSvQ2j71iww==", "updater": "osv/pypi", "name": "GHSA-r9hx-vwmv-q579", "description": "pypa/setuptools vulnerable to Regular Expression Denial of Service (ReDoS)", "issued": "2022-12-23T00:30:23Z", "links": "https://nvd.nist.gov/vuln/detail/CVE-2022-40897 https://github.com/pypa/setuptools/issues/3659 https://github.com/pypa/setuptools/commit/43a9c9bfa6aa626ec2a22540bea28d2ca77964be https://setuptools.pypa.io/en/latest https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20230214-0001 https://pyup.io/vulnerabilities/CVE-2022-40897/52495 https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YNA2BAH2ACBZ4TVJZKFLCR7L23BG5C3H https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ADES3NLOE5QJKBLGNZNI2RGVOSQXA37R https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YNA2BAH2ACBZ4TVJZKFLCR7L23BG5C3H https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ADES3NLOE5QJKBLGNZNI2RGVOSQXA37R https://lists.debian.org/debian-lts-announce/2024/09/msg00018.html https://github.com/pypa/setuptools/compare/v65.5.0...v65.5.1 https://github.com/pypa/setuptools/blob/fe8a98e696241487ba6ac9f91faa38ade939ec5d/setuptools/package_index.py#L200 https://github.com/pypa/setuptools https://github.com/pypa/advisory-database/tree/main/vulns/setuptools/PYSEC-2022-43012.yaml", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "High", "package": { "id": "", "name": "setuptools", "version": "", "kind": "binary", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "pypi", "uri": "https://pypi.org/", "cpe": "" }, "fixed_in_version": "fixed=65.5.1" }, "KLrAiYCJHdmWQ2RaqUywlA==": { "id": "KLrAiYCJHdmWQ2RaqUywlA==", "updater": "debian/updater", "name": "CVE-2022-4304", "description": "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2022-4304", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1n-0+deb11u4" }, "KZ3Jt7zkiM272dGLstI4XA==": { "id": "KZ3Jt7zkiM272dGLstI4XA==", "updater": "debian/updater", "name": "CVE-2013-0340", "description": "expat before version 2.4.0 does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a crafted XML document, aka an XML External Entity (XXE) issue. NOTE: it could be argued that because expat already provides the ability to disable external entity expansion, the responsibility for resolving this issue lies with application developers; according to this argument, this entry should be REJECTed, and each affected application would need its own CVE.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2013-0340", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "KaoEuixR8E5nnpGZ1pG25w==": { "id": "KaoEuixR8E5nnpGZ1pG25w==", "updater": "debian/updater", "name": "CVE-2024-0553", "description": "A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK key exchange, potentially leading to the leakage of sensitive data. CVE-2024-0553 is designated as an incomplete resolution for CVE-2023-5981.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-0553", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "gnutls28", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "3.7.1-5+deb11u5" }, "KvTZOL1MGCoBHaXdBx1RcA==": { "id": "KvTZOL1MGCoBHaXdBx1RcA==", "updater": "debian/updater", "name": "CVE-2024-10041", "description": "A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input (stdin). As this occurs, the attacker can train the branch predictor to execute an ROP chain speculatively. This flaw could result in leaked passwords, such as those found in /etc/shadow while performing authentications.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-10041", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "pam", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "KwgIGMm765S+zvIBAwM9+g==": { "id": "KwgIGMm765S+zvIBAwM9+g==", "updater": "debian/updater", "name": "CVE-2022-4899", "description": "A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2022-4899", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "libzstd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "LD4zPH3rZZkbSPN5ojHClA==": { "id": "LD4zPH3rZZkbSPN5ojHClA==", "updater": "debian/updater", "name": "TEMP-0628843-DBAD28", "description": "", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/TEMP-0628843-DBAD28", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "shadow", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "MDmWztEMrTY+VyVp5c+Fvw==": { "id": "MDmWztEMrTY+VyVp5c+Fvw==", "updater": "debian/updater", "name": "TEMP-0841856-B18BAF", "description": "", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/TEMP-0841856-B18BAF", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "bash", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "MXRm//dBCnWFem5zffvqmA==": { "id": "MXRm//dBCnWFem5zffvqmA==", "updater": "debian/updater", "name": "CVE-2022-3715", "description": "A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. This issue may lead to memory problems.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2022-3715", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "bash", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "MYYkxlB4Ank1zsdIh41apg==": { "id": "MYYkxlB4Ank1zsdIh41apg==", "updater": "debian/updater", "name": "CVE-2024-2961", "description": "The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-2961", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "2.31-13+deb11u9" }, "MdrEi+/OrLlW3zDrheID2Q==": { "id": "MdrEi+/OrLlW3zDrheID2Q==", "updater": "debian/updater", "name": "CVE-2025-59375", "description": "libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-59375", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "Mmh4dm/jzK4QVSJqQVsCDw==": { "id": "Mmh4dm/jzK4QVSJqQVsCDw==", "updater": "debian/updater", "name": "CVE-2026-22796", "description": "Issue summary: A type confusion vulnerability exists in the signature verification of signed PKCS#7 data where an ASN1_TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference when processing malformed PKCS#7 data. Impact summary: An application performing signature verification of PKCS#7 data or calling directly the PKCS7_digest_from_attributes() function can be caused to dereference an invalid or NULL pointer when reading, resulting in a Denial of Service. The function PKCS7_digest_from_attributes() accesses the message digest attribute value without validating its type. When the type is not V_ASN1_OCTET_STRING, this results in accessing invalid memory through the ASN1_TYPE union, causing a crash. Exploiting this vulnerability requires an attacker to provide a malformed signed PKCS#7 to an application that verifies it. The impact of the exploit is just a Denial of Service, the PKCS7 API is legacy and applications should be using the CMS API instead. For these reasons the issue was assessed as Low severity. The FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the PKCS#7 parsing implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-22796", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1w-0+deb11u5" }, "Mnnh2CmlXNNRCBXvqdG9ig==": { "id": "Mnnh2CmlXNNRCBXvqdG9ig==", "updater": "debian/updater", "name": "CVE-2026-28387", "description": "Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may result in a use-after-free and/or double-free on the client side. Impact summary: A use after free can have a range of potential consequences such as the corruption of valid data, crashes or execution of arbitrary code. However, the issue only affects clients that make use of TLSA records with both the PKIX-TA(0/PKIX-EE(1) certificate usages and the DANE-TA(2) certificate usage. By far the most common deployment of DANE is in SMTP MTAs for which RFC7672 recommends that clients treat as 'unusable' any TLSA records that have the PKIX certificate usages. These SMTP (or other similar) clients are not vulnerable to this issue. Conversely, any clients that support only the PKIX usages, and ignore the DANE-TA(2) usage are also not vulnerable. The client would also need to be communicating with a server that publishes a TLSA RRset with both types of TLSA records. No FIPS modules are affected by this issue, the problem code is outside the FIPS module boundary.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-28387", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "Mxv06g47iCk7QIqi7Xbojw==": { "id": "Mxv06g47iCk7QIqi7Xbojw==", "updater": "debian/updater", "name": "CVE-2023-45853", "description": "MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an affected zlib version, and exposes the applicable MiniZip code through its compress API.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-45853", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "zlib", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "NYWveHKKsIYIKl+vE8UEhw==": { "id": "NYWveHKKsIYIKl+vE8UEhw==", "updater": "debian/updater", "name": "TEMP-0517018-A83CE6", "description": "", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/TEMP-0517018-A83CE6", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "sysvinit", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "Ns8JH9Yqo6xZiGzihN4B3g==": { "id": "Ns8JH9Yqo6xZiGzihN4B3g==", "updater": "debian/updater", "name": "CVE-2024-22365", "description": "linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-22365", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "pam", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.4.0-9+deb11u2" }, "Nzgd66Rt/zG5Z8ZfbjecYA==": { "id": "Nzgd66Rt/zG5Z8ZfbjecYA==", "updater": "debian/updater", "name": "CVE-2024-26461", "description": "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-26461", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "krb5", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "OB48XTRaksNPWPm0dVHJmQ==": { "id": "OB48XTRaksNPWPm0dVHJmQ==", "updater": "debian/updater", "name": "CVE-2025-3576", "description": "A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This may lead to unauthorized message tampering.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-3576", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "krb5", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.18.3-6+deb11u7" }, "OTqcMsspao5I6JZMETZ06w==": { "id": "OTqcMsspao5I6JZMETZ06w==", "updater": "debian/updater", "name": "CVE-2026-0915", "description": "Calling getnetbyaddr or getnetbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend for networks and queries for a zero-valued network in the GNU C Library version 2.0 to version 2.42 can leak stack contents to the configured DNS resolver.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-0915", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "P4mYk7npVU6t91mlbAb8QA==": { "id": "P4mYk7npVU6t91mlbAb8QA==", "updater": "debian/updater", "name": "CVE-2024-2511", "description": "Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem can occur in TLSv1.3 if the non-default SSL_OP_NO_TICKET option is being used (but not if early_data support is also configured and the default anti-replay protection is in use). In this case, under certain conditions, the session cache can get into an incorrect state and it will fail to flush properly as it fills. The session cache will continue to grow in an unbounded manner. A malicious client could deliberately create the scenario for this failure to force a Denial of Service. It may also happen by accident in normal operation. This issue only affects TLS servers supporting TLSv1.3. It does not affect TLS clients. The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue. OpenSSL 1.0.2 is also not affected by this issue.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-2511", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1w-0+deb11u2" }, "PJI8cpGpF5+qVan9H5W87Q==": { "id": "PJI8cpGpF5+qVan9H5W87Q==", "updater": "debian/updater", "name": "CVE-2024-28085", "description": "wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-28085", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "util-linux", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "2.36.1-8+deb11u2" }, "PUY4fn57nsAU2qBLtgRtdw==": { "id": "PUY4fn57nsAU2qBLtgRtdw==", "updater": "osv/pypi", "name": "GHSA-6vgw-5pg2-w6jp", "description": "pip Path Traversal vulnerability", "issued": "2026-02-02T15:30:34Z", "links": "https://nvd.nist.gov/vuln/detail/CVE-2026-1703 https://github.com/pypa/pip/pull/13777 https://github.com/pypa/pip/commit/8e227a9be4faa9594e05d02ca05a413a2a4e7735 https://github.com/pypa/pip https://mail.python.org/archives/list/security-announce@python.org/thread/WIEA34D4TABF2UNQJAOMXKCICSPBE2DJ", "severity": "LOW", "normalized_severity": "Low", "package": { "id": "", "name": "pip", "version": "", "kind": "binary", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "pypi", "uri": "https://pypi.org/", "cpe": "" }, "fixed_in_version": "fixed=26.0" }, "Pj9V3uC2c9o+P6lTpzzGeA==": { "id": "Pj9V3uC2c9o+P6lTpzzGeA==", "updater": "osv/pypi", "name": "PYSEC-2025-49", "description": "", "issued": "2025-05-17T16:15:19Z", "links": "https://github.com/pypa/setuptools/security/advisories/GHSA-5rjg-fvgr-3xxf https://lists.debian.org/debian-lts-announce/2025/05/msg00035.html https://github.com/pypa/setuptools/issues/4946 https://github.com/pypa/setuptools/commit/250a6d17978f9f6ac3ac887091f2d32886fbbb0b https://github.com/pypa/setuptools/blob/6ead555c5fb29bc57fe6105b1bffc163f56fd558/setuptools/package_index.py#L810C1-L825C88", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "setuptools", "version": "", "kind": "binary", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "pypi", "uri": "https://pypi.org/", "cpe": "" }, "fixed_in_version": "fixed=78.1.1" }, "QEROZuK4q+zt8UbP6ZV8wg==": { "id": "QEROZuK4q+zt8UbP6ZV8wg==", "updater": "debian/updater", "name": "CVE-2025-69418", "description": "Issue summary: When using the low-level OCB API directly with AES-NI or\u003cbr\u003eother hardware-accelerated code paths, inputs whose length is not a multiple\u003cbr\u003eof 16 bytes can leave the final partial block unencrypted and unauthenticated.\u003cbr\u003e\u003cbr\u003eImpact summary: The trailing 1-15 bytes of a message may be exposed in\u003cbr\u003ecleartext on encryption and are not covered by the authentication tag,\u003cbr\u003eallowing an attacker to read or tamper with those bytes without detection.\u003cbr\u003e\u003cbr\u003eThe low-level OCB encrypt and decrypt routines in the hardware-accelerated\u003cbr\u003estream path process full 16-byte blocks but do not advance the input/output\u003cbr\u003epointers. The subsequent tail-handling code then operates on the original\u003cbr\u003ebase pointers, effectively reprocessing the beginning of the buffer while\u003cbr\u003eleaving the actual trailing bytes unprocessed. The authentication checksum\u003cbr\u003ealso excludes the true tail bytes.\u003cbr\u003e\u003cbr\u003eHowever, typical OpenSSL consumers using EVP are not affected because the\u003cbr\u003ehigher-level EVP and provider OCB implementations split inputs so that full\u003cbr\u003eblocks and trailing partial blocks are processed in separate calls, avoiding\u003cbr\u003ethe problematic code path. Additionally, TLS does not use OCB ciphersuites.\u003cbr\u003eThe vulnerability only affects applications that call the low-level\u003cbr\u003eCRYPTO_ocb128_encrypt() or CRYPTO_ocb128_decrypt() functions directly with\u003cbr\u003enon-block-aligned lengths in a single call on hardware-accelerated builds.\u003cbr\u003eFor these reasons the issue was assessed as Low severity.\u003cbr\u003e\u003cbr\u003eThe FIPS modules in 3.6, 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected\u003cbr\u003eby this issue, as OCB mode is not a FIPS-approved algorithm.\u003cbr\u003e\u003cbr\u003eOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue.\u003cbr\u003e\u003cbr\u003eOpenSSL 1.0.2 is not affected by this issue.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-69418", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1w-0+deb11u5" }, "QGq5D5QwQKPerzYOBVoSsg==": { "id": "QGq5D5QwQKPerzYOBVoSsg==", "updater": "osv/pypi", "name": "GHSA-cx63-2mw6-8hw5", "description": "setuptools vulnerable to Command Injection via package URL", "issued": "2024-07-15T03:30:57Z", "links": "https://nvd.nist.gov/vuln/detail/CVE-2024-6345 https://github.com/pypa/setuptools/pull/4332 https://github.com/pypa/setuptools/commit/88807c7062788254f654ea8c03427adc859321f0 https://github.com/pypa/setuptools https://huntr.com/bounties/d6362117-ad57-4e83-951f-b8141c6e7ca5 https://lists.debian.org/debian-lts-announce/2024/09/msg00018.html", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "setuptools", "version": "", "kind": "binary", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "pypi", "uri": "https://pypi.org/", "cpe": "" }, "fixed_in_version": "fixed=70.0.0" }, "Qd2XnJZ3qaQ3AbyDXUaR2A==": { "id": "Qd2XnJZ3qaQ3AbyDXUaR2A==", "updater": "osv/pypi", "name": "PYSEC-2022-43012", "description": "", "issued": "2022-12-23T00:15:00Z", "links": "https://github.com/pypa/setuptools/blob/fe8a98e696241487ba6ac9f91faa38ade939ec5d/setuptools/package_index.py#L200 https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages/ https://github.com/pypa/setuptools/compare/v65.5.0...v65.5.1 https://github.com/pypa/setuptools/commit/43a9c9bfa6aa626ec2a22540bea28d2ca77964be https://pyup.io/vulnerabilities/CVE-2022-40897/52495/", "severity": "", "normalized_severity": "Unknown", "package": { "id": "", "name": "setuptools", "version": "", "kind": "binary", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "pypi", "uri": "https://pypi.org/", "cpe": "" }, "fixed_in_version": "fixed=65.5.1" }, "QopvyNp/5Ata9NdAUhFygw==": { "id": "QopvyNp/5Ata9NdAUhFygw==", "updater": "debian/updater", "name": "CVE-2025-5278", "description": "A flaw was found in GNU Coreutils. The sort utility's begfield() function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitive data.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-5278", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "coreutils", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "SNR1VT02i1HBHxqGRTeBAQ==": { "id": "SNR1VT02i1HBHxqGRTeBAQ==", "updater": "debian/updater", "name": "CVE-2025-9820", "description": "A flaw was found in the GnuTLS library, specifically in the gnutls_pkcs11_token_init() function that handles PKCS#11 token initialization. When a token label longer than expected is processed, the function writes past the end of a fixed-size stack buffer. This programming error can cause the application using GnuTLS to crash or, in certain conditions, be exploited for code execution. As a result, systems or applications relying on GnuTLS may be vulnerable to a denial of service or local privilege escalation attacks.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-9820", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "gnutls28", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "3.7.1-5+deb11u9" }, "T2SiDOPpMK0bU0Y0qkOm1A==": { "id": "T2SiDOPpMK0bU0Y0qkOm1A==", "updater": "debian/updater", "name": "CVE-2019-1010025", "description": "GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is \"ASLR bypass itself is not a vulnerability.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2019-1010025", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "T4I8pNAq5VIHzHdHBx3kMA==": { "id": "T4I8pNAq5VIHzHdHBx3kMA==", "updater": "debian/updater", "name": "CVE-2025-24528", "description": "In MIT Kerberos 5 (aka krb5) before 1.22 (with incremental propagation), there is an integer overflow for a large update size to resize() in kdb_log.c. An authenticated attacker can cause an out-of-bounds write and kadmind daemon crash.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-24528", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "krb5", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.18.3-6+deb11u6" }, "TN8d5UGyH2D+dtBNYjKyKg==": { "id": "TN8d5UGyH2D+dtBNYjKyKg==", "updater": "osv/pypi", "name": "ECHO-ffe1-1d3c-d9bc", "description": "", "issued": "2025-09-25T13:30:24Z", "links": "https://advisory.echohq.com/cve/CVE-2025-8869", "severity": "", "normalized_severity": "Unknown", "package": { "id": "", "name": "pip", "version": "", "kind": "binary", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "pypi", "uri": "https://pypi.org/", "cpe": "" }, "fixed_in_version": "fixed=25.2%2Becho.1" }, "Tcuyjettc5LT9G5wj3mSxw==": { "id": "Tcuyjettc5LT9G5wj3mSxw==", "updater": "debian/updater", "name": "CVE-2022-4450", "description": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the \"name\" (e.g. \"CERTIFICATE\"), any header data and the payload data. If the function succeeds then the \"name_out\", \"header\" and \"data\" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2022-4450", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1n-0+deb11u4" }, "TgHh5yPuwUnIt8v9WawGYw==": { "id": "TgHh5yPuwUnIt8v9WawGYw==", "updater": "debian/updater", "name": "CVE-2025-6141", "description": "A vulnerability has been found in GNU ncurses up to 6.5-20250322 and classified as problematic. This vulnerability affects the function postprocess_termcap of the file tinfo/parse_entry.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. Upgrading to version 6.5-20250329 is able to address this issue. It is recommended to upgrade the affected component.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-6141", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "U3JbUhrT2SqWNuYU5d13cQ==": { "id": "U3JbUhrT2SqWNuYU5d13cQ==", "updater": "debian/updater", "name": "CVE-2021-33560", "description": "Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2021-33560", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "libgcrypt20", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "U5598afGvRaltva6Rjqnug==": { "id": "U5598afGvRaltva6Rjqnug==", "updater": "debian/updater", "name": "CVE-2026-4105", "description": "A flaw was found in systemd. The systemd-machined service contains an Improper Access Control vulnerability due to insufficient validation of the class parameter in the RegisterMachine D-Bus (Desktop Bus) method. A local unprivileged user can exploit this by attempting to register a machine with a specific class value, which may leave behind a usable, attacker-controlled machine object. This allows the attacker to invoke methods on the privileged object, leading to the execution of arbitrary commands with root privileges on the host system.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-4105", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "247.3-7+deb11u8" }, "Ud6njM/DPIrfSPiFct82Lw==": { "id": "Ud6njM/DPIrfSPiFct82Lw==", "updater": "debian/updater", "name": "CVE-2023-52426", "description": "libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-52426", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "UdV1OleGh/0MAkug0ZAlcQ==": { "id": "UdV1OleGh/0MAkug0ZAlcQ==", "updater": "debian/updater", "name": "CVE-2026-25210", "description": "In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-25210", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "VzolVkOS5HseGzVTLzDMfA==": { "id": "VzolVkOS5HseGzVTLzDMfA==", "updater": "debian/updater", "name": "CVE-2023-39804", "description": "In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-39804", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "tar", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.34+dfsg-1+deb11u1" }, "WCGqond4znYKCRcm4xyPrg==": { "id": "WCGqond4znYKCRcm4xyPrg==", "updater": "debian/updater", "name": "CVE-2007-5686", "description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2007-5686", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "shadow", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "WG/hQnqUufOh6/5/mlRi/Q==": { "id": "WG/hQnqUufOh6/5/mlRi/Q==", "updater": "debian/updater", "name": "CVE-2023-31439", "description": "An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent \"a reply denying that any of the finding was a security vulnerability.\"", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-31439", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "WHvU12ysgz1Ai1y1KSOiLA==": { "id": "WHvU12ysgz1Ai1y1KSOiLA==", "updater": "debian/updater", "name": "CVE-2024-33599", "description": "nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-33599", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "2.31-13+deb11u10" }, "WWnQMI7f7f75SgC9Dcl+QQ==": { "id": "WWnQMI7f7f75SgC9Dcl+QQ==", "updater": "debian/updater", "name": "TEMP-0290435-0B57B5", "description": "", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/TEMP-0290435-0B57B5", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "tar", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "WcYPrwv9PSVoVoof5MRsxQ==": { "id": "WcYPrwv9PSVoVoof5MRsxQ==", "updater": "osv/pypi", "name": "PYSEC-2023-228", "description": "", "issued": "2023-10-25T18:17:00Z", "links": "https://mail.python.org/archives/list/security-announce@python.org/thread/F4PL35U6X4VVHZ5ILJU3PWUWN7H7LZXL/ https://github.com/pypa/pip/pull/12306", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "pip", "version": "", "kind": "binary", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "pypi", "uri": "https://pypi.org/", "cpe": "" }, "fixed_in_version": "fixed=23.3" }, "WxlxRC1KqAo8Mejv03fZGA==": { "id": "WxlxRC1KqAo8Mejv03fZGA==", "updater": "debian/updater", "name": "CVE-2025-68972", "description": "In GnuPG through 2.4.8, if a signed message has \\f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an \"invalid armor\" message is printed during verification). This is related to use of \\f as a marker to denote truncation of a long plaintext line.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-68972", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "Xce4H7xsVfrtYV2aXED7xA==": { "id": "Xce4H7xsVfrtYV2aXED7xA==", "updater": "debian/updater", "name": "CVE-2017-18018", "description": "In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX \"-R -L\" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2017-18018", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "coreutils", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "XtT5+z5+yMbpdsyfkLItzA==": { "id": "XtT5+z5+yMbpdsyfkLItzA==", "updater": "debian/updater", "name": "CVE-2025-6395", "description": "A NULL pointer dereference flaw was found in the GnuTLS software in _gnutls_figure_common_ciphersuite().", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-6395", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "gnutls28", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "3.7.1-5+deb11u8" }, "Y++3+aMTeU3vX7BI4/zG6w==": { "id": "Y++3+aMTeU3vX7BI4/zG6w==", "updater": "debian/updater", "name": "CVE-2025-14831", "description": "A flaw was found in GnuTLS. This vulnerability allows a denial of service (DoS) by excessive CPU (Central Processing Unit) and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names (SANs).", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-14831", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "gnutls28", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "3.7.1-5+deb11u9" }, "Y4A2Zm5xcsipvfluZVH5fA==": { "id": "Y4A2Zm5xcsipvfluZVH5fA==", "updater": "debian/updater", "name": "CVE-2026-0861", "description": "Passing too large an alignment to the memalign suite of functions (memalign, posix_memalign, aligned_alloc) in the GNU C Library version 2.30 to 2.42 may result in an integer overflow, which could consequently result in a heap corruption. Note that the attacker must have control over both, the size as well as the alignment arguments of the memalign function to be able to exploit this. The size parameter must be close enough to PTRDIFF_MAX so as to overflow size_t along with the large alignment argument. This limits the malicious inputs for the alignment for memalign to the range [1\u003c\u003c62+ 1, 1\u003c\u003c63] and exactly 1\u003c\u003c63 for posix_memalign and aligned_alloc. Typically the alignment argument passed to such functions is a known constrained quantity (e.g. page size, block size, struct sizes) and is not attacker controlled, because of which this may not be easily exploitable in practice. An application bug could potentially result in the input alignment being too large, e.g. due to a different buffer overflow or integer overflow in the application or its dependent libraries, but that is again an uncommon usage pattern given typical sources of alignments.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-0861", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "YXTNVVKQsWY/LFuomB715g==": { "id": "YXTNVVKQsWY/LFuomB715g==", "updater": "debian/updater", "name": "CVE-2025-13151", "description": "Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a buffer overflow in asn1_expend_octet_string.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-13151", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "libtasn1-6", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "ZbWtFXr0WyByV4kCb3M6FA==": { "id": "ZbWtFXr0WyByV4kCb3M6FA==", "updater": "debian/updater", "name": "CVE-2023-5981", "description": "A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-5981", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "gnutls28", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "3.7.1-5+deb11u4" }, "ZdGgPSEZdeQ3XJo0+ZpAXQ==": { "id": "ZdGgPSEZdeQ3XJo0+ZpAXQ==", "updater": "debian/updater", "name": "CVE-2019-1010023", "description": "GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2019-1010023", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "ZrZi02myDWWW0L5oPQj/cg==": { "id": "ZrZi02myDWWW0L5oPQj/cg==", "updater": "debian/updater", "name": "CVE-2017-11164", "description": "In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2017-11164", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "pcre3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "ZxTVeoHgmvhWXsV+xLzphA==": { "id": "ZxTVeoHgmvhWXsV+xLzphA==", "updater": "debian/updater", "name": "CVE-2023-4813", "description": "A flaw has been identified in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-4813", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "aWm6E1ULjtuw0ydmFnsI4A==": { "id": "aWm6E1ULjtuw0ydmFnsI4A==", "updater": "debian/updater", "name": "CVE-2025-6297", "description": "It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given automated and repeated execution of dpkg-deb commands on adversarial .deb packages or with well compressible files, placed inside a directory with permissions not allowing removal by a non-root user, this can end up in a DoS scenario due to causing disk quota exhaustion or disk full conditions.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-6297", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "dpkg", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "afNm575eldgXY3DOGUNdqQ==": { "id": "afNm575eldgXY3DOGUNdqQ==", "updater": "debian/updater", "name": "CVE-2026-28388", "description": "Issue summary: When a delta CRL that contains a Delta CRL Indicator extension is processed a NULL pointer dereference might happen if the required CRL Number extension is missing. Impact summary: A NULL pointer dereference can trigger a crash which leads to a Denial of Service for an application. When CRL processing and delta CRL processing is enabled during X.509 certificate verification, the delta CRL processing does not check whether the CRL Number extension is NULL before dereferencing it. When a malformed delta CRL file is being processed, this parameter can be NULL, causing a NULL pointer dereference. Exploiting this issue requires the X509_V_FLAG_USE_DELTAS flag to be enabled in the verification context, the certificate being verified to contain a freshestCRL extension or the base CRL to have the EXFLAG_FRESHEST flag set, and an attacker to provide a malformed CRL to an application that processes it. The vulnerability is limited to Denial of Service and cannot be escalated to achieve code execution or memory disclosure. For that reason the issue was assessed as Low severity according to our Security Policy. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-28388", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "aqMHDRnPT+3QNU/8tSwsog==": { "id": "aqMHDRnPT+3QNU/8tSwsog==", "updater": "debian/updater", "name": "CVE-2019-9192", "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2019-9192", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "b2D8D2g8yPwuRhswdqF0Rw==": { "id": "b2D8D2g8yPwuRhswdqF0Rw==", "updater": "debian/updater", "name": "CVE-2023-3446", "description": "Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. One of those checks confirms that the modulus ('p' parameter) is not too large. Trying to use a very large modulus is slow and OpenSSL will not normally use a modulus which is over 10,000 bits in length. However the DH_check() function checks numerous aspects of the key or parameters that have been supplied. Some of those checks use the supplied modulus value even if it has already been found to be too large. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulernable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the '-check' option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-3446", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1v-0~deb11u1" }, "bBymk1eoEM+tVYB+/Crz+g==": { "id": "bBymk1eoEM+tVYB+/Crz+g==", "updater": "debian/updater", "name": "CVE-2024-28835", "description": "A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the \"certtool --verify-chain\" command.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-28835", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "gnutls28", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "3.7.1-5+deb11u6" }, "bNvH54V1y9cXsGaCXVwFVw==": { "id": "bNvH54V1y9cXsGaCXVwFVw==", "updater": "osv/pypi", "name": "GHSA-5rjg-fvgr-3xxf", "description": "setuptools has a path traversal vulnerability in PackageIndex.download that leads to Arbitrary File Write", "issued": "2025-05-19T16:52:43Z", "links": "https://github.com/pypa/setuptools/security/advisories/GHSA-5rjg-fvgr-3xxf https://nvd.nist.gov/vuln/detail/CVE-2025-47273 https://github.com/pypa/setuptools/issues/4946 https://github.com/pypa/setuptools/commit/250a6d17978f9f6ac3ac887091f2d32886fbbb0b https://github.com/pypa/advisory-database/tree/main/vulns/setuptools/PYSEC-2025-49.yaml https://github.com/pypa/setuptools https://github.com/pypa/setuptools/blob/6ead555c5fb29bc57fe6105b1bffc163f56fd558/setuptools/package_index.py#L810C1-L825C88 https://lists.debian.org/debian-lts-announce/2025/05/msg00035.html", "severity": "HIGH", "normalized_severity": "High", "package": { "id": "", "name": "setuptools", "version": "", "kind": "binary", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "pypi", "uri": "https://pypi.org/", "cpe": "" }, "fixed_in_version": "fixed=78.1.1" }, "bX7iB3AnaRh9Z+itWa3Xyw==": { "id": "bX7iB3AnaRh9Z+itWa3Xyw==", "updater": "debian/updater", "name": "CVE-2026-31789", "description": "Issue summary: Converting an excessively large OCTET STRING value to a hexadecimal string leads to a heap buffer overflow on 32 bit platforms. Impact summary: A heap buffer overflow may lead to a crash or possibly an attacker controlled code execution or other undefined behavior. If an attacker can supply a crafted X.509 certificate with an excessively large OCTET STRING value in extensions such as the Subject Key Identifier (SKID) or Authority Key Identifier (AKID) which are being converted to hex, the size of the buffer needed for the result is calculated as multiplication of the input length by 3. On 32 bit platforms, this multiplication may overflow resulting in the allocation of a smaller buffer and a heap buffer overflow. Applications and services that print or log contents of untrusted X.509 certificates are vulnerable to this issue. As the certificates would have to have sizes of over 1 Gigabyte, printing or logging such certificates is a fairly unlikely operation and only 32 bit platforms are affected, this issue was assigned Low severity. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-31789", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "bZ2m6J3EIvmTdjYJprlOKA==": { "id": "bZ2m6J3EIvmTdjYJprlOKA==", "updater": "debian/updater", "name": "CVE-2021-36085", "description": "The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map).", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2021-36085", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "libsepol", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "3.1-1+deb11u1" }, "bjAyJcmSN59FnAeiA6RMIg==": { "id": "bjAyJcmSN59FnAeiA6RMIg==", "updater": "debian/updater", "name": "CVE-2026-28389", "description": "Issue summary: During processing of a crafted CMS EnvelopedData message with KeyAgreeRecipientInfo a NULL pointer dereference can happen. Impact summary: Applications that process attacker-controlled CMS data may crash before authentication or cryptographic operations occur resulting in Denial of Service. When a CMS EnvelopedData message that uses KeyAgreeRecipientInfo is processed, the optional parameters field of KeyEncryptionAlgorithmIdentifier is examined without checking for its presence. This results in a NULL pointer dereference if the field is missing. Applications and services that call CMS_decrypt() on untrusted input (e.g., S/MIME processing or CMS-based protocols) are vulnerable. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-28389", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "brAAPyN4siIQT5bxa9xu4g==": { "id": "brAAPyN4siIQT5bxa9xu4g==", "updater": "debian/updater", "name": "CVE-2023-47038", "description": "A vulnerability was found in perl 5.30.0 through 5.38.0. This issue occurs when a crafted regular expression is compiled by perl, which can allow an attacker controlled byte buffer overflow in a heap allocated buffer.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-47038", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "perl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "5.32.1-4+deb11u3" }, "c9VxNhSZmjnQmY3rI/q1PA==": { "id": "c9VxNhSZmjnQmY3rI/q1PA==", "updater": "debian/updater", "name": "CVE-2025-15281", "description": "Calling wordexp with WRDE_REUSE in conjunction with WRDE_APPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized memory in the we_wordv member, which on subsequent calls to wordfree may abort the process.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-15281", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "cHpKoxiUOXPYUJX1ihMLDg==": { "id": "cHpKoxiUOXPYUJX1ihMLDg==", "updater": "debian/updater", "name": "CVE-2018-5709", "description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable \"dbentry-\u003en_key_data\" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a \"u4\" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2018-5709", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "krb5", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "cZD87tDO2q60EFy3BAZ33g==": { "id": "cZD87tDO2q60EFy3BAZ33g==", "updater": "debian/updater", "name": "CVE-2023-0464", "description": "A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial-of-service (DoS) attack on affected systems. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-0464", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1n-0+deb11u5" }, "ce9B0jxjyNiCfG4VtZhnVw==": { "id": "ce9B0jxjyNiCfG4VtZhnVw==", "updater": "debian/updater", "name": "CVE-2011-4116", "description": "_is_safe in the File::Temp module for Perl does not properly handle symlinks.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2011-4116", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "perl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "d1D8ilhRqv7A6eAzRE4Ojw==": { "id": "d1D8ilhRqv7A6eAzRE4Ojw==", "updater": "debian/updater", "name": "CVE-2023-29491", "description": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-29491", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "6.2+20201114-2+deb11u2" }, "dFbvYO8avXWxbjXnm5ACqQ==": { "id": "dFbvYO8avXWxbjXnm5ACqQ==", "updater": "debian/updater", "name": "CVE-2023-36054", "description": "lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-36054", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "krb5", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.18.3-6+deb11u4" }, "dUTZP+bcDNUqytJV02E1dQ==": { "id": "dUTZP+bcDNUqytJV02E1dQ==", "updater": "debian/updater", "name": "CVE-2025-6965", "description": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-6965", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "sqlite3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "dZ/H1sYv9QSX9VO93tlGLw==": { "id": "dZ/H1sYv9QSX9VO93tlGLw==", "updater": "osv/pypi", "name": "GHSA-4xh5-x5gv-qwph", "description": "pip's fallback tar extraction doesn't check symbolic links point to extraction directory", "issued": "2025-09-24T15:31:14Z", "links": "https://nvd.nist.gov/vuln/detail/CVE-2025-8869 https://github.com/pypa/pip/pull/13550 https://github.com/pypa/pip/commit/f2b92314da012b9fffa36b3f3e67748a37ef464a https://github.com/pypa/pip https://lists.debian.org/debian-lts-announce/2025/10/msg00028.html https://mail.python.org/archives/list/security-announce@python.org/thread/IF5A3GCJY3VH7BVHJKOWOJFKTW7VFQEN https://pip.pypa.io/en/stable/news/#v25-2", "severity": "MODERATE", "normalized_severity": "Medium", "package": { "id": "", "name": "pip", "version": "", "kind": "binary", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "pypi", "uri": "https://pypi.org/", "cpe": "" }, "fixed_in_version": "fixed=25.3" }, "eietxU2AL+GdeSQwh6n6XA==": { "id": "eietxU2AL+GdeSQwh6n6XA==", "updater": "debian/updater", "name": "CVE-2023-0215", "description": "The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions, for example if a CMS recipient public key is invalid, the new filter BIO is freed and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO then a use-after-free will occur. This will most likely result in a crash. This scenario occurs directly in the internal function B64_write_ASN1() which may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on the BIO. This internal function is in turn called by the public API functions PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. Other public API functions that may be impacted by this include i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and i2d_PKCS7_bio_stream. The OpenSSL cms and smime command line applications are similarly affected.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-0215", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1n-0+deb11u4" }, "epkSU4TSX3BVrueh1mbRzg==": { "id": "epkSU4TSX3BVrueh1mbRzg==", "updater": "debian/updater", "name": "CVE-2024-13176", "description": "Issue summary: A timing side-channel which could potentially allow recovering the private key exists in the ECDSA signature computation. Impact summary: A timing side-channel in ECDSA signature computations could allow recovering the private key by an attacker. However, measuring the timing would require either local access to the signing application or a very fast network connection with low latency. There is a timing signal of around 300 nanoseconds when the top word of the inverted ECDSA nonce value is zero. This can happen with significant probability only for some of the supported elliptic curves. In particular the NIST P-521 curve is affected. To be able to measure this leak, the attacker process must either be located in the same physical computer or must have a very fast network connection with low latency. For that reason the severity of this vulnerability is Low. The FIPS modules in 3.4, 3.3, 3.2, 3.1 and 3.0 are affected by this issue.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-13176", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1w-0+deb11u3" }, "f6s0c0I4Eo7U1vb/8R9ATg==": { "id": "f6s0c0I4Eo7U1vb/8R9ATg==", "updater": "debian/updater", "name": "CVE-2025-6020", "description": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-6020", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "pam", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.4.0-9+deb11u2" }, "fUdim7gaWpwZtynNz5GiKg==": { "id": "fUdim7gaWpwZtynNz5GiKg==", "updater": "debian/updater", "name": "CVE-2023-0361", "description": "A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-0361", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "gnutls28", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "3.7.1-5+deb11u3" }, "fXJD4KsFmfzjgWJPYHqTrQ==": { "id": "fXJD4KsFmfzjgWJPYHqTrQ==", "updater": "debian/updater", "name": "CVE-2019-8457", "description": "SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2019-8457", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "db5.3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "fharKhY7OXyx+gXJAwiegw==": { "id": "fharKhY7OXyx+gXJAwiegw==", "updater": "debian/updater", "name": "CVE-2025-29088", "description": "In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3_db_config (in the C-language API) can cause a denial of service (application crash). An sz*nBig multiplication is not cast to a 64-bit integer, and consequently some memory allocations may be incorrect.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-29088", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "sqlite3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "fkr6aZMLVO7g6mTdU91lcg==": { "id": "fkr6aZMLVO7g6mTdU91lcg==", "updater": "debian/updater", "name": "CVE-2026-3184", "description": "A flaw was found in util-linux. Improper hostname canonicalization in the `login(1)` utility, when invoked with the `-h` option, can modify the supplied remote hostname before setting `PAM_RHOST`. A remote attacker could exploit this by providing a specially crafted hostname, potentially bypassing host-based Pluggable Authentication Modules (PAM) access control rules that rely on fully qualified domain names. This could lead to unauthorized access.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-3184", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "util-linux", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "g44foSnimIkShQZtpEhjbQ==": { "id": "g44foSnimIkShQZtpEhjbQ==", "updater": "debian/updater", "name": "CVE-2011-3389", "description": "The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a \"BEAST\" attack.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2011-3389", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "gnutls28", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "g9KEtrzigl5TCrpvLCQU5A==": { "id": "g9KEtrzigl5TCrpvLCQU5A==", "updater": "debian/updater", "name": "CVE-2025-69419", "description": "Issue summary: Calling PKCS12_get_friendlyname() function on a maliciously crafted PKCS#12 file with a BMPString (UTF-16BE) friendly name containing non-ASCII BMP code point can trigger a one byte write before the allocated buffer. Impact summary: The out-of-bounds write can cause a memory corruption which can have various consequences including a Denial of Service. The OPENSSL_uni2utf8() function performs a two-pass conversion of a PKCS#12 BMPString (UTF-16BE) to UTF-8. In the second pass, when emitting UTF-8 bytes, the helper function bmp_to_utf8() incorrectly forwards the remaining UTF-16 source byte count as the destination buffer capacity to UTF8_putc(). For BMP code points above U+07FF, UTF-8 requires three bytes, but the forwarded capacity can be just two bytes. UTF8_putc() then returns -1, and this negative value is added to the output length without validation, causing the length to become negative. The subsequent trailing NUL byte is then written at a negative offset, causing write outside of heap allocated buffer. The vulnerability is reachable via the public PKCS12_get_friendlyname() API when parsing attacker-controlled PKCS#12 files. While PKCS12_parse() uses a different code path that avoids this issue, PKCS12_get_friendlyname() directly invokes the vulnerable function. Exploitation requires an attacker to provide a malicious PKCS#12 file to be parsed by the application and the attacker can just trigger a one zero byte write before the allocated buffer. For that reason the issue was assessed as Low severity according to our Security Policy. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the PKCS#12 implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue. OpenSSL 1.0.2 is not affected by this issue.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-69419", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1w-0+deb11u5" }, "gMRlXKqXSfP5n8UiPW430Q==": { "id": "gMRlXKqXSfP5n8UiPW430Q==", "updater": "debian/updater", "name": "CVE-2024-33602", "description": "nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory when the NSS callback does not store all strings in the provided buffer. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-33602", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "2.31-13+deb11u10" }, "h35IL7k4erNtmTSolINnjA==": { "id": "h35IL7k4erNtmTSolINnjA==", "updater": "osv/pypi", "name": "ECHO-7db2-03aa-5591", "description": "", "issued": "2026-02-03T08:35:22Z", "links": "https://advisory.echohq.com/cve/CVE-2026-1703", "severity": "", "normalized_severity": "Unknown", "package": { "id": "", "name": "pip", "version": "", "kind": "binary", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "pypi", "uri": "https://pypi.org/", "cpe": "" }, "fixed_in_version": "fixed=25.2%2Becho.1" }, "h7Lhy275V3QLvnBLGAulbw==": { "id": "h7Lhy275V3QLvnBLGAulbw==", "updater": "osv/pypi", "name": "PYSEC-2023-62", "description": "", "issued": "2023-05-02T18:15:00Z", "links": "https://github.com/pallets/flask/commit/70f906c51ce49c485f1d355703e9cc3386b1cc2b https://github.com/pallets/flask/releases/tag/2.3.2 https://github.com/pallets/flask/releases/tag/2.2.5 https://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq https://github.com/pallets/flask/commit/afd63b16170b7c047f5758eb910c416511e9c965", "severity": "", "normalized_severity": "Unknown", "package": { "id": "", "name": "flask", "version": "", "kind": "binary", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "pypi", "uri": "https://pypi.org/", "cpe": "" }, "fixed_in_version": "fixed=2.2.5" }, "hb+m0qlWxENYdrb1R811qA==": { "id": "hb+m0qlWxENYdrb1R811qA==", "updater": "debian/updater", "name": "CVE-2026-32776", "description": "libexpat before 2.7.5 allows a NULL pointer dereference with empty external parameter entity content.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-32776", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "jJNc2KwFwVg03DlaNN1nbA==": { "id": "jJNc2KwFwVg03DlaNN1nbA==", "updater": "debian/updater", "name": "CVE-2023-4806", "description": "A flaw has been identified in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-4806", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "jS/WQ+ua63nFUvjSzoQw1g==": { "id": "jS/WQ+ua63nFUvjSzoQw1g==", "updater": "debian/updater", "name": "CVE-2024-2236", "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-2236", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "libgcrypt20", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "k6VTDL+fxGnbqAk/IPGlnQ==": { "id": "k6VTDL+fxGnbqAk/IPGlnQ==", "updater": "debian/updater", "name": "CVE-2023-29383", "description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that \"cat /etc/passwd\" shows a rogue user account.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-29383", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "shadow", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1:4.8.1-1+deb11u1" }, "k6fjQGJuJ+9NXMFLa5+CgA==": { "id": "k6fjQGJuJ+9NXMFLa5+CgA==", "updater": "debian/updater", "name": "CVE-2016-2781", "description": "chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2016-2781", "severity": "low", "normalized_severity": "Medium", "package": { "id": "", "name": "coreutils", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "k82HOcJqNkts86KJ0glvow==": { "id": "k82HOcJqNkts86KJ0glvow==", "updater": "debian/updater", "name": "CVE-2023-31484", "description": "CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-31484", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "perl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "5.32.1-4+deb11u4" }, "kgqUyyy6Fd5CUNREC3t1jg==": { "id": "kgqUyyy6Fd5CUNREC3t1jg==", "updater": "debian/updater", "name": "CVE-2025-32988", "description": "A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name (SAN) entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1_delete_structure() on an ASN.1 node it does not own, leading to a double-free condition when the parent function or caller later attempts to free the same structure. This vulnerability can be triggered using only public GnuTLS APIs and may result in denial of service or memory corruption, depending on allocator behavior.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-32988", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "gnutls28", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "3.7.1-5+deb11u8" }, "khiBNMMi17UID6UagXI8LA==": { "id": "khiBNMMi17UID6UagXI8LA==", "updater": "debian/updater", "name": "CVE-2021-36086", "description": "The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list).", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2021-36086", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "libsepol", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "3.1-1+deb11u1" }, "kwKUYCnvi/GndNgicLw/RQ==": { "id": "kwKUYCnvi/GndNgicLw/RQ==", "updater": "debian/updater", "name": "CVE-2023-0466", "description": "The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with invalid or incorrect policies to pass the certificate verification. As suddenly enabling the policy check could break existing deployments it was decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() function. Instead the applications that require OpenSSL to perform certificate policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly enable the policy check by calling X509_VERIFY_PARAM_set_flags() with the X509_V_FLAG_POLICY_CHECK flag argument. Certificate policy checks are disabled by default in OpenSSL and are not commonly used by applications.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-0466", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1n-0+deb11u5" }, "kwonOUycdcBenNhjZ1b//Q==": { "id": "kwonOUycdcBenNhjZ1b//Q==", "updater": "osv/pypi", "name": "GHSA-68rp-wp8r-4726", "description": "Flask session does not add `Vary: Cookie` header when accessed in some ways", "issued": "2026-02-19T20:45:41Z", "links": "https://github.com/pallets/flask/security/advisories/GHSA-68rp-wp8r-4726 https://nvd.nist.gov/vuln/detail/CVE-2026-27205 https://github.com/pallets/flask/commit/089cb86dd22bff589a4eafb7ab8e42dc357623b4 https://github.com/pallets/flask https://github.com/pallets/flask/releases/tag/3.1.3", "severity": "LOW", "normalized_severity": "Low", "package": { "id": "", "name": "flask", "version": "", "kind": "binary", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "pypi", "uri": "https://pypi.org/", "cpe": "" }, "fixed_in_version": "fixed=3.1.3" }, "l6iyFrb04z9eZxh35gAtVA==": { "id": "l6iyFrb04z9eZxh35gAtVA==", "updater": "debian/updater", "name": "CVE-2025-0395", "description": "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-0395", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "2.31-13+deb11u12" }, "l8HSGkC4gSxCEUDns7KKfQ==": { "id": "l8HSGkC4gSxCEUDns7KKfQ==", "updater": "debian/updater", "name": "CVE-2011-3374", "description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2011-3374", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "apt", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "lAYsMZ/1tV9arAE2k+zsAQ==": { "id": "lAYsMZ/1tV9arAE2k+zsAQ==", "updater": "debian/updater", "name": "CVE-2023-31437", "description": "An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent \"a reply denying that any of the finding was a security vulnerability.\"", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-31437", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "lShmgiPGgmUIO0VwzhSBRA==": { "id": "lShmgiPGgmUIO0VwzhSBRA==", "updater": "debian/updater", "name": "CVE-2023-2650", "description": "Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJ_obj2txt() directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience notable to very long delays when processing those messages, which may lead to a Denial of Service. An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - most of which have no size limit. OBJ_obj2txt() may be used to translate an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL type ASN1_OBJECT) to its canonical numeric text form, which are the sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by periods. When one of the sub-identifiers in the OBJECT IDENTIFIER is very large (these are sizes that are seen as absurdly large, taking up tens or hundreds of KiBs), the translation to a decimal number in text may take a very long time. The time complexity is O(n^2) with 'n' being the size of the sub-identifiers in bytes (*). With OpenSSL 3.0, support to fetch cryptographic algorithms using names / identifiers in string form was introduced. This includes using OBJECT IDENTIFIERs in canonical numeric text form as identifiers for fetching algorithms. Such OBJECT IDENTIFIERs may be received through the ASN.1 structure AlgorithmIdentifier, which is commonly used in multiple protocols to specify what cryptographic algorithm should be used to sign or verify, encrypt or decrypt, or digest passed data. Applications that call OBJ_obj2txt() directly with untrusted data are affected, with any version of OpenSSL. If the use is for the mere purpose of display, the severity is considered low. In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 certificates, including simple things like verifying its signature. The impact on TLS is relatively low, because all versions of OpenSSL have a 100KiB limit on the peer's certificate chain. Additionally, this only impacts clients, or servers that have explicitly enabled client authentication. In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, such as X.509 certificates. This is assumed to not happen in such a way that it would cause a Denial of Service, so these versions are considered not affected by this issue in such a way that it would be cause for concern, and the severity is therefore considered low.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-2650", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1n-0+deb11u5" }, "lnMcIzRPoETIbrbgdDGINA==": { "id": "lnMcIzRPoETIbrbgdDGINA==", "updater": "debian/updater", "name": "CVE-2021-46848", "description": "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2021-46848", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "libtasn1-6", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "4.16.0-2+deb11u1" }, "m619DfZfUke+jaTAnoZ2Xw==": { "id": "m619DfZfUke+jaTAnoZ2Xw==", "updater": "debian/updater", "name": "CVE-2023-7008", "description": "A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-7008", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "247.3-7+deb11u6" }, "m8d/cgBRVljmHKGy6mUUXw==": { "id": "m8d/cgBRVljmHKGy6mUUXw==", "updater": "debian/updater", "name": "CVE-2025-40909", "description": "Perl threads have a working directory race condition where file operations may target unintended paths. If a directory handle is open at thread creation, the process-wide current working directory is temporarily changed in order to clone that handle for the new thread, which is visible from any third (or more) thread already running. This may lead to unintended operations such as loading code or accessing files from unexpected locations, which a local attacker may be able to exploit. The bug was introduced in commit 11a11ecf4bea72b17d250cfb43c897be1341861e and released in Perl version 5.13.6", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-40909", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "perl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "5.32.1-4+deb11u5" }, "mJA9Uto8Hh0tElNp2qoYaA==": { "id": "mJA9Uto8Hh0tElNp2qoYaA==", "updater": "debian/updater", "name": "CVE-2017-7245", "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 4) or possibly have unspecified other impact via a crafted file.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2017-7245", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "pcre3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "meQYB1JR+XE3En/RrDfPvA==": { "id": "meQYB1JR+XE3En/RrDfPvA==", "updater": "debian/updater", "name": "CVE-2022-4415", "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2022-4415", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "247.3-7+deb11u2" }, "mj6UKCnVoHnC6YBWJGf/Ug==": { "id": "mj6UKCnVoHnC6YBWJGf/Ug==", "updater": "osv/pypi", "name": "GHSA-mq26-g339-26xf", "description": "Command Injection in pip when used with Mercurial", "issued": "2023-10-25T18:32:26Z", "links": "https://nvd.nist.gov/vuln/detail/CVE-2023-5752 https://github.com/pypa/pip/pull/12306 https://github.com/pypa/pip/commit/389cb799d0da9a840749fcd14878928467ed49b4 https://github.com/pypa/advisory-database/tree/main/vulns/pip/PYSEC-2023-228.yaml https://github.com/pypa/pip https://lists.debian.org/debian-lts-announce/2025/10/msg00028.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/622OZXWG72ISQPLM5Y57YCVIMWHD4C3U https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/65UKKF5LBHEFDCUSPBHUN4IHYX7SRMHH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FXUVMJM25PUAZRQZBF54OFVKTY3MINPW https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KFC2SPFG5FLCZBYY2K3T5MFW2D22NG6E https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YBSB3SUPQ3VIFYUMHPO3MEQI4BJAXKCZ https://mail.python.org/archives/list/security-announce@python.org/thread/F4PL35U6X4VVHZ5ILJU3PWUWN7H7LZXL", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "pip", "version": "", "kind": "binary", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "pypi", "uri": "https://pypi.org/", "cpe": "" }, "fixed_in_version": "fixed=23.3" }, "mnGTl6DWEAI0reOCEqb0jw==": { "id": "mnGTl6DWEAI0reOCEqb0jw==", "updater": "debian/updater", "name": "CVE-2022-0563", "description": "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an \"INPUTRC\" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2022-0563", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "util-linux", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "n+1p0npJfBZ4vUpG1OFi6w==": { "id": "n+1p0npJfBZ4vUpG1OFi6w==", "updater": "debian/updater", "name": "CVE-2023-50868", "description": "The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) via DNSSEC responses in a random subdomain attack, aka the \"NSEC3\" issue. The RFC 5155 specification implies that an algorithm must perform thousands of iterations of a hash function in certain situations.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-50868", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "247.3-7+deb11u6" }, "nApP7wP3SU/Fk79xF589WA==": { "id": "nApP7wP3SU/Fk79xF589WA==", "updater": "debian/updater", "name": "CVE-2026-40226", "description": "In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-40226", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "247.3-7+deb11u8" }, "o75dmeL6883s7llfbkU+PA==": { "id": "o75dmeL6883s7llfbkU+PA==", "updater": "debian/updater", "name": "CVE-2024-45490", "description": "An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-45490", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "2.2.10-2+deb11u6" }, "oeIf5WAd0bERBmJCeLsqIg==": { "id": "oeIf5WAd0bERBmJCeLsqIg==", "updater": "debian/updater", "name": "CVE-2017-7246", "description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unspecified other impact via a crafted file.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2017-7246", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "pcre3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "pa+2016jZIT5xycgFHsAsQ==": { "id": "pa+2016jZIT5xycgFHsAsQ==", "updater": "debian/updater", "name": "CVE-2018-20796", "description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2018-20796", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "pmcR65l6CQ+6Qdh99gUtFQ==": { "id": "pmcR65l6CQ+6Qdh99gUtFQ==", "updater": "debian/updater", "name": "CVE-2023-52425", "description": "libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-52425", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "2.2.10-2+deb11u6" }, "pu8XvxoOXeKAI0tvpRRucg==": { "id": "pu8XvxoOXeKAI0tvpRRucg==", "updater": "debian/updater", "name": "CVE-2023-5678", "description": "Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. While DH_check() performs all the necessary checks (as of CVE-2023-3817), DH_check_pub_key() doesn't make any of these checks, and is therefore vulnerable for excessively large P and Q parameters. Likewise, while DH_generate_key() performs a check for an excessively large P, it doesn't check for an excessively large Q. An application that calls DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. DH_generate_key() and DH_check_pub_key() are also called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate(). Also vulnerable are the OpenSSL pkey command line application when using the \"-pubcheck\" option, as well as the OpenSSL genpkey command line application. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-5678", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1w-0+deb11u2" }, "qDLWFSo6NpfxWPhSeAS8zQ==": { "id": "qDLWFSo6NpfxWPhSeAS8zQ==", "updater": "debian/updater", "name": "CVE-2024-28834", "description": "A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noticeable step in nonce size from 513 to 512 bits, exposing a potential timing side-channel.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-28834", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "gnutls28", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "3.7.1-5+deb11u6" }, "qICU5RK5Z4CLAC7/kEZ48Q==": { "id": "qICU5RK5Z4CLAC7/kEZ48Q==", "updater": "debian/updater", "name": "CVE-2025-14104", "description": "A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-14104", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "util-linux", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "qhu8cH6U47vSCL4GXDHHtA==": { "id": "qhu8cH6U47vSCL4GXDHHtA==", "updater": "debian/updater", "name": "CVE-2023-4641", "description": "A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from the memory.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-4641", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "shadow", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1:4.8.1-1+deb11u1" }, "qx22MhFBEwd9c5PrW7vjKw==": { "id": "qx22MhFBEwd9c5PrW7vjKw==", "updater": "debian/updater", "name": "CVE-2025-69720", "description": "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-69720", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "s55QOTlka9E4jTdGv0d/FA==": { "id": "s55QOTlka9E4jTdGv0d/FA==", "updater": "debian/updater", "name": "CVE-2025-4802", "description": "Untrusted LD_LIBRARY_PATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen (including internal dlopen calls after setlocale or calls to NSS functions such as getaddrinfo).", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-4802", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "2.31-13+deb11u13" }, "srcIw8ffB6famHHqmqImEw==": { "id": "srcIw8ffB6famHHqmqImEw==", "updater": "debian/updater", "name": "CVE-2023-3817", "description": "Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. After fixing CVE-2023-3446 it was discovered that a large q parameter value can also trigger an overly long computation during some of these checks. A correct q value, if present, cannot be larger than the modulus p parameter, thus it is unnecessary to perform these checks if q is larger than p. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the \"-check\" option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-3817", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1v-0~deb11u1" }, "svo9ZP0wOZ7IXZp//n2f7g==": { "id": "svo9ZP0wOZ7IXZp//n2f7g==", "updater": "osv/pypi", "name": "GHSA-m2qf-hxjv-5gpq", "description": "Flask vulnerable to possible disclosure of permanent session cookie due to missing Vary: Cookie header", "issued": "2023-05-01T19:22:20Z", "links": "https://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq https://nvd.nist.gov/vuln/detail/CVE-2023-30861 https://github.com/pallets/flask/commit/70f906c51ce49c485f1d355703e9cc3386b1cc2b https://github.com/pallets/flask/commit/afd63b16170b7c047f5758eb910c416511e9c965 https://github.com/pallets/flask https://github.com/pallets/flask/releases/tag/2.2.5 https://github.com/pallets/flask/releases/tag/2.3.2 https://github.com/pypa/advisory-database/tree/main/vulns/flask/PYSEC-2023-62.yaml https://lists.debian.org/debian-lts-announce/2023/08/msg00024.html https://security.netapp.com/advisory/ntap-20230818-0006 https://www.debian.org/security/2023/dsa-5442", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "High", "package": { "id": "", "name": "flask", "version": "", "kind": "binary", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "pypi", "uri": "https://pypi.org/", "cpe": "" }, "fixed_in_version": "fixed=2.2.5" }, "swQXHeTg1VEUQHser/6eEQ==": { "id": "swQXHeTg1VEUQHser/6eEQ==", "updater": "debian/updater", "name": "CVE-2023-50387", "description": "Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the \"KeyTrap\" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-50387", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "247.3-7+deb11u6" }, "t3CEDp5fZQ6D+aOizMiuSg==": { "id": "t3CEDp5fZQ6D+aOizMiuSg==", "updater": "debian/updater", "name": "CVE-2023-0286", "description": "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-0286", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1n-0+deb11u4" }, "tBbOIOCaKVlwik7hH/baMQ==": { "id": "tBbOIOCaKVlwik7hH/baMQ==", "updater": "debian/updater", "name": "CVE-2021-45346", "description": "A Memory Leak vulnerability exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries (made via editing the Database File), it is possible to query a record, and leak subsequent bytes of memory that extend beyond the record, which could let a malicious user obtain sensitive information. NOTE: The developer disputes this as a vulnerability stating that If you give SQLite a corrupted database file and submit a query against the database, it might read parts of the database that you did not intend or expect.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2021-45346", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "sqlite3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "tjx9raP+v/Zzj6SBJct3WA==": { "id": "tjx9raP+v/Zzj6SBJct3WA==", "updater": "debian/updater", "name": "CVE-2023-7104", "description": "A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-248999.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-7104", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "sqlite3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "3.34.1-3+deb11u1" }, "tne7uZ2E+Ev6QI7ctt3PxA==": { "id": "tne7uZ2E+Ev6QI7ctt3PxA==", "updater": "debian/updater", "name": "CVE-2024-33600", "description": "nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's (nscd) cache fails to add a not-found netgroup response to the cache, the client request can result in a null pointer dereference. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-33600", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "2.31-13+deb11u10" }, "u+ya+p/mAtLPAYAgbSPTTw==": { "id": "u+ya+p/mAtLPAYAgbSPTTw==", "updater": "debian/updater", "name": "CVE-2022-41409", "description": "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2022-41409", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "pcre2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "u4BvRhFacDxQuC7pVeExQg==": { "id": "u4BvRhFacDxQuC7pVeExQg==", "updater": "debian/updater", "name": "CVE-2026-27456", "description": "util-linux is a random collection of Linux utilities. Prior to version 2.41.4, a TOCTOU (Time-of-Check-Time-of-Use) vulnerability has been identified in the SUID binary /usr/bin/mount from util-linux. The mount binary, when setting up loop devices, validates the source file path with user privileges via fork() + setuid() + realpath(), but subsequently re-canonicalizes and opens it with root privileges (euid=0) without verifying that the path has not been replaced between both operations. Neither O_NOFOLLOW, nor inode comparison, nor post-open fstat() are employed. This allows a local unprivileged user to replace the source file with a symlink pointing to any root-owned file or device during the race window, causing the SUID binary to open and mount it as root. Exploitation requires an /etc/fstab entry with user,loop options whose path points to a directory where the attacker has write permission, and that /usr/bin/mount has the SUID bit set (the default configuration on virtually all Linux distributions). The impact is unauthorized read access to root-protected files and block devices, including backup images, disk volumes, and any file containing a valid filesystem. This issue has been patched in version 2.41.4.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-27456", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "util-linux", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "uEg5UAxE9NNjF71OxdO7uQ==": { "id": "uEg5UAxE9NNjF71OxdO7uQ==", "updater": "debian/updater", "name": "CVE-2017-16231", "description": "In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match() in pcre_exec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is used", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2017-16231", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "pcre3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "uTSYWROavw8Bf2n+4djlMg==": { "id": "uTSYWROavw8Bf2n+4djlMg==", "updater": "debian/updater", "name": "CVE-2025-4598", "description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-4598", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "247.3-7+deb11u7" }, "ugZgSJOxFzPCX6LQaJzM3A==": { "id": "ugZgSJOxFzPCX6LQaJzM3A==", "updater": "debian/updater", "name": "CVE-2024-5535", "description": "Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty supported client protocols buffer may cause a crash or memory contents to be sent to the peer. Impact summary: A buffer overread can have a range of potential consequences such as unexpected application beahviour or a crash. In particular this issue could result in up to 255 bytes of arbitrary private data from memory being sent to the peer leading to a loss of confidentiality. However, only applications that directly call the SSL_select_next_proto function with a 0 length list of supported client protocols are affected by this issue. This would normally never be a valid scenario and is typically not under attacker control but may occur by accident in the case of a configuration or programming error in the calling application. The OpenSSL API function SSL_select_next_proto is typically used by TLS applications that support ALPN (Application Layer Protocol Negotiation) or NPN (Next Protocol Negotiation). NPN is older, was never standardised and is deprecated in favour of ALPN. We believe that ALPN is significantly more widely deployed than NPN. The SSL_select_next_proto function accepts a list of protocols from the server and a list of protocols from the client and returns the first protocol that appears in the server list that also appears in the client list. In the case of no overlap between the two lists it returns the first item in the client list. In either case it will signal whether an overlap between the two lists was found. In the case where SSL_select_next_proto is called with a zero length client list it fails to notice this condition and returns the memory immediately following the client list pointer (and reports that there was no overlap in the lists). This function is typically called from a server side application callback for ALPN or a client side application callback for NPN. In the case of ALPN the list of protocols supplied by the client is guaranteed by libssl to never be zero in length. The list of server protocols comes from the application and should never normally be expected to be of zero length. In this case if the SSL_select_next_proto function has been called as expected (with the list supplied by the client passed in the client/client_len parameters), then the application will not be vulnerable to this issue. If the application has accidentally been configured with a zero length server list, and has accidentally passed that zero length server list in the client/client_len parameters, and has additionally failed to correctly handle a \"no overlap\" response (which would normally result in a handshake failure in ALPN) then it will be vulnerable to this problem. In the case of NPN, the protocol permits the client to opportunistically select a protocol when there is no overlap. OpenSSL returns the first client protocol in the no overlap case in support of this. The list of client protocols comes from the application and should never normally be expected to be of zero length. However if the SSL_select_next_proto function is accidentally called with a client_len of 0 then an invalid memory pointer will be returned instead. If the application uses this output as the opportunistic protocol then the loss of confidentiality will occur. This issue has been assessed as Low severity because applications are most likely to be vulnerable if they are using NPN instead of ALPN - but NPN is not widely used. It also requires an application configuration or programming error. Finally, this issue would not typically be under attacker control making active exploitation unlikely. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue. Due to the low severity of this issue we are not issuing new releases of OpenSSL at this time. The fix will be included in the next releases when they become available.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-5535", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1w-0+deb11u2" }, "uspznaGFEzt4cX0xZ36sYw==": { "id": "uspznaGFEzt4cX0xZ36sYw==", "updater": "debian/updater", "name": "CVE-2026-28390", "description": "Issue summary: During processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo a NULL pointer dereference can happen. Impact summary: Applications that process attacker-controlled CMS data may crash before authentication or cryptographic operations occur resulting in Denial of Service. When a CMS EnvelopedData message that uses KeyTransportRecipientInfo with RSA-OAEP encryption is processed, the optional parameters field of RSA-OAEP SourceFunc algorithm identifier is examined without checking for its presence. This results in a NULL pointer dereference if the field is missing. Applications and services that call CMS_decrypt() on untrusted input (e.g., S/MIME processing or CMS-based protocols) are vulnerable. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-28390", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "uwoSIcSlln9YRd7N1Kc3KQ==": { "id": "uwoSIcSlln9YRd7N1Kc3KQ==", "updater": "debian/updater", "name": "CVE-2026-40228", "description": "In systemd 259, systemd-journald can send ANSI escape sequences to the terminals of arbitrary users when a \"logger -p emerg\" command is executed, if ForwardToWall=yes is set.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-40228", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "vcYYj1nbYwczzoLG255iZQ==": { "id": "vcYYj1nbYwczzoLG255iZQ==", "updater": "debian/updater", "name": "CVE-2023-4039", "description": "**DISPUTED**A failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in dynamically-sized local variables in your application without this being detected. This stack-protector failure only applies to C99-style dynamically-sized local variables or those created using alloca(). The stack-protector operates as intended for statically-sized local variables. The default behavior when the stack-protector detects an overflow is to terminate your application, resulting in controlled loss of availability. An attacker who can exploit a buffer overflow without triggering the stack-protector might be able to change program flow control to cause an uncontrolled loss of availability or to go further and affect confidentiality or integrity. NOTE: The GCC project argues that this is a missed hardening bug and not a vulnerability by itself.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-4039", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "gcc-9", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "vmet9boOEsf+RUsh5rJnEw==": { "id": "vmet9boOEsf+RUsh5rJnEw==", "updater": "debian/updater", "name": "CVE-2024-4741", "description": "Issue summary: Calling the OpenSSL API function SSL_free_buffers may cause memory to be accessed that was previously freed in some situations Impact summary: A use after free can have a range of potential consequences such as the corruption of valid data, crashes or execution of arbitrary code. However, only applications that directly call the SSL_free_buffers function are affected by this issue. Applications that do not call this function are not vulnerable. Our investigations indicate that this function is rarely used by applications. The SSL_free_buffers function is used to free the internal OpenSSL buffer used when processing an incoming record from the network. The call is only expected to succeed if the buffer is not currently in use. However, two scenarios have been identified where the buffer is freed even when still in use. The first scenario occurs where a record header has been received from the network and processed by OpenSSL, but the full record body has not yet arrived. In this case calling SSL_free_buffers will succeed even though a record has only been partially processed and the buffer is still in use. The second scenario occurs where a full record containing application data has been received and processed by OpenSSL but the application has only read part of this data. Again a call to SSL_free_buffers will succeed even though the buffer is still in use. While these scenarios could occur accidentally during normal operation a malicious attacker could attempt to engineer a stituation where this occurs. We are not aware of this issue being actively exploited. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-4741", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1w-0+deb11u2" }, "w4Wr213OT8TRxlHAy3MwPQ==": { "id": "w4Wr213OT8TRxlHAy3MwPQ==", "updater": "debian/updater", "name": "CVE-2010-4756", "description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2010-4756", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "wFMwqYmfC1KjDKz8vyBr4A==": { "id": "wFMwqYmfC1KjDKz8vyBr4A==", "updater": "debian/updater", "name": "CVE-2023-4911", "description": "A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2023-4911", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "2.31-13+deb11u7" }, "wzv81XuYHOFtlrLHaamjZg==": { "id": "wzv81XuYHOFtlrLHaamjZg==", "updater": "debian/updater", "name": "CVE-2024-37371", "description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-37371", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "krb5", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.18.3-6+deb11u5" }, "x3SWTcEL2lgEvouAhmt6fQ==": { "id": "x3SWTcEL2lgEvouAhmt6fQ==", "updater": "debian/updater", "name": "CVE-2025-27587", "description": "OpenSSL 3.0.0 through 3.3.2 on the PowerPC architecture is vulnerable to a Minerva attack, exploitable by measuring the time of signing of random messages using the EVP_DigestSign API, and then using the private key to extract the K value (nonce) from the signatures. Next, based on the bit size of the extracted nonce, one can compare the signing time of full-sized nonces to signatures that used smaller nonces, via statistical tests. There is a side-channel in the P-364 curve that allows private key extraction (also, there is a dependency between the bit size of K and the size of the side channel). NOTE: This CVE is disputed because the OpenSSL security policy explicitly notes that any side channels which require same physical system to be detected are outside of the threat model for the software. The timing signal is so small that it is infeasible to be detected without having the attacking process running on the same physical system.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-27587", "severity": "unimportant", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "xZI5XEFq7Cuk3Mu3KyTdmg==": { "id": "xZI5XEFq7Cuk3Mu3KyTdmg==", "updater": "debian/updater", "name": "CVE-2024-56433", "description": "shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g., uid 100000 through 165535 for the first user account) that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by leveraging newuidmap for access to an NFS home directory (or same-host resources in the case of remote logins by these local network users). NOTE: it may also be argued that system administrators should not have assigned uids, within local networks, that are within the range that can occur in /etc/subuid.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-56433", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "shadow", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "" }, "y2mOh8WlJTCvA6wlULAyvA==": { "id": "y2mOh8WlJTCvA6wlULAyvA==", "updater": "debian/updater", "name": "CVE-2025-68973", "description": "In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-68973", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "2.2.27-2+deb11u3" }, "ySGl3ADUS8EeTeweiO86Aw==": { "id": "ySGl3ADUS8EeTeweiO86Aw==", "updater": "debian/updater", "name": "CVE-2024-9143", "description": "Issue summary: Use of the low-level GF(2^m) elliptic curve APIs with untrusted explicit values for the field polynomial can lead to out-of-bounds memory reads or writes. Impact summary: Out of bound memory writes can lead to an application crash or even a possibility of a remote code execution, however, in all the protocols involving Elliptic Curve Cryptography that we're aware of, either only \"named curves\" are supported, or, if explicit curve parameters are supported, they specify an X9.62 encoding of binary (GF(2^m)) curves that can't represent problematic input values. Thus the likelihood of existence of a vulnerable application is low. In particular, the X9.62 encoding is used for ECC keys in X.509 certificates, so problematic inputs cannot occur in the context of processing X.509 certificates. Any problematic use-cases would have to be using an \"exotic\" curve encoding. The affected APIs include: EC_GROUP_new_curve_GF2m(), EC_GROUP_new_from_params(), and various supporting BN_GF2m_*() functions. Applications working with \"exotic\" explicit binary (GF(2^m)) curve parameters, that make it possible to represent invalid field polynomials with a zero constant term, via the above or similar APIs, may terminate abruptly as a result of reading or writing outside of array bounds. Remote code execution cannot easily be ruled out. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2024-9143", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1w-0+deb11u2" }, "yyExMMKc3SPW2jNE01wTug==": { "id": "yyExMMKc3SPW2jNE01wTug==", "updater": "debian/updater", "name": "CVE-2026-22795", "description": "Issue summary: An invalid or NULL pointer dereference can happen in an application processing a malformed PKCS#12 file. Impact summary: An application processing a malformed PKCS#12 file can be caused to dereference an invalid or NULL pointer on memory read, resulting in a Denial of Service. A type confusion vulnerability exists in PKCS#12 parsing code where an ASN1_TYPE union member is accessed without first validating the type, causing an invalid pointer read. The location is constrained to a 1-byte address space, meaning any attempted pointer manipulation can only target addresses between 0x00 and 0xFF. This range corresponds to the zero page, which is unmapped on most modern operating systems and will reliably result in a crash, leading only to a Denial of Service. Exploiting this issue also requires a user or application to process a maliciously crafted PKCS#12 file. It is uncommon to accept untrusted PKCS#12 files in applications as they are usually used to store private keys which are trusted by definition. For these reasons, the issue was assessed as Low severity. The FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the PKCS12 implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue. OpenSSL 1.0.2 is not affected by this issue.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2026-22795", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1w-0+deb11u5" }, "yyhzQNC9UPFT5NwvhGsvqg==": { "id": "yyhzQNC9UPFT5NwvhGsvqg==", "updater": "debian/updater", "name": "CVE-2022-2097", "description": "AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of \"in place\" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p).", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2022-2097", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1n-0+deb11u4" }, "zL8eGifGE7B+wAjTOBjRgQ==": { "id": "zL8eGifGE7B+wAjTOBjRgQ==", "updater": "debian/updater", "name": "CVE-2022-29458", "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2022-29458", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "6.2+20201114-2+deb11u1" }, "ziMZexwNoFxp4mgVOJVBNQ==": { "id": "ziMZexwNoFxp4mgVOJVBNQ==", "updater": "debian/updater", "name": "CVE-2025-69421", "description": "Issue summary: Processing a malformed PKCS#12 file can trigger a NULL pointer dereference in the PKCS12_item_decrypt_d2i_ex() function. Impact summary: A NULL pointer dereference can trigger a crash which leads to Denial of Service for an application processing PKCS#12 files. The PKCS12_item_decrypt_d2i_ex() function does not check whether the oct parameter is NULL before dereferencing it. When called from PKCS12_unpack_p7encdata() with a malformed PKCS#12 file, this parameter can be NULL, causing a crash. The vulnerability is limited to Denial of Service and cannot be escalated to achieve code execution or memory disclosure. Exploiting this issue requires an attacker to provide a malformed PKCS#12 file to an application that processes it. For that reason the issue was assessed as Low severity according to our Security Policy. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the PKCS#12 implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.", "issued": "0001-01-01T00:00:00Z", "links": "https://security-tracker.debian.org/tracker/CVE-2025-69421", "severity": "not yet assigned", "normalized_severity": "Unknown", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "debian", "name": "Debian GNU/Linux", "version": "11 (bullseye)", "version_code_name": "bullseye", "version_id": "11", "arch": "", "cpe": "", "pretty_name": "Debian GNU/Linux 11 (bullseye)" }, "repository": { "cpe": "" }, "fixed_in_version": "1.1.1w-0+deb11u5" } }, "package_vulnerabilities": { "+ol9cHiNc+RWiD7Kw3TLCg==": [ "GPLYq884jQKVksfMc+b7OQ==" ], "0jMyX7UCIuSpntMN1r7Ofg==": [ "KwgIGMm765S+zvIBAwM9+g==" ], "2MObxiEVNllmUEzdVZM5qw==": [ "l8HSGkC4gSxCEUDns7KKfQ==" ], "3f992oeEQfSQxRA0nlq8Wg==": [ "DfxJWBpJUY1aHu0ZUSilDg==", "U3JbUhrT2SqWNuYU5d13cQ==", "jS/WQ+ua63nFUvjSzoQw1g==" ], "4jCPzhS6OWt4agz9d/cfTw==": [ "d1D8ilhRqv7A6eAzRE4Ojw==", "qx22MhFBEwd9c5PrW7vjKw==", "EvarhwbaAMrD3meGYFByGg==", "TgHh5yPuwUnIt8v9WawGYw==", "zL8eGifGE7B+wAjTOBjRgQ==" ], "7a3yla6TRFZrhmAreU7f8Q==": [ "IvA5abshk33BAuuBar/pVQ==", "BtqRPc7F47wJWygPNOxw1w==", "6jg3v7lJ92IZCQpZydR2sA==", "o75dmeL6883s7llfbkU+PA==", "IJPGr43VMeLym6tW3EWgdg==", "DS2nhayHHtinLlFzZheSwg==", "5Cmp5KJXv+nVwwcs5/Kz7w==", "hb+m0qlWxENYdrb1R811qA==", "9ThuL3zLKpmduvKpiDZ60w==", "UdV1OleGh/0MAkug0ZAlcQ==", "pmcR65l6CQ+6Qdh99gUtFQ==", "/7UJLAHsMPxTtTxvuPgrzA==", "DkvPjH9ZM3anH55rsU+i3w==", "Ud6njM/DPIrfSPiFct82Lw==", "5+uzHCKkmvMK8jl2uJkFqQ==", "KZ3Jt7zkiM272dGLstI4XA==", "MdrEi+/OrLlW3zDrheID2Q==" ], "8alfBYUr5uWbAyB5PrY8Hg==": [ "uTSYWROavw8Bf2n+4djlMg==", "5rGwN3bKZLMvxcM/W4jj+A==", "ASrdm9EROwWp9Ip2w7HH5w==", "lAYsMZ/1tV9arAE2k+zsAQ==", "uwoSIcSlln9YRd7N1Kc3KQ==", "m619DfZfUke+jaTAnoZ2Xw==", "WG/hQnqUufOh6/5/mlRi/Q==", "swQXHeTg1VEUQHser/6eEQ==", "nApP7wP3SU/Fk79xF589WA==", "U5598afGvRaltva6Rjqnug==", "n+1p0npJfBZ4vUpG1OFi6w==", "1dwwvWkARnFe67yAAGVglQ==", "0q/btA3zBEGWWmFxU7cNig==", "meQYB1JR+XE3En/RrDfPvA==", "GRlufCZFwHNK64OQNCFIcg==", "+x9OyXfXk9PrekfsnPKwlg==" ], "Akbft1KN+9FKNhh1tM25eA==": [ "PJI8cpGpF5+qVan9H5W87Q==", "fkr6aZMLVO7g6mTdU91lcg==", "qICU5RK5Z4CLAC7/kEZ48Q==", "u4BvRhFacDxQuC7pVeExQg==", "mnGTl6DWEAI0reOCEqb0jw==" ], "BJL42acLPAR8bEnmM1Z3mg==": [ "PJI8cpGpF5+qVan9H5W87Q==", "fkr6aZMLVO7g6mTdU91lcg==", "qICU5RK5Z4CLAC7/kEZ48Q==", "u4BvRhFacDxQuC7pVeExQg==", "mnGTl6DWEAI0reOCEqb0jw==" ], "CBzoMmlXBcyP54HOnauO0g==": [ "f6s0c0I4Eo7U1vb/8R9ATg==", "Ns8JH9Yqo6xZiGzihN4B3g==", "KvTZOL1MGCoBHaXdBx1RcA==", "Ba+eHoq0U7aq9Kxwg98r8Q==" ], "D0G6c/ML9XX4eoGHgx1jeQ==": [ "9JIazCQjSvYhpG9KE6d7Pg==", "ZxTVeoHgmvhWXsV+xLzphA==", "WHvU12ysgz1Ai1y1KSOiLA==", "DJOf0vCfrT4GvRr/tBJhbg==", "Y4A2Zm5xcsipvfluZVH5fA==", "GezxxUl3QPWUTitg/VHmlQ==", "jJNc2KwFwVg03DlaNN1nbA==", "w4Wr213OT8TRxlHAy3MwPQ==", "tne7uZ2E+Ev6QI7ctt3PxA==", "pa+2016jZIT5xycgFHsAsQ==", "l6iyFrb04z9eZxh35gAtVA==", "gMRlXKqXSfP5n8UiPW430Q==", "ZdGgPSEZdeQ3XJo0+ZpAXQ==", "IwuADin5bagOGQErETBgWw==", "CfS0L/tTata7W0FXXtQ4EQ==", "MYYkxlB4Ank1zsdIh41apg==", "c9VxNhSZmjnQmY3rI/q1PA==", "s55QOTlka9E4jTdGv0d/FA==", "OTqcMsspao5I6JZMETZ06w==", "ELw1b1vO2YOtV7qNQijgCw==", "aqMHDRnPT+3QNU/8tSwsog==", "T2SiDOPpMK0bU0Y0qkOm1A==", "wFMwqYmfC1KjDKz8vyBr4A==", "/YwO4YLRGgF2uWU55V6+MQ==" ], "DtMxcnDA8Je9vAHjmzagaA==": [ "GPLYq884jQKVksfMc+b7OQ==" ], "ExYxXcgoIRjAjUObwDE4jA==": [ "T4I8pNAq5VIHzHdHBx3kMA==", "0H/7BkE/Q7YVSZhEABXg6w==", "wzv81XuYHOFtlrLHaamjZg==", "59rfj7X7Q9O1jyg5L5a5zQ==", "Nzgd66Rt/zG5Z8ZfbjecYA==", "OB48XTRaksNPWPm0dVHJmQ==", "cHpKoxiUOXPYUJX1ihMLDg==", "dFbvYO8avXWxbjXnm5ACqQ==" ], "FJIijlwFNqvdoVBcfTF/pg==": [ "WCGqond4znYKCRcm4xyPrg==", "CtYegggqGbMfg16G/qfITQ==", "qhu8cH6U47vSCL4GXDHHtA==", "xZI5XEFq7Cuk3Mu3KyTdmg==", "LD4zPH3rZZkbSPN5ojHClA==", "k6VTDL+fxGnbqAk/IPGlnQ==" ], "G/7q+D+DsqYAVnohcyuzgQ==": [ "yyhzQNC9UPFT5NwvhGsvqg==", "ugZgSJOxFzPCX6LQaJzM3A==", "g9KEtrzigl5TCrpvLCQU5A==", "lShmgiPGgmUIO0VwzhSBRA==", "pu8XvxoOXeKAI0tvpRRucg==", "+N61/5529gFt7RkD8ooeKQ==", "Mmh4dm/jzK4QVSJqQVsCDw==", "vmet9boOEsf+RUsh5rJnEw==", "ziMZexwNoFxp4mgVOJVBNQ==", "t3CEDp5fZQ6D+aOizMiuSg==", "P4mYk7npVU6t91mlbAb8QA==", "eietxU2AL+GdeSQwh6n6XA==", "kwKUYCnvi/GndNgicLw/RQ==", "Mnnh2CmlXNNRCBXvqdG9ig==", "3Z3QMUqCN4dQV+f8cjn1eA==", "QEROZuK4q+zt8UbP6ZV8wg==", "ySGl3ADUS8EeTeweiO86Aw==", "uspznaGFEzt4cX0xZ36sYw==", "KLrAiYCJHdmWQ2RaqUywlA==", "Tcuyjettc5LT9G5wj3mSxw==", "afNm575eldgXY3DOGUNdqQ==", "epkSU4TSX3BVrueh1mbRzg==", "EajCJi704nU1+LqESNMC1w==", "b2D8D2g8yPwuRhswdqF0Rw==", "3QDeWfKuntq5YxjjCuZXRQ==", "bX7iB3AnaRh9Z+itWa3Xyw==", "srcIw8ffB6famHHqmqImEw==", "yyExMMKc3SPW2jNE01wTug==", "cZD87tDO2q60EFy3BAZ33g==", "x3SWTcEL2lgEvouAhmt6fQ==", "GmBi7n85v8sX6ItoMSgvlQ==", "bjAyJcmSN59FnAeiA6RMIg==" ], "Gm6VA87iOnaQ0rWR6oO9eA==": [ "u+ya+p/mAtLPAYAgbSPTTw==" ], "IQfQp74RcAWE7jHtQsMLHg==": [ "fkr6aZMLVO7g6mTdU91lcg==", "qICU5RK5Z4CLAC7/kEZ48Q==", "u4BvRhFacDxQuC7pVeExQg==", "mnGTl6DWEAI0reOCEqb0jw==" ], "LOfpAnA/2f7zE4SFJCrxVg==": [ "5OqCQlhu6kV+tAsgGEGuwQ==", "Mxv06g47iCk7QIqi7Xbojw==" ], "MvKvHHnD0jaLaWpyHvkhgQ==": [ "WCGqond4znYKCRcm4xyPrg==", "CtYegggqGbMfg16G/qfITQ==", "qhu8cH6U47vSCL4GXDHHtA==", "xZI5XEFq7Cuk3Mu3KyTdmg==", "LD4zPH3rZZkbSPN5ojHClA==", "k6VTDL+fxGnbqAk/IPGlnQ==" ], "NzkVb7F31E+Vxxz3PCS6tg==": [ "T4I8pNAq5VIHzHdHBx3kMA==", "0H/7BkE/Q7YVSZhEABXg6w==", "wzv81XuYHOFtlrLHaamjZg==", "59rfj7X7Q9O1jyg5L5a5zQ==", "Nzgd66Rt/zG5Z8ZfbjecYA==", "OB48XTRaksNPWPm0dVHJmQ==", "cHpKoxiUOXPYUJX1ihMLDg==", "dFbvYO8avXWxbjXnm5ACqQ==" ], "PgPY5hWnihXRN45byvzY0g==": [ "d1D8ilhRqv7A6eAzRE4Ojw==", "qx22MhFBEwd9c5PrW7vjKw==", "EvarhwbaAMrD3meGYFByGg==", "TgHh5yPuwUnIt8v9WawGYw==", "zL8eGifGE7B+wAjTOBjRgQ==" ], "R1TkRM71ql+JWgz0VF5ESQ==": [ "1U/zi3CEao+52y8LKU0uvw==", "bZ2m6J3EIvmTdjYJprlOKA==", "khiBNMMi17UID6UagXI8LA==", "CaLsKNvkpKlxKVBlUnje9Q==" ], "RAMuXEdVU4AJ/z4aiK/NNg==": [ "bNvH54V1y9cXsGaCXVwFVw==", "QGq5D5QwQKPerzYOBVoSsg==", "Jl0PQIP9L3ufSvQ2j71iww==", "Qd2XnJZ3qaQ3AbyDXUaR2A==", "Pj9V3uC2c9o+P6lTpzzGeA==" ], "RYsqO4ROpGMzzCO5WaTrlw==": [ "aWm6E1ULjtuw0ydmFnsI4A==" ], "RgdwX+VC70nXZ2E527PXaA==": [ "GPLYq884jQKVksfMc+b7OQ==" ], "VbNyM3GfR5vEmJdFAiKqrA==": [ "vcYYj1nbYwczzoLG255iZQ==" ], "Wi4oa03apqVdR6okNeZiNA==": [ "KaoEuixR8E5nnpGZ1pG25w==", "kgqUyyy6Fd5CUNREC3t1jg==", "SNR1VT02i1HBHxqGRTeBAQ==", "9sNDKQtqg7Z3gJr//JQlvg==", "HuTBrVHKx7uaMtQjiqifKQ==", "3cBlPR7Tm4BIC/+wflldAg==", "bBymk1eoEM+tVYB+/Crz+g==", "ZbWtFXr0WyByV4kCb3M6FA==", "XtT5+z5+yMbpdsyfkLItzA==", "Y++3+aMTeU3vX7BI4/zG6w==", "fUdim7gaWpwZtynNz5GiKg==", "qDLWFSo6NpfxWPhSeAS8zQ==", "g44foSnimIkShQZtpEhjbQ==" ], "ZWeYh81MRCu1nh3mOyptIA==": [ "PJI8cpGpF5+qVan9H5W87Q==", "fkr6aZMLVO7g6mTdU91lcg==", "qICU5RK5Z4CLAC7/kEZ48Q==", "u4BvRhFacDxQuC7pVeExQg==", "mnGTl6DWEAI0reOCEqb0jw==" ], "bGWj1aSf0wvrecU/pdTv5A==": [ "08pa4udz9bnA9IOsE208DA==" ], "bHkSxcl6e1quNxLGb6uX8A==": [ "QopvyNp/5Ata9NdAUhFygw==", "k6fjQGJuJ+9NXMFLa5+CgA==", "Xce4H7xsVfrtYV2aXED7xA==" ], "bTSLWiizipO2axtmvXFuVg==": [ "YXTNVVKQsWY/LFuomB715g==", "lnMcIzRPoETIbrbgdDGINA==", "6j23t/n6B77cQMxfCeLKzA==" ], "brvvAQ6V7yp7QbUuk+W5Hg==": [ "GPLYq884jQKVksfMc+b7OQ==" ], "d4b/e0nx+/vPWuPB7oDzPw==": [ "9JIazCQjSvYhpG9KE6d7Pg==", "ZxTVeoHgmvhWXsV+xLzphA==", "WHvU12ysgz1Ai1y1KSOiLA==", "DJOf0vCfrT4GvRr/tBJhbg==", "Y4A2Zm5xcsipvfluZVH5fA==", "GezxxUl3QPWUTitg/VHmlQ==", "jJNc2KwFwVg03DlaNN1nbA==", "w4Wr213OT8TRxlHAy3MwPQ==", "tne7uZ2E+Ev6QI7ctt3PxA==", "pa+2016jZIT5xycgFHsAsQ==", "l6iyFrb04z9eZxh35gAtVA==", "gMRlXKqXSfP5n8UiPW430Q==", "ZdGgPSEZdeQ3XJo0+ZpAXQ==", "IwuADin5bagOGQErETBgWw==", "CfS0L/tTata7W0FXXtQ4EQ==", "MYYkxlB4Ank1zsdIh41apg==", "c9VxNhSZmjnQmY3rI/q1PA==", "s55QOTlka9E4jTdGv0d/FA==", "OTqcMsspao5I6JZMETZ06w==", "ELw1b1vO2YOtV7qNQijgCw==", "aqMHDRnPT+3QNU/8tSwsog==", "T2SiDOPpMK0bU0Y0qkOm1A==", "wFMwqYmfC1KjDKz8vyBr4A==", "/YwO4YLRGgF2uWU55V6+MQ==" ], "dUT53gagQO5Ac9Bdlu5dAw==": [ "NYWveHKKsIYIKl+vE8UEhw==" ], "dXglURzzdbLnOf14mab1Hg==": [ "EYo03ICovWfCjw2cKpwx4Q==", "VzolVkOS5HseGzVTLzDMfA==", "9xk1p07t4ZV999E3HyfhVA==", "27BVJE6xR0Z84LzifDnFYA==", "WWnQMI7f7f75SgC9Dcl+QQ==" ], "dobmrwm7aq9puvFHwNgXxw==": [ "08pa4udz9bnA9IOsE208DA==" ], "dv3AlW8tBL4D0mEPW7/Z2Q==": [ "f6s0c0I4Eo7U1vb/8R9ATg==", "Ns8JH9Yqo6xZiGzihN4B3g==", "KvTZOL1MGCoBHaXdBx1RcA==", "Ba+eHoq0U7aq9Kxwg98r8Q==" ], "eF2QIdrTmJlWmjQTkhntow==": [ "5IA1PesIyj05J2Yx0YB4tQ==" ], "elSR7m8uLWd/kMl2jxTm/A==": [ "f6s0c0I4Eo7U1vb/8R9ATg==", "Ns8JH9Yqo6xZiGzihN4B3g==", "KvTZOL1MGCoBHaXdBx1RcA==", "Ba+eHoq0U7aq9Kxwg98r8Q==" ], "evNF5YpSAxyFV7iWv3lSVw==": [ "yyhzQNC9UPFT5NwvhGsvqg==", "ugZgSJOxFzPCX6LQaJzM3A==", "g9KEtrzigl5TCrpvLCQU5A==", "lShmgiPGgmUIO0VwzhSBRA==", "pu8XvxoOXeKAI0tvpRRucg==", "+N61/5529gFt7RkD8ooeKQ==", "Mmh4dm/jzK4QVSJqQVsCDw==", "vmet9boOEsf+RUsh5rJnEw==", "ziMZexwNoFxp4mgVOJVBNQ==", "t3CEDp5fZQ6D+aOizMiuSg==", "P4mYk7npVU6t91mlbAb8QA==", "eietxU2AL+GdeSQwh6n6XA==", "kwKUYCnvi/GndNgicLw/RQ==", "Mnnh2CmlXNNRCBXvqdG9ig==", "3Z3QMUqCN4dQV+f8cjn1eA==", "QEROZuK4q+zt8UbP6ZV8wg==", "ySGl3ADUS8EeTeweiO86Aw==", "uspznaGFEzt4cX0xZ36sYw==", "KLrAiYCJHdmWQ2RaqUywlA==", "Tcuyjettc5LT9G5wj3mSxw==", "afNm575eldgXY3DOGUNdqQ==", "epkSU4TSX3BVrueh1mbRzg==", "EajCJi704nU1+LqESNMC1w==", "b2D8D2g8yPwuRhswdqF0Rw==", "3QDeWfKuntq5YxjjCuZXRQ==", "bX7iB3AnaRh9Z+itWa3Xyw==", "srcIw8ffB6famHHqmqImEw==", "yyExMMKc3SPW2jNE01wTug==", "cZD87tDO2q60EFy3BAZ33g==", "x3SWTcEL2lgEvouAhmt6fQ==", "GmBi7n85v8sX6ItoMSgvlQ==", "bjAyJcmSN59FnAeiA6RMIg==" ], "fCmdLCR2Ix0ldnZL1Fa52A==": [ "MXRm//dBCnWFem5zffvqmA==", "MDmWztEMrTY+VyVp5c+Fvw==" ], "hdNUjYIlrdEAtBWAggakAw==": [ "brAAPyN4siIQT5bxa9xu4g==", "7DtFnnE8FjIpCQKunutpeg==", "m8d/cgBRVljmHKGy6mUUXw==", "ce9B0jxjyNiCfG4VtZhnVw==", "k82HOcJqNkts86KJ0glvow==", "AvPdNumiwGnBie+lo1du3A==" ], "iWqdRZmp08/Tx22qEtmjJg==": [ "mJA9Uto8Hh0tElNp2qoYaA==", "oeIf5WAd0bERBmJCeLsqIg==", "ZrZi02myDWWW0L5oPQj/cg==", "uEg5UAxE9NNjF71OxdO7uQ==", "G45dR+E8Wb+bEhCdwuqUDg==" ], "jErhz6PtXvAy/EPWJ425rA==": [ "PJI8cpGpF5+qVan9H5W87Q==", "fkr6aZMLVO7g6mTdU91lcg==", "qICU5RK5Z4CLAC7/kEZ48Q==", "u4BvRhFacDxQuC7pVeExQg==", "mnGTl6DWEAI0reOCEqb0jw==" ], "jKa8Us2cqGejhOc2/n5DDA==": [ "PJI8cpGpF5+qVan9H5W87Q==", "fkr6aZMLVO7g6mTdU91lcg==", "qICU5RK5Z4CLAC7/kEZ48Q==", "u4BvRhFacDxQuC7pVeExQg==", "mnGTl6DWEAI0reOCEqb0jw==" ], "kq4lGEwi4agkgAJAkDs9Ng==": [ "kwonOUycdcBenNhjZ1b//Q==", "svo9ZP0wOZ7IXZp//n2f7g==", "h7Lhy275V3QLvnBLGAulbw==" ], "krch6TQqNWzRi5F/dDkF+Q==": [ "d1D8ilhRqv7A6eAzRE4Ojw==", "qx22MhFBEwd9c5PrW7vjKw==", "EvarhwbaAMrD3meGYFByGg==", "TgHh5yPuwUnIt8v9WawGYw==", "zL8eGifGE7B+wAjTOBjRgQ==" ], "l5lCPjtOmPM8/LLh9+NjeQ==": [ "WxlxRC1KqAo8Mejv03fZGA==", "ANq7+l7+5U6IDt9eU02u5w==", "y2mOh8WlJTCvA6wlULAyvA==", "F0zkrLGlbsix59P9mqoAOg==" ], "lCjIskl1HulEHShaXtgmwQ==": [ "d1D8ilhRqv7A6eAzRE4Ojw==", "qx22MhFBEwd9c5PrW7vjKw==", "EvarhwbaAMrD3meGYFByGg==", "TgHh5yPuwUnIt8v9WawGYw==", "zL8eGifGE7B+wAjTOBjRgQ==" ], "nwapLKtbHTjy1u8+aA0X+Q==": [ "h35IL7k4erNtmTSolINnjA==", "TN8d5UGyH2D+dtBNYjKyKg==", "dZ/H1sYv9QSX9VO93tlGLw==", "PUY4fn57nsAU2qBLtgRtdw==", "mj6UKCnVoHnC6YBWJGf/Ug==", "WcYPrwv9PSVoVoof5MRsxQ==" ], "pZoLgWqHDgjhYQPevrtwdg==": [ "GPLYq884jQKVksfMc+b7OQ==" ], "qN2BSWBeEFRJnExMNJ1S0A==": [ "fharKhY7OXyx+gXJAwiegw==", "DRKFIYYNzLumACBV1CW/rw==", "dUTZP+bcDNUqytJV02E1dQ==", "tjx9raP+v/Zzj6SBJct3WA==", "BxMnseA9J6OW2RWxSrlbyQ==", "tBbOIOCaKVlwik7hH/baMQ==", "1VnWeA5AZgybyD8+PiXyiw==" ], "qrPZzwjmppjOiQbrGk5IQA==": [ "T4I8pNAq5VIHzHdHBx3kMA==", "0H/7BkE/Q7YVSZhEABXg6w==", "wzv81XuYHOFtlrLHaamjZg==", "59rfj7X7Q9O1jyg5L5a5zQ==", "Nzgd66Rt/zG5Z8ZfbjecYA==", "OB48XTRaksNPWPm0dVHJmQ==", "cHpKoxiUOXPYUJX1ihMLDg==", "dFbvYO8avXWxbjXnm5ACqQ==" ], "s66OGd0F2Pbemhmyrg2R9w==": [ "uTSYWROavw8Bf2n+4djlMg==", "5rGwN3bKZLMvxcM/W4jj+A==", "ASrdm9EROwWp9Ip2w7HH5w==", "lAYsMZ/1tV9arAE2k+zsAQ==", "uwoSIcSlln9YRd7N1Kc3KQ==", "m619DfZfUke+jaTAnoZ2Xw==", "WG/hQnqUufOh6/5/mlRi/Q==", "swQXHeTg1VEUQHser/6eEQ==", "nApP7wP3SU/Fk79xF589WA==", "U5598afGvRaltva6Rjqnug==", "n+1p0npJfBZ4vUpG1OFi6w==", "1dwwvWkARnFe67yAAGVglQ==", "0q/btA3zBEGWWmFxU7cNig==", "meQYB1JR+XE3En/RrDfPvA==", "GRlufCZFwHNK64OQNCFIcg==", "+x9OyXfXk9PrekfsnPKwlg==" ], "tNSJ6slY9zv+TZ6de2MVDQ==": [ "B78vSIll2muNDyY3F7urzw==" ], "tYADP/V07/lE8Qno1R/hhg==": [ "08pa4udz9bnA9IOsE208DA==" ], "vqKK+x/7cGHNjLr4L7x4uQ==": [ "fXJD4KsFmfzjgWJPYHqTrQ==" ], "wkuBBC4B84P3b4K0fGF0OQ==": [ "PJI8cpGpF5+qVan9H5W87Q==", "fkr6aZMLVO7g6mTdU91lcg==", "qICU5RK5Z4CLAC7/kEZ48Q==", "u4BvRhFacDxQuC7pVeExQg==", "mnGTl6DWEAI0reOCEqb0jw==" ], "yYcMjCGhY/mc+KraTEHSJg==": [ "T4I8pNAq5VIHzHdHBx3kMA==", "0H/7BkE/Q7YVSZhEABXg6w==", "wzv81XuYHOFtlrLHaamjZg==", "59rfj7X7Q9O1jyg5L5a5zQ==", "Nzgd66Rt/zG5Z8ZfbjecYA==", "OB48XTRaksNPWPm0dVHJmQ==", "cHpKoxiUOXPYUJX1ihMLDg==", "dFbvYO8avXWxbjXnm5ACqQ==" ], "zV4ikAKeqBYFSvXnkFMYgg==": [ "f6s0c0I4Eo7U1vb/8R9ATg==", "Ns8JH9Yqo6xZiGzihN4B3g==", "KvTZOL1MGCoBHaXdBx1RcA==", "Ba+eHoq0U7aq9Kxwg98r8Q==" ], "zw9OGAXs3mWkBkmfKzbfqg==": [ "l8HSGkC4gSxCEUDns7KKfQ==" ] }, "enrichments": {} } pod: test-comp-yssu-on-pull-request-tfdwd-clair-scan-pod | container step-oci-attach-report: Selecting auth Using token for quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu Attaching clair-report-amd64.json to quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu@sha256:707fe2d1b91e82dce021bea30fc8af5a2e2be21f3a62422b184d4c8e47306d37 Executing: oras attach --no-tty --format go-template={{.digest}} --registry-config /home/oras/auth.json --artifact-type application/vnd.redhat.clair-report+json quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu@sha256:707fe2d1b91e82dce021bea30fc8af5a2e2be21f3a62422b184d4c8e47306d37 clair-report-amd64.json:application/vnd.redhat.clair-report+json pod: test-comp-yssu-on-pull-request-tfdwd-clair-scan-pod | container step-conftest-vulnerabilities: [ { "filename": "/tekton/home/clair-result-amd64.json", "namespace": "required_checks", "successes": 7, "warnings": [ { "msg": "Found packages with unpatched medium vulnerabilities. These vulnerabilities don't have a known fix at this time.", "metadata": { "details": { "description": "Vulnerabilities found: coreutils-8.32-4+b1 (CVE-2016-2781)", "name": "clair_unpatched_medium_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 1 } }, { "msg": "Found packages with unpatched low/negligible vulnerabilities. These vulnerabilities don't have a known fix at this time.", "metadata": { "details": { "description": "Vulnerabilities found: libsmartcols1-2.36.1-8+deb11u1 (CVE-2022-0563, CVE-2025-14104), gpgv-2.2.27-2+deb11u2 (CVE-2022-3219), libsystemd0-247.3-7+deb11u1 (CVE-2013-4392, CVE-2020-13529, CVE-2023-31437, CVE-2023-31438, CVE-2023-31439), perl-base-5.32.1-4+deb11u2 (CVE-2011-4116, CVE-2023-31486), tar-1.34+dfsg-1 (CVE-2005-2541, TEMP-0290435-0B57B5), libpcre3-2:8.39-13 (CVE-2017-11164, CVE-2017-16231, CVE-2017-7245, CVE-2017-7246, CVE-2019-20838), libgssapi-krb5-2-1.18.3-6+deb11u3 (CVE-2018-5709, CVE-2024-26458, CVE-2024-26461), libgcc-s1-10.2.1-6 (CVE-2023-4039), coreutils-8.32-4+b1 (CVE-2017-18018, CVE-2025-5278), libmount1-2.36.1-8+deb11u1 (CVE-2022-0563, CVE-2025-14104), libc6-2.31-13+deb11u5 (CVE-2010-4756, CVE-2018-20796, CVE-2019-1010022, CVE-2019-1010023, CVE-2019-1010024, CVE-2019-1010025, CVE-2019-9192), libstdc++6-10.2.1-6 (CVE-2023-4039), sysvinit-utils-2.96-7+deb11u1 (TEMP-0517018-A83CE6), libkrb5support0-1.18.3-6+deb11u3 (CVE-2018-5709, CVE-2024-26458, CVE-2024-26461), gcc-9-base-9.3.0-22 (CVE-2023-4039), libexpat1-2.2.10-2+deb11u5 (CVE-2013-0340, CVE-2023-52426, CVE-2024-28757), libpcre2-8-0-10.36-2+deb11u1 (CVE-2022-41409), libapt-pkg6.0-2.2.4 (CVE-2011-3374), util-linux-2.36.1-8+deb11u1 (CVE-2022-0563, CVE-2025-14104), mount-2.36.1-8+deb11u1 (CVE-2022-0563, CVE-2025-14104), openssl-1.1.1n-0+deb11u3 (CVE-2025-27587), libudev1-247.3-7+deb11u1 (CVE-2013-4392, CVE-2020-13529, CVE-2023-31437, CVE-2023-31438, CVE-2023-31439), libk5crypto3-1.18.3-6+deb11u3 (CVE-2018-5709, CVE-2024-26458, CVE-2024-26461), libssl1.1-1.1.1n-0+deb11u3 (CVE-2025-27587), apt-2.2.4 (CVE-2011-3374), libblkid1-2.36.1-8+deb11u1 (CVE-2022-0563, CVE-2025-14104), libc-bin-2.31-13+deb11u5 (CVE-2010-4756, CVE-2018-20796, CVE-2019-1010022, CVE-2019-1010023, CVE-2019-1010024, CVE-2019-1010025, CVE-2019-9192), gcc-10-base-10.2.1-6 (CVE-2023-4039), libgcrypt20-1.8.7-6 (CVE-2018-6829, CVE-2024-2236), passwd-1:4.8.1-1 (CVE-2007-5686, CVE-2013-4235, TEMP-0628843-DBAD28), libuuid1-2.36.1-8+deb11u1 (CVE-2022-0563, CVE-2025-14104), libgnutls30-3.7.1-5+deb11u2 (CVE-2011-3389), bsdutils-1:2.36.1-8+deb11u1 (CVE-2022-0563, CVE-2025-14104), libsqlite3-0-3.34.1-3 (CVE-2021-45346, CVE-2022-35737, CVE-2025-29088, CVE-2025-70873), libkrb5-3-1.18.3-6+deb11u3 (CVE-2018-5709, CVE-2024-26458, CVE-2024-26461), login-1:4.8.1-1 (CVE-2007-5686, CVE-2013-4235, TEMP-0628843-DBAD28), bash-5.1-2+deb11u1 (TEMP-0841856-B18BAF)", "name": "clair_unpatched_low_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 89 } }, { "msg": "Found packages with unpatched unknown vulnerabilities. These vulnerabilities don't have a known fix at this time.", "metadata": { "details": { "description": "Vulnerabilities found: libsmartcols1-2.36.1-8+deb11u1 (CVE-2026-27456, CVE-2026-3184), gpgv-2.2.27-2+deb11u2 (CVE-2025-30258, CVE-2025-68972), libsystemd0-247.3-7+deb11u1 (CVE-2026-40228), ncurses-base-6.2+20201114-2 (CVE-2023-50495, CVE-2025-6141, CVE-2025-69720), libpam-modules-1.4.0-9+deb11u1 (CVE-2024-10041, CVE-2025-8941), zlib1g-1:1.2.11.dfsg-2+deb11u2 (CVE-2023-45853, CVE-2026-27171), libpam-runtime-1.4.0-9+deb11u1 (CVE-2024-10041, CVE-2025-8941), tar-1.34+dfsg-1 (CVE-2026-5704), libtinfo6-6.2+20201114-2 (CVE-2023-50495, CVE-2025-6141, CVE-2025-69720), libmount1-2.36.1-8+deb11u1 (CVE-2026-27456, CVE-2026-3184), liblzma5-5.2.5-2.1~deb11u1 (CVE-2026-34743), libc6-2.31-13+deb11u5 (CVE-2023-4806, CVE-2023-4813, CVE-2025-15281, CVE-2025-8058, CVE-2026-0861, CVE-2026-0915, CVE-2026-4046, CVE-2026-4437, CVE-2026-4438), ncurses-bin-6.2+20201114-2 (CVE-2023-50495, CVE-2025-6141, CVE-2025-69720), libexpat1-2.2.10-2+deb11u5 (CVE-2024-8176, CVE-2025-59375, CVE-2025-66382, CVE-2026-24515, CVE-2026-25210, CVE-2026-32776, CVE-2026-32777, CVE-2026-32778, CVE-2026-41080), util-linux-2.36.1-8+deb11u1 (CVE-2026-27456, CVE-2026-3184), mount-2.36.1-8+deb11u1 (CVE-2026-27456, CVE-2026-3184), openssl-1.1.1n-0+deb11u3 (CVE-2026-28387, CVE-2026-28388, CVE-2026-28389, CVE-2026-28390, CVE-2026-31789), libudev1-247.3-7+deb11u1 (CVE-2026-40228), libssl1.1-1.1.1n-0+deb11u3 (CVE-2026-28387, CVE-2026-28388, CVE-2026-28389, CVE-2026-28390, CVE-2026-31789), libblkid1-2.36.1-8+deb11u1 (CVE-2026-27456, CVE-2026-3184), libpam-modules-bin-1.4.0-9+deb11u1 (CVE-2024-10041, CVE-2025-8941), libc-bin-2.31-13+deb11u5 (CVE-2023-4806, CVE-2023-4813, CVE-2025-15281, CVE-2025-8058, CVE-2026-0861, CVE-2026-0915, CVE-2026-4046, CVE-2026-4437, CVE-2026-4438), libgcrypt20-1.8.7-6 (CVE-2021-33560), dpkg-1.20.12 (CVE-2025-6297), passwd-1:4.8.1-1 (CVE-2024-56433), libuuid1-2.36.1-8+deb11u1 (CVE-2026-27456, CVE-2026-3184), libdb5.3-5.3.28+dfsg1-0.8 (CVE-2019-8457), libpam0g-1.4.0-9+deb11u1 (CVE-2024-10041, CVE-2025-8941), libtasn1-6-4.16.0-2 (CVE-2025-13151), bsdutils-1:2.36.1-8+deb11u1 (CVE-2026-27456, CVE-2026-3184), libzstd1-1.4.8+dfsg-2.1 (CVE-2022-4899), libncursesw6-6.2+20201114-2 (CVE-2023-50495, CVE-2025-6141, CVE-2025-69720), libsqlite3-0-3.34.1-3 (CVE-2025-6965), login-1:4.8.1-1 (CVE-2024-56433), bash-5.1-2+deb11u1 (CVE-2022-3715)", "name": "clair_unpatched_unknown_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 88 } } ] } ] {"vulnerabilities":{"critical":0,"high":0,"medium":0,"low":0,"unknown":0},"unpatched_vulnerabilities":{"critical":0,"high":0,"medium":1,"low":89,"unknown":88}} {"image": {"pullspec": "quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu:on-pr-d981b3febb34efc636b69c342ae5be53aa224b90", "digests": ["sha256:707fe2d1b91e82dce021bea30fc8af5a2e2be21f3a62422b184d4c8e47306d37"]}} {"result":"SUCCESS","timestamp":"2026-04-19T13:59:58+00:00","note":"Task clair-scan completed: Refer to Tekton task result SCAN_OUTPUT for vulnerabilities scanned by Clair.","namespace":"default","successes":0,"failures":0,"warnings":0} pod: test-comp-yssu-on-pull-request-tfdwd-clamav-scan-pod | init container: prepare 2026/04/19 13:55:04 Entrypoint initialization pod: test-comp-yssu-on-pull-request-tfdwd-clamav-scan-pod | init container: place-scripts 2026/04/19 13:55:05 Decoded script /tekton/scripts/script-0-hh6p2 2026/04/19 13:55:05 Decoded script /tekton/scripts/script-1-6rck2 pod: test-comp-yssu-on-pull-request-tfdwd-clamav-scan-pod | container step-extract-and-scan-image: Starting clamd ... clamd is ready! Detecting artifact type for quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu@sha256:707fe2d1b91e82dce021bea30fc8af5a2e2be21f3a62422b184d4c8e47306d37. Detected container image. Processing image manifests. Running "oc image extract" on image of arch amd64 Scanning image for arch amd64. This operation may take a while. ----------- SCAN SUMMARY ----------- Infected files: 0 Time: 38.355 sec (0 m 38 s) Start Date: 2026:04:19 13:57:05 End Date: 2026:04:19 13:57:43 Executed-on: Scan was executed on clamsdcan version - ClamAV 1.4.3/27975/Sat Apr 18 06:26:10 2026 Database version: 27975 [ { "filename": "/work/logs/clamscan-result-log-amd64.json", "namespace": "required_checks", "successes": 2 } ] {"timestamp":"1776607063","namespace":"required_checks","successes":2,"failures":0,"warnings":0,"result":"SUCCESS","note":"All checks passed successfully"} {"timestamp":"1776607063","namespace":"required_checks","successes":2,"failures":0,"warnings":0,"result":"SUCCESS","note":"All checks passed successfully"} {"timestamp":"1776607063","namespace":"required_checks","successes":2,"failures":0,"warnings":0,"result":"SUCCESS","note":"All checks passed successfully"} {"image": {"pullspec": "quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu:on-pr-d981b3febb34efc636b69c342ae5be53aa224b90", "digests": ["sha256:707fe2d1b91e82dce021bea30fc8af5a2e2be21f3a62422b184d4c8e47306d37"]}} pod: test-comp-yssu-on-pull-request-tfdwd-clamav-scan-pod | container step-upload: Selecting auth Using token for quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu Attaching to quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu:on-pr-d981b3febb34efc636b69c342ae5be53aa224b90 Executing: oras attach --no-tty --registry-config /home/oras/auth.json --artifact-type application/vnd.clamav quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu:on-pr-d981b3febb34efc636b69c342ae5be53aa224b90@sha256:707fe2d1b91e82dce021bea30fc8af5a2e2be21f3a62422b184d4c8e47306d37 clamscan-result-amd64.log:text/vnd.clamav clamscan-ec-test-amd64.json:application/vnd.konflux.test_output+json Preparing clamscan-result-amd64.log Preparing clamscan-ec-test-amd64.json Exists 44136fa355b3 application/vnd.oci.empty.v1+json Uploading 841ea7f5385d clamscan-result-amd64.log Uploading 6440c9173c93 clamscan-ec-test-amd64.json Uploaded 6440c9173c93 clamscan-ec-test-amd64.json Uploaded 841ea7f5385d clamscan-result-amd64.log Uploading b5d5e434603e application/vnd.oci.image.manifest.v1+json Uploaded b5d5e434603e application/vnd.oci.image.manifest.v1+json Attached to [registry] quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu:on-pr-d981b3febb34efc636b69c342ae5be53aa224b90@sha256:707fe2d1b91e82dce021bea30fc8af5a2e2be21f3a62422b184d4c8e47306d37 Digest: sha256:b5d5e434603eb0e3e21f5b0cf16868c1e2c762f07584b00767c8cfc1cdcdf54c pod: test-comp-yssu-on-pull-request-tfdwd-clone-repository-pod | init container: prepare 2026/04/19 13:52:44 Entrypoint initialization pod: test-comp-yssu-on-pull-request-tfdwd-clone-repository-pod | init container: place-scripts 2026/04/19 13:52:44 Decoded script /tekton/scripts/script-0-m5xch 2026/04/19 13:52:44 Decoded script /tekton/scripts/script-1-xmvkg pod: test-comp-yssu-on-pull-request-tfdwd-clone-repository-pod | container step-clone: INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt {"level":"info","ts":1776606769.0196686,"caller":"git/git.go:394","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1776606769.262471,"caller":"git/git.go:223","msg":"Successfully cloned https://github.com/redhat-appstudio-qe/devfile-sample-python-basic @ d981b3febb34efc636b69c342ae5be53aa224b90 (grafted, HEAD) in path /var/workdir/source"} {"level":"info","ts":1776606769.2625225,"caller":"git/git.go:394","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1776606769.290624,"caller":"git/git.go:277","msg":"Successfully initialized and updated submodules in path /var/workdir/source"} Merge option disabled. Using checked-out revision d981b3febb34efc636b69c342ae5be53aa224b90 directly. pod: test-comp-yssu-on-pull-request-tfdwd-clone-repository-pod | container step-symlink-check: Running symlink check pod: test-comp-yssu-on-pull-request-tfdwd-clone-repository-pod | container step-create-trusted-artifact: Prepared artifact from /var/workdir/source (sha256:e5afa59a44d24608a15038d8e22d40e4f32f8c7e339720c865fd307e60d65abf) Using token for quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu Executing: oras push --annotation=quay.expires-after=6h --registry-config /tmp/create-oci.sh.WI2Gv9/auth-eDAYz7.json quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu:on-pr-d981b3febb34efc636b69c342ae5be53aa224b90.git SOURCE_ARTIFACT Uploading e5afa59a44d2 SOURCE_ARTIFACT Uploaded e5afa59a44d2 SOURCE_ARTIFACT Pushed [registry] quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu:on-pr-d981b3febb34efc636b69c342ae5be53aa224b90.git ArtifactType: application/vnd.unknown.artifact.v1 Digest: sha256:030f8422a44a930ea206f1310d81ce01c648187b642b8dd4464b859079db94a7 Artifacts created pod: test-comp-yssu-on-pull-request-tfdwd-init-pod | init container: prepare 2026/04/19 13:52:36 Entrypoint initialization pod: test-comp-yssu-on-pull-request-tfdwd-init-pod | container step-init: time="2026-04-19T13:52:40Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-19T13:52:40Z" level=info msg="[param] enable: false" time="2026-04-19T13:52:40Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-19T13:52:40Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-19T13:52:40Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-19T13:52:40Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-19T13:52:41Z" level=info msg="Cache proxy is disabled in param or in backend" time="2026-04-19T13:52:41Z" level=info msg="[result] HTTP PROXY: " time="2026-04-19T13:52:41Z" level=info msg="[result] NO PROXY: " pod: test-comp-yssu-on-pull-request-tfdwd-prefetch-dependencies-pod | init container: prepare 2026/04/19 13:52:54 Entrypoint initialization pod: test-comp-yssu-on-pull-request-tfdwd-prefetch-dependencies-pod | init container: place-scripts 2026/04/19 13:52:55 Decoded script /tekton/scripts/script-0-zp5jc 2026/04/19 13:52:55 Decoded script /tekton/scripts/script-2-4lp4s pod: test-comp-yssu-on-pull-request-tfdwd-prefetch-dependencies-pod | container step-skip-ta: pod: test-comp-yssu-on-pull-request-tfdwd-prefetch-dependencies-pod | container step-use-trusted-artifact: WARN: found skip file in /var/workdir/source pod: test-comp-yssu-on-pull-request-tfdwd-prefetch-dependencies-pod | container step-prefetch-dependencies: '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' time="2026-04-19T13:53:18Z" level=debug msg="Starting prefetch-dependencies" time="2026-04-19T13:53:18Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-19T13:53:18Z" level=info msg="Not using package registry proxy because allow-package-registry-proxy is not set to `true` on the cluster level" logger=PrefetchDependencies time="2026-04-19T13:53:18Z" level=info msg="[param] source-dir: /var/workdir/source" time="2026-04-19T13:53:18Z" level=info msg="[param] output-dir: /var/workdir/cachi2/output" time="2026-04-19T13:53:18Z" level=info msg="[param] sbom-format: spdx" time="2026-04-19T13:53:18Z" level=info msg="[param] mode: strict" time="2026-04-19T13:53:18Z" level=info msg="[param] output-dir-mount-point: /cachi2/output" time="2026-04-19T13:53:18Z" level=info msg="[param] env-files: [/var/workdir/cachi2/cachi2.env]" time="2026-04-19T13:53:18Z" level=info msg="[param] git-auth-directory: /workspace/git-basic-auth" time="2026-04-19T13:53:19Z" level=info msg="hermeto [stdout] hermeto 0.50.1" logger=CliExecutor time="2026-04-19T13:53:19Z" level=warning msg="No input provided; skipping prefetch-dependencies" logger=PrefetchDependencies time="2026-04-19T13:53:19Z" level=debug msg="Finished prefetch-dependencies" pod: test-comp-yssu-on-pull-request-tfdwd-prefetch-dependencies-pod | container step-create-trusted-artifact: WARN: found skip file in /var/workdir/source WARN: found skip file in /var/workdir/cachi2 pod: test-comp-yssu-on-pull-request-tfdwd-push-dockerfile-pod | init container: prepare 2026/04/19 13:55:01 Entrypoint initialization pod: test-comp-yssu-on-pull-request-tfdwd-push-dockerfile-pod | container step-use-trusted-artifact: Using token for quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu Executing: oras blob fetch --registry-config /tmp/use-oci.sh.3AijH8/auth-wq31kN.json quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu@sha256:e5afa59a44d24608a15038d8e22d40e4f32f8c7e339720c865fd307e60d65abf --output - Restored artifact quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu@sha256:e5afa59a44d24608a15038d8e22d40e4f32f8c7e339720c865fd307e60d65abf to /var/workdir/source pod: test-comp-yssu-on-pull-request-tfdwd-push-dockerfile-pod | container step-push: time="2026-04-19T13:55:12Z" level=info msg="[param] image-url: quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu:on-pr-d981b3febb34efc636b69c342ae5be53aa224b90" time="2026-04-19T13:55:12Z" level=info msg="[param] image-digest: sha256:707fe2d1b91e82dce021bea30fc8af5a2e2be21f3a62422b184d4c8e47306d37" time="2026-04-19T13:55:12Z" level=info msg="[param] containerfile: docker/Dockerfile" time="2026-04-19T13:55:12Z" level=info msg="[param] context: ." time="2026-04-19T13:55:12Z" level=info msg="[param] tag-suffix: .dockerfile" time="2026-04-19T13:55:12Z" level=info msg="[param] artifact-type: application/vnd.konflux.dockerfile" time="2026-04-19T13:55:12Z" level=info msg="[param] source: source" time="2026-04-19T13:55:12Z" level=info msg="[param] result-path-image-ref: /tekton/results/IMAGE_REF" time="2026-04-19T13:55:12Z" level=info msg="[param] alternative-filename: Dockerfile" time="2026-04-19T13:55:13Z" level=info msg="oras [stdout] quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu@sha256:2d58de03839ce2aae03ba36f44753d4ffe05ea0499a0e960b117579a549af180" logger=CliExecutor time="2026-04-19T13:55:13Z" level=info msg="Containerfile '/var/workdir/source/docker/Dockerfile' is pushed to registry with tag: sha256-707fe2d1b91e82dce021bea30fc8af5a2e2be21f3a62422b184d4c8e47306d37.dockerfile" {"image_ref":"quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu@sha256:2d58de03839ce2aae03ba36f44753d4ffe05ea0499a0e960b117579a549af180"} pod: test-comp-yssu-on-pull-request-tfdwd-sast-shell-check-pod | init container: prepare 2026/04/19 13:55:04 Entrypoint initialization pod: test-comp-yssu-on-pull-request-tfdwd-sast-shell-check-pod | init container: place-scripts 2026/04/19 13:55:05 Decoded script /tekton/scripts/script-1-xxj8h 2026/04/19 13:55:05 Decoded script /tekton/scripts/script-2-2f6zp pod: test-comp-yssu-on-pull-request-tfdwd-sast-shell-check-pod | container step-use-trusted-artifact: Using token for quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu Executing: oras blob fetch --registry-config /tmp/use-oci.sh.C8NRnT/auth-Ehb6WZ.json quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu@sha256:e5afa59a44d24608a15038d8e22d40e4f32f8c7e339720c865fd307e60d65abf --output - Restored artifact quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu@sha256:e5afa59a44d24608a15038d8e22d40e4f32f8c7e339720c865fd307e60d65abf to /var/workdir/source WARN: artifact URI not provided, (given: =/var/workdir/cachi2) pod: test-comp-yssu-on-pull-request-tfdwd-sast-shell-check-pod | container step-sast-shell-check: + source /utils.sh ++ OPM_RENDER_CACHE=/tmp/konflux-test-opm-cache ++ DEFAULT_INDEX_IMAGE=registry.redhat.io/redhat/redhat-operator-index + trap 'handle_error /tekton/results/TEST_OUTPUT' EXIT + [[ -z '' ]] + PROJECT_NAME=test-comp-yssu + echo 'INFO: The PROJECT_NAME used is: test-comp-yssu' INFO: The PROJECT_NAME used is: test-comp-yssu INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt + ca_bundle=/mnt/trusted-ca/ca-bundle.crt + '[' -f /mnt/trusted-ca/ca-bundle.crt ']' + echo 'INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt' + cp -vf /mnt/trusted-ca/ca-bundle.crt /etc/pki/ca-trust/source/anchors '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' + update-ca-trust ++ rpm -q --queryformat '%{NAME}-%{VERSION}-%{RELEASE}\n' ShellCheck + PACKAGE_VERSION=ShellCheck-0.10.0-3.el9 + OUTPUT_FILE=shellcheck-results.json + SOURCE_CODE_DIR=/var/workdir/source + declare -a ALL_TARGETS + IFS=, + read -ra TARGET_ARRAY + for d in "${TARGET_ARRAY[@]}" + potential_path=/var/workdir/source/. ++ realpath -m /var/workdir/source/. + resolved_path=/var/workdir/source + [[ /var/workdir/source == \/\v\a\r\/\w\o\r\k\d\i\r\/\s\o\u\r\c\e* ]] + ALL_TARGETS+=("$resolved_path") + '[' -z '' ']' + '[' -r /sys/fs/cgroup/cpu.max ']' + read -r quota period + '[' 800000 '!=' max ']' + '[' -n 100000 ']' + '[' 100000 -gt 0 ']' + export SC_JOBS=8 + SC_JOBS=8 INFO: Setting SC_JOBS=8 based on cgroups v2 max for run-shellcheck.sh + echo 'INFO: Setting SC_JOBS=8 based on cgroups v2 max for run-shellcheck.sh' + /usr/share/csmock/scripts/run-shellcheck.sh /var/workdir/source Looking for shell scripts................ done + timeout 30 shellcheck --format=json1 --external-sources --source-path=/var/workdir/source /var/workdir/source/.git/hooks/applypatch-msg.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/var/workdir/source /var/workdir/source/.git/hooks/commit-msg.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/var/workdir/source /var/workdir/source/.git/hooks/post-update.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/var/workdir/source /var/workdir/source/.git/hooks/prepare-commit-msg.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/var/workdir/source /var/workdir/source/.git/hooks/pre-applypatch.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/var/workdir/source /var/workdir/source/.git/hooks/pre-commit.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/var/workdir/source /var/workdir/source/.git/hooks/pre-merge-commit.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/var/workdir/source /var/workdir/source/.git/hooks/pre-push.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/var/workdir/source /var/workdir/source/.git/hooks/pre-rebase.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/var/workdir/source /var/workdir/source/.git/hooks/pre-receive.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/var/workdir/source /var/workdir/source/.git/hooks/push-to-checkout.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/var/workdir/source /var/workdir/source/.git/hooks/sendemail-validate.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/var/workdir/source /var/workdir/source/.git/hooks/update.sample + CSGREP_OPTS=(--mode=json --strip-path-prefix="$SOURCE_CODE_DIR"/ --remove-duplicates --embed-context=3 --set-scan-prop="ShellCheck:${PACKAGE_VERSION}") + [[ true == \t\r\u\e ]] + CSGREP_EVENT_FILTER='\[SC(1020|1035|1054|1066|1068|1073|1080|1083|1099|1113|1115|1127|1128|1143|2043|2050|' + CSGREP_EVENT_FILTER+='2055|2057|2066|2069|2071|2077|2078|2091|2092|2157|2171|2193|2194|2195|2215|2216|' + CSGREP_EVENT_FILTER+='2218|2224|2225|2242|2256|2258|2261)\]$' + CSGREP_OPTS+=(--event="$CSGREP_EVENT_FILTER") + csgrep --mode=json --strip-path-prefix=/var/workdir/source/ --remove-duplicates --embed-context=3 --set-scan-prop=ShellCheck:ShellCheck-0.10.0-3.el9 '--event=\[SC(1020|1035|1054|1066|1068|1073|1080|1083|1099|1113|1115|1127|1128|1143|2043|2050|2055|2057|2066|2069|2071|2077|2078|2091|2092|2157|2171|2193|2194|2195|2215|2216|2218|2224|2225|2242|2256|2258|2261)\]$' ./shellcheck-results/empty.json ./shellcheck-results/sc-103.json ./shellcheck-results/sc-113.json ./shellcheck-results/sc-117.json ./shellcheck-results/sc-120.json ./shellcheck-results/sc-70.json ./shellcheck-results/sc-73.json ./shellcheck-results/sc-74.json ./shellcheck-results/sc-76.json ./shellcheck-results/sc-79.json ./shellcheck-results/sc-82.json + [[ SITE_DEFAULT == \S\I\T\E\_\D\E\F\A\U\L\T ]] + KFP_GIT_URL=https://gitlab.cee.redhat.com/osh/known-false-positives.git + PROBE_URL=https://gitlab.cee.redhat.com/osh/known-false-positives + KFP_DIR=known-false-positives + KFP_CLONED=0 + mkdir known-false-positives + [[ -n https://gitlab.cee.redhat.com/osh/known-false-positives.git ]] INFO: Probing https://gitlab.cee.redhat.com/osh/known-false-positives... + echo -n 'INFO: Probing https://gitlab.cee.redhat.com/osh/known-false-positives... ' + curl --fail --head --max-time 60 --no-progress-meter https://gitlab.cee.redhat.com/osh/known-false-positives ++ head -1 curl: (6) Could not resolve host: gitlab.cee.redhat.com + [[ 0 -eq 0 ]] WARN: Failed to clone known-false-positives at https://gitlab.cee.redhat.com/osh/known-false-positives.git, scan results will not be filtered + echo 'WARN: Failed to clone known-false-positives at https://gitlab.cee.redhat.com/osh/known-false-positives.git, scan results will not be filtered' ShellCheck results have been saved to shellcheck-results.json + echo 'ShellCheck results have been saved to shellcheck-results.json' + csgrep --mode=evtstat shellcheck-results.json + csgrep --mode=sarif shellcheck-results.json + TEST_OUTPUT= + parse_test_output sast-shell-check-oci-ta sarif shellcheck-results.sarif + TEST_NAME=sast-shell-check-oci-ta + TEST_RESULT_FORMAT=sarif + TEST_RESULT_FILE=shellcheck-results.sarif + '[' -z sast-shell-check-oci-ta ']' + '[' -z sarif ']' + '[' -z shellcheck-results.sarif ']' + '[' '!' -f shellcheck-results.sarif ']' + '[' sarif = sarif ']' +++ jq -rce '(if (.runs[].results | length > 0) then "FAILURE" else "SUCCESS" end)' shellcheck-results.sarif +++ jq -rce '(.runs[].results | length)' shellcheck-results.sarif ++ make_result_json -r SUCCESS -f 0 ++ local RESULT= ++ local SUCCESSES=0 ++ local FAILURES=0 ++ local WARNINGS=0 ++ local 'NOTE=For details, check Tekton task log.' ++ local NAMESPACE=default ++ local OUTPUT ++ local OPTIND opt ++ getopts :r:s:f:w:t:n: opt ++ case "${opt}" in ++ RESULT=SUCCESS ++ getopts :r:s:f:w:t:n: opt ++ case "${opt}" in ++ FAILURES=0 ++ getopts :r:s:f:w:t:n: opt ++ shift 4 ++ '[' -z SUCCESS ']' ++ case "${RESULT}" in ++++ date -u --iso-8601=seconds +++ jq -rce --arg date 2026-04-19T13:56:53+00:00 --arg result SUCCESS --arg note 'For details, check Tekton task log.' --arg namespace default --arg successes 0 --arg failures 0 --arg warnings 0 --null-input '{ result: $result, timestamp: $date, note: $note, namespace: $namespace, successes: $successes|tonumber, failures: $failures|tonumber, warnings: $warnings|tonumber }' ++ OUTPUT='{"result":"SUCCESS","timestamp":"2026-04-19T13:56:53+00:00","note":"For details, check Tekton task log.","namespace":"default","successes":0,"failures":0,"warnings":0}' ++ echo '{"result":"SUCCESS","timestamp":"2026-04-19T13:56:53+00:00","note":"For details, check Tekton task log.","namespace":"default","successes":0,"failures":0,"warnings":0}' + TEST_OUTPUT='{"result":"SUCCESS","timestamp":"2026-04-19T13:56:53+00:00","note":"For details, check Tekton task log.","namespace":"default","successes":0,"failures":0,"warnings":0}' ++ echo '{"result":"SUCCESS","timestamp":"2026-04-19T13:56:53+00:00","note":"For details, check Tekton task log.","namespace":"default","successes":0,"failures":0,"warnings":0}' ++ jq .failures + '[' 0 -gt 0 ']' + echo '{"result":"SUCCESS","timestamp":"2026-04-19T13:56:53+00:00","note":"For details, check Tekton task log.","namespace":"default","successes":0,"failures":0,"warnings":0}' + tee /tekton/results/TEST_OUTPUT {"result":"SUCCESS","timestamp":"2026-04-19T13:56:53+00:00","note":"For details, check Tekton task log.","namespace":"default","successes":0,"failures":0,"warnings":0} + handle_error /tekton/results/TEST_OUTPUT + exit_code=0 + '[' 0 -ne 0 ']' + exit 0 pod: test-comp-yssu-on-pull-request-tfdwd-sast-shell-check-pod | container step-upload: Selecting auth Using token for quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu Attaching to quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu:on-pr-d981b3febb34efc636b69c342ae5be53aa224b90 Executing: oras attach --no-tty --registry-config /home/oras/auth.json --artifact-type application/sarif+json quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu:on-pr-d981b3febb34efc636b69c342ae5be53aa224b90@sha256:707fe2d1b91e82dce021bea30fc8af5a2e2be21f3a62422b184d4c8e47306d37 shellcheck-results.sarif:application/sarif+json Preparing shellcheck-results.sarif Uploading 3b606a9dd3a1 shellcheck-results.sarif Exists 44136fa355b3 application/vnd.oci.empty.v1+json Uploaded 3b606a9dd3a1 shellcheck-results.sarif Uploading 8b6402a9f8ca application/vnd.oci.image.manifest.v1+json Uploaded 8b6402a9f8ca application/vnd.oci.image.manifest.v1+json Attached to [registry] quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu:on-pr-d981b3febb34efc636b69c342ae5be53aa224b90@sha256:707fe2d1b91e82dce021bea30fc8af5a2e2be21f3a62422b184d4c8e47306d37 Digest: sha256:8b6402a9f8ca606ed138265d916ada39550cc6cc3b56b9213dd707a608bbcff1 No excluded-findings.json exists. Skipping upload. pod: test-comp-yssu-on-pull-request-tfdwd-sast-unicode-check-pod | init container: prepare 2026/04/19 13:55:00 Entrypoint initialization pod: test-comp-yssu-on-pull-request-tfdwd-sast-unicode-check-pod | init container: place-scripts 2026/04/19 13:55:00 Decoded script /tekton/scripts/script-1-f25j9 2026/04/19 13:55:00 Decoded script /tekton/scripts/script-2-t4gn6 pod: test-comp-yssu-on-pull-request-tfdwd-sast-unicode-check-pod | container step-use-trusted-artifact: Using token for quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu Executing: oras blob fetch --registry-config /tmp/use-oci.sh.nvLm1Z/auth-E2Usaz.json quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu@sha256:e5afa59a44d24608a15038d8e22d40e4f32f8c7e339720c865fd307e60d65abf --output - Restored artifact quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu@sha256:e5afa59a44d24608a15038d8e22d40e4f32f8c7e339720c865fd307e60d65abf to /var/workdir/source WARN: artifact URI not provided, (given: =/var/workdir/cachi2) pod: test-comp-yssu-on-pull-request-tfdwd-sast-unicode-check-pod | container step-sast-unicode-check: + . /utils.sh ++ OPM_RENDER_CACHE=/tmp/konflux-test-opm-cache ++ DEFAULT_INDEX_IMAGE=registry.redhat.io/redhat/redhat-operator-index + trap 'handle_error /tekton/results/TEST_OUTPUT' EXIT INFO: The PROJECT_NAME used is: test-comp-yssu + [[ -z '' ]] + PROJECT_NAME=test-comp-yssu + echo 'INFO: The PROJECT_NAME used is: test-comp-yssu' + ca_bundle=/mnt/trusted-ca/ca-bundle.crt + '[' -f /mnt/trusted-ca/ca-bundle.crt ']' INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt + echo 'INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt' + cp -vf /mnt/trusted-ca/ca-bundle.crt /etc/pki/ca-trust/source/anchors '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' + update-ca-trust + SCAN_PROP=https://github.com/siddhesh/find-unicode-control.git#c2accbfbba7553a8bc1ebd97089ae08ad8347e58 + FUC_EXIT_CODE=0 + LANG=en_US.utf8 + find_unicode_control.py -p bidi -v -d -t /var/workdir/source + [[ 0 -ne 0 ]] + sed -i raw_sast_unicode_check_out.txt -E -e 's|(.*:[0-9]+)(.*)|\1: warning:\2|' -e 's|^|Error: UNICONTROL_WARNING:\n|' + CSGERP_OPTS=(--mode=json --remove-duplicates --embed-context=3 --set-scan-prop="${SCAN_PROP}" --strip-path-prefix="${SOURCE_CODE_DIR}"/source/) + csgrep --mode=json --remove-duplicates --embed-context=3 --set-scan-prop=https://github.com/siddhesh/find-unicode-control.git#c2accbfbba7553a8bc1ebd97089ae08ad8347e58 --strip-path-prefix=/var/workdir/source/ raw_sast_unicode_check_out.txt + csgrep --mode=evtstat processed_sast_unicode_check_out.json + [[ SITE_DEFAULT == \S\I\T\E\_\D\E\F\A\U\L\T ]] + KFP_GIT_URL=https://gitlab.cee.redhat.com/osh/known-false-positives.git + PROBE_URL=https://gitlab.cee.redhat.com/osh/known-false-positives + KFP_DIR=known-false-positives + KFP_CLONED=0 + mkdir known-false-positives + [[ -n https://gitlab.cee.redhat.com/osh/known-false-positives.git ]] + echo -n 'INFO: Probing https://gitlab.cee.redhat.com/osh/known-false-positives... ' INFO: Probing https://gitlab.cee.redhat.com/osh/known-false-positives... + curl --fail --head --max-time 60 --no-progress-meter https://gitlab.cee.redhat.com/osh/known-false-positives ++ head -1 curl: (6) Could not resolve host: gitlab.cee.redhat.com + [[ 0 -eq 0 ]] + echo 'WARN: Failed to clone known-false-positives at https://gitlab.cee.redhat.com/osh/known-false-positives.git, scan results will not be filtered' WARN: Failed to clone known-false-positives at https://gitlab.cee.redhat.com/osh/known-false-positives.git, scan results will not be filtered + mv processed_sast_unicode_check_out.json sast_unicode_check_out.json + csgrep --mode=sarif sast_unicode_check_out.json + [[ 0 -eq 0 ]] + note='Task sast-unicode-check-oci-ta success: No finding was detected' ++ make_result_json -r SUCCESS -t 'Task sast-unicode-check-oci-ta success: No finding was detected' ++ local RESULT= ++ local SUCCESSES=0 ++ local FAILURES=0 ++ local WARNINGS=0 ++ local 'NOTE=For details, check Tekton task log.' ++ local NAMESPACE=default ++ local OUTPUT ++ local OPTIND opt ++ getopts :r:s:f:w:t:n: opt ++ case "${opt}" in ++ RESULT=SUCCESS ++ getopts :r:s:f:w:t:n: opt ++ case "${opt}" in ++ NOTE='Task sast-unicode-check-oci-ta success: No finding was detected' ++ getopts :r:s:f:w:t:n: opt ++ shift 4 ++ '[' -z SUCCESS ']' ++ case "${RESULT}" in ++++ date -u --iso-8601=seconds +++ jq -rce --arg date 2026-04-19T13:55:47+00:00 --arg result SUCCESS --arg note 'Task sast-unicode-check-oci-ta success: No finding was detected' --arg namespace default --arg successes 0 --arg failures 0 --arg warnings 0 --null-input '{ result: $result, timestamp: $date, note: $note, namespace: $namespace, successes: $successes|tonumber, failures: $failures|tonumber, warnings: $warnings|tonumber }' ++ OUTPUT='{"result":"SUCCESS","timestamp":"2026-04-19T13:55:47+00:00","note":"Task sast-unicode-check-oci-ta success: No finding was detected","namespace":"default","successes":0,"failures":0,"warnings":0}' ++ echo '{"result":"SUCCESS","timestamp":"2026-04-19T13:55:47+00:00","note":"Task sast-unicode-check-oci-ta success: No finding was detected","namespace":"default","successes":0,"failures":0,"warnings":0}' + ERROR_OUTPUT='{"result":"SUCCESS","timestamp":"2026-04-19T13:55:47+00:00","note":"Task sast-unicode-check-oci-ta success: No finding was detected","namespace":"default","successes":0,"failures":0,"warnings":0}' + echo '{"result":"SUCCESS","timestamp":"2026-04-19T13:55:47+00:00","note":"Task sast-unicode-check-oci-ta success: No finding was detected","namespace":"default","successes":0,"failures":0,"warnings":0}' + tee /tekton/results/TEST_OUTPUT {"result":"SUCCESS","timestamp":"2026-04-19T13:55:47+00:00","note":"Task sast-unicode-check-oci-ta success: No finding was detected","namespace":"default","successes":0,"failures":0,"warnings":0} + handle_error /tekton/results/TEST_OUTPUT + exit_code=0 + '[' 0 -ne 0 ']' + exit 0 pod: test-comp-yssu-on-pull-request-tfdwd-sast-unicode-check-pod | container step-upload: Selecting auth Using token for quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu Attaching to quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu:on-pr-d981b3febb34efc636b69c342ae5be53aa224b90 Executing: oras attach --no-tty --registry-config /home/oras/auth.json --artifact-type application/sarif+json quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu:on-pr-d981b3febb34efc636b69c342ae5be53aa224b90@sha256:707fe2d1b91e82dce021bea30fc8af5a2e2be21f3a62422b184d4c8e47306d37 sast_unicode_check_out.sarif:application/sarif+json Preparing sast_unicode_check_out.sarif Exists 44136fa355b3 application/vnd.oci.empty.v1+json Uploading 1da9b99b8b41 sast_unicode_check_out.sarif Uploaded 1da9b99b8b41 sast_unicode_check_out.sarif Uploading 13095bc0d2e1 application/vnd.oci.image.manifest.v1+json Uploaded 13095bc0d2e1 application/vnd.oci.image.manifest.v1+json Attached to [registry] quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu:on-pr-d981b3febb34efc636b69c342ae5be53aa224b90@sha256:707fe2d1b91e82dce021bea30fc8af5a2e2be21f3a62422b184d4c8e47306d37 Digest: sha256:13095bc0d2e1aefd9bb4d960411221a4589ab81517a03b4b8909b6bdf1d84a32 No excluded-findings.json exists. Skipping upload. pod: test-comp-yssu-on-pull-requf42331553f29cbc37069447770eae8bc-pod | init container: prepare 2026/04/19 13:56:58 Entrypoint initialization pod: test-comp-yssu-on-pull-requf42331553f29cbc37069447770eae8bc-pod | init container: place-scripts 2026/04/19 13:56:59 Decoded script /tekton/scripts/script-0-lqppq 2026/04/19 13:56:59 Decoded script /tekton/scripts/script-1-prxwk 2026/04/19 13:56:59 Decoded script /tekton/scripts/script-2-pc6bk 2026/04/19 13:56:59 Decoded script /tekton/scripts/script-3-b9wvf 2026/04/19 13:56:59 Decoded script /tekton/scripts/script-4-9fcjs 2026/04/19 13:56:59 Decoded script /tekton/scripts/script-5-fq4dm pod: test-comp-yssu-on-pull-requf42331553f29cbc37069447770eae8bc-pod | container step-introspect: Artifact type will be determined by introspection. Checking the media type of the OCI artifact... [retry] executing: skopeo inspect --raw --retry-times 3 docker://quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu:on-pr-d981b3febb34efc636b69c342ae5be53aa224b90 The media type of the OCI artifact is application/vnd.oci.image.manifest.v1+json. Looking for image labels that indicate this might be an operator bundle... [retry] executing: skopeo inspect --retry-times 3 docker://quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu:on-pr-d981b3febb34efc636b69c342ae5be53aa224b90 Found 0 matching labels. Expecting 3 or more to identify this image as an operator bundle. Introspection concludes that this artifact is of type "application". pod: test-comp-yssu-on-pull-requf42331553f29cbc37069447770eae8bc-pod | container step-generate-container-auth: Selecting auth for quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu:on-pr-d981b3febb34efc636b69c342ae5be53aa224b90 Using token for quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu Auth json written to "/auth/auth.json". pod: test-comp-yssu-on-pull-requf42331553f29cbc37069447770eae8bc-pod | container step-set-skip-for-bundles: 2026/04/19 13:57:04 INFO Step was skipped due to when expressions were evaluated to false. pod: test-comp-yssu-on-pull-requf42331553f29cbc37069447770eae8bc-pod | container step-app-check: time="2026-04-19T13:57:04Z" level=info msg="certification library version" version="1.17.1 <commit: f7de82ae1c76e6c10ea94967d6b6a66f96248cbe>" time="2026-04-19T13:57:05Z" level=info msg="running checks for quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu:on-pr-d981b3febb34efc636b69c342ae5be53aa224b90 for platform amd64" time="2026-04-19T13:57:05Z" level=info msg="target image" image="quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu:on-pr-d981b3febb34efc636b69c342ae5be53aa224b90" time="2026-04-19T13:57:09Z" level=error msg="could not get rpm list, continuing without it" error="could not find rpm db/packages: stat /tmp/preflight-888752448/fs/usr/lib/sysimage/rpm/rpmdb.sqlite: no such file or directory\nstat /tmp/preflight-888752448/fs/var/lib/rpm/rpmdb.sqlite: no such file or directory\nstat /tmp/preflight-888752448/fs/var/lib/rpm/Packages: no such file or directory" time="2026-04-19T13:57:09Z" level=info msg="warning: licenses directory does not exist or all of its children are empty directories: error when checking for /licenses: stat /tmp/preflight-888752448/fs/licenses: no such file or directory" check=HasLicense time="2026-04-19T13:57:09Z" level=info msg="check completed" check=HasLicense result=FAILED time="2026-04-19T13:57:09Z" level=info msg="check completed" check=HasUniqueTag result=PASSED time="2026-04-19T13:57:09Z" level=info msg="check completed" check=LayerCountAcceptable result=PASSED time="2026-04-19T13:57:09Z" level=info msg="check completed" check=HasNoProhibitedPackages err="unable to get a list of all packages in the image: could not get rpm list: could not find rpm db/packages: stat /tmp/preflight-888752448/fs/usr/lib/sysimage/rpm/rpmdb.sqlite: no such file or directory\nstat /tmp/preflight-888752448/fs/var/lib/rpm/rpmdb.sqlite: no such file or directory\nstat /tmp/preflight-888752448/fs/var/lib/rpm/Packages: no such file or directory" result=ERROR time="2026-04-19T13:57:09Z" level=info msg="check completed" check=HasRequiredLabel result=FAILED time="2026-04-19T13:57:09Z" level=info msg="detected empty USER. Presumed to be running as root" check=RunAsNonRoot time="2026-04-19T13:57:09Z" level=info msg="USER value must be provided and be a non-root value for this check to pass" check=RunAsNonRoot time="2026-04-19T13:57:09Z" level=info msg="check completed" check=RunAsNonRoot result=FAILED time="2026-04-19T13:57:12Z" level=info msg="check completed" check=HasModifiedFiles result=PASSED time="2026-04-19T13:57:13Z" level=info msg="check completed" check=BasedOnUbi result=FAILED time="2026-04-19T13:57:13Z" level=info msg="This image's tag on-pr-d981b3febb34efc636b69c342ae5be53aa224b90 will be paired with digest sha256:707fe2d1b91e82dce021bea30fc8af5a2e2be21f3a62422b184d4c8e47306d37 once this image has been published in accordance with Red Hat Certification policy. You may then add or remove any supplemental tags through your Red Hat Connect portal as you see fit." { "image": "quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu:on-pr-d981b3febb34efc636b69c342ae5be53aa224b90", "passed": false, "test_library": { "name": "github.com/redhat-openshift-ecosystem/openshift-preflight", "version": "1.17.1", "commit": "f7de82ae1c76e6c10ea94967d6b6a66f96248cbe" }, "results": { "passed": [ { "name": "HasUniqueTag", "elapsed_time": 0, "description": "Checking if container has a tag other than 'latest', so that the image can be uniquely identified." }, { "name": "LayerCountAcceptable", "elapsed_time": 0, "description": "Checking if container has less than 40 layers. Too many layers within the container images can degrade container performance." }, { "name": "HasModifiedFiles", "elapsed_time": 3782, "description": "Checks that no files installed via RPM in the base Red Hat layer have been modified" } ], "failed": [ { "name": "HasLicense", "elapsed_time": 0, "description": "Checking if terms and conditions applicable to the software including open source licensing information are present. The license must be at /licenses", "help": "Check HasLicense encountered an error. Please review the preflight.log file for more information.", "suggestion": "Create a directory named /licenses and include all relevant licensing and/or terms and conditions as text file(s) in that directory.", "knowledgebase_url": "https://access.redhat.com/documentation/en-us/red_hat_software_certification/2024/html-single/red_hat_openshift_software_certification_policy_guide/index#assembly-requirements-for-container-images_openshift-sw-cert-policy-introduction", "check_url": "https://access.redhat.com/documentation/en-us/red_hat_software_certification/2024/html-single/red_hat_openshift_software_certification_policy_guide/index#assembly-requirements-for-container-images_openshift-sw-cert-policy-introduction" }, { "name": "HasRequiredLabel", "elapsed_time": 0, "description": "Checking if the required labels (name, vendor, version, release, summary, description, maintainer) are present in the container metadata", "help": "Check HasRequiredLabel encountered an error. Please review the preflight.log file for more information.", "suggestion": "Add the following labels to your Dockerfile or Containerfile: name, vendor, version, release, summary, description, maintainer.", "knowledgebase_url": "https://access.redhat.com/documentation/en-us/red_hat_software_certification/2024/html-single/red_hat_openshift_software_certification_policy_guide/index#assembly-requirements-for-container-images_openshift-sw-cert-policy-introduction", "check_url": "https://access.redhat.com/documentation/en-us/red_hat_software_certification/2024/html-single/red_hat_openshift_software_certification_policy_guide/index#assembly-requirements-for-container-images_openshift-sw-cert-policy-introduction" }, { "name": "RunAsNonRoot", "elapsed_time": 0, "description": "Checking if container runs as the root user because a container that does not specify a non-root user will fail the automatic certification, and will be subject to a manual review before the container can be approved for publication", "help": "Check RunAsNonRoot encountered an error. Please review the preflight.log file for more information.", "suggestion": "Indicate a specific USER in the dockerfile or containerfile", "knowledgebase_url": "https://access.redhat.com/documentation/en-us/red_hat_software_certification/2024/html-single/red_hat_openshift_software_certification_policy_guide/index#assembly-requirements-for-container-images_openshift-sw-cert-policy-introduction", "check_url": "https://access.redhat.com/documentation/en-us/red_hat_software_certification/2024/html-single/red_hat_openshift_software_certification_policy_guide/index#assembly-requirements-for-container-images_openshift-sw-cert-policy-introduction" }, { "name": "BasedOnUbi", "elapsed_time": 115, "description": "Checking if the container's base image is based upon the Red Hat Universal Base Image (UBI)", "help": "Check BasedOnUbi encountered an error. Please review the preflight.log file for more information.", "suggestion": "Change the FROM directive in your Dockerfile or Containerfile, for the latest list of images and details refer to: https://catalog.redhat.com/software/base-images", "knowledgebase_url": "https://access.redhat.com/documentation/en-us/red_hat_software_certification/2024/html-single/red_hat_openshift_software_certification_policy_guide/index#assembly-requirements-for-container-images_openshift-sw-cert-policy-introduction", "check_url": "https://access.redhat.com/documentation/en-us/red_hat_software_certification/2024/html-single/red_hat_openshift_software_certification_policy_guide/index#assembly-requirements-for-container-images_openshift-sw-cert-policy-introduction" } ], "errors": [ { "name": "HasNoProhibitedPackages", "elapsed_time": 0, "description": "Checks to ensure that the image in use does not include prohibited packages, such as Red Hat Enterprise Linux (RHEL) kernel packages.", "help": "Check HasNoProhibitedPackages encountered an error. Please review the preflight.log file for more information." } ] } } time="2026-04-19T13:57:13Z" level=info msg="Preflight result: FAILED" pod: test-comp-yssu-on-pull-requf42331553f29cbc37069447770eae8bc-pod | container step-app-set-outcome: {"result":"ERROR","timestamp":"1776607033","note":"Task preflight is a ERROR: Refer to Tekton task logs for more information","successes":3,"failures":4,"warnings":0}[retry] executing: skopeo inspect --raw --retry-times 3 docker://quay.io/redhat-appstudio-qe/build-e2e-kzwe/test-comp-yssu:on-pr-d981b3febb34efc636b69c342ae5be53aa224b90 pod: test-comp-yssu-on-pull-requf42331553f29cbc37069447770eae8bc-pod | container step-final-outcome: + [[ ! -f /mount/konflux.results.json ]] + tee /tekton/steps/step-final-outcome/results/test-output {"result":"ERROR","timestamp":"1776607033","note":"Task preflight is a ERROR: Refer to Tekton task logs for more information","successes":3,"failures":4,"warnings":0}New PipelineRun test-comp-yssu-on-pull-request-dl46g found after retrigger for component build-e2e-kzwe/test-comp-yssu PipelineRun test-comp-yssu-on-pull-request-dl46g found for Component build-e2e-kzwe/test-comp-yssu PipelineRun test-comp-yssu-on-pull-request-dl46g reason: ResolvingTaskRef PipelineRun test-comp-yssu-on-pull-request-dl46g reason: Running PipelineRun test-comp-yssu-on-pull-request-dl46g reason: Running PipelineRun test-comp-yssu-on-pull-request-dl46g reason: Running PipelineRun test-comp-yssu-on-pull-request-dl46g reason: Running PipelineRun test-comp-yssu-on-pull-request-dl46g reason: Running PipelineRun test-comp-yssu-on-pull-request-dl46g reason: Running PipelineRun test-comp-yssu-on-pull-request-dl46g reason: Running PipelineRun test-comp-yssu-on-pull-request-dl46g reason: Completed < Exit [It] should eventually finish successfully for component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic and Pipeline docker-build-oci-ta - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:356 @ 04/19/26 14:07:57.329 (2m56.218s) > Enter [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:07:57.329 < Exit [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:07:57.329 (0s) > Enter [It] should push Dockerfile to registry - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:366 @ 04/19/26 14:07:57.33 < Exit [It] should push Dockerfile to registry - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:366 @ 04/19/26 14:08:01.331 (4.001s) > Enter [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:08:01.332 < Exit [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:08:01.332 (0s) > Enter [It] floating tags are created successfully - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:378 @ 04/19/26 14:08:01.332 [SKIPPED] floating tag validation is not needed for: https://github.com/redhat-appstudio-qe/devfile-sample-python-basic In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:380 @ 04/19/26 14:08:01.332 < Exit [It] floating tags are created successfully - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:378 @ 04/19/26 14:08:01.332 (0s) > Enter [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:08:01.332 < Exit [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:08:01.332 (0s) > Enter [It] image manifest mediaType is correct - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:395 @ 04/19/26 14:08:01.333 < Exit [It] image manifest mediaType is correct - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:395 @ 04/19/26 14:08:01.654 (322ms) > Enter [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:08:01.655 < Exit [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:08:01.655 (0s) > Enter [It] check for source images if enabled in pipeline - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:420 @ 04/19/26 14:08:01.655 Source build is enabled: false [SKIPPED] Skipping source image check since it is not enabled in the pipeline In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:440 @ 04/19/26 14:08:01.674 < Exit [It] check for source images if enabled in pipeline - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:420 @ 04/19/26 14:08:01.674 (19ms) > Enter [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:08:01.675 < Exit [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:08:01.675 (0s) > Enter [BeforeAll] when Pipeline Results are stored for component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic and Pipeline docker-build-oci-ta - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:477 @ 04/19/26 14:08:01.675 < Exit [BeforeAll] when Pipeline Results are stored for component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic and Pipeline docker-build-oci-ta - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:477 @ 04/19/26 14:08:01.77 (95ms) > Enter [It] should have Pipeline Records - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:498 @ 04/19/26 14:08:01.771 records for PipelineRun test-comp-yssu-on-pull-request-dl46g: &{[{build-e2e-kzwe/results/e9e93110-25fd-424b-baa6-27b5e76fe4d0/records/6dd7ae19-1d7f-4991-be26-bb6094935d27 0225e839-49b5-4212-b0c8-399c1a8931b7 0225e839-49b5-4212-b0c8-399c1a8931b7} {build-e2e-kzwe/results/e9e93110-25fd-424b-baa6-27b5e76fe4d0/records/c6b62e44-7c8e-4c0b-8ab6-989c8b404720 14b739a3-59f2-4ce1-858f-728f751236ac 14b739a3-59f2-4ce1-858f-728f751236ac} {build-e2e-kzwe/results/e9e93110-25fd-424b-baa6-27b5e76fe4d0/records/d20075d6-a48f-4bf7-9ed1-355d6c0081f3 227a4549-5bd8-40a7-8459-f370fa64270e 227a4549-5bd8-40a7-8459-f370fa64270e} {build-e2e-kzwe/results/e9e93110-25fd-424b-baa6-27b5e76fe4d0/records/8c3dc504-764b-4544-b1e8-58c60e0ba280 22da7ea6-036c-4e85-86d0-fab01f94aee2 22da7ea6-036c-4e85-86d0-fab01f94aee2} {build-e2e-kzwe/results/e9e93110-25fd-424b-baa6-27b5e76fe4d0/records/f0819b27-d015-4b9f-bbe8-80f0a02e738d 2a4415b1-c691-443f-9f58-0d3e0c67dc6a 2a4415b1-c691-443f-9f58-0d3e0c67dc6a} {build-e2e-kzwe/results/e9e93110-25fd-424b-baa6-27b5e76fe4d0/records/37e3b80d-9e88-405d-9381-8396897e7a8b 3e806c35-2315-4aba-b84c-fefe58af871a 3e806c35-2315-4aba-b84c-fefe58af871a} {build-e2e-kzwe/results/e9e93110-25fd-424b-baa6-27b5e76fe4d0/records/22840626-ed49-4fb5-907f-9a36262f3a3a 7279775f-9545-45da-89f7-4ced1c503d55 7279775f-9545-45da-89f7-4ced1c503d55} {build-e2e-kzwe/results/e9e93110-25fd-424b-baa6-27b5e76fe4d0/records/e9e93110-25fd-424b-baa6-27b5e76fe4d0 8b6cb7f3-ac57-402d-bf95-84bbbe92ce57 8b6cb7f3-ac57-402d-bf95-84bbbe92ce57} {build-e2e-kzwe/results/e9e93110-25fd-424b-baa6-27b5e76fe4d0/records/20923876-c8d1-412c-9386-5c614797d629 9249bfaa-a223-4ad4-ba94-24cec63874ed 9249bfaa-a223-4ad4-ba94-24cec63874ed} {build-e2e-kzwe/results/e9e93110-25fd-424b-baa6-27b5e76fe4d0/records/b94825f1-1587-4b77-847e-80454138b359 93956346-166b-4a89-8b03-57b09d81d9e3 93956346-166b-4a89-8b03-57b09d81d9e3} {build-e2e-kzwe/results/e9e93110-25fd-424b-baa6-27b5e76fe4d0/records/f32676e5-90f9-43ed-a54a-3e75caff078c 9c934e9f-70a1-4eba-a51d-ff0698285ed6 9c934e9f-70a1-4eba-a51d-ff0698285ed6} {build-e2e-kzwe/results/e9e93110-25fd-424b-baa6-27b5e76fe4d0/records/ed23037d-974b-4988-a102-5114f4825aa8 a1d130ca-12b7-4a2f-97f9-e26ef9a3ab5b a1d130ca-12b7-4a2f-97f9-e26ef9a3ab5b} {build-e2e-kzwe/results/e9e93110-25fd-424b-baa6-27b5e76fe4d0/records/5cde2ee3-5f31-463c-bdde-123f13e21061 e2e0cf95-19fd-486b-b764-2214d6caefc8 e2e0cf95-19fd-486b-b764-2214d6caefc8} {build-e2e-kzwe/results/e9e93110-25fd-424b-baa6-27b5e76fe4d0/records/6f1fdc5c-ab49-477c-8265-4c11e0a9bd04 f25fed59-e007-40f9-a31f-52a675dd2a8b f25fed59-e007-40f9-a31f-52a675dd2a8b} {build-e2e-kzwe/results/e9e93110-25fd-424b-baa6-27b5e76fe4d0/records/e3c2d0e9-09dd-4400-a4b3-9409b09fdd02 f7badb03-6b6f-4722-af1f-16592a3f7d36 f7badb03-6b6f-4722-af1f-16592a3f7d36}]} < Exit [It] should have Pipeline Records - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:498 @ 04/19/26 14:08:01.85 (79ms) > Enter [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:08:01.85 < Exit [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:08:01.85 (0s) > Enter [It] should validate tekton taskrun test results for component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic and Pipeline docker-build-oci-ta - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:540 @ 04/19/26 14:08:01.851 < Exit [It] should validate tekton taskrun test results for component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic and Pipeline docker-build-oci-ta - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:540 @ 04/19/26 14:08:02.026 (174ms) > Enter [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:08:02.026 < Exit [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:08:02.026 (0s) > Enter [BeforeAll] when the container image for component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic is created and pushed to container registry - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:550 @ 04/19/26 14:08:02.027 < Exit [BeforeAll] when the container image for component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic is created and pushed to container registry - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:550 @ 04/19/26 14:08:02.05 (22ms) > Enter [It] should have Hermeto content in the SBOM in case the build was hermetic - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:661 @ 04/19/26 14:08:02.05 [SKIPPED] Hermetic build is not enabled, skipping the test In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:663 @ 04/19/26 14:08:02.05 < Exit [It] should have Hermeto content in the SBOM in case the build was hermetic - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:661 @ 04/19/26 14:08:02.05 (0s) > Enter [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:08:02.05 < Exit [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:08:02.05 (0s) > Enter [It] pipelineRun should fail for symlink component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic with component name test-symlink-comp-fbve - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:816 @ 04/19/26 14:08:02.051 PipelineRun test-symlink-comp-fbve-on-pull-request-6s69w found for Component build-e2e-kzwe/test-symlink-comp-fbve PipelineRun test-symlink-comp-fbve-on-pull-request-6s69w reason: Failed attempt 1/1: PipelineRun "test-symlink-comp-fbve-on-pull-request-6s69w" failed: pod: test-symlink-comp-fbve-on-p8b9e81beb80dd51301f43e6e1df8a5c2-pod | init container: prepare 2026/04/19 13:53:13 Entrypoint initialization pod: test-symlink-comp-fbve-on-p8b9e81beb80dd51301f43e6e1df8a5c2-pod | init container: place-scripts 2026/04/19 13:53:14 Decoded script /tekton/scripts/script-0-tp7km 2026/04/19 13:53:14 Decoded script /tekton/scripts/script-1-cc5r4 pod: test-symlink-comp-fbve-on-p8b9e81beb80dd51301f43e6e1df8a5c2-pod | container step-clone: INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt {"level":"info","ts":1776606797.165688,"caller":"git/git.go:394","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1776606797.3760977,"caller":"git/git.go:223","msg":"Successfully cloned https://github.com/redhat-appstudio-qe/devfile-sample-python-basic @ 02147b8f9bff5260b72c35a7fc394ff4e9499cfc (grafted, HEAD) in path /workspace/output/source"} {"level":"info","ts":1776606797.376155,"caller":"git/git.go:394","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1776606797.4016745,"caller":"git/git.go:277","msg":"Successfully initialized and updated submodules in path /workspace/output/source"} Merge option disabled. Using checked-out revision 02147b8f9bff5260b72c35a7fc394ff4e9499cfc directly. pod: test-symlink-comp-fbve-on-p8b9e81beb80dd51301f43e6e1df8a5c2-pod | container step-symlink-check: Running symlink check The cloned repository contains symlink pointing outside of the cloned repository: /workspace/output/source/os-release-symlink pod: test-symlink-comp-fbve-on-pull-request-6s69w-init-pod | init container: prepare 2026/04/19 13:53:05 Entrypoint initialization pod: test-symlink-comp-fbve-on-pull-request-6s69w-init-pod | container step-init: time="2026-04-19T13:53:08Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-19T13:53:08Z" level=info msg="[param] enable: false" time="2026-04-19T13:53:08Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-19T13:53:08Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-19T13:53:08Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-19T13:53:08Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-19T13:53:08Z" level=info msg="Cache proxy is disabled in param or in backend" time="2026-04-19T13:53:08Z" level=info msg="[result] HTTP PROXY: " time="2026-04-19T13:53:08Z" level=info msg="[result] NO PROXY: " < Exit [It] pipelineRun should fail for symlink component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic with component name test-symlink-comp-fbve - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:816 @ 04/19/26 14:08:02.642 (591ms) > Enter [AfterAll] HACBS pipelines - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:271 @ 04/19/26 14:08:02.642 < Exit [AfterAll] HACBS pipelines - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:271 @ 04/19/26 14:08:12.336 (9.693s) > Enter [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:08:12.336 < Exit [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.Z3cR7n2baf/tests/build/build_templates.go:207 @ 04/19/26 14:08:12.336 (0s) > Enter [BeforeAll] PaC component build - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:55 @ 04/19/26 13:50:24.272 < Exit [BeforeAll] PaC component build - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:55 @ 04/19/26 13:50:35.859 (11.587s) > Enter [BeforeAll] when a new component without specified branch is created and with visibility private - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:118 @ 04/19/26 13:50:35.859 Image repository for component gh-test-custom-default-yuxsbr in namespace build-e2e-jmdj do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Image repository for component gh-test-custom-default-yuxsbr in namespace build-e2e-jmdj do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Image repository for component gh-test-custom-default-yuxsbr in namespace build-e2e-jmdj do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. < Exit [BeforeAll] when a new component without specified branch is created and with visibility private - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:118 @ 04/19/26 13:51:15.927 (40.068s) > Enter [It] correctly targets the default branch (that is not named 'main') with PaC - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:137 @ 04/19/26 13:51:15.927 < Exit [It] correctly targets the default branch (that is not named 'main') with PaC - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:137 @ 04/19/26 13:51:46.95 (31.023s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:51:46.951 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:51:46.951 (0s) > Enter [It] workspace parameter is set correctly in PaC repository CR - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:154 @ 04/19/26 13:51:46.951 < Exit [It] workspace parameter is set correctly in PaC repository CR - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:154 @ 04/19/26 13:51:46.971 (19ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:51:46.971 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:51:46.971 (0s) > Enter [It] triggers a PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:177 @ 04/19/26 13:51:46.971 < Exit [It] triggers a PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:177 @ 04/19/26 13:51:46.99 (19ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:51:46.99 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:51:46.99 (0s) > Enter [It] build pipeline uses the correct serviceAccount - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:192 @ 04/19/26 13:51:46.991 < Exit [It] build pipeline uses the correct serviceAccount - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:192 @ 04/19/26 13:51:46.991 (0s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:51:46.991 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:51:46.991 (0s) > Enter [It] component build status is set correctly - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:196 @ 04/19/26 13:51:46.991 build status annotation value: {"pac":{"state":"enabled","merge-url":"https://github.com/redhat-appstudio-qe/devfile-sample-hello-world-lnkvwg/pull/1","configuration-time":"Sun, 19 Apr 2026 13:51:42 UTC"},"message":"done"} state: enabled mergeUrl: https://github.com/redhat-appstudio-qe/devfile-sample-hello-world-lnkvwg/pull/1 errId: 0 errMessage: configurationTime: Sun, 19 Apr 2026 13:51:42 UTC < Exit [It] component build status is set correctly - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:196 @ 04/19/26 13:51:47.009 (17ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:51:47.009 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:51:47.009 (0s) > Enter [It] image repo and robot account created successfully - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:226 @ 04/19/26 13:51:47.01 < Exit [It] image repo and robot account created successfully - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:226 @ 04/19/26 13:51:47.975 (966ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:51:47.975 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:51:47.975 (0s) > Enter [It] created image repo is private - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:244 @ 04/19/26 13:51:47.976 < Exit [It] created image repo is private - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:244 @ 04/19/26 13:51:48.257 (281ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:51:48.257 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:51:48.257 (0s) > Enter [It] a related PipelineRun should be deleted after deleting the component - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:250 @ 04/19/26 13:51:48.258 < Exit [It] a related PipelineRun should be deleted after deleting the component - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:250 @ 04/19/26 13:51:59.29 (11.032s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:51:59.291 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:51:59.291 (0s) > Enter [It] PR branch should not exist in the repo - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:266 @ 04/19/26 13:51:59.291 < Exit [It] PR branch should not exist in the repo - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:266 @ 04/19/26 13:52:00.561 (1.27s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:52:00.561 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:52:00.561 (0s) > Enter [It] related image repo and the robot account should be deleted after deleting the component - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:279 @ 04/19/26 13:52:00.562 < Exit [It] related image repo and the robot account should be deleted after deleting the component - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:279 @ 04/19/26 13:52:11.857 (11.295s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:52:11.858 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:52:11.858 (0s) > Enter [BeforeAll] when a new Component with specified custom branch is created - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:307 @ 04/19/26 13:52:11.858 < Exit [BeforeAll] when a new Component with specified custom branch is created - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:307 @ 04/19/26 13:52:21.923 (10.065s) > Enter [It] triggers a PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:333 @ 04/19/26 13:52:21.923 PipelineRun has not been created yet for the component build-e2e-jmdj/gh-test-custom-branch-qugrbg PipelineRun has not been created yet for the component build-e2e-jmdj/gh-test-custom-branch-qugrbg < Exit [It] triggers a PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:333 @ 04/19/26 13:53:01.964 (40.041s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:53:01.964 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:53:01.964 (0s) > Enter [It] should lead to a PaC init PR creation - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:348 @ 04/19/26 13:53:01.965 < Exit [It] should lead to a PaC init PR creation - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:348 @ 04/19/26 13:53:02.181 (216ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:53:02.182 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:53:02.182 (0s) > Enter [It] the PipelineRun should eventually finish successfully - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:366 @ 04/19/26 13:53:02.182 PipelineRun gh-test-custom-branch-qugrbg-on-pull-request-94n7m found for Component build-e2e-jmdj/gh-test-custom-branch-qugrbg PipelineRun gh-test-custom-branch-qugrbg-on-pull-request-94n7m reason: ResolvingTaskRef PipelineRun gh-test-custom-branch-qugrbg-on-pull-request-94n7m reason: Running PipelineRun gh-test-custom-branch-qugrbg-on-pull-request-94n7m reason: Running PipelineRun gh-test-custom-branch-qugrbg-on-pull-request-94n7m reason: Running PipelineRun gh-test-custom-branch-qugrbg-on-pull-request-94n7m reason: Running PipelineRun gh-test-custom-branch-qugrbg-on-pull-request-94n7m reason: Running PipelineRun gh-test-custom-branch-qugrbg-on-pull-request-94n7m reason: Running PipelineRun gh-test-custom-branch-qugrbg-on-pull-request-94n7m reason: Running PipelineRun gh-test-custom-branch-qugrbg-on-pull-request-94n7m reason: Running PipelineRun gh-test-custom-branch-qugrbg-on-pull-request-94n7m reason: Running PipelineRun gh-test-custom-branch-qugrbg-on-pull-request-94n7m reason: Running PipelineRun gh-test-custom-branch-qugrbg-on-pull-request-94n7m reason: Running PipelineRun gh-test-custom-branch-qugrbg-on-pull-request-94n7m reason: Running PipelineRun gh-test-custom-branch-qugrbg-on-pull-request-94n7m reason: Running PipelineRun gh-test-custom-branch-qugrbg-on-pull-request-94n7m reason: Running PipelineRun gh-test-custom-branch-qugrbg-on-pull-request-94n7m reason: Running PipelineRun gh-test-custom-branch-qugrbg-on-pull-request-94n7m reason: Running PipelineRun gh-test-custom-branch-qugrbg-on-pull-request-94n7m reason: Running PipelineRun gh-test-custom-branch-qugrbg-on-pull-request-94n7m reason: Running PipelineRun gh-test-custom-branch-qugrbg-on-pull-request-94n7m reason: Running PipelineRun gh-test-custom-branch-qugrbg-on-pull-request-94n7m reason: Running PipelineRun gh-test-custom-branch-qugrbg-on-pull-request-94n7m reason: Running PipelineRun gh-test-custom-branch-qugrbg-on-pull-request-94n7m reason: Completed < Exit [It] the PipelineRun should eventually finish successfully - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:366 @ 04/19/26 14:00:22.207 (7m20.025s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:00:22.207 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:00:22.207 (0s) > Enter [It] image repo and robot account created successfully - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:372 @ 04/19/26 14:00:22.208 < Exit [It] image repo and robot account created successfully - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:372 @ 04/19/26 14:00:23.264 (1.056s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:00:23.264 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:00:23.264 (0s) > Enter [It] floating tags are created successfully - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:391 @ 04/19/26 14:00:23.265 < Exit [It] floating tags are created successfully - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:391 @ 04/19/26 14:00:23.942 (677ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:00:23.942 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:00:23.942 (0s) > Enter [It] created image repo is public - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:404 @ 04/19/26 14:00:23.943 < Exit [It] created image repo is public - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:404 @ 04/19/26 14:00:24.216 (273ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:00:24.216 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:00:24.216 (0s) > Enter [It] image tag is updated successfully - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:410 @ 04/19/26 14:00:24.217 Image tag quay.io/redhat-appstudio-qe/build-e2e-jmdj/gh-test-custom-branch-qugrbg:on-pr-4fcddc0551f87f522f5bd920135dd7657fc56207 successfully found in Quay < Exit [It] image tag is updated successfully - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:410 @ 04/19/26 14:00:24.658 (441ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:00:24.658 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:00:24.658 (0s) > Enter [It] should ensure pruning labels are set - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:439 @ 04/19/26 14:00:24.659 < Exit [It] should ensure pruning labels are set - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:439 @ 04/19/26 14:00:25.063 (404ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:00:25.063 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:00:25.063 (0s) > Enter [It] eventually leads to the PipelineRun status report at Checks tab - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:453 @ 04/19/26 14:00:25.064 < Exit [It] eventually leads to the PipelineRun status report at Checks tab - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:453 @ 04/19/26 14:00:25.398 (334ms) > Enter [AfterAll] when a new Component with specified custom branch is created - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:325 @ 04/19/26 14:00:25.398 < Exit [AfterAll] when a new Component with specified custom branch is created - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:325 @ 04/19/26 14:00:25.462 (64ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:00:25.463 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:00:25.463 (0s) > Enter [BeforeAll] when the PaC init branch is updated - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:468 @ 04/19/26 14:00:25.463 created file sha: 0b2a9f3a13f1b6978a4653f54806d2eacb71148e < Exit [BeforeAll] when the PaC init branch is updated - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:468 @ 04/19/26 14:00:25.997 (534ms) > Enter [It] eventually leads to triggering another PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:478 @ 04/19/26 14:00:25.997 PipelineRun has not been created yet for the component build-e2e-jmdj/gh-test-custom-branch-qugrbg < Exit [It] eventually leads to triggering another PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:478 @ 04/19/26 14:00:46.026 (20.029s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:00:46.026 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:00:46.026 (0s) > Enter [It] should lead to a PaC init PR update - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:493 @ 04/19/26 14:00:46.027 < Exit [It] should lead to a PaC init PR update - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:493 @ 04/19/26 14:00:46.243 (216ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:00:46.243 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:00:46.243 (0s) > Enter [It] PipelineRun should eventually finish - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:512 @ 04/19/26 14:00:46.244 PipelineRun gh-test-custom-branch-qugrbg-on-pull-request-qrjvl found for Component build-e2e-jmdj/gh-test-custom-branch-qugrbg PipelineRun gh-test-custom-branch-qugrbg-on-pull-request-qrjvl reason: Running PipelineRun gh-test-custom-branch-qugrbg-on-pull-request-qrjvl reason: Running PipelineRun gh-test-custom-branch-qugrbg-on-pull-request-qrjvl reason: Running PipelineRun gh-test-custom-branch-qugrbg-on-pull-request-qrjvl reason: Running PipelineRun gh-test-custom-branch-qugrbg-on-pull-request-qrjvl reason: Running PipelineRun gh-test-custom-branch-qugrbg-on-pull-request-qrjvl reason: Running PipelineRun gh-test-custom-branch-qugrbg-on-pull-request-qrjvl reason: Completed < Exit [It] PipelineRun should eventually finish - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:512 @ 04/19/26 14:02:46.258 (2m0.014s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:02:46.258 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:02:46.258 (0s) > Enter [It] eventually leads to another update of a PR about the PipelineRun status report at Checks tab - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:518 @ 04/19/26 14:02:46.259 < Exit [It] eventually leads to another update of a PR about the PipelineRun status report at Checks tab - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:518 @ 04/19/26 14:02:46.65 (391ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:02:46.65 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:02:46.65 (0s) > Enter [BeforeAll] when the PaC init branch is merged - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:534 @ 04/19/26 14:02:46.651 merged result sha: 8bcc71e0c63b573e9371db848df6fcb6b33379b9 < Exit [BeforeAll] when the PaC init branch is merged - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:534 @ 04/19/26 14:02:48.233 (1.582s) > Enter [It] eventually leads to triggering another PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:544 @ 04/19/26 14:02:48.233 PipelineRun has not been created yet for the component build-e2e-jmdj/gh-test-custom-branch-qugrbg < Exit [It] eventually leads to triggering another PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:544 @ 04/19/26 14:03:08.428 (20.195s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:03:08.428 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:03:08.428 (0s) > Enter [It] pipelineRun should eventually finish - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:560 @ 04/19/26 14:03:08.429 PipelineRun gh-test-custom-branch-qugrbg-on-push-smr7b found for Component build-e2e-jmdj/gh-test-custom-branch-qugrbg PipelineRun gh-test-custom-branch-qugrbg-on-push-smr7b reason: Running PipelineRun gh-test-custom-branch-qugrbg-on-push-smr7b reason: Running PipelineRun gh-test-custom-branch-qugrbg-on-push-smr7b reason: Running PipelineRun gh-test-custom-branch-qugrbg-on-push-smr7b reason: Running PipelineRun gh-test-custom-branch-qugrbg-on-push-smr7b reason: Running PipelineRun gh-test-custom-branch-qugrbg-on-push-smr7b reason: Running PipelineRun gh-test-custom-branch-qugrbg-on-push-smr7b reason: Running PipelineRun gh-test-custom-branch-qugrbg-on-push-smr7b reason: Running PipelineRun gh-test-custom-branch-qugrbg-on-push-smr7b reason: Running PipelineRun gh-test-custom-branch-qugrbg-on-push-smr7b reason: Completed < Exit [It] pipelineRun should eventually finish - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:560 @ 04/19/26 14:06:08.441 (3m0.012s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:06:08.441 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:06:08.441 (0s) > Enter [It] does not have expiration set - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:566 @ 04/19/26 14:06:08.442 < Exit [It] does not have expiration set - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:566 @ 04/19/26 14:06:08.8 (358ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:06:08.8 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:06:08.8 (0s) > Enter [It] After updating image visibility to private, it should not trigger another PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:578 @ 04/19/26 14:06:08.801 waiting for one minute and expecting to not trigger a PipelineRun < Exit [It] After updating image visibility to private, it should not trigger another PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:578 @ 04/19/26 14:08:10.596 (2m1.795s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:08:10.596 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:08:10.596 (0s) > Enter [It] image repo is updated to private - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:609 @ 04/19/26 14:08:10.597 < Exit [It] image repo is updated to private - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:609 @ 04/19/26 14:08:10.988 (391ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:08:10.988 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:08:10.988 (0s) > Enter [BeforeAll] when the component is removed and recreated (with the same name in the same namespace) - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:664 @ 04/19/26 14:08:10.989 < Exit [BeforeAll] when the component is removed and recreated (with the same name in the same namespace) - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:664 @ 04/19/26 14:08:20.871 (9.882s) > Enter [BeforeAll] when the component is removed and recreated (with the same name in the same namespace) - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:693 @ 04/19/26 14:08:20.871 < Exit [BeforeAll] when the component is removed and recreated (with the same name in the same namespace) - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:693 @ 04/19/26 14:08:30.9 (10.029s) > Enter [It] should no longer lead to a creation of a PaC PR - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:729 @ 04/19/26 14:08:30.9 < Exit [It] should no longer lead to a creation of a PaC PR - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:729 @ 04/19/26 14:08:40.901 (10s) > Enter [AfterAll] when the component is removed and recreated (with the same name in the same namespace) - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:711 @ 04/19/26 14:08:40.901 Found purge PR with id: 3 < Exit [AfterAll] when the component is removed and recreated (with the same name in the same namespace) - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:711 @ 04/19/26 14:08:41.066 (165ms) > Enter [AfterAll] PaC component build - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:102 @ 04/19/26 14:08:41.066 < Exit [AfterAll] PaC component build - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:102 @ 04/19/26 14:08:43.63 (2.564s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:08:43.63 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:08:43.63 (0s) > Enter [BeforeAll] PaC component build - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:55 @ 04/19/26 13:50:24.275 < Exit [BeforeAll] PaC component build - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:55 @ 04/19/26 13:50:44.774 (20.498s) > Enter [BeforeAll] when a new component without specified branch is created and with visibility private - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:118 @ 04/19/26 13:50:44.774 Image repository for component gl-test-custom-default-ilskqg in namespace build-e2e-twtw do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Image repository for component gl-test-custom-default-ilskqg in namespace build-e2e-twtw do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Image repository for component gl-test-custom-default-ilskqg in namespace build-e2e-twtw do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Image repository for component gl-test-custom-default-ilskqg in namespace build-e2e-twtw do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. < Exit [BeforeAll] when a new component without specified branch is created and with visibility private - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:118 @ 04/19/26 13:51:34.834 (50.06s) > Enter [It] correctly targets the default branch (that is not named 'main') with PaC - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:137 @ 04/19/26 13:51:34.834 < Exit [It] correctly targets the default branch (that is not named 'main') with PaC - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:137 @ 04/19/26 13:52:00.784 (25.95s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:52:00.784 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:52:00.784 (0s) > Enter [It] workspace parameter is set correctly in PaC repository CR - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:154 @ 04/19/26 13:52:00.785 < Exit [It] workspace parameter is set correctly in PaC repository CR - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:154 @ 04/19/26 13:52:00.814 (30ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:52:00.815 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:52:00.815 (0s) > Enter [It] triggers a PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:177 @ 04/19/26 13:52:00.815 < Exit [It] triggers a PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:177 @ 04/19/26 13:52:20.881 (20.066s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:52:20.881 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:52:20.881 (0s) > Enter [It] build pipeline uses the correct serviceAccount - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:192 @ 04/19/26 13:52:20.881 < Exit [It] build pipeline uses the correct serviceAccount - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:192 @ 04/19/26 13:52:20.881 (0s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:52:20.882 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:52:20.882 (0s) > Enter [It] component build status is set correctly - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:196 @ 04/19/26 13:52:20.883 build status annotation value: {"pac":{"state":"enabled","merge-url":"https://gitlab.com/konflux-qe/devfile-sample-hello-world-xaesnp/-/merge_requests/1","configuration-time":"Sun, 19 Apr 2026 13:51:56 UTC"},"message":"done"} state: enabled mergeUrl: https://gitlab.com/konflux-qe/devfile-sample-hello-world-xaesnp/-/merge_requests/1 errId: 0 errMessage: configurationTime: Sun, 19 Apr 2026 13:51:56 UTC < Exit [It] component build status is set correctly - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:196 @ 04/19/26 13:52:20.907 (24ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:52:20.907 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:52:20.907 (0s) > Enter [It] image repo and robot account created successfully - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:226 @ 04/19/26 13:52:20.908 < Exit [It] image repo and robot account created successfully - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:226 @ 04/19/26 13:52:21.897 (989ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:52:21.897 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:52:21.897 (0s) > Enter [It] created image repo is private - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:244 @ 04/19/26 13:52:21.898 < Exit [It] created image repo is private - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:244 @ 04/19/26 13:52:22.187 (289ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:52:22.187 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:52:22.187 (0s) > Enter [It] a related PipelineRun should be deleted after deleting the component - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:250 @ 04/19/26 13:52:22.188 < Exit [It] a related PipelineRun should be deleted after deleting the component - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:250 @ 04/19/26 13:53:24.408 (1m2.221s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:53:24.409 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:53:24.409 (0s) > Enter [It] PR branch should not exist in the repo - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:266 @ 04/19/26 13:53:24.409 < Exit [It] PR branch should not exist in the repo - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:266 @ 04/19/26 13:53:24.533 (124ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:53:24.533 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:53:24.533 (0s) > Enter [It] related image repo and the robot account should be deleted after deleting the component - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:279 @ 04/19/26 13:53:24.534 < Exit [It] related image repo and the robot account should be deleted after deleting the component - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:279 @ 04/19/26 13:53:25.463 (928ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:53:25.463 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:53:25.463 (0s) > Enter [BeforeAll] when a new Component with specified custom branch is created - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:307 @ 04/19/26 13:53:25.464 < Exit [BeforeAll] when a new Component with specified custom branch is created - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:307 @ 04/19/26 13:53:35.496 (10.032s) > Enter [It] triggers a PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:333 @ 04/19/26 13:53:35.496 PipelineRun has not been created yet for the component build-e2e-twtw/gl-test-custom-branch-vujjft < Exit [It] triggers a PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:333 @ 04/19/26 13:53:55.522 (20.026s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:53:55.523 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:53:55.523 (0s) > Enter [It] should lead to a PaC init PR creation - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:348 @ 04/19/26 13:53:55.523 < Exit [It] should lead to a PaC init PR creation - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:348 @ 04/19/26 13:53:55.731 (208ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:53:55.732 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 13:53:55.732 (0s) > Enter [It] the PipelineRun should eventually finish successfully - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:366 @ 04/19/26 13:53:55.732 PipelineRun gl-test-custom-branch-vujjft-on-pull-request-sf7sw found for Component build-e2e-twtw/gl-test-custom-branch-vujjft PipelineRun gl-test-custom-branch-vujjft-on-pull-request-sf7sw reason: Running PipelineRun gl-test-custom-branch-vujjft-on-pull-request-sf7sw reason: Running PipelineRun gl-test-custom-branch-vujjft-on-pull-request-sf7sw reason: Running PipelineRun gl-test-custom-branch-vujjft-on-pull-request-sf7sw reason: Running PipelineRun gl-test-custom-branch-vujjft-on-pull-request-sf7sw reason: Running PipelineRun gl-test-custom-branch-vujjft-on-pull-request-sf7sw reason: Running PipelineRun gl-test-custom-branch-vujjft-on-pull-request-sf7sw reason: Running PipelineRun gl-test-custom-branch-vujjft-on-pull-request-sf7sw reason: Running PipelineRun gl-test-custom-branch-vujjft-on-pull-request-sf7sw reason: Running PipelineRun gl-test-custom-branch-vujjft-on-pull-request-sf7sw reason: Running PipelineRun gl-test-custom-branch-vujjft-on-pull-request-sf7sw reason: Running PipelineRun gl-test-custom-branch-vujjft-on-pull-request-sf7sw reason: Running PipelineRun gl-test-custom-branch-vujjft-on-pull-request-sf7sw reason: Running PipelineRun gl-test-custom-branch-vujjft-on-pull-request-sf7sw reason: Running PipelineRun gl-test-custom-branch-vujjft-on-pull-request-sf7sw reason: Running PipelineRun gl-test-custom-branch-vujjft-on-pull-request-sf7sw reason: Running PipelineRun gl-test-custom-branch-vujjft-on-pull-request-sf7sw reason: Running PipelineRun gl-test-custom-branch-vujjft-on-pull-request-sf7sw reason: Running PipelineRun gl-test-custom-branch-vujjft-on-pull-request-sf7sw reason: Running PipelineRun gl-test-custom-branch-vujjft-on-pull-request-sf7sw reason: Running PipelineRun gl-test-custom-branch-vujjft-on-pull-request-sf7sw reason: Completed < Exit [It] the PipelineRun should eventually finish successfully - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:366 @ 04/19/26 14:00:35.746 (6m40.013s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:00:35.746 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:00:35.746 (0s) > Enter [It] image repo and robot account created successfully - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:372 @ 04/19/26 14:00:35.746 < Exit [It] image repo and robot account created successfully - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:372 @ 04/19/26 14:00:36.621 (875ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:00:36.622 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:00:36.622 (0s) > Enter [It] floating tags are created successfully - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:391 @ 04/19/26 14:00:36.622 < Exit [It] floating tags are created successfully - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:391 @ 04/19/26 14:00:37.434 (812ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:00:37.434 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:00:37.434 (0s) > Enter [It] created image repo is public - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:404 @ 04/19/26 14:00:37.435 < Exit [It] created image repo is public - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:404 @ 04/19/26 14:00:38.196 (761ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:00:38.196 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:00:38.196 (0s) > Enter [It] image tag is updated successfully - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:410 @ 04/19/26 14:00:38.197 Image tag quay.io/redhat-appstudio-qe/build-e2e-twtw/gl-test-custom-branch-vujjft:on-pr-9efa61acdb1ca3872496f5c7a3df6ab4031b3b68 successfully found in Quay < Exit [It] image tag is updated successfully - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:410 @ 04/19/26 14:00:38.554 (356ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:00:38.554 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:00:38.554 (0s) > Enter [It] should ensure pruning labels are set - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:439 @ 04/19/26 14:00:38.555 < Exit [It] should ensure pruning labels are set - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:439 @ 04/19/26 14:00:38.96 (405ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:00:38.96 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:00:38.96 (0s) > Enter [It] eventually leads to the PipelineRun status report at Checks tab - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:453 @ 04/19/26 14:00:38.961 < Exit [It] eventually leads to the PipelineRun status report at Checks tab - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:453 @ 04/19/26 14:00:39.341 (380ms) > Enter [AfterAll] when a new Component with specified custom branch is created - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:325 @ 04/19/26 14:00:39.341 < Exit [AfterAll] when a new Component with specified custom branch is created - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:325 @ 04/19/26 14:00:39.457 (116ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:00:39.457 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:00:39.457 (0s) > Enter [BeforeAll] when the PaC init branch is updated - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:468 @ 04/19/26 14:00:39.458 created file sha: 8642edee4050f971b378a8236e0ca984561ae751 < Exit [BeforeAll] when the PaC init branch is updated - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:468 @ 04/19/26 14:00:40.269 (811ms) > Enter [It] eventually leads to triggering another PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:478 @ 04/19/26 14:00:40.269 PipelineRun has not been created yet for the component build-e2e-twtw/gl-test-custom-branch-vujjft < Exit [It] eventually leads to triggering another PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:478 @ 04/19/26 14:01:00.31 (20.041s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:01:00.31 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:01:00.311 (0s) > Enter [It] should lead to a PaC init PR update - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:493 @ 04/19/26 14:01:00.311 < Exit [It] should lead to a PaC init PR update - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:493 @ 04/19/26 14:01:00.538 (227ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:01:00.538 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:01:00.538 (0s) > Enter [It] PipelineRun should eventually finish - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:512 @ 04/19/26 14:01:00.539 PipelineRun gl-test-custom-branch-vujjft-on-pull-request-5p8t7 found for Component build-e2e-twtw/gl-test-custom-branch-vujjft PipelineRun gl-test-custom-branch-vujjft-on-pull-request-5p8t7 reason: Running PipelineRun gl-test-custom-branch-vujjft-on-pull-request-5p8t7 reason: Running PipelineRun gl-test-custom-branch-vujjft-on-pull-request-5p8t7 reason: Running PipelineRun gl-test-custom-branch-vujjft-on-pull-request-5p8t7 reason: Running PipelineRun gl-test-custom-branch-vujjft-on-pull-request-5p8t7 reason: Running PipelineRun gl-test-custom-branch-vujjft-on-pull-request-5p8t7 reason: Running PipelineRun gl-test-custom-branch-vujjft-on-pull-request-5p8t7 reason: Running PipelineRun gl-test-custom-branch-vujjft-on-pull-request-5p8t7 reason: Completed < Exit [It] PipelineRun should eventually finish - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:512 @ 04/19/26 14:03:20.563 (2m20.024s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:03:20.563 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:03:20.563 (0s) > Enter [It] eventually leads to another update of a PR about the PipelineRun status report at Checks tab - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:518 @ 04/19/26 14:03:20.564 < Exit [It] eventually leads to another update of a PR about the PipelineRun status report at Checks tab - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:518 @ 04/19/26 14:03:20.977 (413ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:03:20.977 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:03:20.977 (0s) > Enter [BeforeAll] when the PaC init branch is merged - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:534 @ 04/19/26 14:03:20.978 merged result sha: 252c59d37b1891b03b833a4dbc4ca4675cea9279 < Exit [BeforeAll] when the PaC init branch is merged - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:534 @ 04/19/26 14:03:22.306 (1.328s) > Enter [It] eventually leads to triggering another PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:544 @ 04/19/26 14:03:22.306 PipelineRun has not been created yet for the component build-e2e-twtw/gl-test-custom-branch-vujjft < Exit [It] eventually leads to triggering another PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:544 @ 04/19/26 14:03:42.331 (20.025s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:03:42.331 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:03:42.331 (0s) > Enter [It] pipelineRun should eventually finish - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:560 @ 04/19/26 14:03:42.332 PipelineRun gl-test-custom-branch-vujjft-on-push-gdbnx found for Component build-e2e-twtw/gl-test-custom-branch-vujjft PipelineRun gl-test-custom-branch-vujjft-on-push-gdbnx reason: Running PipelineRun gl-test-custom-branch-vujjft-on-push-gdbnx reason: Running PipelineRun gl-test-custom-branch-vujjft-on-push-gdbnx reason: Running PipelineRun gl-test-custom-branch-vujjft-on-push-gdbnx reason: Running PipelineRun gl-test-custom-branch-vujjft-on-push-gdbnx reason: Running PipelineRun gl-test-custom-branch-vujjft-on-push-gdbnx reason: Running PipelineRun gl-test-custom-branch-vujjft-on-push-gdbnx reason: Running PipelineRun gl-test-custom-branch-vujjft-on-push-gdbnx reason: Running PipelineRun gl-test-custom-branch-vujjft-on-push-gdbnx reason: Running PipelineRun gl-test-custom-branch-vujjft-on-push-gdbnx reason: Completed < Exit [It] pipelineRun should eventually finish - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:560 @ 04/19/26 14:06:42.345 (3m0.013s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:06:42.346 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:06:42.346 (0s) > Enter [It] does not have expiration set - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:566 @ 04/19/26 14:06:42.346 < Exit [It] does not have expiration set - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:566 @ 04/19/26 14:06:42.661 (314ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:06:42.661 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:06:42.661 (0s) > Enter [It] After updating image visibility to private, it should not trigger another PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:578 @ 04/19/26 14:06:42.661 waiting for one minute and expecting to not trigger a PipelineRun < Exit [It] After updating image visibility to private, it should not trigger another PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:578 @ 04/19/26 14:08:44.401 (2m1.739s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:08:44.401 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:08:44.401 (0s) > Enter [It] image repo is updated to private - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:609 @ 04/19/26 14:08:44.402 < Exit [It] image repo is updated to private - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:609 @ 04/19/26 14:08:44.73 (329ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:08:44.73 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:08:44.731 (0s) > Enter [BeforeAll] when the component is removed and recreated (with the same name in the same namespace) - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:664 @ 04/19/26 14:08:44.731 < Exit [BeforeAll] when the component is removed and recreated (with the same name in the same namespace) - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:664 @ 04/19/26 14:08:47.953 (3.222s) > Enter [BeforeAll] when the component is removed and recreated (with the same name in the same namespace) - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:693 @ 04/19/26 14:08:47.953 < Exit [BeforeAll] when the component is removed and recreated (with the same name in the same namespace) - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:693 @ 04/19/26 14:08:47.995 (42ms) > Enter [It] should no longer lead to a creation of a PaC PR - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:729 @ 04/19/26 14:08:47.996 < Exit [It] should no longer lead to a creation of a PaC PR - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:729 @ 04/19/26 14:08:57.996 (10.001s) > Enter [AfterAll] when the component is removed and recreated (with the same name in the same namespace) - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:711 @ 04/19/26 14:08:57.997 Found purge PR with id: 3 < Exit [AfterAll] when the component is removed and recreated (with the same name in the same namespace) - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:711 @ 04/19/26 14:08:58.21 (213ms) > Enter [AfterAll] PaC component build - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:102 @ 04/19/26 14:08:58.21 < Exit [AfterAll] PaC component build - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:102 @ 04/19/26 14:09:01.292 (3.082s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:09:01.293 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/pac_build.go:29 @ 04/19/26 14:09:01.293 (0s) > Enter [BeforeAll] Maven project - Default build - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:84 @ 04/19/26 13:50:24.073 "level"=0 "msg"="Konflux demo BeforeAll: initializing framework for appappMaven project - Default build" "level"=0 "msg"="Konflux demo BeforeAll: namespacesuserNamespacekonflux-kowkmanagedNamespacekonflux-kowk-managed" "level"=0 "msg"="Konflux demo BeforeAll: component configcomponentNamekonflux-demo-component-kcalpacBranchNamekonflux-konflux-demo-component-kcalcomponentRepositoryNamehacbs-test-project-konflux-demo" "level"=0 "msg"="Konflux demo BeforeAll: creating release configmanagedNamespacekonflux-kowk-manageduserNamespacekonflux-kowk" "level"=0 "msg"="Konflux demo createReleaseConfig: creating managed namespacemanagedNamespacekonflux-kowk-managed" "level"=0 "msg"="Konflux demo createReleaseConfig: creating release-service-accountmanagedNamespacekonflux-kowk-managed" "level"=0 "msg"="Konflux demo createReleaseConfig: finishedmanagedNamespacekonflux-kowk-manageduserNamespacekonflux-kowk" "level"=0 "msg"="Konflux demo BeforeAll: created and linked release-catalog-trusted-artifacts-quay-secretmanagedNamespacekonflux-kowk-managed" created and linked release-catalog-trusted-artifacts-quay-secret in namespace "konflux-kowk-managed" "level"=0 "msg"="Konflux demo BeforeAll: setup completeappMaven project - Default buildcomponentNamekonflux-demo-component-kcal" < Exit [BeforeAll] Maven project - Default build - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:84 @ 04/19/26 13:51:05.843 (41.77s) > Enter [It] creates an application - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:189 @ 04/19/26 13:51:05.843 "level"=0 "msg"="Konflux demo: creating applicationapplicationNamekonflux-demo-appnamespacekonflux-kowk" "level"=0 "msg"="Konflux demo: application createdapplicationNamekonflux-demo-app" < Exit [It] creates an application - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:189 @ 04/19/26 13:51:05.994 (151ms) > Enter [It] creates an IntegrationTestScenario for the app - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:202 @ 04/19/26 13:51:05.995 "level"=0 "msg"="Konflux demo: creating IntegrationTestScenarioapplicationNamekonflux-demo-appnamespacekonflux-kowk" "level"=0 "msg"="Konflux demo: IntegrationTestScenario createdscenariomy-integration-test-siac" < Exit [It] creates an IntegrationTestScenario for the app - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:202 @ 04/19/26 13:51:06.053 (58ms) > Enter [It] creates new branch for the build - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:218 @ 04/19/26 13:51:06.053 "level"=0 "msg"="Konflux demo: creating branch for buildrepohacbs-test-project-konflux-demobranchbase-pjqtugfrommain" < Exit [It] creates new branch for the build - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:218 @ 04/19/26 13:51:06.705 (651ms) > Enter [It] creates component konflux-demo-component (private: false) from git source https://github.com/redhat-appstudio-qe/hacbs-test-project-konflux-demo - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:233 @ 04/19/26 13:51:06.705 "level"=0 "msg"="Konflux demo: creating componentcomponentNamekonflux-demo-component-kcalapplicationNamekonflux-demo-appnamespacekonflux-kowkrevisionbase-pjqtug" Image repository for component konflux-demo-component-kcal in namespace konflux-kowk do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Image repository for component konflux-demo-component-kcal in namespace konflux-kowk do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Image repository for component konflux-demo-component-kcal in namespace konflux-kowk do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. "level"=0 "msg"="Konflux demo: component createdcomponentNamekonflux-demo-component-kcal" < Exit [It] creates component konflux-demo-component (private: false) from git source https://github.com/redhat-appstudio-qe/hacbs-test-project-konflux-demo - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:233 @ 04/19/26 13:51:46.849 (40.143s) > Enter [It] triggers creation of a PR in the sample repo - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:259 @ 04/19/26 13:51:46.849 "level"=0 "msg"="Konflux demo: waiting for PaC PRrepohacbs-test-project-konflux-demopacBranchNamekonflux-konflux-demo-component-kcal" "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-kcal (found 5 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-kcal (found 5 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-kcal (found 5 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-kcal (found 5 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-kcal (found 5 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-kcal (found 5 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-kcal (found 5 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-kcal (found 5 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-kcal (found 5 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-kcal (found 5 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-kcal (found 5 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-kcal (found 5 PRs)" "error"=null "level"=0 "msg"="Konflux demo: PaC PR createdprNumber29046prSHAa8a0b5d1ad5bfa1357a0e768f5f9a9d784d72e36" "level"=0 "msg"="Konflux demo: waiting for pull-request PipelineRun to appear (will delete it)componentkonflux-demo-component-kcalprSHAa8a0b5d1ad5bfa1357a0e768f5f9a9d784d72e36" PipelineRun not found yet for component konflux-kowk/konflux-demo-component-kcal prSHA a8a0b5d1ad5bfa1357a0e768f5f9a9d784d72e36: no pipelinerun found for component konflux-demo-component-kcal < Exit [It] triggers creation of a PR in the sample repo - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:259 @ 04/19/26 13:52:33.772 (46.923s) > Enter [It] verifies component build status - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:297 @ 04/19/26 13:52:33.773 "level"=0 "msg"="Konflux demo: verifying component build status (PaC enabled)componentkonflux-demo-component-kcalnamespacekonflux-kowk" state: enabled mergeUrl: https://github.com/redhat-appstudio-qe/hacbs-test-project-konflux-demo/pull/29046 errId: 0 errMessage: configurationTime: Sun, 19 Apr 2026 13:52:13 UTC < Exit [It] verifies component build status - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:297 @ 04/19/26 13:52:33.787 (14ms) > Enter [It] should eventually lead to triggering a 'push' event type PipelineRun after merging the PaC init branch - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:335 @ 04/19/26 13:52:33.787 "level"=0 "msg"="Konflux demo: merging PaC PRrepohacbs-test-project-konflux-demoprNumber29046" "level"=0 "msg"="Konflux demo: PaC PR mergedheadSHA1dc6580ea2177581106ef7a7bc3a5373b5412958" "level"=0 "msg"="Konflux demo: waiting for push PipelineRun to startcomponentkonflux-demo-component-kcalheadSHA1dc6580ea2177581106ef7a7bc3a5373b5412958" PipelineRun has not been created yet for component konflux-kowk/konflux-demo-component-kcal "msg"="Konflux demo: GetComponentPipelineRun failed: no pipelinerun found for component konflux-demo-component-kcal" "error"=null "level"=0 "msg"="Konflux demo: push PipelineRun startedpipelineRunkonflux-demo-component-kcal-on-push-f7qsx" < Exit [It] should eventually lead to triggering a 'push' event type PipelineRun after merging the PaC init branch - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:335 @ 04/19/26 13:52:55.275 (21.488s) > Enter [It] does not contain an annotation with a Snapshot Name - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:369 @ 04/19/26 13:52:55.276 "level"=0 "msg"="Konflux demo: checking build PipelineRun has no snapshot annotationpipelineRunkonflux-demo-component-kcal-on-push-f7qsx" < Exit [It] does not contain an annotation with a Snapshot Name - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:369 @ 04/19/26 13:52:55.276 (0s) > Enter [It] should eventually complete successfully - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:373 @ 04/19/26 13:52:55.276 "level"=0 "msg"="Konflux demo: waiting for build PipelineRun to finishpipelineRunkonflux-demo-component-kcal-on-push-f7qsxcomponentkonflux-demo-component-kcalheadSHA1dc6580ea2177581106ef7a7bc3a5373b5412958" PipelineRun konflux-demo-component-kcal-on-push-f7qsx found for Component konflux-kowk/konflux-demo-component-kcal PipelineRun konflux-demo-component-kcal-on-push-f7qsx reason: ResolvingTaskRef PipelineRun konflux-demo-component-kcal-on-push-f7qsx reason: Running PipelineRun konflux-demo-component-kcal-on-push-f7qsx reason: Running PipelineRun konflux-demo-component-kcal-on-push-f7qsx reason: Running PipelineRun konflux-demo-component-kcal-on-push-f7qsx reason: Running PipelineRun konflux-demo-component-kcal-on-push-f7qsx reason: Running PipelineRun konflux-demo-component-kcal-on-push-f7qsx reason: Running PipelineRun konflux-demo-component-kcal-on-push-f7qsx reason: Running PipelineRun konflux-demo-component-kcal-on-push-f7qsx reason: Running PipelineRun konflux-demo-component-kcal-on-push-f7qsx reason: Running PipelineRun konflux-demo-component-kcal-on-push-f7qsx reason: Running PipelineRun konflux-demo-component-kcal-on-push-f7qsx reason: Running PipelineRun konflux-demo-component-kcal-on-push-f7qsx reason: Running PipelineRun konflux-demo-component-kcal-on-push-f7qsx reason: Running PipelineRun konflux-demo-component-kcal-on-push-f7qsx reason: PipelineRunStopping PipelineRun konflux-demo-component-kcal-on-push-f7qsx reason: PipelineRunStopping PipelineRun konflux-demo-component-kcal-on-push-f7qsx reason: PipelineRunStopping PipelineRun konflux-demo-component-kcal-on-push-f7qsx reason: PipelineRunStopping PipelineRun konflux-demo-component-kcal-on-push-f7qsx reason: PipelineRunStopping PipelineRun konflux-demo-component-kcal-on-push-f7qsx reason: PipelineRunStopping PipelineRun konflux-demo-component-kcal-on-push-f7qsx reason: PipelineRunStopping PipelineRun konflux-demo-component-kcal-on-push-f7qsx reason: PipelineRunStopping PipelineRun konflux-demo-component-kcal-on-push-f7qsx reason: PipelineRunStopping PipelineRun konflux-demo-component-kcal-on-push-f7qsx reason: PipelineRunStopping PipelineRun konflux-demo-component-kcal-on-push-f7qsx reason: PipelineRunStopping PipelineRun konflux-demo-component-kcal-on-push-f7qsx reason: PipelineRunStopping PipelineRun konflux-demo-component-kcal-on-push-f7qsx reason: Failed attempt 1/6: PipelineRun "konflux-demo-component-kcal-on-push-f7qsx" failed: pod: konflux-demo-component-kcal-on-push-f7qsx-apply-tags-pod | init container: prepare 2026/04/19 13:56:53 Entrypoint initialization pod: konflux-demo-component-kcal-on-push-f7qsx-apply-tags-pod | container step-apply-additional-tags: time="2026-04-19T13:57:10Z" level=info msg="[param] image-url: quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal:1dc6580ea2177581106ef7a7bc3a5373b5412958" time="2026-04-19T13:57:10Z" level=info msg="[param] digest: sha256:f0ff358b512eda5911cbbf3fa9c6626dea34634679b8d5ff7e453e15dcb96625" time="2026-04-19T13:57:10Z" level=info msg="[param] tags-from-image-label: konflux.additional-tags" time="2026-04-19T13:57:11Z" level=warning msg="No tags given in 'konflux.additional-tags' image label" {"tags":[]} pod: konflux-demo-component-kcal-on-push-f7qsx-build-container-pod | init container: prepare 2026/04/19 13:53:54 Entrypoint initialization pod: konflux-demo-component-kcal-on-push-f7qsx-build-container-pod | init container: place-scripts 2026/04/19 13:53:56 Decoded script /tekton/scripts/script-1-z5chm 2026/04/19 13:53:56 Decoded script /tekton/scripts/script-2-fk66c 2026/04/19 13:53:56 Decoded script /tekton/scripts/script-3-vbzzl 2026/04/19 13:53:56 Decoded script /tekton/scripts/script-4-hv7gt 2026/04/19 13:53:56 Decoded script /tekton/scripts/script-5-xw5wz pod: konflux-demo-component-kcal-on-push-f7qsx-build-container-pod | container step-use-trusted-artifact: Using token for quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal Executing: oras blob fetch --registry-config /tmp/use-oci.sh.i7RPEF/auth-kLjzRN.json quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal@sha256:58cf784270f165085355f1ecd4e20ed0afb5d041bef39f1f0fc356c010ea208d --output - Restored artifact quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal@sha256:58cf784270f165085355f1ecd4e20ed0afb5d041bef39f1f0fc356c010ea208d to /var/workdir/source WARN: artifact URI not provided, (given: =/var/workdir/cachi2) pod: konflux-demo-component-kcal-on-push-f7qsx-build-container-pod | container step-build: [2026-04-19T13:54:00,260353377+00:00] Validate context path [2026-04-19T13:54:00,263612242+00:00] Update CA trust [2026-04-19T13:54:00,264722337+00:00] Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2026-04-19T13:54:02,444978002+00:00] Prepare Dockerfile Checking if /var/workdir/cachi2/output/bom.json exists. Could not find prefetched sbom. No content_sets found for ICM [2026-04-19T13:54:02,451134842+00:00] Prepare system (architecture: x86_64) [2026-04-19T13:54:02,488751979+00:00] Setup prefetched Trying to pull registry.access.redhat.com/ubi8/openjdk-17-runtime:1.23... Getting image source signatures Checking if image destination supports signatures Copying blob sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2 Copying blob sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd Copying config sha256:8a8c1b6debe1eb9195d5603daa93e6e901389eee8e9810ff64be52217f60741d Writing manifest to image destination Storing signatures [2026-04-19T13:54:20,175615878+00:00] Unsetting proxy { "architecture": "x86_64", "build-date": "2026-04-19T13:54:02Z", "com.redhat.component": "openjdk-17-runtime-ubi8-container", "com.redhat.license_terms": "https://www.redhat.com/en/about/red-hat-end-user-license-agreements#UBI", "cpe": "cpe:/a:redhat:enterprise_linux:8::appstream", "description": "Image for Red Hat OpenShift providing OpenJDK 17 runtime", "distribution-scope": "public", "io.buildah.version": "1.42.2", "io.cekit.version": "4.13.0.dev0", "io.k8s.description": "Platform for running plain Java applications (fat-jar and flat classpath)", "io.k8s.display-name": "Java Applications", "io.openshift.expose-services": "", "io.openshift.tags": "java", "maintainer": "Red Hat OpenJDK <openjdk@redhat.com>", "name": "ubi8/openjdk-17-runtime", "org.jboss.product": "openjdk", "org.jboss.product.openjdk.version": "17", "org.jboss.product.version": "17", "org.opencontainers.image.created": "2026-04-19T13:54:02Z", "org.opencontainers.image.documentation": "https://rh-openjdk.github.io/redhat-openjdk-containers/", "org.opencontainers.image.revision": "1dc6580ea2177581106ef7a7bc3a5373b5412958", "release": "4.1776047406", "summary": "Image for Red Hat OpenShift providing OpenJDK 17 runtime", "url": "https://access.redhat.com/containers/#/registry.access.redhat.com/ubi8/openjdk-17-runtime/images/1.23-4.1776047406", "usage": "https://rh-openjdk.github.io/redhat-openjdk-containers/", "vcs-ref": "1dc6580ea2177581106ef7a7bc3a5373b5412958", "vcs-type": "git", "vendor": "Red Hat, Inc.", "version": "1.23", "org.opencontainers.image.source": "https://github.com/redhat-appstudio-qe/hacbs-test-project-konflux-demo" } [2026-04-19T13:54:20,221223493+00:00] Register sub-man Adding the entitlement to the build [2026-04-19T13:54:20,224989002+00:00] Add secrets [2026-04-19T13:54:20,233100623+00:00] Run buildah build [2026-04-19T13:54:20,234212600+00:00] buildah build --volume /tmp/entitlement:/etc/pki/entitlement --security-opt=unmask=/proc/interrupts --label architecture=x86_64 --label vcs-type=git --label vcs-ref=1dc6580ea2177581106ef7a7bc3a5373b5412958 --label org.opencontainers.image.revision=1dc6580ea2177581106ef7a7bc3a5373b5412958 --label org.opencontainers.image.source=https://github.com/redhat-appstudio-qe/hacbs-test-project-konflux-demo --label build-date=2026-04-19T13:54:02Z --label org.opencontainers.image.created=2026-04-19T13:54:02Z --annotation org.opencontainers.image.revision=1dc6580ea2177581106ef7a7bc3a5373b5412958 --annotation org.opencontainers.image.source=https://github.com/redhat-appstudio-qe/hacbs-test-project-konflux-demo --annotation org.opencontainers.image.created=2026-04-19T13:54:02Z --tls-verify=true --no-cache --ulimit nofile=4096:4096 --http-proxy=false -f /tmp/Dockerfile.hzEAGS -t quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal:1dc6580ea2177581106ef7a7bc3a5373b5412958 . [1/2] STEP 1/5: FROM registry.access.redhat.com/ubi8/openjdk-17:1.23 AS builder Trying to pull registry.access.redhat.com/ubi8/openjdk-17:1.23... Getting image source signatures Checking if image destination supports signatures Copying blob sha256:09f98c686de63ba39fe1c2d25eb997bde1a5ca76087c84a0a3cdb06407b7080a Copying blob sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd Copying config sha256:df97c90ad4902ce9834b0cd6e917acfb716f59ed6d04279198ddbf6de2d79960 Writing manifest to image destination Storing signatures [1/2] STEP 2/5: WORKDIR /work [1/2] STEP 3/5: COPY . . [1/2] STEP 4/5: USER 0 [1/2] STEP 5/5: RUN mvn clean package -DskipTests -DskipDocsGen [INFO] Scanning for projects... [INFO] [INFO] ------------------< org.example:simple-java-project >------------------- [INFO] Building simple-java-project 1.0-SNAPSHOT [INFO] --------------------------------[ jar ]--------------------------------- Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-shade-plugin/3.2.4/maven-shade-plugin-3.2.4.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 11 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-shade-plugin/3.2.4/maven-shade-plugin-3.2.4.pom (11 kB at 46 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-plugins/34/maven-plugins-34.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 11 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-plugins/34/maven-plugins-34.pom (11 kB at 289 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/34/maven-parent-34.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 16 kB Progress (1): 20 kB Progress (1): 25 kB Progress (1): 29 kB Progress (1): 33 kB Progress (1): 37 kB Progress (1): 41 kB Progress (1): 43 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/34/maven-parent-34.pom (43 kB at 840 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/apache/23/apache-23.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 16 kB Progress (1): 18 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/apache/23/apache-23.pom (18 kB at 485 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-shade-plugin/3.2.4/maven-shade-plugin-3.2.4.jar Progress (1): 2.3/134 kB Progress (1): 5.0/134 kB Progress (1): 7.7/134 kB Progress (1): 10/134 kB Progress (1): 13/134 kB Progress (1): 16/134 kB Progress (1): 19/134 kB Progress (1): 21/134 kB Progress (1): 24/134 kB Progress (1): 28/134 kB Progress (1): 32/134 kB Progress (1): 36/134 kB Progress (1): 40/134 kB Progress (1): 45/134 kB Progress (1): 49/134 kB Progress (1): 53/134 kB Progress (1): 57/134 kB Progress (1): 61/134 kB Progress (1): 65/134 kB Progress (1): 69/134 kB Progress (1): 73/134 kB Progress (1): 77/134 kB Progress (1): 81/134 kB Progress (1): 86/134 kB Progress (1): 90/134 kB Progress (1): 92/134 kB Progress (1): 96/134 kB Progress (1): 100/134 kB Progress (1): 104/134 kB Progress (1): 108/134 kB Progress (1): 112/134 kB Progress (1): 116/134 kB Progress (1): 120/134 kB Progress (1): 125/134 kB Progress (1): 129/134 kB Progress (1): 133/134 kB Progress (1): 134 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-shade-plugin/3.2.4/maven-shade-plugin-3.2.4.jar (134 kB at 2.4 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-clean-plugin/2.5/maven-clean-plugin-2.5.pom Progress (1): 3.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-clean-plugin/2.5/maven-clean-plugin-2.5.pom (3.9 kB at 78 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-plugins/22/maven-plugins-22.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 13 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-plugins/22/maven-plugins-22.pom (13 kB at 261 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/21/maven-parent-21.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 16 kB Progress (1): 20 kB Progress (1): 25 kB Progress (1): 26 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/21/maven-parent-21.pom (26 kB at 694 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/apache/10/apache-10.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 15 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/apache/10/apache-10.pom (15 kB at 352 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-clean-plugin/2.5/maven-clean-plugin-2.5.jar Progress (1): 4.1/25 kB Progress (1): 7.7/25 kB Progress (1): 12/25 kB Progress (1): 16/25 kB Progress (1): 20/25 kB Progress (1): 24/25 kB Progress (1): 25 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-clean-plugin/2.5/maven-clean-plugin-2.5.jar (25 kB at 601 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-resources-plugin/2.6/maven-resources-plugin-2.6.pom Progress (1): 4.1 kB Progress (1): 8.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-resources-plugin/2.6/maven-resources-plugin-2.6.pom (8.1 kB at 208 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-plugins/23/maven-plugins-23.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 9.2 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-plugins/23/maven-plugins-23.pom (9.2 kB at 219 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/22/maven-parent-22.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 16 kB Progress (1): 20 kB Progress (1): 25 kB Progress (1): 29 kB Progress (1): 30 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/22/maven-parent-22.pom (30 kB at 633 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/apache/11/apache-11.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 15 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/apache/11/apache-11.pom (15 kB at 361 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-resources-plugin/2.6/maven-resources-plugin-2.6.jar Progress (1): 4.1/30 kB Progress (1): 7.7/30 kB Progress (1): 12/30 kB Progress (1): 16/30 kB Progress (1): 20/30 kB Progress (1): 24/30 kB Progress (1): 28/30 kB Progress (1): 30 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-resources-plugin/2.6/maven-resources-plugin-2.6.jar (30 kB at 777 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-compiler-plugin/3.1/maven-compiler-plugin-3.1.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 10 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-compiler-plugin/3.1/maven-compiler-plugin-3.1.pom (10 kB at 237 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-plugins/24/maven-plugins-24.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 11 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-plugins/24/maven-plugins-24.pom (11 kB at 216 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/23/maven-parent-23.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 16 kB Progress (1): 20 kB Progress (1): 25 kB Progress (1): 29 kB Progress (1): 33 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/23/maven-parent-23.pom (33 kB at 665 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/apache/13/apache-13.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 14 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/apache/13/apache-13.pom (14 kB at 304 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-compiler-plugin/3.1/maven-compiler-plugin-3.1.jar Progress (1): 4.1/43 kB Progress (1): 7.5/43 kB Progress (1): 12/43 kB Progress (1): 16/43 kB Progress (1): 20/43 kB Progress (1): 24/43 kB Progress (1): 28/43 kB Progress (1): 32/43 kB Progress (1): 36/43 kB Progress (1): 40/43 kB Progress (1): 43 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-compiler-plugin/3.1/maven-compiler-plugin-3.1.jar (43 kB at 934 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-surefire-plugin/2.12.4/maven-surefire-plugin-2.12.4.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 10 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-surefire-plugin/2.12.4/maven-surefire-plugin-2.12.4.pom (10 kB at 233 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/surefire/surefire/2.12.4/surefire-2.12.4.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 14 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/surefire/surefire/2.12.4/surefire-2.12.4.pom (14 kB at 373 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-surefire-plugin/2.12.4/maven-surefire-plugin-2.12.4.jar Progress (1): 4.1/30 kB Progress (1): 7.7/30 kB Progress (1): 12/30 kB Progress (1): 16/30 kB Progress (1): 20/30 kB Progress (1): 24/30 kB Progress (1): 28/30 kB Progress (1): 30 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-surefire-plugin/2.12.4/maven-surefire-plugin-2.12.4.jar (30 kB at 708 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-jar-plugin/3.3.0/maven-jar-plugin-3.3.0.pom Progress (1): 4.1 kB Progress (1): 6.8 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-jar-plugin/3.3.0/maven-jar-plugin-3.3.0.pom (6.8 kB at 144 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-plugins/37/maven-plugins-37.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 9.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-plugins/37/maven-plugins-37.pom (9.9 kB at 225 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/37/maven-parent-37.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 16 kB Progress (1): 20 kB Progress (1): 25 kB Progress (1): 29 kB Progress (1): 33 kB Progress (1): 37 kB Progress (1): 41 kB Progress (1): 45 kB Progress (1): 46 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/37/maven-parent-37.pom (46 kB at 1.3 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/apache/27/apache-27.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 16 kB Progress (1): 20 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/apache/27/apache-27.pom (20 kB at 566 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-jar-plugin/3.3.0/maven-jar-plugin-3.3.0.jar Progress (1): 4.1/27 kB Progress (1): 7.7/27 kB Progress (1): 12/27 kB Progress (1): 16/27 kB Progress (1): 20/27 kB Progress (1): 24/27 kB Progress (1): 27 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-jar-plugin/3.3.0/maven-jar-plugin-3.3.0.jar (27 kB at 547 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/io/github/stuartwdouglas/hacbs-test/simple/simple-jdk17/0.1.2/simple-jdk17-0.1.2.pom Progress (1): 3.6 kB Downloaded from central: https://repo.maven.apache.org/maven2/io/github/stuartwdouglas/hacbs-test/simple/simple-jdk17/0.1.2/simple-jdk17-0.1.2.pom (3.6 kB at 70 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/io/github/stuartwdouglas/hacbs-test/shaded/shaded-jdk11/1.9/shaded-jdk11-1.9.pom Progress (1): 4.1 kB Progress (1): 5.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/io/github/stuartwdouglas/hacbs-test/shaded/shaded-jdk11/1.9/shaded-jdk11-1.9.pom (5.0 kB at 104 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/io/github/stuartwdouglas/hacbs-test/simple/simple-jdk8/1.2.4/simple-jdk8-1.2.4.pom Progress (1): 3.6 kB Downloaded from central: https://repo.maven.apache.org/maven2/io/github/stuartwdouglas/hacbs-test/simple/simple-jdk8/1.2.4/simple-jdk8-1.2.4.pom (3.6 kB at 84 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/io/github/stuartwdouglas/hacbs-test/gradle/hacbs-test-simple-gradle-jdk8/1.1/hacbs-test-simple-gradle-jdk8-1.1.pom Progress (1): 1.8 kB Downloaded from central: https://repo.maven.apache.org/maven2/io/github/stuartwdouglas/hacbs-test/gradle/hacbs-test-simple-gradle-jdk8/1.1/hacbs-test-simple-gradle-jdk8-1.1.pom (1.8 kB at 39 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/io/github/stuartwdouglas/hacbs-test/simple/simple-jdk17/0.1.2/simple-jdk17-0.1.2.jar Downloading from central: https://repo.maven.apache.org/maven2/io/github/stuartwdouglas/hacbs-test/shaded/shaded-jdk11/1.9/shaded-jdk11-1.9.jar Downloading from central: https://repo.maven.apache.org/maven2/io/github/stuartwdouglas/hacbs-test/simple/simple-jdk8/1.2.4/simple-jdk8-1.2.4.jar Downloading from central: https://repo.maven.apache.org/maven2/io/github/stuartwdouglas/hacbs-test/gradle/hacbs-test-simple-gradle-jdk8/1.1/hacbs-test-simple-gradle-jdk8-1.1.jar Progress (1): 3.6 kB Downloaded from central: https://repo.maven.apache.org/maven2/io/github/stuartwdouglas/hacbs-test/simple/simple-jdk17/0.1.2/simple-jdk17-0.1.2.jar (3.6 kB at 61 kB/s) Progress (1): 2.3/7.1 kB Progress (1): 5.0/7.1 kB Progress (1): 7.1 kB Progress (2): 7.1 kB | 2.3/3.6 kB Progress (2): 7.1 kB | 3.6 kB Downloaded from central: https://repo.maven.apache.org/maven2/io/github/stuartwdouglas/hacbs-test/shaded/shaded-jdk11/1.9/shaded-jdk11-1.9.jar (7.1 kB at 82 kB/s) Progress (2): 3.6 kB | 2.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/io/github/stuartwdouglas/hacbs-test/simple/simple-jdk8/1.2.4/simple-jdk8-1.2.4.jar (3.6 kB at 44 kB/s) Downloaded from central: https://repo.maven.apache.org/maven2/io/github/stuartwdouglas/hacbs-test/gradle/hacbs-test-simple-gradle-jdk8/1.1/hacbs-test-simple-gradle-jdk8-1.1.jar (2.0 kB at 19 kB/s) [INFO] [INFO] --- maven-clean-plugin:2.5:clean (default-clean) @ simple-java-project --- Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-api/2.0.6/maven-plugin-api-2.0.6.pom Progress (1): 1.5 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-api/2.0.6/maven-plugin-api-2.0.6.pom (1.5 kB at 25 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven/2.0.6/maven-2.0.6.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 9.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven/2.0.6/maven-2.0.6.pom (9.0 kB at 164 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/5/maven-parent-5.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 15 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/5/maven-parent-5.pom (15 kB at 195 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/apache/3/apache-3.pom Progress (1): 3.4 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/apache/3/apache-3.pom (3.4 kB at 70 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/3.0/plexus-utils-3.0.pom Progress (1): 4.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/3.0/plexus-utils-3.0.pom (4.1 kB at 66 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/spice/spice-parent/16/spice-parent-16.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 8.4 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/spice/spice-parent/16/spice-parent-16.pom (8.4 kB at 144 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/forge/forge-parent/5/forge-parent-5.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 8.4 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/forge/forge-parent/5/forge-parent-5.pom (8.4 kB at 155 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-api/2.0.6/maven-plugin-api-2.0.6.jar Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/3.0/plexus-utils-3.0.jar Progress (1): 2.3/13 kB Progress (1): 5.0/13 kB Progress (1): 7.7/13 kB Progress (1): 12/13 kB Progress (1): 13 kB Progress (2): 13 kB | 2.3/226 kB Progress (2): 13 kB | 5.0/226 kB Progress (2): 13 kB | 7.7/226 kB Progress (2): 13 kB | 10/226 kB Progress (2): 13 kB | 13/226 kB Progress (2): 13 kB | 16/226 kB Progress (2): 13 kB | 19/226 kB Progress (2): 13 kB | 21/226 kB Progress (2): 13 kB | 24/226 kB Progress (2): 13 kB | 27/226 kB Progress (2): 13 kB | 30/226 kB Progress (2): 13 kB | 32/226 kB Progress (2): 13 kB | 35/226 kB Progress (2): 13 kB | 38/226 kB Progress (2): 13 kB | 41/226 kB Progress (2): 13 kB | 43/226 kB Progress (2): 13 kB | 46/226 kB Progress (2): 13 kB | 49/226 kB Progress (2): 13 kB | 53/226 kB Progress (2): 13 kB | 57/226 kB Progress (2): 13 kB | 61/226 kB Progress (2): 13 kB | 65/226 kB Progress (2): 13 kB | 69/226 kB Progress (2): 13 kB | 73/226 kB Progress (2): 13 kB | 76/226 kB Progress (2): 13 kB | 80/226 kB Progress (2): 13 kB | 84/226 kB Progress (2): 13 kB | 88/226 kB Progress (2): 13 kB | 92/226 kB Progress (2): 13 kB | 96/226 kB Progress (2): 13 kB | 100/226 kB Progress (2): 13 kB | 104/226 kB Progress (2): 13 kB | 108/226 kB Progress (2): 13 kB | 112/226 kB Progress (2): 13 kB | 117/226 kB Progress (2): 13 kB | 121/226 kB Progress (2): 13 kB | 125/226 kB Progress (2): 13 kB | 129/226 kB Progress (2): 13 kB | 133/226 kB Progress (2): 13 kB | 137/226 kB Progress (2): 13 kB | 141/226 kB Progress (2): 13 kB | 143/226 kB Progress (2): 13 kB | 147/226 kB Progress (2): 13 kB | 151/226 kB Progress (2): 13 kB | 156/226 kB Progress (2): 13 kB | 160/226 kB Progress (2): 13 kB | 164/226 kB Progress (2): 13 kB | 168/226 kB Progress (2): 13 kB | 172/226 kB Progress (2): 13 kB | 176/226 kB Progress (2): 13 kB | 180/226 kB Progress (2): 13 kB | 184/226 kB Progress (2): 13 kB | 188/226 kB Progress (2): 13 kB | 192/226 kB Progress (2): 13 kB | 196/226 kB Progress (2): 13 kB | 201/226 kB Progress (2): 13 kB | 205/226 kB Progress (2): 13 kB | 209/226 kB Progress (2): 13 kB | 211/226 kB Progress (2): 13 kB | 215/226 kB Progress (2): 13 kB | 219/226 kB Progress (2): 13 kB | 223/226 kB Progress (2): 13 kB | 226 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-api/2.0.6/maven-plugin-api-2.0.6.jar (13 kB at 218 kB/s) Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/3.0/plexus-utils-3.0.jar (226 kB at 3.2 MB/s) [INFO] [INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ simple-java-project --- Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-project/2.0.6/maven-project-2.0.6.pom Progress (1): 2.6 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-project/2.0.6/maven-project-2.0.6.pom (2.6 kB at 53 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-settings/2.0.6/maven-settings-2.0.6.pom Progress (1): 2.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-settings/2.0.6/maven-settings-2.0.6.pom (2.0 kB at 44 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-model/2.0.6/maven-model-2.0.6.pom Progress (1): 3.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-model/2.0.6/maven-model-2.0.6.pom (3.0 kB at 63 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/1.4.1/plexus-utils-1.4.1.pom Progress (1): 1.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/1.4.1/plexus-utils-1.4.1.pom (1.9 kB at 39 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/1.0.11/plexus-1.0.11.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 9.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/1.0.11/plexus-1.0.11.pom (9.0 kB at 183 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-container-default/1.0-alpha-9-stable-1/plexus-container-default-1.0-alpha-9-stable-1.pom Progress (1): 3.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-container-default/1.0-alpha-9-stable-1/plexus-container-default-1.0-alpha-9-stable-1.pom (3.9 kB at 73 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-containers/1.0.3/plexus-containers-1.0.3.pom Progress (1): 492 B Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-containers/1.0.3/plexus-containers-1.0.3.pom (492 B at 7.5 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/1.0.4/plexus-1.0.4.pom Progress (1): 4.1 kB Progress (1): 5.7 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/1.0.4/plexus-1.0.4.pom (5.7 kB at 96 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/junit/junit/3.8.1/junit-3.8.1.pom Progress (1): 998 B Downloaded from central: https://repo.maven.apache.org/maven2/junit/junit/3.8.1/junit-3.8.1.pom (998 B at 18 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/1.0.4/plexus-utils-1.0.4.pom Progress (1): 4.1 kB Progress (1): 6.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/1.0.4/plexus-utils-1.0.4.pom (6.9 kB at 140 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/classworlds/classworlds/1.1-alpha-2/classworlds-1.1-alpha-2.pom Progress (1): 3.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/classworlds/classworlds/1.1-alpha-2/classworlds-1.1-alpha-2.pom (3.1 kB at 54 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-profile/2.0.6/maven-profile-2.0.6.pom Progress (1): 2.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-profile/2.0.6/maven-profile-2.0.6.pom (2.0 kB at 37 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact-manager/2.0.6/maven-artifact-manager-2.0.6.pom Progress (1): 2.6 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact-manager/2.0.6/maven-artifact-manager-2.0.6.pom (2.6 kB at 56 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-repository-metadata/2.0.6/maven-repository-metadata-2.0.6.pom Progress (1): 1.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-repository-metadata/2.0.6/maven-repository-metadata-2.0.6.pom (1.9 kB at 43 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact/2.0.6/maven-artifact-2.0.6.pom Progress (1): 1.6 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact/2.0.6/maven-artifact-2.0.6.pom (1.6 kB at 36 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-registry/2.0.6/maven-plugin-registry-2.0.6.pom Progress (1): 1.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-registry/2.0.6/maven-plugin-registry-2.0.6.pom (1.9 kB at 42 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-core/2.0.6/maven-core-2.0.6.pom Progress (1): 4.1 kB Progress (1): 6.7 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-core/2.0.6/maven-core-2.0.6.pom (6.7 kB at 137 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-parameter-documenter/2.0.6/maven-plugin-parameter-documenter-2.0.6.pom Progress (1): 1.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-parameter-documenter/2.0.6/maven-plugin-parameter-documenter-2.0.6.pom (1.9 kB at 43 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/reporting/maven-reporting-api/2.0.6/maven-reporting-api-2.0.6.pom Progress (1): 1.8 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/reporting/maven-reporting-api/2.0.6/maven-reporting-api-2.0.6.pom (1.8 kB at 39 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/reporting/maven-reporting/2.0.6/maven-reporting-2.0.6.pom Progress (1): 1.4 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/reporting/maven-reporting/2.0.6/maven-reporting-2.0.6.pom (1.4 kB at 32 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/doxia/doxia-sink-api/1.0-alpha-7/doxia-sink-api-1.0-alpha-7.pom Progress (1): 424 B Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/doxia/doxia-sink-api/1.0-alpha-7/doxia-sink-api-1.0-alpha-7.pom (424 B at 8.8 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/doxia/doxia/1.0-alpha-7/doxia-1.0-alpha-7.pom Progress (1): 3.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/doxia/doxia/1.0-alpha-7/doxia-1.0-alpha-7.pom (3.9 kB at 82 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-error-diagnostics/2.0.6/maven-error-diagnostics-2.0.6.pom Progress (1): 1.7 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-error-diagnostics/2.0.6/maven-error-diagnostics-2.0.6.pom (1.7 kB at 24 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/commons-cli/commons-cli/1.0/commons-cli-1.0.pom Progress (1): 2.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/commons-cli/commons-cli/1.0/commons-cli-1.0.pom (2.1 kB at 43 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-descriptor/2.0.6/maven-plugin-descriptor-2.0.6.pom Progress (1): 2.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-descriptor/2.0.6/maven-plugin-descriptor-2.0.6.pom (2.0 kB at 38 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-interactivity-api/1.0-alpha-4/plexus-interactivity-api-1.0-alpha-4.pom Progress (1): 4.1 kB Progress (1): 7.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-interactivity-api/1.0-alpha-4/plexus-interactivity-api-1.0-alpha-4.pom (7.1 kB at 142 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-monitor/2.0.6/maven-monitor-2.0.6.pom Progress (1): 1.3 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-monitor/2.0.6/maven-monitor-2.0.6.pom (1.3 kB at 27 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/classworlds/classworlds/1.1/classworlds-1.1.pom Progress (1): 3.3 kB Downloaded from central: https://repo.maven.apache.org/maven2/classworlds/classworlds/1.1/classworlds-1.1.pom (3.3 kB at 83 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/2.0.5/plexus-utils-2.0.5.pom Progress (1): 3.3 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/2.0.5/plexus-utils-2.0.5.pom (3.3 kB at 78 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/2.0.6/plexus-2.0.6.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 16 kB Progress (1): 17 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/2.0.6/plexus-2.0.6.pom (17 kB at 279 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-filtering/1.1/maven-filtering-1.1.pom Progress (1): 4.1 kB Progress (1): 5.8 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-filtering/1.1/maven-filtering-1.1.pom (5.8 kB at 116 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-components/17/maven-shared-components-17.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 8.7 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-components/17/maven-shared-components-17.pom (8.7 kB at 185 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/1.5.15/plexus-utils-1.5.15.pom Progress (1): 4.1 kB Progress (1): 6.8 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/1.5.15/plexus-utils-1.5.15.pom (6.8 kB at 143 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/2.0.2/plexus-2.0.2.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/2.0.2/plexus-2.0.2.pom (12 kB at 258 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-interpolation/1.12/plexus-interpolation-1.12.pom Progress (1): 889 B Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-interpolation/1.12/plexus-interpolation-1.12.pom (889 B at 19 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-components/1.1.14/plexus-components-1.1.14.pom Progress (1): 4.1 kB Progress (1): 5.8 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-components/1.1.14/plexus-components-1.1.14.pom (5.8 kB at 112 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/plexus/plexus-build-api/0.0.4/plexus-build-api-0.0.4.pom Progress (1): 2.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/plexus/plexus-build-api/0.0.4/plexus-build-api-0.0.4.pom (2.9 kB at 54 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/spice/spice-parent/10/spice-parent-10.pom Progress (1): 3.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/spice/spice-parent/10/spice-parent-10.pom (3.0 kB at 55 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/forge/forge-parent/3/forge-parent-3.pom Progress (1): 4.1 kB Progress (1): 5.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/forge/forge-parent/3/forge-parent-3.pom (5.0 kB at 101 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/1.5.8/plexus-utils-1.5.8.pom Progress (1): 4.1 kB Progress (1): 8.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/1.5.8/plexus-utils-1.5.8.pom (8.1 kB at 192 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-interpolation/1.13/plexus-interpolation-1.13.pom Progress (1): 890 B Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-interpolation/1.13/plexus-interpolation-1.13.pom (890 B at 21 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-components/1.1.15/plexus-components-1.1.15.pom Progress (1): 2.8 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-components/1.1.15/plexus-components-1.1.15.pom (2.8 kB at 62 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/2.0.3/plexus-2.0.3.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 15 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/2.0.3/plexus-2.0.3.pom (15 kB at 377 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-project/2.0.6/maven-project-2.0.6.jar Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-profile/2.0.6/maven-profile-2.0.6.jar Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact-manager/2.0.6/maven-artifact-manager-2.0.6.jar Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-registry/2.0.6/maven-plugin-registry-2.0.6.jar Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-core/2.0.6/maven-core-2.0.6.jar Progress (1): 2.3/29 kB Progress (1): 5.0/29 kB Progress (1): 7.7/29 kB Progress (2): 7.7/29 kB | 4.1/116 kB Progress (2): 7.7/29 kB | 7.7/116 kB Progress (2): 7.7/29 kB | 12/116 kB Progress (2): 10/29 kB | 12/116 kB Progress (2): 10/29 kB | 16/116 kB Progress (2): 14/29 kB | 16/116 kB Progress (2): 14/29 kB | 20/116 kB Progress (2): 16/29 kB | 20/116 kB Progress (2): 16/29 kB | 24/116 kB Progress (2): 16/29 kB | 28/116 kB Progress (2): 19/29 kB | 28/116 kB Progress (2): 22/29 kB | 28/116 kB Progress (2): 25/29 kB | 28/116 kB Progress (2): 25/29 kB | 32/116 kB Progress (2): 27/29 kB | 32/116 kB Progress (2): 27/29 kB | 36/116 kB Progress (2): 29 kB | 36/116 kB Progress (2): 29 kB | 40/116 kB Progress (2): 29 kB | 45/116 kB Progress (2): 29 kB | 49/116 kB Progress (2): 29 kB | 53/116 kB Progress (2): 29 kB | 57/116 kB Progress (2): 29 kB | 61/116 kB Progress (2): 29 kB | 65/116 kB Progress (2): 29 kB | 69/116 kB Progress (2): 29 kB | 73/116 kB Progress (2): 29 kB | 77/116 kB Progress (2): 29 kB | 81/116 kB Progress (2): 29 kB | 86/116 kB Progress (2): 29 kB | 90/116 kB Progress (2): 29 kB | 94/116 kB Progress (3): 29 kB | 94/116 kB | 3.4/35 kB Progress (3): 29 kB | 98/116 kB | 3.4/35 kB Progress (3): 29 kB | 98/116 kB | 7.5/35 kB Progress (4): 29 kB | 98/116 kB | 7.5/35 kB | 4.1/57 kB Progress (4): 29 kB | 102/116 kB | 7.5/35 kB | 4.1/57 kB Progress (4): 29 kB | 102/116 kB | 12/35 kB | 4.1/57 kB Progress (4): 29 kB | 102/116 kB | 16/35 kB | 4.1/57 kB Progress (4): 29 kB | 102/116 kB | 20/35 kB | 4.1/57 kB Progress (4): 29 kB | 102/116 kB | 20/35 kB | 8.2/57 kB Progress (4): 29 kB | 106/116 kB | 20/35 kB | 8.2/57 kB Progress (4): 29 kB | 106/116 kB | 20/35 kB | 12/57 kB Progress (4): 29 kB | 106/116 kB | 20/35 kB | 16/57 kB Progress (4): 29 kB | 106/116 kB | 20/35 kB | 20/57 kB Progress (4): 29 kB | 106/116 kB | 24/35 kB | 20/57 kB Progress (4): 29 kB | 106/116 kB | 24/35 kB | 25/57 kB Progress (4): 29 kB | 110/116 kB | 24/35 kB | 25/57 kB Progress (4): 29 kB | 110/116 kB | 28/35 kB | 25/57 kB Progress (4): 29 kB | 114/116 kB | 28/35 kB | 25/57 kB Progress (4): 29 kB | 114/116 kB | 28/35 kB | 29/57 kB Progress (4): 29 kB | 114/116 kB | 32/35 kB | 29/57 kB Progress (4): 29 kB | 116 kB | 32/35 kB | 29/57 kB Progress (4): 29 kB | 116 kB | 32/35 kB | 33/57 kB Progress (4): 29 kB | 116 kB | 35 kB | 33/57 kB Progress (4): 29 kB | 116 kB | 35 kB | 37/57 kB Progress (4): 29 kB | 116 kB | 35 kB | 41/57 kB Progress (4): 29 kB | 116 kB | 35 kB | 45/57 kB Progress (4): 29 kB | 116 kB | 35 kB | 49/57 kB Progress (4): 29 kB | 116 kB | 35 kB | 53/57 kB Progress (4): 29 kB | 116 kB | 35 kB | 57 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-registry/2.0.6/maven-plugin-registry-2.0.6.jar (29 kB at 761 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-parameter-documenter/2.0.6/maven-plugin-parameter-documenter-2.0.6.jar Progress (4): 116 kB | 35 kB | 57 kB | 2.3/152 kB Progress (4): 116 kB | 35 kB | 57 kB | 5.0/152 kB Progress (4): 116 kB | 35 kB | 57 kB | 7.7/152 kB Progress (4): 116 kB | 35 kB | 57 kB | 10/152 kB Progress (4): 116 kB | 35 kB | 57 kB | 13/152 kB Progress (4): 116 kB | 35 kB | 57 kB | 16/152 kB Progress (4): 116 kB | 35 kB | 57 kB | 19/152 kB Progress (4): 116 kB | 35 kB | 57 kB | 21/152 kB Progress (4): 116 kB | 35 kB | 57 kB | 24/152 kB Progress (4): 116 kB | 35 kB | 57 kB | 27/152 kB Progress (4): 116 kB | 35 kB | 57 kB | 30/152 kB Progress (4): 116 kB | 35 kB | 57 kB | 32/152 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact-manager/2.0.6/maven-artifact-manager-2.0.6.jar (57 kB at 1.2 MB/s) Progress (3): 116 kB | 35 kB | 35/152 kB Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/reporting/maven-reporting-api/2.0.6/maven-reporting-api-2.0.6.jar Progress (3): 116 kB | 35 kB | 38/152 kB Progress (3): 116 kB | 35 kB | 41/152 kB Progress (3): 116 kB | 35 kB | 43/152 kB Progress (3): 116 kB | 35 kB | 46/152 kB Progress (3): 116 kB | 35 kB | 49/152 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-profile/2.0.6/maven-profile-2.0.6.jar (35 kB at 750 kB/s) Progress (2): 116 kB | 52/152 kB Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/doxia/doxia-sink-api/1.0-alpha-7/doxia-sink-api-1.0-alpha-7.jar Progress (2): 116 kB | 54/152 kB Progress (2): 116 kB | 58/152 kB Progress (2): 116 kB | 62/152 kB Progress (2): 116 kB | 65/152 kB Progress (2): 116 kB | 69/152 kB Progress (2): 116 kB | 73/152 kB Progress (2): 116 kB | 77/152 kB Progress (2): 116 kB | 81/152 kB Progress (2): 116 kB | 85/152 kB Progress (2): 116 kB | 89/152 kB Progress (2): 116 kB | 93/152 kB Progress (2): 116 kB | 98/152 kB Progress (2): 116 kB | 102/152 kB Progress (2): 116 kB | 106/152 kB Progress (2): 116 kB | 110/152 kB Progress (2): 116 kB | 114/152 kB Progress (2): 116 kB | 118/152 kB Progress (2): 116 kB | 122/152 kB Progress (2): 116 kB | 126/152 kB Progress (2): 116 kB | 130/152 kB Progress (2): 116 kB | 132/152 kB Progress (2): 116 kB | 137/152 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-project/2.0.6/maven-project-2.0.6.jar (116 kB at 2.2 MB/s) Progress (1): 141/152 kB Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-repository-metadata/2.0.6/maven-repository-metadata-2.0.6.jar Progress (1): 145/152 kB Progress (1): 149/152 kB Progress (1): 152 kB Progress (2): 152 kB | 2.3/21 kB Progress (2): 152 kB | 5.0/21 kB Progress (2): 152 kB | 7.7/21 kB Progress (2): 152 kB | 10/21 kB Progress (2): 152 kB | 13/21 kB Progress (2): 152 kB | 17/21 kB Progress (2): 152 kB | 21 kB Progress (3): 152 kB | 21 kB | 3.3/9.9 kB Progress (3): 152 kB | 21 kB | 7.4/9.9 kB Progress (3): 152 kB | 21 kB | 9.9 kB Progress (4): 152 kB | 21 kB | 9.9 kB | 3.8/24 kB Progress (4): 152 kB | 21 kB | 9.9 kB | 7.8/24 kB Progress (4): 152 kB | 21 kB | 9.9 kB | 12/24 kB Progress (4): 152 kB | 21 kB | 9.9 kB | 16/24 kB Progress (4): 152 kB | 21 kB | 9.9 kB | 20/24 kB Progress (4): 152 kB | 21 kB | 9.9 kB | 24/24 kB Progress (4): 152 kB | 21 kB | 9.9 kB | 24 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-parameter-documenter/2.0.6/maven-plugin-parameter-documenter-2.0.6.jar (21 kB at 297 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-error-diagnostics/2.0.6/maven-error-diagnostics-2.0.6.jar Progress (4): 152 kB | 9.9 kB | 24 kB | 4.1/5.9 kB Progress (4): 152 kB | 9.9 kB | 24 kB | 5.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-core/2.0.6/maven-core-2.0.6.jar (152 kB at 1.9 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/commons-cli/commons-cli/1.0/commons-cli-1.0.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/reporting/maven-reporting-api/2.0.6/maven-reporting-api-2.0.6.jar (9.9 kB at 126 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-descriptor/2.0.6/maven-plugin-descriptor-2.0.6.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-repository-metadata/2.0.6/maven-repository-metadata-2.0.6.jar (24 kB at 306 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-interactivity-api/1.0-alpha-4/plexus-interactivity-api-1.0-alpha-4.jar Progress (2): 5.9 kB | 3.8/14 kB Progress (2): 5.9 kB | 7.8/14 kB Progress (2): 5.9 kB | 12/14 kB Progress (2): 5.9 kB | 14 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/doxia/doxia-sink-api/1.0-alpha-7/doxia-sink-api-1.0-alpha-7.jar (5.9 kB at 65 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/classworlds/classworlds/1.1/classworlds-1.1.jar Progress (2): 14 kB | 4.1/30 kB Progress (2): 14 kB | 7.7/30 kB Progress (3): 14 kB | 7.7/30 kB | 3.8/13 kB Progress (3): 14 kB | 12/30 kB | 3.8/13 kB Progress (3): 14 kB | 16/30 kB | 3.8/13 kB Progress (3): 14 kB | 16/30 kB | 7.8/13 kB Progress (3): 14 kB | 16/30 kB | 12/13 kB Progress (3): 14 kB | 16/30 kB | 13 kB Progress (3): 14 kB | 20/30 kB | 13 kB Progress (3): 14 kB | 24/30 kB | 13 kB Progress (3): 14 kB | 28/30 kB | 13 kB Progress (3): 14 kB | 30 kB | 13 kB Progress (4): 14 kB | 30 kB | 13 kB | 3.8/37 kB Progress (4): 14 kB | 30 kB | 13 kB | 7.8/37 kB Progress (4): 14 kB | 30 kB | 13 kB | 12/37 kB Progress (4): 14 kB | 30 kB | 13 kB | 16/37 kB Progress (4): 14 kB | 30 kB | 13 kB | 20/37 kB Progress (4): 14 kB | 30 kB | 13 kB | 24/37 kB Progress (4): 14 kB | 30 kB | 13 kB | 28/37 kB Progress (4): 14 kB | 30 kB | 13 kB | 32/37 kB Progress (4): 14 kB | 30 kB | 13 kB | 37/37 kB Progress (4): 14 kB | 30 kB | 13 kB | 37 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-error-diagnostics/2.0.6/maven-error-diagnostics-2.0.6.jar (14 kB at 127 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact/2.0.6/maven-artifact-2.0.6.jar Progress (4): 30 kB | 13 kB | 37 kB | 4.1/38 kB Progress (4): 30 kB | 13 kB | 37 kB | 7.7/38 kB Progress (4): 30 kB | 13 kB | 37 kB | 12/38 kB Progress (4): 30 kB | 13 kB | 37 kB | 16/38 kB Progress (4): 30 kB | 13 kB | 37 kB | 20/38 kB Progress (4): 30 kB | 13 kB | 37 kB | 24/38 kB Progress (4): 30 kB | 13 kB | 37 kB | 28/38 kB Progress (4): 30 kB | 13 kB | 37 kB | 32/38 kB Progress (4): 30 kB | 13 kB | 37 kB | 36/38 kB Progress (4): 30 kB | 13 kB | 37 kB | 38 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-interactivity-api/1.0-alpha-4/plexus-interactivity-api-1.0-alpha-4.jar (13 kB at 118 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-settings/2.0.6/maven-settings-2.0.6.jar Downloaded from central: https://repo.maven.apache.org/maven2/commons-cli/commons-cli/1.0/commons-cli-1.0.jar (30 kB at 260 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-model/2.0.6/maven-model-2.0.6.jar Progress (3): 37 kB | 38 kB | 3.8/87 kB Progress (3): 37 kB | 38 kB | 7.8/87 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-descriptor/2.0.6/maven-plugin-descriptor-2.0.6.jar (37 kB at 288 kB/s) Progress (2): 38 kB | 12/87 kB Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-monitor/2.0.6/maven-monitor-2.0.6.jar Progress (2): 38 kB | 16/87 kB Progress (2): 38 kB | 20/87 kB Progress (2): 38 kB | 24/87 kB Progress (2): 38 kB | 28/87 kB Progress (2): 38 kB | 32/87 kB Progress (2): 38 kB | 37/87 kB Progress (2): 38 kB | 41/87 kB Progress (2): 38 kB | 45/87 kB Progress (2): 38 kB | 49/87 kB Progress (2): 38 kB | 53/87 kB Progress (2): 38 kB | 57/87 kB Progress (3): 38 kB | 57/87 kB | 4.1/49 kB Progress (3): 38 kB | 57/87 kB | 8.2/49 kB Progress (3): 38 kB | 57/87 kB | 12/49 kB Progress (3): 38 kB | 57/87 kB | 16/49 kB Progress (3): 38 kB | 57/87 kB | 20/49 kB Progress (3): 38 kB | 57/87 kB | 25/49 kB Progress (3): 38 kB | 57/87 kB | 29/49 kB Progress (3): 38 kB | 57/87 kB | 33/49 kB Progress (3): 38 kB | 57/87 kB | 37/49 kB Progress (3): 38 kB | 57/87 kB | 41/49 kB Progress (3): 38 kB | 57/87 kB | 45/49 kB Progress (3): 38 kB | 57/87 kB | 49 kB Progress (3): 38 kB | 61/87 kB | 49 kB Progress (3): 38 kB | 65/87 kB | 49 kB Progress (3): 38 kB | 69/87 kB | 49 kB Progress (3): 38 kB | 71/87 kB | 49 kB Progress (3): 38 kB | 76/87 kB | 49 kB Progress (3): 38 kB | 80/87 kB | 49 kB Progress (3): 38 kB | 84/87 kB | 49 kB Progress (4): 38 kB | 84/87 kB | 49 kB | 4.1/86 kB Progress (4): 38 kB | 87 kB | 49 kB | 4.1/86 kB Progress (4): 38 kB | 87 kB | 49 kB | 7.7/86 kB Progress (4): 38 kB | 87 kB | 49 kB | 12/86 kB Progress (4): 38 kB | 87 kB | 49 kB | 16/86 kB Progress (4): 38 kB | 87 kB | 49 kB | 20/86 kB Progress (4): 38 kB | 87 kB | 49 kB | 24/86 kB Progress (4): 38 kB | 87 kB | 49 kB | 28/86 kB Progress (4): 38 kB | 87 kB | 49 kB | 32/86 kB Downloaded from central: https://repo.maven.apache.org/maven2/classworlds/classworlds/1.1/classworlds-1.1.jar (38 kB at 274 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-container-default/1.0-alpha-9-stable-1/plexus-container-default-1.0-alpha-9-stable-1.jar Progress (3): 87 kB | 49 kB | 36/86 kB Progress (3): 87 kB | 49 kB | 40/86 kB Progress (3): 87 kB | 49 kB | 44/86 kB Progress (3): 87 kB | 49 kB | 48/86 kB Progress (3): 87 kB | 49 kB | 52/86 kB Progress (3): 87 kB | 49 kB | 57/86 kB Progress (3): 87 kB | 49 kB | 61/86 kB Progress (3): 87 kB | 49 kB | 65/86 kB Progress (3): 87 kB | 49 kB | 69/86 kB Progress (3): 87 kB | 49 kB | 73/86 kB Progress (3): 87 kB | 49 kB | 77/86 kB Progress (3): 87 kB | 49 kB | 81/86 kB Progress (3): 87 kB | 49 kB | 85/86 kB Progress (3): 87 kB | 49 kB | 86 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-settings/2.0.6/maven-settings-2.0.6.jar (49 kB at 327 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/junit/junit/3.8.1/junit-3.8.1.jar Progress (3): 87 kB | 86 kB | 3.8/10 kB Progress (3): 87 kB | 86 kB | 7.8/10 kB Progress (3): 87 kB | 86 kB | 10 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact/2.0.6/maven-artifact-2.0.6.jar (87 kB at 560 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/2.0.5/plexus-utils-2.0.5.jar Progress (3): 86 kB | 10 kB | 4.1/194 kB Progress (3): 86 kB | 10 kB | 7.7/194 kB Progress (3): 86 kB | 10 kB | 12/194 kB Progress (3): 86 kB | 10 kB | 16/194 kB Progress (3): 86 kB | 10 kB | 20/194 kB Progress (3): 86 kB | 10 kB | 24/194 kB Progress (3): 86 kB | 10 kB | 28/194 kB Progress (3): 86 kB | 10 kB | 32/194 kB Progress (3): 86 kB | 10 kB | 36/194 kB Progress (3): 86 kB | 10 kB | 40/194 kB Progress (3): 86 kB | 10 kB | 44/194 kB Progress (3): 86 kB | 10 kB | 48/194 kB Progress (3): 86 kB | 10 kB | 53/194 kB Progress (3): 86 kB | 10 kB | 57/194 kB Progress (3): 86 kB | 10 kB | 61/194 kB Progress (3): 86 kB | 10 kB | 65/194 kB Progress (3): 86 kB | 10 kB | 69/194 kB Progress (3): 86 kB | 10 kB | 73/194 kB Progress (3): 86 kB | 10 kB | 77/194 kB Progress (3): 86 kB | 10 kB | 81/194 kB Progress (3): 86 kB | 10 kB | 85/194 kB Progress (3): 86 kB | 10 kB | 89/194 kB Progress (3): 86 kB | 10 kB | 93/194 kB Progress (3): 86 kB | 10 kB | 98/194 kB Progress (3): 86 kB | 10 kB | 102/194 kB Progress (3): 86 kB | 10 kB | 106/194 kB Progress (3): 86 kB | 10 kB | 110/194 kB Progress (3): 86 kB | 10 kB | 114/194 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-model/2.0.6/maven-model-2.0.6.jar (86 kB at 520 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-filtering/1.1/maven-filtering-1.1.jar Progress (2): 10 kB | 118/194 kB Progress (2): 10 kB | 122/194 kB Progress (2): 10 kB | 126/194 kB Progress (2): 10 kB | 130/194 kB Progress (2): 10 kB | 134/194 kB Progress (2): 10 kB | 139/194 kB Progress (2): 10 kB | 143/194 kB Progress (2): 10 kB | 147/194 kB Progress (2): 10 kB | 151/194 kB Progress (2): 10 kB | 155/194 kB Progress (2): 10 kB | 159/194 kB Progress (2): 10 kB | 163/194 kB Progress (2): 10 kB | 167/194 kB Progress (2): 10 kB | 171/194 kB Progress (2): 10 kB | 175/194 kB Progress (2): 10 kB | 179/194 kB Progress (2): 10 kB | 184/194 kB Progress (2): 10 kB | 188/194 kB Progress (2): 10 kB | 192/194 kB Progress (2): 10 kB | 194 kB Progress (3): 10 kB | 194 kB | 4.1/121 kB Progress (3): 10 kB | 194 kB | 7.7/121 kB Progress (3): 10 kB | 194 kB | 12/121 kB Progress (3): 10 kB | 194 kB | 16/121 kB Progress (3): 10 kB | 194 kB | 20/121 kB Progress (3): 10 kB | 194 kB | 24/121 kB Progress (3): 10 kB | 194 kB | 28/121 kB Progress (3): 10 kB | 194 kB | 32/121 kB Progress (3): 10 kB | 194 kB | 36/121 kB Progress (3): 10 kB | 194 kB | 40/121 kB Progress (3): 10 kB | 194 kB | 45/121 kB Progress (3): 10 kB | 194 kB | 49/121 kB Progress (3): 10 kB | 194 kB | 53/121 kB Progress (3): 10 kB | 194 kB | 57/121 kB Progress (3): 10 kB | 194 kB | 61/121 kB Progress (3): 10 kB | 194 kB | 65/121 kB Progress (3): 10 kB | 194 kB | 69/121 kB Progress (3): 10 kB | 194 kB | 73/121 kB Progress (3): 10 kB | 194 kB | 77/121 kB Progress (3): 10 kB | 194 kB | 81/121 kB Progress (3): 10 kB | 194 kB | 86/121 kB Progress (3): 10 kB | 194 kB | 90/121 kB Progress (3): 10 kB | 194 kB | 94/121 kB Progress (3): 10 kB | 194 kB | 98/121 kB Progress (3): 10 kB | 194 kB | 102/121 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-monitor/2.0.6/maven-monitor-2.0.6.jar (10 kB at 59 kB/s) Progress (2): 194 kB | 106/121 kB Progress (3): 194 kB | 106/121 kB | 3.8/223 kB Progress (3): 194 kB | 106/121 kB | 7.8/223 kB Progress (3): 194 kB | 110/121 kB | 7.8/223 kB Progress (3): 194 kB | 114/121 kB | 7.8/223 kB Progress (3): 194 kB | 118/121 kB | 7.8/223 kB Progress (3): 194 kB | 121 kB | 7.8/223 kB Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/plexus/plexus-build-api/0.0.4/plexus-build-api-0.0.4.jar Progress (3): 194 kB | 121 kB | 12/223 kB Progress (3): 194 kB | 121 kB | 16/223 kB Progress (3): 194 kB | 121 kB | 20/223 kB Progress (3): 194 kB | 121 kB | 24/223 kB Progress (3): 194 kB | 121 kB | 28/223 kB Progress (3): 194 kB | 121 kB | 32/223 kB Progress (3): 194 kB | 121 kB | 36/223 kB Progress (3): 194 kB | 121 kB | 40/223 kB Progress (3): 194 kB | 121 kB | 45/223 kB Progress (3): 194 kB | 121 kB | 49/223 kB Progress (3): 194 kB | 121 kB | 53/223 kB Progress (3): 194 kB | 121 kB | 57/223 kB Progress (3): 194 kB | 121 kB | 61/223 kB Progress (3): 194 kB | 121 kB | 65/223 kB Progress (3): 194 kB | 121 kB | 69/223 kB Progress (3): 194 kB | 121 kB | 73/223 kB Progress (3): 194 kB | 121 kB | 77/223 kB Progress (3): 194 kB | 121 kB | 81/223 kB Progress (3): 194 kB | 121 kB | 86/223 kB Progress (3): 194 kB | 121 kB | 90/223 kB Progress (3): 194 kB | 121 kB | 94/223 kB Progress (3): 194 kB | 121 kB | 98/223 kB Progress (3): 194 kB | 121 kB | 102/223 kB Progress (3): 194 kB | 121 kB | 106/223 kB Progress (3): 194 kB | 121 kB | 110/223 kB Progress (3): 194 kB | 121 kB | 114/223 kB Progress (3): 194 kB | 121 kB | 118/223 kB Progress (3): 194 kB | 121 kB | 122/223 kB Progress (3): 194 kB | 121 kB | 127/223 kB Progress (3): 194 kB | 121 kB | 131/223 kB Progress (3): 194 kB | 121 kB | 135/223 kB Progress (3): 194 kB | 121 kB | 139/223 kB Progress (3): 194 kB | 121 kB | 143/223 kB Progress (3): 194 kB | 121 kB | 147/223 kB Progress (3): 194 kB | 121 kB | 151/223 kB Progress (3): 194 kB | 121 kB | 155/223 kB Progress (3): 194 kB | 121 kB | 159/223 kB Progress (3): 194 kB | 121 kB | 163/223 kB Progress (3): 194 kB | 121 kB | 167/223 kB Progress (3): 194 kB | 121 kB | 172/223 kB Progress (3): 194 kB | 121 kB | 176/223 kB Progress (3): 194 kB | 121 kB | 180/223 kB Progress (3): 194 kB | 121 kB | 184/223 kB Progress (3): 194 kB | 121 kB | 188/223 kB Progress (3): 194 kB | 121 kB | 192/223 kB Progress (3): 194 kB | 121 kB | 196/223 kB Progress (3): 194 kB | 121 kB | 200/223 kB Progress (3): 194 kB | 121 kB | 204/223 kB Progress (4): 194 kB | 121 kB | 204/223 kB | 4.1/43 kB Progress (4): 194 kB | 121 kB | 204/223 kB | 7.7/43 kB Progress (4): 194 kB | 121 kB | 204/223 kB | 12/43 kB Progress (4): 194 kB | 121 kB | 204/223 kB | 16/43 kB Progress (4): 194 kB | 121 kB | 208/223 kB | 16/43 kB Progress (4): 194 kB | 121 kB | 213/223 kB | 16/43 kB Progress (4): 194 kB | 121 kB | 217/223 kB | 16/43 kB Progress (4): 194 kB | 121 kB | 221/223 kB | 16/43 kB Progress (4): 194 kB | 121 kB | 223 kB | 16/43 kB Progress (4): 194 kB | 121 kB | 223 kB | 20/43 kB Progress (4): 194 kB | 121 kB | 223 kB | 24/43 kB Progress (4): 194 kB | 121 kB | 223 kB | 28/43 kB Progress (4): 194 kB | 121 kB | 223 kB | 32/43 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-container-default/1.0-alpha-9-stable-1/plexus-container-default-1.0-alpha-9-stable-1.jar (194 kB at 1.0 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-interpolation/1.13/plexus-interpolation-1.13.jar Progress (3): 121 kB | 223 kB | 36/43 kB Progress (3): 121 kB | 223 kB | 40/43 kB Progress (3): 121 kB | 223 kB | 43 kB Downloaded from central: https://repo.maven.apache.org/maven2/junit/junit/3.8.1/junit-3.8.1.jar (121 kB at 637 kB/s) Progress (3): 223 kB | 43 kB | 3.4/6.8 kB Progress (3): 223 kB | 43 kB | 6.8 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-filtering/1.1/maven-filtering-1.1.jar (43 kB at 210 kB/s) Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/2.0.5/plexus-utils-2.0.5.jar (223 kB at 1.1 MB/s) Progress (2): 6.8 kB | 4.1/61 kB Progress (2): 6.8 kB | 8.2/61 kB Progress (2): 6.8 kB | 12/61 kB Progress (2): 6.8 kB | 16/61 kB Progress (2): 6.8 kB | 20/61 kB Progress (2): 6.8 kB | 25/61 kB Progress (2): 6.8 kB | 29/61 kB Progress (2): 6.8 kB | 33/61 kB Progress (2): 6.8 kB | 37/61 kB Progress (2): 6.8 kB | 41/61 kB Progress (2): 6.8 kB | 45/61 kB Progress (2): 6.8 kB | 49/61 kB Progress (2): 6.8 kB | 53/61 kB Progress (2): 6.8 kB | 57/61 kB Progress (2): 6.8 kB | 61 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/plexus/plexus-build-api/0.0.4/plexus-build-api-0.0.4.jar (6.8 kB at 30 kB/s) Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-interpolation/1.13/plexus-interpolation-1.13.jar (61 kB at 270 kB/s) [WARNING] Using platform encoding (UTF-8 actually) to copy filtered resources, i.e. build is platform dependent! [INFO] skip non existing resourceDirectory /work/src/main/resources [INFO] [INFO] --- maven-compiler-plugin:3.1:compile (default-compile) @ simple-java-project --- Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-api/2.0.9/maven-plugin-api-2.0.9.pom Progress (1): 1.5 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-api/2.0.9/maven-plugin-api-2.0.9.pom (1.5 kB at 50 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven/2.0.9/maven-2.0.9.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 16 kB Progress (1): 19 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven/2.0.9/maven-2.0.9.pom (19 kB at 556 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/8/maven-parent-8.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 16 kB Progress (1): 20 kB Progress (1): 24 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/8/maven-parent-8.pom (24 kB at 447 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/apache/4/apache-4.pom Progress (1): 4.1 kB Progress (1): 4.5 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/apache/4/apache-4.pom (4.5 kB at 125 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact/2.0.9/maven-artifact-2.0.9.pom Progress (1): 1.6 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact/2.0.9/maven-artifact-2.0.9.pom (1.6 kB at 56 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/1.5.1/plexus-utils-1.5.1.pom Progress (1): 2.3 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/1.5.1/plexus-utils-1.5.1.pom (2.3 kB at 82 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-core/2.0.9/maven-core-2.0.9.pom Progress (1): 4.1 kB Progress (1): 7.8 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-core/2.0.9/maven-core-2.0.9.pom (7.8 kB at 268 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-settings/2.0.9/maven-settings-2.0.9.pom Progress (1): 2.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-settings/2.0.9/maven-settings-2.0.9.pom (2.1 kB at 69 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-model/2.0.9/maven-model-2.0.9.pom Progress (1): 3.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-model/2.0.9/maven-model-2.0.9.pom (3.1 kB at 92 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-parameter-documenter/2.0.9/maven-plugin-parameter-documenter-2.0.9.pom Progress (1): 2.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-parameter-documenter/2.0.9/maven-plugin-parameter-documenter-2.0.9.pom (2.0 kB at 50 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-profile/2.0.9/maven-profile-2.0.9.pom Progress (1): 2.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-profile/2.0.9/maven-profile-2.0.9.pom (2.0 kB at 59 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-repository-metadata/2.0.9/maven-repository-metadata-2.0.9.pom Progress (1): 1.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-repository-metadata/2.0.9/maven-repository-metadata-2.0.9.pom (1.9 kB at 59 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-error-diagnostics/2.0.9/maven-error-diagnostics-2.0.9.pom Progress (1): 1.7 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-error-diagnostics/2.0.9/maven-error-diagnostics-2.0.9.pom (1.7 kB at 53 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-project/2.0.9/maven-project-2.0.9.pom Progress (1): 2.7 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-project/2.0.9/maven-project-2.0.9.pom (2.7 kB at 85 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact-manager/2.0.9/maven-artifact-manager-2.0.9.pom Progress (1): 2.7 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact-manager/2.0.9/maven-artifact-manager-2.0.9.pom (2.7 kB at 87 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-registry/2.0.9/maven-plugin-registry-2.0.9.pom Progress (1): 2.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-registry/2.0.9/maven-plugin-registry-2.0.9.pom (2.0 kB at 48 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-descriptor/2.0.9/maven-plugin-descriptor-2.0.9.pom Progress (1): 2.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-descriptor/2.0.9/maven-plugin-descriptor-2.0.9.pom (2.1 kB at 55 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-monitor/2.0.9/maven-monitor-2.0.9.pom Progress (1): 1.3 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-monitor/2.0.9/maven-monitor-2.0.9.pom (1.3 kB at 38 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-toolchain/1.0/maven-toolchain-1.0.pom Progress (1): 3.4 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-toolchain/1.0/maven-toolchain-1.0.pom (3.4 kB at 98 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-utils/0.1/maven-shared-utils-0.1.pom Progress (1): 4.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-utils/0.1/maven-shared-utils-0.1.pom (4.0 kB at 112 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-components/18/maven-shared-components-18.pom Progress (1): 4.1 kB Progress (1): 4.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-components/18/maven-shared-components-18.pom (4.9 kB at 154 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/com/google/code/findbugs/jsr305/2.0.1/jsr305-2.0.1.pom Progress (1): 965 B Downloaded from central: https://repo.maven.apache.org/maven2/com/google/code/findbugs/jsr305/2.0.1/jsr305-2.0.1.pom (965 B at 33 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-incremental/1.1/maven-shared-incremental-1.1.pom Progress (1): 4.1 kB Progress (1): 4.7 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-incremental/1.1/maven-shared-incremental-1.1.pom (4.7 kB at 132 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-components/19/maven-shared-components-19.pom Progress (1): 4.1 kB Progress (1): 6.4 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-components/19/maven-shared-components-19.pom (6.4 kB at 187 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-api/2.2.1/maven-plugin-api-2.2.1.pom Progress (1): 1.5 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-api/2.2.1/maven-plugin-api-2.2.1.pom (1.5 kB at 50 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven/2.2.1/maven-2.2.1.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 16 kB Progress (1): 20 kB Progress (1): 22 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven/2.2.1/maven-2.2.1.pom (22 kB at 547 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/11/maven-parent-11.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 16 kB Progress (1): 20 kB Progress (1): 25 kB Progress (1): 29 kB Progress (1): 32 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/11/maven-parent-11.pom (32 kB at 790 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/apache/5/apache-5.pom Progress (1): 4.1 kB Progress (1): 4.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/apache/5/apache-5.pom (4.1 kB at 114 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-core/2.2.1/maven-core-2.2.1.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-core/2.2.1/maven-core-2.2.1.pom (12 kB at 353 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-settings/2.2.1/maven-settings-2.2.1.pom Progress (1): 2.2 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-settings/2.2.1/maven-settings-2.2.1.pom (2.2 kB at 73 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-model/2.2.1/maven-model-2.2.1.pom Progress (1): 3.2 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-model/2.2.1/maven-model-2.2.1.pom (3.2 kB at 105 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-interpolation/1.11/plexus-interpolation-1.11.pom Progress (1): 889 B Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-interpolation/1.11/plexus-interpolation-1.11.pom (889 B at 31 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-parameter-documenter/2.2.1/maven-plugin-parameter-documenter-2.2.1.pom Progress (1): 2.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-parameter-documenter/2.2.1/maven-plugin-parameter-documenter-2.2.1.pom (2.0 kB at 70 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/slf4j/slf4j-jdk14/1.5.6/slf4j-jdk14-1.5.6.pom Progress (1): 1.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/slf4j/slf4j-jdk14/1.5.6/slf4j-jdk14-1.5.6.pom (1.9 kB at 58 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/slf4j/slf4j-parent/1.5.6/slf4j-parent-1.5.6.pom Progress (1): 4.1 kB Progress (1): 7.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/slf4j/slf4j-parent/1.5.6/slf4j-parent-1.5.6.pom (7.9 kB at 220 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/slf4j/slf4j-api/1.5.6/slf4j-api-1.5.6.pom Progress (1): 3.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/slf4j/slf4j-api/1.5.6/slf4j-api-1.5.6.pom (3.0 kB at 93 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/slf4j/jcl-over-slf4j/1.5.6/jcl-over-slf4j-1.5.6.pom Progress (1): 2.2 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/slf4j/jcl-over-slf4j/1.5.6/jcl-over-slf4j-1.5.6.pom (2.2 kB at 68 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-profile/2.2.1/maven-profile-2.2.1.pom Progress (1): 2.2 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-profile/2.2.1/maven-profile-2.2.1.pom (2.2 kB at 70 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact/2.2.1/maven-artifact-2.2.1.pom Progress (1): 1.6 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact/2.2.1/maven-artifact-2.2.1.pom (1.6 kB at 48 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-repository-metadata/2.2.1/maven-repository-metadata-2.2.1.pom Progress (1): 1.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-repository-metadata/2.2.1/maven-repository-metadata-2.2.1.pom (1.9 kB at 65 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-error-diagnostics/2.2.1/maven-error-diagnostics-2.2.1.pom Progress (1): 1.7 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-error-diagnostics/2.2.1/maven-error-diagnostics-2.2.1.pom (1.7 kB at 40 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-project/2.2.1/maven-project-2.2.1.pom Progress (1): 2.8 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-project/2.2.1/maven-project-2.2.1.pom (2.8 kB at 89 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact-manager/2.2.1/maven-artifact-manager-2.2.1.pom Progress (1): 3.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact-manager/2.2.1/maven-artifact-manager-2.2.1.pom (3.1 kB at 94 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/backport-util-concurrent/backport-util-concurrent/3.1/backport-util-concurrent-3.1.pom Progress (1): 880 B Downloaded from central: https://repo.maven.apache.org/maven2/backport-util-concurrent/backport-util-concurrent/3.1/backport-util-concurrent-3.1.pom (880 B at 22 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-registry/2.2.1/maven-plugin-registry-2.2.1.pom Progress (1): 1.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-registry/2.2.1/maven-plugin-registry-2.2.1.pom (1.9 kB at 47 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-descriptor/2.2.1/maven-plugin-descriptor-2.2.1.pom Progress (1): 2.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-descriptor/2.2.1/maven-plugin-descriptor-2.2.1.pom (2.1 kB at 56 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-monitor/2.2.1/maven-monitor-2.2.1.pom Progress (1): 1.3 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-monitor/2.2.1/maven-monitor-2.2.1.pom (1.3 kB at 39 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/plexus/plexus-sec-dispatcher/1.3/plexus-sec-dispatcher-1.3.pom Progress (1): 3.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/plexus/plexus-sec-dispatcher/1.3/plexus-sec-dispatcher-1.3.pom (3.0 kB at 96 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/spice/spice-parent/12/spice-parent-12.pom Progress (1): 4.1 kB Progress (1): 6.8 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/spice/spice-parent/12/spice-parent-12.pom (6.8 kB at 206 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/forge/forge-parent/4/forge-parent-4.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 8.4 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/forge/forge-parent/4/forge-parent-4.pom (8.4 kB at 271 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/1.5.5/plexus-utils-1.5.5.pom Progress (1): 4.1 kB Progress (1): 5.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/1.5.5/plexus-utils-1.5.5.pom (5.1 kB at 161 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/plexus/plexus-cipher/1.4/plexus-cipher-1.4.pom Progress (1): 2.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/plexus/plexus-cipher/1.4/plexus-cipher-1.4.pom (2.1 kB at 52 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-component-annotations/1.5.5/plexus-component-annotations-1.5.5.pom Progress (1): 815 B Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-component-annotations/1.5.5/plexus-component-annotations-1.5.5.pom (815 B at 24 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-containers/1.5.5/plexus-containers-1.5.5.pom Progress (1): 4.1 kB Progress (1): 4.2 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-containers/1.5.5/plexus-containers-1.5.5.pom (4.2 kB at 128 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/2.0.7/plexus-2.0.7.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 16 kB Progress (1): 17 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/2.0.7/plexus-2.0.7.pom (17 kB at 455 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-compiler-api/2.2/plexus-compiler-api-2.2.pom Progress (1): 865 B Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-compiler-api/2.2/plexus-compiler-api-2.2.pom (865 B at 31 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-compiler/2.2/plexus-compiler-2.2.pom Progress (1): 3.6 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-compiler/2.2/plexus-compiler-2.2.pom (3.6 kB at 95 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-components/1.3.1/plexus-components-1.3.1.pom Progress (1): 3.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-components/1.3.1/plexus-components-1.3.1.pom (3.1 kB at 93 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/3.3.1/plexus-3.3.1.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 16 kB Progress (1): 20 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/3.3.1/plexus-3.3.1.pom (20 kB at 538 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/spice/spice-parent/17/spice-parent-17.pom Progress (1): 4.1 kB Progress (1): 6.8 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/spice/spice-parent/17/spice-parent-17.pom (6.8 kB at 260 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/forge/forge-parent/10/forge-parent-10.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 14 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/forge/forge-parent/10/forge-parent-10.pom (14 kB at 424 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/3.0.8/plexus-utils-3.0.8.pom Progress (1): 3.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/3.0.8/plexus-utils-3.0.8.pom (3.1 kB at 98 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/3.2/plexus-3.2.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 16 kB Progress (1): 19 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/3.2/plexus-3.2.pom (19 kB at 586 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-compiler-manager/2.2/plexus-compiler-manager-2.2.pom Progress (1): 690 B Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-compiler-manager/2.2/plexus-compiler-manager-2.2.pom (690 B at 20 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-compiler-javac/2.2/plexus-compiler-javac-2.2.pom Progress (1): 769 B Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-compiler-javac/2.2/plexus-compiler-javac-2.2.pom (769 B at 26 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-compilers/2.2/plexus-compilers-2.2.pom Progress (1): 1.2 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-compilers/2.2/plexus-compilers-2.2.pom (1.2 kB at 38 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-container-default/1.5.5/plexus-container-default-1.5.5.pom Progress (1): 2.8 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-container-default/1.5.5/plexus-container-default-1.5.5.pom (2.8 kB at 89 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/1.4.5/plexus-utils-1.4.5.pom Progress (1): 2.3 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/1.4.5/plexus-utils-1.4.5.pom (2.3 kB at 81 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-classworlds/2.2.2/plexus-classworlds-2.2.2.pom Progress (1): 4.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-classworlds/2.2.2/plexus-classworlds-2.2.2.pom (4.0 kB at 115 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/xbean/xbean-reflect/3.4/xbean-reflect-3.4.pom Progress (1): 2.8 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/xbean/xbean-reflect/3.4/xbean-reflect-3.4.pom (2.8 kB at 76 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/xbean/xbean/3.4/xbean-3.4.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 16 kB Progress (1): 19 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/xbean/xbean/3.4/xbean-3.4.pom (19 kB at 579 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/log4j/log4j/1.2.12/log4j-1.2.12.pom Progress (1): 145 B Downloaded from central: https://repo.maven.apache.org/maven2/log4j/log4j/1.2.12/log4j-1.2.12.pom (145 B at 4.3 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/commons-logging/commons-logging-api/1.1/commons-logging-api-1.1.pom Progress (1): 4.1 kB Progress (1): 5.3 kB Downloaded from central: https://repo.maven.apache.org/maven2/commons-logging/commons-logging-api/1.1/commons-logging-api-1.1.pom (5.3 kB at 149 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/com/google/collections/google-collections/1.0/google-collections-1.0.pom Progress (1): 2.5 kB Downloaded from central: https://repo.maven.apache.org/maven2/com/google/collections/google-collections/1.0/google-collections-1.0.pom (2.5 kB at 73 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/com/google/google/1/google-1.pom Progress (1): 1.6 kB Downloaded from central: https://repo.maven.apache.org/maven2/com/google/google/1/google-1.pom (1.6 kB at 43 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/junit/junit/3.8.2/junit-3.8.2.pom Progress (1): 747 B Downloaded from central: https://repo.maven.apache.org/maven2/junit/junit/3.8.2/junit-3.8.2.pom (747 B at 23 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-api/2.0.9/maven-plugin-api-2.0.9.jar Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact/2.0.9/maven-artifact-2.0.9.jar Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/1.5.1/plexus-utils-1.5.1.jar Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-core/2.0.9/maven-core-2.0.9.jar Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-settings/2.0.9/maven-settings-2.0.9.jar Progress (1): 4.1/13 kB Progress (1): 7.7/13 kB Progress (1): 12/13 kB Progress (1): 13 kB Progress (2): 13 kB | 4.1/89 kB Progress (2): 13 kB | 7.7/89 kB Progress (2): 13 kB | 12/89 kB Progress (2): 13 kB | 16/89 kB Progress (2): 13 kB | 20/89 kB Progress (2): 13 kB | 24/89 kB Progress (2): 13 kB | 28/89 kB Progress (2): 13 kB | 32/89 kB Progress (2): 13 kB | 36/89 kB Progress (2): 13 kB | 40/89 kB Progress (2): 13 kB | 45/89 kB Progress (2): 13 kB | 49/89 kB Progress (2): 13 kB | 53/89 kB Progress (2): 13 kB | 57/89 kB Progress (2): 13 kB | 61/89 kB Progress (2): 13 kB | 65/89 kB Progress (2): 13 kB | 69/89 kB Progress (2): 13 kB | 73/89 kB Progress (2): 13 kB | 77/89 kB Progress (2): 13 kB | 81/89 kB Progress (2): 13 kB | 86/89 kB Progress (2): 13 kB | 89 kB Progress (3): 13 kB | 89 kB | 4.1/211 kB Progress (3): 13 kB | 89 kB | 7.7/211 kB Progress (3): 13 kB | 89 kB | 12/211 kB Progress (3): 13 kB | 89 kB | 16/211 kB Progress (3): 13 kB | 89 kB | 20/211 kB Progress (3): 13 kB | 89 kB | 24/211 kB Progress (4): 13 kB | 89 kB | 24/211 kB | 3.8/160 kB Progress (4): 13 kB | 89 kB | 24/211 kB | 7.8/160 kB Progress (4): 13 kB | 89 kB | 24/211 kB | 12/160 kB Progress (4): 13 kB | 89 kB | 24/211 kB | 16/160 kB Progress (4): 13 kB | 89 kB | 24/211 kB | 20/160 kB Progress (4): 13 kB | 89 kB | 24/211 kB | 24/160 kB Progress (4): 13 kB | 89 kB | 24/211 kB | 28/160 kB Progress (4): 13 kB | 89 kB | 24/211 kB | 32/160 kB Progress (4): 13 kB | 89 kB | 24/211 kB | 37/160 kB Progress (4): 13 kB | 89 kB | 24/211 kB | 41/160 kB Progress (4): 13 kB | 89 kB | 24/211 kB | 45/160 kB Progress (4): 13 kB | 89 kB | 28/211 kB | 45/160 kB Progress (4): 13 kB | 89 kB | 32/211 kB | 45/160 kB Progress (4): 13 kB | 89 kB | 32/211 kB | 49/160 kB Progress (4): 13 kB | 89 kB | 36/211 kB | 49/160 kB Progress (4): 13 kB | 89 kB | 36/211 kB | 53/160 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-api/2.0.9/maven-plugin-api-2.0.9.jar (13 kB at 430 kB/s) Progress (3): 89 kB | 40/211 kB | 53/160 kB Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-parameter-documenter/2.0.9/maven-plugin-parameter-documenter-2.0.9.jar Progress (3): 89 kB | 40/211 kB | 57/160 kB Progress (3): 89 kB | 40/211 kB | 61/160 kB Progress (3): 89 kB | 40/211 kB | 65/160 kB Progress (3): 89 kB | 40/211 kB | 69/160 kB Progress (3): 89 kB | 40/211 kB | 73/160 kB Progress (3): 89 kB | 40/211 kB | 77/160 kB Progress (3): 89 kB | 40/211 kB | 82/160 kB Progress (3): 89 kB | 40/211 kB | 86/160 kB Progress (3): 89 kB | 40/211 kB | 90/160 kB Progress (3): 89 kB | 40/211 kB | 94/160 kB Progress (3): 89 kB | 40/211 kB | 98/160 kB Progress (3): 89 kB | 40/211 kB | 102/160 kB Progress (3): 89 kB | 40/211 kB | 106/160 kB Progress (3): 89 kB | 40/211 kB | 110/160 kB Progress (3): 89 kB | 40/211 kB | 114/160 kB Progress (3): 89 kB | 40/211 kB | 118/160 kB Progress (3): 89 kB | 40/211 kB | 123/160 kB Progress (3): 89 kB | 45/211 kB | 123/160 kB Progress (3): 89 kB | 45/211 kB | 127/160 kB Progress (3): 89 kB | 49/211 kB | 127/160 kB Progress (3): 89 kB | 49/211 kB | 131/160 kB Progress (3): 89 kB | 53/211 kB | 131/160 kB Progress (3): 89 kB | 53/211 kB | 135/160 kB Progress (3): 89 kB | 57/211 kB | 135/160 kB Progress (3): 89 kB | 57/211 kB | 139/160 kB Progress (3): 89 kB | 57/211 kB | 143/160 kB Progress (3): 89 kB | 57/211 kB | 147/160 kB Progress (3): 89 kB | 57/211 kB | 151/160 kB Progress (3): 89 kB | 57/211 kB | 155/160 kB Progress (3): 89 kB | 57/211 kB | 159/160 kB Progress (3): 89 kB | 57/211 kB | 160 kB Progress (3): 89 kB | 61/211 kB | 160 kB Progress (3): 89 kB | 65/211 kB | 160 kB Progress (3): 89 kB | 69/211 kB | 160 kB Progress (3): 89 kB | 73/211 kB | 160 kB Progress (3): 89 kB | 77/211 kB | 160 kB Progress (3): 89 kB | 81/211 kB | 160 kB Progress (3): 89 kB | 86/211 kB | 160 kB Progress (3): 89 kB | 90/211 kB | 160 kB Progress (3): 89 kB | 94/211 kB | 160 kB Progress (3): 89 kB | 98/211 kB | 160 kB Progress (3): 89 kB | 102/211 kB | 160 kB Progress (3): 89 kB | 106/211 kB | 160 kB Progress (4): 89 kB | 106/211 kB | 160 kB | 4.1/49 kB Progress (4): 89 kB | 106/211 kB | 160 kB | 7.7/49 kB Progress (4): 89 kB | 106/211 kB | 160 kB | 12/49 kB Progress (4): 89 kB | 106/211 kB | 160 kB | 16/49 kB Progress (4): 89 kB | 106/211 kB | 160 kB | 20/49 kB Progress (4): 89 kB | 106/211 kB | 160 kB | 24/49 kB Progress (4): 89 kB | 106/211 kB | 160 kB | 28/49 kB Progress (4): 89 kB | 106/211 kB | 160 kB | 32/49 kB Progress (4): 89 kB | 106/211 kB | 160 kB | 36/49 kB Progress (4): 89 kB | 106/211 kB | 160 kB | 40/49 kB Progress (4): 89 kB | 110/211 kB | 160 kB | 40/49 kB Progress (4): 89 kB | 114/211 kB | 160 kB | 40/49 kB Progress (4): 89 kB | 114/211 kB | 160 kB | 45/49 kB Progress (4): 89 kB | 118/211 kB | 160 kB | 45/49 kB Progress (4): 89 kB | 118/211 kB | 160 kB | 49/49 kB Progress (4): 89 kB | 122/211 kB | 160 kB | 49/49 kB Progress (4): 89 kB | 122/211 kB | 160 kB | 49 kB Progress (4): 89 kB | 126/211 kB | 160 kB | 49 kB Progress (4): 89 kB | 131/211 kB | 160 kB | 49 kB Progress (4): 89 kB | 135/211 kB | 160 kB | 49 kB Progress (4): 89 kB | 139/211 kB | 160 kB | 49 kB Progress (4): 89 kB | 143/211 kB | 160 kB | 49 kB Progress (4): 89 kB | 147/211 kB | 160 kB | 49 kB Progress (4): 89 kB | 151/211 kB | 160 kB | 49 kB Progress (4): 89 kB | 155/211 kB | 160 kB | 49 kB Progress (4): 89 kB | 159/211 kB | 160 kB | 49 kB Progress (4): 89 kB | 163/211 kB | 160 kB | 49 kB Progress (4): 89 kB | 167/211 kB | 160 kB | 49 kB Progress (4): 89 kB | 172/211 kB | 160 kB | 49 kB Progress (4): 89 kB | 176/211 kB | 160 kB | 49 kB Progress (4): 89 kB | 180/211 kB | 160 kB | 49 kB Progress (4): 89 kB | 184/211 kB | 160 kB | 49 kB Progress (4): 89 kB | 188/211 kB | 160 kB | 49 kB Progress (4): 89 kB | 192/211 kB | 160 kB | 49 kB Progress (4): 89 kB | 196/211 kB | 160 kB | 49 kB Progress (4): 89 kB | 200/211 kB | 160 kB | 49 kB Progress (4): 89 kB | 204/211 kB | 160 kB | 49 kB Progress (4): 89 kB | 208/211 kB | 160 kB | 49 kB Progress (4): 89 kB | 211 kB | 160 kB | 49 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact/2.0.9/maven-artifact-2.0.9.jar (89 kB at 1.7 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-profile/2.0.9/maven-profile-2.0.9.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-settings/2.0.9/maven-settings-2.0.9.jar (49 kB at 927 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-model/2.0.9/maven-model-2.0.9.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-core/2.0.9/maven-core-2.0.9.jar (160 kB at 3.0 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-repository-metadata/2.0.9/maven-repository-metadata-2.0.9.jar Progress (2): 211 kB | 4.1/21 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/1.5.1/plexus-utils-1.5.1.jar (211 kB at 3.7 MB/s) Progress (1): 7.7/21 kB Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-error-diagnostics/2.0.9/maven-error-diagnostics-2.0.9.jar Progress (1): 12/21 kB Progress (1): 16/21 kB Progress (1): 20/21 kB Progress (1): 21 kB Progress (2): 21 kB | 4.1/35 kB Progress (2): 21 kB | 7.7/35 kB Progress (2): 21 kB | 12/35 kB Progress (2): 21 kB | 16/35 kB Progress (2): 21 kB | 20/35 kB Progress (2): 21 kB | 24/35 kB Progress (2): 21 kB | 28/35 kB Progress (2): 21 kB | 32/35 kB Progress (2): 21 kB | 35 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-parameter-documenter/2.0.9/maven-plugin-parameter-documenter-2.0.9.jar (21 kB at 286 kB/s) Progress (2): 35 kB | 4.1/14 kB Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-project/2.0.9/maven-project-2.0.9.jar Progress (2): 35 kB | 7.7/14 kB Progress (2): 35 kB | 12/14 kB Progress (2): 35 kB | 14 kB Progress (3): 35 kB | 14 kB | 4.1/87 kB Progress (3): 35 kB | 14 kB | 7.7/87 kB Progress (3): 35 kB | 14 kB | 12/87 kB Progress (3): 35 kB | 14 kB | 16/87 kB Progress (3): 35 kB | 14 kB | 20/87 kB Progress (3): 35 kB | 14 kB | 24/87 kB Progress (3): 35 kB | 14 kB | 28/87 kB Progress (3): 35 kB | 14 kB | 32/87 kB Progress (4): 35 kB | 14 kB | 32/87 kB | 4.1/25 kB Progress (4): 35 kB | 14 kB | 36/87 kB | 4.1/25 kB Progress (4): 35 kB | 14 kB | 36/87 kB | 7.7/25 kB Progress (4): 35 kB | 14 kB | 40/87 kB | 7.7/25 kB Progress (4): 35 kB | 14 kB | 40/87 kB | 12/25 kB Progress (4): 35 kB | 14 kB | 45/87 kB | 12/25 kB Progress (4): 35 kB | 14 kB | 45/87 kB | 16/25 kB Progress (4): 35 kB | 14 kB | 49/87 kB | 16/25 kB Progress (4): 35 kB | 14 kB | 49/87 kB | 20/25 kB Progress (4): 35 kB | 14 kB | 53/87 kB | 20/25 kB Progress (4): 35 kB | 14 kB | 53/87 kB | 24/25 kB Progress (4): 35 kB | 14 kB | 57/87 kB | 24/25 kB Progress (4): 35 kB | 14 kB | 57/87 kB | 25 kB Progress (4): 35 kB | 14 kB | 61/87 kB | 25 kB Progress (4): 35 kB | 14 kB | 65/87 kB | 25 kB Progress (4): 35 kB | 14 kB | 69/87 kB | 25 kB Progress (4): 35 kB | 14 kB | 73/87 kB | 25 kB Progress (4): 35 kB | 14 kB | 77/87 kB | 25 kB Progress (4): 35 kB | 14 kB | 81/87 kB | 25 kB Progress (4): 35 kB | 14 kB | 86/87 kB | 25 kB Progress (4): 35 kB | 14 kB | 87 kB | 25 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-profile/2.0.9/maven-profile-2.0.9.jar (35 kB at 416 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-registry/2.0.9/maven-plugin-registry-2.0.9.jar Progress (4): 14 kB | 87 kB | 25 kB | 4.1/122 kB Progress (4): 14 kB | 87 kB | 25 kB | 7.7/122 kB Progress (4): 14 kB | 87 kB | 25 kB | 12/122 kB Progress (4): 14 kB | 87 kB | 25 kB | 16/122 kB Progress (4): 14 kB | 87 kB | 25 kB | 20/122 kB Progress (4): 14 kB | 87 kB | 25 kB | 24/122 kB Progress (4): 14 kB | 87 kB | 25 kB | 28/122 kB Progress (4): 14 kB | 87 kB | 25 kB | 32/122 kB Progress (4): 14 kB | 87 kB | 25 kB | 36/122 kB Progress (4): 14 kB | 87 kB | 25 kB | 40/122 kB Progress (4): 14 kB | 87 kB | 25 kB | 44/122 kB Progress (4): 14 kB | 87 kB | 25 kB | 48/122 kB Progress (4): 14 kB | 87 kB | 25 kB | 53/122 kB Progress (4): 14 kB | 87 kB | 25 kB | 57/122 kB Progress (4): 14 kB | 87 kB | 25 kB | 61/122 kB Progress (4): 14 kB | 87 kB | 25 kB | 65/122 kB Progress (4): 14 kB | 87 kB | 25 kB | 69/122 kB Progress (4): 14 kB | 87 kB | 25 kB | 73/122 kB Progress (4): 14 kB | 87 kB | 25 kB | 77/122 kB Progress (4): 14 kB | 87 kB | 25 kB | 81/122 kB Progress (4): 14 kB | 87 kB | 25 kB | 85/122 kB Progress (4): 14 kB | 87 kB | 25 kB | 89/122 kB Progress (4): 14 kB | 87 kB | 25 kB | 93/122 kB Progress (4): 14 kB | 87 kB | 25 kB | 98/122 kB Progress (4): 14 kB | 87 kB | 25 kB | 102/122 kB Progress (4): 14 kB | 87 kB | 25 kB | 106/122 kB Progress (4): 14 kB | 87 kB | 25 kB | 110/122 kB Progress (4): 14 kB | 87 kB | 25 kB | 114/122 kB Progress (4): 14 kB | 87 kB | 25 kB | 118/122 kB Progress (4): 14 kB | 87 kB | 25 kB | 122 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-error-diagnostics/2.0.9/maven-error-diagnostics-2.0.9.jar (14 kB at 151 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-descriptor/2.0.9/maven-plugin-descriptor-2.0.9.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-model/2.0.9/maven-model-2.0.9.jar (87 kB at 891 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact-manager/2.0.9/maven-artifact-manager-2.0.9.jar Progress (3): 25 kB | 122 kB | 4.1/29 kB Progress (3): 25 kB | 122 kB | 7.7/29 kB Progress (3): 25 kB | 122 kB | 12/29 kB Progress (3): 25 kB | 122 kB | 16/29 kB Progress (3): 25 kB | 122 kB | 20/29 kB Progress (3): 25 kB | 122 kB | 24/29 kB Progress (3): 25 kB | 122 kB | 28/29 kB Progress (3): 25 kB | 122 kB | 29 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-repository-metadata/2.0.9/maven-repository-metadata-2.0.9.jar (25 kB at 246 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-monitor/2.0.9/maven-monitor-2.0.9.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-project/2.0.9/maven-project-2.0.9.jar (122 kB at 1.2 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-toolchain/1.0/maven-toolchain-1.0.jar Progress (2): 29 kB | 4.1/37 kB Progress (2): 29 kB | 7.4/37 kB Progress (2): 29 kB | 12/37 kB Progress (2): 29 kB | 16/37 kB Progress (2): 29 kB | 20/37 kB Progress (2): 29 kB | 24/37 kB Progress (2): 29 kB | 28/37 kB Progress (2): 29 kB | 32/37 kB Progress (2): 29 kB | 36/37 kB Progress (2): 29 kB | 37 kB Progress (3): 29 kB | 37 kB | 4.1/33 kB Progress (3): 29 kB | 37 kB | 7.7/33 kB Progress (3): 29 kB | 37 kB | 12/33 kB Progress (3): 29 kB | 37 kB | 16/33 kB Progress (3): 29 kB | 37 kB | 20/33 kB Progress (3): 29 kB | 37 kB | 24/33 kB Progress (3): 29 kB | 37 kB | 28/33 kB Progress (3): 29 kB | 37 kB | 32/33 kB Progress (3): 29 kB | 37 kB | 33 kB Progress (4): 29 kB | 37 kB | 33 kB | 4.1/10 kB Progress (4): 29 kB | 37 kB | 33 kB | 7.7/10 kB Progress (4): 29 kB | 37 kB | 33 kB | 10 kB Progress (5): 29 kB | 37 kB | 33 kB | 10 kB | 4.1/58 kB Progress (5): 29 kB | 37 kB | 33 kB | 10 kB | 7.7/58 kB Progress (5): 29 kB | 37 kB | 33 kB | 10 kB | 12/58 kB Progress (5): 29 kB | 37 kB | 33 kB | 10 kB | 16/58 kB Progress (5): 29 kB | 37 kB | 33 kB | 10 kB | 20/58 kB Progress (5): 29 kB | 37 kB | 33 kB | 10 kB | 24/58 kB Progress (5): 29 kB | 37 kB | 33 kB | 10 kB | 28/58 kB Progress (5): 29 kB | 37 kB | 33 kB | 10 kB | 32/58 kB Progress (5): 29 kB | 37 kB | 33 kB | 10 kB | 36/58 kB Progress (5): 29 kB | 37 kB | 33 kB | 10 kB | 40/58 kB Progress (5): 29 kB | 37 kB | 33 kB | 10 kB | 44/58 kB Progress (5): 29 kB | 37 kB | 33 kB | 10 kB | 48/58 kB Progress (5): 29 kB | 37 kB | 33 kB | 10 kB | 53/58 kB Progress (5): 29 kB | 37 kB | 33 kB | 10 kB | 57/58 kB Progress (5): 29 kB | 37 kB | 33 kB | 10 kB | 58 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-registry/2.0.9/maven-plugin-registry-2.0.9.jar (29 kB at 238 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-utils/0.1/maven-shared-utils-0.1.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-descriptor/2.0.9/maven-plugin-descriptor-2.0.9.jar (37 kB at 292 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/com/google/code/findbugs/jsr305/2.0.1/jsr305-2.0.1.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-toolchain/1.0/maven-toolchain-1.0.jar (33 kB at 247 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-incremental/1.1/maven-shared-incremental-1.1.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-monitor/2.0.9/maven-monitor-2.0.9.jar (10 kB at 77 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-component-annotations/1.5.5/plexus-component-annotations-1.5.5.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact-manager/2.0.9/maven-artifact-manager-2.0.9.jar (58 kB at 399 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-compiler-api/2.2/plexus-compiler-api-2.2.jar Progress (1): 4.1/155 kB Progress (2): 4.1/155 kB | 4.1/14 kB Progress (2): 7.7/155 kB | 4.1/14 kB Progress (2): 7.7/155 kB | 7.7/14 kB Progress (2): 12/155 kB | 7.7/14 kB Progress (2): 12/155 kB | 12/14 kB Progress (2): 16/155 kB | 12/14 kB Progress (2): 16/155 kB | 14 kB Progress (2): 20/155 kB | 14 kB Progress (2): 24/155 kB | 14 kB Progress (2): 28/155 kB | 14 kB Progress (2): 32/155 kB | 14 kB Progress (2): 36/155 kB | 14 kB Progress (2): 40/155 kB | 14 kB Progress (2): 44/155 kB | 14 kB Progress (2): 48/155 kB | 14 kB Progress (2): 53/155 kB | 14 kB Progress (2): 57/155 kB | 14 kB Progress (3): 57/155 kB | 14 kB | 4.1/32 kB Progress (3): 61/155 kB | 14 kB | 4.1/32 kB Progress (3): 61/155 kB | 14 kB | 7.7/32 kB Progress (3): 61/155 kB | 14 kB | 12/32 kB Progress (3): 61/155 kB | 14 kB | 16/32 kB Progress (3): 65/155 kB | 14 kB | 16/32 kB Progress (3): 65/155 kB | 14 kB | 20/32 kB Progress (3): 65/155 kB | 14 kB | 24/32 kB Progress (3): 69/155 kB | 14 kB | 24/32 kB Progress (3): 73/155 kB | 14 kB | 24/32 kB Progress (3): 77/155 kB | 14 kB | 24/32 kB Progress (3): 77/155 kB | 14 kB | 28/32 kB Progress (3): 81/155 kB | 14 kB | 28/32 kB Progress (3): 81/155 kB | 14 kB | 32 kB Progress (3): 85/155 kB | 14 kB | 32 kB Progress (3): 89/155 kB | 14 kB | 32 kB Progress (3): 93/155 kB | 14 kB | 32 kB Progress (3): 98/155 kB | 14 kB | 32 kB Progress (3): 102/155 kB | 14 kB | 32 kB Progress (3): 106/155 kB | 14 kB | 32 kB Progress (3): 110/155 kB | 14 kB | 32 kB Progress (3): 114/155 kB | 14 kB | 32 kB Progress (3): 118/155 kB | 14 kB | 32 kB Progress (3): 122/155 kB | 14 kB | 32 kB Progress (3): 126/155 kB | 14 kB | 32 kB Progress (4): 126/155 kB | 14 kB | 32 kB | 4.1/4.2 kB Progress (4): 130/155 kB | 14 kB | 32 kB | 4.1/4.2 kB Progress (4): 130/155 kB | 14 kB | 32 kB | 4.2 kB Progress (4): 134/155 kB | 14 kB | 32 kB | 4.2 kB Progress (4): 139/155 kB | 14 kB | 32 kB | 4.2 kB Progress (4): 143/155 kB | 14 kB | 32 kB | 4.2 kB Progress (4): 147/155 kB | 14 kB | 32 kB | 4.2 kB Progress (4): 151/155 kB | 14 kB | 32 kB | 4.2 kB Progress (4): 155 kB | 14 kB | 32 kB | 4.2 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-incremental/1.1/maven-shared-incremental-1.1.jar (14 kB at 85 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-compiler-manager/2.2/plexus-compiler-manager-2.2.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-component-annotations/1.5.5/plexus-component-annotations-1.5.5.jar (4.2 kB at 26 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-compiler-javac/2.2/plexus-compiler-javac-2.2.jar Downloaded from central: https://repo.maven.apache.org/maven2/com/google/code/findbugs/jsr305/2.0.1/jsr305-2.0.1.jar (32 kB at 190 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-container-default/1.5.5/plexus-container-default-1.5.5.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-utils/0.1/maven-shared-utils-0.1.jar (155 kB at 914 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-classworlds/2.2.2/plexus-classworlds-2.2.2.jar Progress (1): 4.1/25 kB Progress (1): 7.7/25 kB Progress (1): 12/25 kB Progress (1): 16/25 kB Progress (1): 20/25 kB Progress (1): 24/25 kB Progress (1): 25 kB Progress (2): 25 kB | 4.1/4.6 kB Progress (2): 25 kB | 4.6 kB Progress (3): 25 kB | 4.6 kB | 4.1/19 kB Progress (3): 25 kB | 4.6 kB | 7.7/19 kB Progress (3): 25 kB | 4.6 kB | 12/19 kB Progress (3): 25 kB | 4.6 kB | 16/19 kB Progress (3): 25 kB | 4.6 kB | 19 kB Progress (4): 25 kB | 4.6 kB | 19 kB | 4.1/217 kB Progress (4): 25 kB | 4.6 kB | 19 kB | 7.7/217 kB Progress (4): 25 kB | 4.6 kB | 19 kB | 12/217 kB Progress (4): 25 kB | 4.6 kB | 19 kB | 16/217 kB Progress (4): 25 kB | 4.6 kB | 19 kB | 20/217 kB Progress (4): 25 kB | 4.6 kB | 19 kB | 24/217 kB Progress (4): 25 kB | 4.6 kB | 19 kB | 28/217 kB Progress (4): 25 kB | 4.6 kB | 19 kB | 32/217 kB Progress (4): 25 kB | 4.6 kB | 19 kB | 36/217 kB Progress (4): 25 kB | 4.6 kB | 19 kB | 40/217 kB Progress (4): 25 kB | 4.6 kB | 19 kB | 45/217 kB Progress (4): 25 kB | 4.6 kB | 19 kB | 49/217 kB Progress (4): 25 kB | 4.6 kB | 19 kB | 53/217 kB Progress (4): 25 kB | 4.6 kB | 19 kB | 57/217 kB Progress (4): 25 kB | 4.6 kB | 19 kB | 61/217 kB Progress (4): 25 kB | 4.6 kB | 19 kB | 65/217 kB Progress (4): 25 kB | 4.6 kB | 19 kB | 69/217 kB Progress (4): 25 kB | 4.6 kB | 19 kB | 73/217 kB Progress (4): 25 kB | 4.6 kB | 19 kB | 77/217 kB Progress (4): 25 kB | 4.6 kB | 19 kB | 81/217 kB Progress (4): 25 kB | 4.6 kB | 19 kB | 86/217 kB Progress (4): 25 kB | 4.6 kB | 19 kB | 90/217 kB Progress (4): 25 kB | 4.6 kB | 19 kB | 94/217 kB Progress (4): 25 kB | 4.6 kB | 19 kB | 98/217 kB Progress (4): 25 kB | 4.6 kB | 19 kB | 102/217 kB Progress (4): 25 kB | 4.6 kB | 19 kB | 106/217 kB Progress (4): 25 kB | 4.6 kB | 19 kB | 110/217 kB Progress (4): 25 kB | 4.6 kB | 19 kB | 114/217 kB Progress (4): 25 kB | 4.6 kB | 19 kB | 118/217 kB Progress (4): 25 kB | 4.6 kB | 19 kB | 122/217 kB Progress (4): 25 kB | 4.6 kB | 19 kB | 126/217 kB Progress (4): 25 kB | 4.6 kB | 19 kB | 131/217 kB Progress (4): 25 kB | 4.6 kB | 19 kB | 135/217 kB Progress (4): 25 kB | 4.6 kB | 19 kB | 139/217 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-compiler-manager/2.2/plexus-compiler-manager-2.2.jar (4.6 kB at 24 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/xbean/xbean-reflect/3.4/xbean-reflect-3.4.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-compiler-javac/2.2/plexus-compiler-javac-2.2.jar (19 kB at 99 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/log4j/log4j/1.2.12/log4j-1.2.12.jar Progress (2): 25 kB | 143/217 kB Progress (2): 25 kB | 147/217 kB Progress (2): 25 kB | 151/217 kB Progress (2): 25 kB | 155/217 kB Progress (2): 25 kB | 159/217 kB Progress (2): 25 kB | 163/217 kB Progress (2): 25 kB | 167/217 kB Progress (2): 25 kB | 172/217 kB Progress (2): 25 kB | 176/217 kB Progress (2): 25 kB | 180/217 kB Progress (2): 25 kB | 184/217 kB Progress (2): 25 kB | 188/217 kB Progress (2): 25 kB | 192/217 kB Progress (2): 25 kB | 196/217 kB Progress (2): 25 kB | 200/217 kB Progress (2): 25 kB | 204/217 kB Progress (2): 25 kB | 208/217 kB Progress (2): 25 kB | 213/217 kB Progress (2): 25 kB | 217/217 kB Progress (2): 25 kB | 217 kB Progress (3): 25 kB | 217 kB | 4.1/46 kB Progress (3): 25 kB | 217 kB | 7.7/46 kB Progress (3): 25 kB | 217 kB | 12/46 kB Progress (3): 25 kB | 217 kB | 16/46 kB Progress (3): 25 kB | 217 kB | 20/46 kB Progress (3): 25 kB | 217 kB | 24/46 kB Progress (3): 25 kB | 217 kB | 28/46 kB Progress (3): 25 kB | 217 kB | 32/46 kB Progress (3): 25 kB | 217 kB | 36/46 kB Progress (3): 25 kB | 217 kB | 40/46 kB Progress (3): 25 kB | 217 kB | 45/46 kB Progress (3): 25 kB | 217 kB | 46 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-compiler-api/2.2/plexus-compiler-api-2.2.jar (25 kB at 125 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/commons-logging/commons-logging-api/1.1/commons-logging-api-1.1.jar Progress (3): 217 kB | 46 kB | 4.1/134 kB Progress (3): 217 kB | 46 kB | 7.7/134 kB Progress (3): 217 kB | 46 kB | 12/134 kB Progress (3): 217 kB | 46 kB | 16/134 kB Progress (3): 217 kB | 46 kB | 20/134 kB Progress (3): 217 kB | 46 kB | 24/134 kB Progress (3): 217 kB | 46 kB | 28/134 kB Progress (4): 217 kB | 46 kB | 28/134 kB | 4.1/358 kB Progress (4): 217 kB | 46 kB | 32/134 kB | 4.1/358 kB Progress (4): 217 kB | 46 kB | 32/134 kB | 7.7/358 kB Progress (4): 217 kB | 46 kB | 36/134 kB | 7.7/358 kB Progress (4): 217 kB | 46 kB | 36/134 kB | 12/358 kB Progress (4): 217 kB | 46 kB | 40/134 kB | 12/358 kB Progress (4): 217 kB | 46 kB | 40/134 kB | 16/358 kB Progress (4): 217 kB | 46 kB | 45/134 kB | 16/358 kB Progress (4): 217 kB | 46 kB | 45/134 kB | 20/358 kB Progress (4): 217 kB | 46 kB | 49/134 kB | 20/358 kB Progress (4): 217 kB | 46 kB | 49/134 kB | 24/358 kB Progress (4): 217 kB | 46 kB | 53/134 kB | 24/358 kB Progress (4): 217 kB | 46 kB | 53/134 kB | 28/358 kB Progress (4): 217 kB | 46 kB | 57/134 kB | 28/358 kB Progress (4): 217 kB | 46 kB | 61/134 kB | 28/358 kB Progress (4): 217 kB | 46 kB | 61/134 kB | 32/358 kB Progress (4): 217 kB | 46 kB | 61/134 kB | 36/358 kB Progress (4): 217 kB | 46 kB | 65/134 kB | 36/358 kB Progress (4): 217 kB | 46 kB | 65/134 kB | 40/358 kB Progress (4): 217 kB | 46 kB | 69/134 kB | 40/358 kB Progress (4): 217 kB | 46 kB | 69/134 kB | 45/358 kB Progress (4): 217 kB | 46 kB | 73/134 kB | 45/358 kB Progress (4): 217 kB | 46 kB | 77/134 kB | 45/358 kB Progress (4): 217 kB | 46 kB | 77/134 kB | 49/358 kB Progress (4): 217 kB | 46 kB | 77/134 kB | 53/358 kB Progress (4): 217 kB | 46 kB | 81/134 kB | 53/358 kB Progress (4): 217 kB | 46 kB | 81/134 kB | 57/358 kB Progress (4): 217 kB | 46 kB | 86/134 kB | 57/358 kB Progress (4): 217 kB | 46 kB | 86/134 kB | 61/358 kB Progress (4): 217 kB | 46 kB | 90/134 kB | 61/358 kB Progress (4): 217 kB | 46 kB | 94/134 kB | 61/358 kB Progress (4): 217 kB | 46 kB | 94/134 kB | 65/358 kB Progress (4): 217 kB | 46 kB | 94/134 kB | 69/358 kB Progress (4): 217 kB | 46 kB | 98/134 kB | 69/358 kB Progress (4): 217 kB | 46 kB | 98/134 kB | 73/358 kB Progress (4): 217 kB | 46 kB | 102/134 kB | 73/358 kB Progress (4): 217 kB | 46 kB | 102/134 kB | 77/358 kB Progress (4): 217 kB | 46 kB | 106/134 kB | 77/358 kB Progress (4): 217 kB | 46 kB | 106/134 kB | 81/358 kB Progress (4): 217 kB | 46 kB | 110/134 kB | 81/358 kB Progress (4): 217 kB | 46 kB | 110/134 kB | 86/358 kB Progress (4): 217 kB | 46 kB | 110/134 kB | 90/358 kB Progress (4): 217 kB | 46 kB | 110/134 kB | 94/358 kB Progress (4): 217 kB | 46 kB | 110/134 kB | 98/358 kB Progress (4): 217 kB | 46 kB | 114/134 kB | 98/358 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-container-default/1.5.5/plexus-container-default-1.5.5.jar (217 kB at 1.0 MB/s) Progress (3): 46 kB | 114/134 kB | 102/358 kB Progress (3): 46 kB | 118/134 kB | 102/358 kB Progress (3): 46 kB | 118/134 kB | 106/358 kB Progress (3): 46 kB | 122/134 kB | 106/358 kB Downloading from central: https://repo.maven.apache.org/maven2/com/google/collections/google-collections/1.0/google-collections-1.0.jar Progress (3): 46 kB | 126/134 kB | 106/358 kB Progress (3): 46 kB | 126/134 kB | 110/358 kB Progress (3): 46 kB | 126/134 kB | 114/358 kB Progress (3): 46 kB | 131/134 kB | 114/358 kB Progress (3): 46 kB | 134 kB | 114/358 kB Progress (3): 46 kB | 134 kB | 118/358 kB Progress (3): 46 kB | 134 kB | 122/358 kB Progress (3): 46 kB | 134 kB | 126/358 kB Progress (3): 46 kB | 134 kB | 131/358 kB Progress (3): 46 kB | 134 kB | 135/358 kB Progress (3): 46 kB | 134 kB | 139/358 kB Progress (3): 46 kB | 134 kB | 143/358 kB Progress (3): 46 kB | 134 kB | 147/358 kB Progress (3): 46 kB | 134 kB | 151/358 kB Progress (3): 46 kB | 134 kB | 155/358 kB Progress (3): 46 kB | 134 kB | 159/358 kB Progress (3): 46 kB | 134 kB | 163/358 kB Progress (3): 46 kB | 134 kB | 167/358 kB Progress (3): 46 kB | 134 kB | 172/358 kB Progress (3): 46 kB | 134 kB | 176/358 kB Progress (3): 46 kB | 134 kB | 180/358 kB Progress (3): 46 kB | 134 kB | 184/358 kB Progress (3): 46 kB | 134 kB | 188/358 kB Progress (3): 46 kB | 134 kB | 192/358 kB Progress (3): 46 kB | 134 kB | 196/358 kB Progress (3): 46 kB | 134 kB | 200/358 kB Progress (3): 46 kB | 134 kB | 204/358 kB Progress (3): 46 kB | 134 kB | 208/358 kB Progress (3): 46 kB | 134 kB | 213/358 kB Progress (3): 46 kB | 134 kB | 217/358 kB Progress (3): 46 kB | 134 kB | 221/358 kB Progress (3): 46 kB | 134 kB | 225/358 kB Progress (3): 46 kB | 134 kB | 229/358 kB Progress (3): 46 kB | 134 kB | 233/358 kB Progress (3): 46 kB | 134 kB | 237/358 kB Progress (3): 46 kB | 134 kB | 241/358 kB Progress (3): 46 kB | 134 kB | 245/358 kB Progress (3): 46 kB | 134 kB | 249/358 kB Progress (3): 46 kB | 134 kB | 253/358 kB Progress (3): 46 kB | 134 kB | 258/358 kB Progress (3): 46 kB | 134 kB | 262/358 kB Progress (3): 46 kB | 134 kB | 266/358 kB Progress (3): 46 kB | 134 kB | 270/358 kB Progress (3): 46 kB | 134 kB | 274/358 kB Progress (3): 46 kB | 134 kB | 278/358 kB Progress (3): 46 kB | 134 kB | 282/358 kB Progress (3): 46 kB | 134 kB | 286/358 kB Progress (3): 46 kB | 134 kB | 290/358 kB Progress (3): 46 kB | 134 kB | 294/358 kB Progress (3): 46 kB | 134 kB | 299/358 kB Progress (3): 46 kB | 134 kB | 303/358 kB Progress (3): 46 kB | 134 kB | 307/358 kB Progress (3): 46 kB | 134 kB | 311/358 kB Progress (3): 46 kB | 134 kB | 315/358 kB Progress (3): 46 kB | 134 kB | 319/358 kB Progress (3): 46 kB | 134 kB | 323/358 kB Progress (3): 46 kB | 134 kB | 327/358 kB Progress (3): 46 kB | 134 kB | 331/358 kB Progress (3): 46 kB | 134 kB | 335/358 kB Progress (3): 46 kB | 134 kB | 339/358 kB Progress (3): 46 kB | 134 kB | 344/358 kB Progress (3): 46 kB | 134 kB | 348/358 kB Progress (3): 46 kB | 134 kB | 352/358 kB Progress (3): 46 kB | 134 kB | 356/358 kB Progress (3): 46 kB | 134 kB | 358 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-classworlds/2.2.2/plexus-classworlds-2.2.2.jar (46 kB at 203 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/junit/junit/3.8.2/junit-3.8.2.jar Downloaded from central: https://repo.maven.apache.org/maven2/log4j/log4j/1.2.12/log4j-1.2.12.jar (358 kB at 1.6 MB/s) Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/xbean/xbean-reflect/3.4/xbean-reflect-3.4.jar (134 kB at 584 kB/s) Progress (1): 4.1/45 kB Progress (1): 7.7/45 kB Progress (1): 12/45 kB Progress (1): 16/45 kB Progress (1): 20/45 kB Progress (1): 24/45 kB Progress (1): 28/45 kB Progress (1): 32/45 kB Progress (1): 36/45 kB Progress (1): 40/45 kB Progress (1): 44/45 kB Progress (1): 45 kB Progress (2): 45 kB | 4.1/640 kB Progress (2): 45 kB | 7.7/640 kB Progress (2): 45 kB | 12/640 kB Progress (2): 45 kB | 16/640 kB Progress (2): 45 kB | 20/640 kB Progress (2): 45 kB | 24/640 kB Progress (2): 45 kB | 28/640 kB Progress (2): 45 kB | 32/640 kB Progress (2): 45 kB | 36/640 kB Progress (2): 45 kB | 40/640 kB Progress (2): 45 kB | 45/640 kB Progress (2): 45 kB | 49/640 kB Progress (2): 45 kB | 53/640 kB Progress (2): 45 kB | 57/640 kB Progress (2): 45 kB | 61/640 kB Progress (2): 45 kB | 65/640 kB Progress (2): 45 kB | 69/640 kB Progress (2): 45 kB | 73/640 kB Progress (2): 45 kB | 77/640 kB Progress (2): 45 kB | 81/640 kB Progress (2): 45 kB | 86/640 kB Progress (2): 45 kB | 90/640 kB Progress (2): 45 kB | 94/640 kB Progress (2): 45 kB | 98/640 kB Progress (2): 45 kB | 102/640 kB Progress (2): 45 kB | 106/640 kB Progress (2): 45 kB | 110/640 kB Progress (2): 45 kB | 114/640 kB Progress (2): 45 kB | 118/640 kB Progress (2): 45 kB | 122/640 kB Progress (2): 45 kB | 126/640 kB Progress (2): 45 kB | 131/640 kB Progress (2): 45 kB | 135/640 kB Progress (2): 45 kB | 139/640 kB Progress (2): 45 kB | 143/640 kB Progress (2): 45 kB | 147/640 kB Progress (2): 45 kB | 151/640 kB Progress (2): 45 kB | 155/640 kB Progress (2): 45 kB | 159/640 kB Progress (2): 45 kB | 163/640 kB Progress (2): 45 kB | 167/640 kB Progress (2): 45 kB | 172/640 kB Progress (2): 45 kB | 176/640 kB Progress (2): 45 kB | 180/640 kB Progress (2): 45 kB | 184/640 kB Progress (2): 45 kB | 188/640 kB Progress (2): 45 kB | 192/640 kB Progress (2): 45 kB | 196/640 kB Progress (2): 45 kB | 200/640 kB Progress (2): 45 kB | 204/640 kB Progress (2): 45 kB | 208/640 kB Progress (2): 45 kB | 213/640 kB Progress (2): 45 kB | 217/640 kB Progress (2): 45 kB | 221/640 kB Progress (2): 45 kB | 225/640 kB Progress (2): 45 kB | 229/640 kB Progress (2): 45 kB | 233/640 kB Progress (2): 45 kB | 237/640 kB Progress (2): 45 kB | 241/640 kB Progress (2): 45 kB | 245/640 kB Progress (2): 45 kB | 249/640 kB Progress (2): 45 kB | 253/640 kB Progress (2): 45 kB | 258/640 kB Progress (2): 45 kB | 262/640 kB Progress (2): 45 kB | 266/640 kB Progress (2): 45 kB | 270/640 kB Progress (2): 45 kB | 274/640 kB Progress (2): 45 kB | 278/640 kB Progress (2): 45 kB | 282/640 kB Progress (2): 45 kB | 286/640 kB Progress (2): 45 kB | 290/640 kB Progress (2): 45 kB | 294/640 kB Progress (2): 45 kB | 298/640 kB Progress (2): 45 kB | 302/640 kB Progress (2): 45 kB | 306/640 kB Progress (2): 45 kB | 310/640 kB Progress (2): 45 kB | 314/640 kB Progress (2): 45 kB | 319/640 kB Progress (2): 45 kB | 323/640 kB Progress (2): 45 kB | 327/640 kB Progress (2): 45 kB | 331/640 kB Progress (2): 45 kB | 335/640 kB Progress (2): 45 kB | 339/640 kB Progress (2): 45 kB | 343/640 kB Progress (2): 45 kB | 347/640 kB Progress (2): 45 kB | 351/640 kB Progress (2): 45 kB | 355/640 kB Progress (2): 45 kB | 359/640 kB Progress (2): 45 kB | 364/640 kB Progress (2): 45 kB | 368/640 kB Progress (2): 45 kB | 372/640 kB Progress (2): 45 kB | 376/640 kB Progress (2): 45 kB | 380/640 kB Progress (2): 45 kB | 384/640 kB Progress (2): 45 kB | 388/640 kB Progress (2): 45 kB | 392/640 kB Progress (2): 45 kB | 396/640 kB Progress (2): 45 kB | 400/640 kB Progress (2): 45 kB | 405/640 kB Progress (2): 45 kB | 409/640 kB Progress (2): 45 kB | 413/640 kB Progress (2): 45 kB | 417/640 kB Progress (2): 45 kB | 421/640 kB Progress (2): 45 kB | 425/640 kB Progress (2): 45 kB | 429/640 kB Progress (2): 45 kB | 433/640 kB Progress (2): 45 kB | 437/640 kB Progress (2): 45 kB | 441/640 kB Progress (2): 45 kB | 446/640 kB Progress (2): 45 kB | 450/640 kB Progress (2): 45 kB | 454/640 kB Progress (2): 45 kB | 458/640 kB Progress (2): 45 kB | 462/640 kB Progress (2): 45 kB | 466/640 kB Progress (2): 45 kB | 470/640 kB Progress (2): 45 kB | 474/640 kB Progress (2): 45 kB | 478/640 kB Progress (2): 45 kB | 482/640 kB Progress (2): 45 kB | 486/640 kB Progress (2): 45 kB | 491/640 kB Progress (2): 45 kB | 495/640 kB Progress (2): 45 kB | 499/640 kB Progress (2): 45 kB | 503/640 kB Progress (2): 45 kB | 507/640 kB Progress (2): 45 kB | 511/640 kB Progress (2): 45 kB | 515/640 kB Progress (2): 45 kB | 519/640 kB Progress (2): 45 kB | 523/640 kB Progress (2): 45 kB | 527/640 kB Progress (2): 45 kB | 532/640 kB Progress (2): 45 kB | 536/640 kB Progress (2): 45 kB | 540/640 kB Progress (2): 45 kB | 544/640 kB Progress (3): 45 kB | 544/640 kB | 4.1/121 kB Progress (3): 45 kB | 548/640 kB | 4.1/121 kB Progress (3): 45 kB | 552/640 kB | 4.1/121 kB Progress (3): 45 kB | 552/640 kB | 7.7/121 kB Progress (3): 45 kB | 556/640 kB | 7.7/121 kB Progress (3): 45 kB | 556/640 kB | 12/121 kB Progress (3): 45 kB | 556/640 kB | 16/121 kB Progress (3): 45 kB | 560/640 kB | 16/121 kB Progress (3): 45 kB | 564/640 kB | 16/121 kB Progress (3): 45 kB | 564/640 kB | 20/121 kB Progress (3): 45 kB | 568/640 kB | 20/121 kB Progress (3): 45 kB | 568/640 kB | 24/121 kB Progress (3): 45 kB | 572/640 kB | 24/121 kB Progress (3): 45 kB | 577/640 kB | 24/121 kB Progress (3): 45 kB | 577/640 kB | 28/121 kB Progress (3): 45 kB | 581/640 kB | 28/121 kB Progress (3): 45 kB | 581/640 kB | 32/121 kB Progress (3): 45 kB | 585/640 kB | 32/121 kB Progress (3): 45 kB | 585/640 kB | 36/121 kB Progress (3): 45 kB | 589/640 kB | 36/121 kB Progress (3): 45 kB | 589/640 kB | 40/121 kB Progress (3): 45 kB | 593/640 kB | 40/121 kB Progress (3): 45 kB | 593/640 kB | 45/121 kB Progress (3): 45 kB | 597/640 kB | 45/121 kB Progress (3): 45 kB | 597/640 kB | 49/121 kB Progress (3): 45 kB | 601/640 kB | 49/121 kB Progress (3): 45 kB | 601/640 kB | 53/121 kB Progress (3): 45 kB | 605/640 kB | 53/121 kB Progress (3): 45 kB | 605/640 kB | 57/121 kB Progress (3): 45 kB | 609/640 kB | 57/121 kB Progress (3): 45 kB | 609/640 kB | 61/121 kB Progress (3): 45 kB | 613/640 kB | 61/121 kB Progress (3): 45 kB | 613/640 kB | 65/121 kB Progress (3): 45 kB | 618/640 kB | 65/121 kB Progress (3): 45 kB | 618/640 kB | 69/121 kB Progress (3): 45 kB | 622/640 kB | 69/121 kB Progress (3): 45 kB | 622/640 kB | 73/121 kB Progress (3): 45 kB | 626/640 kB | 73/121 kB Progress (3): 45 kB | 630/640 kB | 73/121 kB Progress (3): 45 kB | 630/640 kB | 77/121 kB Progress (3): 45 kB | 634/640 kB | 77/121 kB Progress (3): 45 kB | 634/640 kB | 81/121 kB Progress (3): 45 kB | 638/640 kB | 81/121 kB Progress (3): 45 kB | 638/640 kB | 86/121 kB Progress (3): 45 kB | 638/640 kB | 90/121 kB Progress (3): 45 kB | 640 kB | 90/121 kB Progress (3): 45 kB | 640 kB | 94/121 kB Progress (3): 45 kB | 640 kB | 98/121 kB Progress (3): 45 kB | 640 kB | 102/121 kB Progress (3): 45 kB | 640 kB | 106/121 kB Progress (3): 45 kB | 640 kB | 110/121 kB Progress (3): 45 kB | 640 kB | 114/121 kB Progress (3): 45 kB | 640 kB | 118/121 kB Progress (3): 45 kB | 640 kB | 121 kB Downloaded from central: https://repo.maven.apache.org/maven2/commons-logging/commons-logging-api/1.1/commons-logging-api-1.1.jar (45 kB at 178 kB/s) Downloaded from central: https://repo.maven.apache.org/maven2/junit/junit/3.8.2/junit-3.8.2.jar (121 kB at 469 kB/s) Downloaded from central: https://repo.maven.apache.org/maven2/com/google/collections/google-collections/1.0/google-collections-1.0.jar (640 kB at 2.5 MB/s) [INFO] Changes detected - recompiling the module! [WARNING] File encoding has not been set, using platform encoding UTF-8, i.e. build is platform dependent! [INFO] Compiling 1 source file to /work/target/classes [INFO] [INFO] --- maven-resources-plugin:2.6:testResources (default-testResources) @ simple-java-project --- [WARNING] Using platform encoding (UTF-8 actually) to copy filtered resources, i.e. build is platform dependent! [INFO] skip non existing resourceDirectory /work/src/test/resources [INFO] [INFO] --- maven-compiler-plugin:3.1:testCompile (default-testCompile) @ simple-java-project --- [INFO] No sources to compile [INFO] [INFO] --- maven-surefire-plugin:2.12.4:test (default-test) @ simple-java-project --- Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/surefire/surefire-booter/2.12.4/surefire-booter-2.12.4.pom Progress (1): 3.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/surefire/surefire-booter/2.12.4/surefire-booter-2.12.4.pom (3.0 kB at 55 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/surefire/surefire-api/2.12.4/surefire-api-2.12.4.pom Progress (1): 2.5 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/surefire/surefire-api/2.12.4/surefire-api-2.12.4.pom (2.5 kB at 39 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/surefire/maven-surefire-common/2.12.4/maven-surefire-common-2.12.4.pom Progress (1): 4.1 kB Progress (1): 5.5 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/surefire/maven-surefire-common/2.12.4/maven-surefire-common-2.12.4.pom (5.5 kB at 142 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugin-tools/maven-plugin-annotations/3.1/maven-plugin-annotations-3.1.pom Progress (1): 1.6 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugin-tools/maven-plugin-annotations/3.1/maven-plugin-annotations-3.1.pom (1.6 kB at 42 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugin-tools/maven-plugin-tools/3.1/maven-plugin-tools-3.1.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 16 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugin-tools/maven-plugin-tools/3.1/maven-plugin-tools-3.1.pom (16 kB at 437 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/reporting/maven-reporting-api/2.0.9/maven-reporting-api-2.0.9.pom Progress (1): 1.8 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/reporting/maven-reporting-api/2.0.9/maven-reporting-api-2.0.9.pom (1.8 kB at 55 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/reporting/maven-reporting/2.0.9/maven-reporting-2.0.9.pom Progress (1): 1.5 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/reporting/maven-reporting/2.0.9/maven-reporting-2.0.9.pom (1.5 kB at 37 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-toolchain/2.0.9/maven-toolchain-2.0.9.pom Progress (1): 3.5 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-toolchain/2.0.9/maven-toolchain-2.0.9.pom (3.5 kB at 116 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/commons/commons-lang3/3.1/commons-lang3-3.1.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 16 kB Progress (1): 17 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/commons/commons-lang3/3.1/commons-lang3-3.1.pom (17 kB at 363 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/commons/commons-parent/22/commons-parent-22.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 16 kB Progress (1): 20 kB Progress (1): 25 kB Progress (1): 29 kB Progress (1): 33 kB Progress (1): 37 kB Progress (1): 41 kB Progress (1): 42 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/commons/commons-parent/22/commons-parent-22.pom (42 kB at 838 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/apache/9/apache-9.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 15 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/apache/9/apache-9.pom (15 kB at 433 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-common-artifact-filters/1.3/maven-common-artifact-filters-1.3.pom Progress (1): 3.7 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-common-artifact-filters/1.3/maven-common-artifact-filters-1.3.pom (3.7 kB at 106 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-components/12/maven-shared-components-12.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 9.3 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-components/12/maven-shared-components-12.pom (9.3 kB at 275 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/13/maven-parent-13.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 16 kB Progress (1): 20 kB Progress (1): 23 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/13/maven-parent-13.pom (23 kB at 754 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/apache/6/apache-6.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 13 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/apache/6/apache-6.pom (13 kB at 355 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-container-default/1.0-alpha-9/plexus-container-default-1.0-alpha-9.pom Progress (1): 1.2 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-container-default/1.0-alpha-9/plexus-container-default-1.0-alpha-9.pom (1.2 kB at 40 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/surefire/surefire-booter/2.12.4/surefire-booter-2.12.4.jar Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/surefire/surefire-api/2.12.4/surefire-api-2.12.4.jar Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/surefire/maven-surefire-common/2.12.4/maven-surefire-common-2.12.4.jar Downloading from central: https://repo.maven.apache.org/maven2/org/apache/commons/commons-lang3/3.1/commons-lang3-3.1.jar Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-common-artifact-filters/1.3/maven-common-artifact-filters-1.3.jar Progress (1): 4.1/35 kB Progress (2): 4.1/35 kB | 4.1/316 kB Progress (2): 7.7/35 kB | 4.1/316 kB Progress (2): 7.7/35 kB | 7.7/316 kB Progress (2): 12/35 kB | 7.7/316 kB Progress (2): 12/35 kB | 12/316 kB Progress (2): 16/35 kB | 12/316 kB Progress (3): 16/35 kB | 12/316 kB | 4.1/118 kB Progress (3): 16/35 kB | 16/316 kB | 4.1/118 kB Progress (3): 20/35 kB | 16/316 kB | 4.1/118 kB Progress (3): 24/35 kB | 16/316 kB | 4.1/118 kB Progress (3): 28/35 kB | 16/316 kB | 4.1/118 kB Progress (3): 28/35 kB | 20/316 kB | 4.1/118 kB Progress (3): 32/35 kB | 20/316 kB | 4.1/118 kB Progress (3): 32/35 kB | 24/316 kB | 4.1/118 kB Progress (3): 32/35 kB | 24/316 kB | 7.7/118 kB Progress (3): 32/35 kB | 28/316 kB | 7.7/118 kB Progress (3): 35 kB | 28/316 kB | 7.7/118 kB Progress (3): 35 kB | 32/316 kB | 7.7/118 kB Progress (3): 35 kB | 32/316 kB | 12/118 kB Progress (3): 35 kB | 36/316 kB | 12/118 kB Progress (3): 35 kB | 36/316 kB | 16/118 kB Progress (3): 35 kB | 40/316 kB | 16/118 kB Progress (3): 35 kB | 40/316 kB | 20/118 kB Progress (3): 35 kB | 45/316 kB | 20/118 kB Progress (3): 35 kB | 45/316 kB | 24/118 kB Progress (3): 35 kB | 49/316 kB | 24/118 kB Progress (3): 35 kB | 49/316 kB | 28/118 kB Progress (3): 35 kB | 53/316 kB | 28/118 kB Progress (3): 35 kB | 53/316 kB | 32/118 kB Progress (3): 35 kB | 57/316 kB | 32/118 kB Progress (3): 35 kB | 57/316 kB | 36/118 kB Progress (3): 35 kB | 57/316 kB | 40/118 kB Progress (3): 35 kB | 57/316 kB | 45/118 kB Progress (3): 35 kB | 57/316 kB | 49/118 kB Progress (3): 35 kB | 57/316 kB | 53/118 kB Progress (3): 35 kB | 61/316 kB | 53/118 kB Progress (3): 35 kB | 61/316 kB | 57/118 kB Progress (3): 35 kB | 65/316 kB | 57/118 kB Progress (3): 35 kB | 69/316 kB | 57/118 kB Progress (3): 35 kB | 73/316 kB | 57/118 kB Progress (3): 35 kB | 73/316 kB | 61/118 kB Progress (3): 35 kB | 73/316 kB | 65/118 kB Progress (3): 35 kB | 73/316 kB | 69/118 kB Progress (3): 35 kB | 73/316 kB | 73/118 kB Progress (3): 35 kB | 73/316 kB | 77/118 kB Progress (3): 35 kB | 73/316 kB | 81/118 kB Progress (3): 35 kB | 73/316 kB | 86/118 kB Progress (3): 35 kB | 73/316 kB | 90/118 kB Progress (3): 35 kB | 73/316 kB | 94/118 kB Progress (3): 35 kB | 73/316 kB | 98/118 kB Progress (3): 35 kB | 73/316 kB | 102/118 kB Progress (3): 35 kB | 73/316 kB | 106/118 kB Progress (3): 35 kB | 73/316 kB | 110/118 kB Progress (3): 35 kB | 73/316 kB | 114/118 kB Progress (3): 35 kB | 77/316 kB | 114/118 kB Progress (3): 35 kB | 77/316 kB | 118 kB Progress (3): 35 kB | 81/316 kB | 118 kB Progress (3): 35 kB | 86/316 kB | 118 kB Progress (3): 35 kB | 90/316 kB | 118 kB Progress (3): 35 kB | 94/316 kB | 118 kB Progress (3): 35 kB | 98/316 kB | 118 kB Progress (3): 35 kB | 102/316 kB | 118 kB Progress (3): 35 kB | 106/316 kB | 118 kB Progress (3): 35 kB | 110/316 kB | 118 kB Progress (3): 35 kB | 114/316 kB | 118 kB Progress (3): 35 kB | 118/316 kB | 118 kB Progress (3): 35 kB | 122/316 kB | 118 kB Progress (3): 35 kB | 126/316 kB | 118 kB Progress (3): 35 kB | 131/316 kB | 118 kB Progress (3): 35 kB | 135/316 kB | 118 kB Progress (3): 35 kB | 139/316 kB | 118 kB Progress (3): 35 kB | 143/316 kB | 118 kB Progress (3): 35 kB | 147/316 kB | 118 kB Progress (3): 35 kB | 151/316 kB | 118 kB Progress (3): 35 kB | 155/316 kB | 118 kB Progress (3): 35 kB | 159/316 kB | 118 kB Progress (3): 35 kB | 163/316 kB | 118 kB Progress (3): 35 kB | 167/316 kB | 118 kB Progress (3): 35 kB | 172/316 kB | 118 kB Progress (3): 35 kB | 176/316 kB | 118 kB Progress (3): 35 kB | 180/316 kB | 118 kB Progress (3): 35 kB | 184/316 kB | 118 kB Progress (3): 35 kB | 188/316 kB | 118 kB Progress (3): 35 kB | 192/316 kB | 118 kB Progress (3): 35 kB | 196/316 kB | 118 kB Progress (3): 35 kB | 200/316 kB | 118 kB Progress (3): 35 kB | 204/316 kB | 118 kB Progress (3): 35 kB | 208/316 kB | 118 kB Progress (3): 35 kB | 213/316 kB | 118 kB Progress (3): 35 kB | 217/316 kB | 118 kB Progress (3): 35 kB | 221/316 kB | 118 kB Progress (3): 35 kB | 225/316 kB | 118 kB Progress (3): 35 kB | 229/316 kB | 118 kB Progress (3): 35 kB | 233/316 kB | 118 kB Progress (3): 35 kB | 237/316 kB | 118 kB Progress (3): 35 kB | 241/316 kB | 118 kB Progress (3): 35 kB | 245/316 kB | 118 kB Progress (3): 35 kB | 249/316 kB | 118 kB Progress (3): 35 kB | 253/316 kB | 118 kB Progress (3): 35 kB | 258/316 kB | 118 kB Progress (3): 35 kB | 262/316 kB | 118 kB Progress (3): 35 kB | 266/316 kB | 118 kB Progress (3): 35 kB | 270/316 kB | 118 kB Progress (3): 35 kB | 274/316 kB | 118 kB Progress (3): 35 kB | 278/316 kB | 118 kB Progress (3): 35 kB | 282/316 kB | 118 kB Progress (3): 35 kB | 286/316 kB | 118 kB Progress (3): 35 kB | 290/316 kB | 118 kB Progress (3): 35 kB | 294/316 kB | 118 kB Progress (3): 35 kB | 299/316 kB | 118 kB Progress (3): 35 kB | 303/316 kB | 118 kB Progress (3): 35 kB | 307/316 kB | 118 kB Progress (3): 35 kB | 311/316 kB | 118 kB Progress (3): 35 kB | 315/316 kB | 118 kB Progress (3): 35 kB | 316 kB | 118 kB Progress (4): 35 kB | 316 kB | 118 kB | 4.1/263 kB Progress (4): 35 kB | 316 kB | 118 kB | 7.7/263 kB Progress (4): 35 kB | 316 kB | 118 kB | 12/263 kB Progress (4): 35 kB | 316 kB | 118 kB | 16/263 kB Progress (4): 35 kB | 316 kB | 118 kB | 20/263 kB Progress (4): 35 kB | 316 kB | 118 kB | 24/263 kB Progress (4): 35 kB | 316 kB | 118 kB | 28/263 kB Progress (4): 35 kB | 316 kB | 118 kB | 32/263 kB Progress (4): 35 kB | 316 kB | 118 kB | 36/263 kB Progress (4): 35 kB | 316 kB | 118 kB | 40/263 kB Progress (4): 35 kB | 316 kB | 118 kB | 45/263 kB Progress (4): 35 kB | 316 kB | 118 kB | 49/263 kB Progress (4): 35 kB | 316 kB | 118 kB | 53/263 kB Progress (4): 35 kB | 316 kB | 118 kB | 57/263 kB Progress (4): 35 kB | 316 kB | 118 kB | 61/263 kB Progress (4): 35 kB | 316 kB | 118 kB | 65/263 kB Progress (4): 35 kB | 316 kB | 118 kB | 69/263 kB Progress (4): 35 kB | 316 kB | 118 kB | 73/263 kB Progress (4): 35 kB | 316 kB | 118 kB | 77/263 kB Progress (4): 35 kB | 316 kB | 118 kB | 81/263 kB Progress (4): 35 kB | 316 kB | 118 kB | 85/263 kB Progress (4): 35 kB | 316 kB | 118 kB | 89/263 kB Progress (4): 35 kB | 316 kB | 118 kB | 93/263 kB Progress (4): 35 kB | 316 kB | 118 kB | 98/263 kB Progress (4): 35 kB | 316 kB | 118 kB | 102/263 kB Progress (4): 35 kB | 316 kB | 118 kB | 106/263 kB Progress (4): 35 kB | 316 kB | 118 kB | 110/263 kB Progress (4): 35 kB | 316 kB | 118 kB | 114/263 kB Progress (4): 35 kB | 316 kB | 118 kB | 118/263 kB Progress (4): 35 kB | 316 kB | 118 kB | 122/263 kB Progress (4): 35 kB | 316 kB | 118 kB | 126/263 kB Progress (4): 35 kB | 316 kB | 118 kB | 130/263 kB Progress (4): 35 kB | 316 kB | 118 kB | 134/263 kB Progress (4): 35 kB | 316 kB | 118 kB | 139/263 kB Progress (4): 35 kB | 316 kB | 118 kB | 143/263 kB Progress (4): 35 kB | 316 kB | 118 kB | 147/263 kB Progress (4): 35 kB | 316 kB | 118 kB | 151/263 kB Progress (4): 35 kB | 316 kB | 118 kB | 155/263 kB Progress (4): 35 kB | 316 kB | 118 kB | 159/263 kB Progress (4): 35 kB | 316 kB | 118 kB | 163/263 kB Progress (5): 35 kB | 316 kB | 118 kB | 163/263 kB | 4.1/31 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/surefire/surefire-booter/2.12.4/surefire-booter-2.12.4.jar (35 kB at 991 kB/s) Progress (4): 316 kB | 118 kB | 163/263 kB | 7.5/31 kB Progress (4): 316 kB | 118 kB | 167/263 kB | 7.5/31 kB Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/3.0.8/plexus-utils-3.0.8.jar Progress (4): 316 kB | 118 kB | 171/263 kB | 7.5/31 kB Progress (4): 316 kB | 118 kB | 171/263 kB | 12/31 kB Progress (4): 316 kB | 118 kB | 175/263 kB | 12/31 kB Progress (4): 316 kB | 118 kB | 175/263 kB | 16/31 kB Progress (4): 316 kB | 118 kB | 179/263 kB | 16/31 kB Progress (4): 316 kB | 118 kB | 179/263 kB | 20/31 kB Progress (4): 316 kB | 118 kB | 184/263 kB | 20/31 kB Progress (4): 316 kB | 118 kB | 184/263 kB | 24/31 kB Progress (4): 316 kB | 118 kB | 188/263 kB | 24/31 kB Progress (4): 316 kB | 118 kB | 188/263 kB | 28/31 kB Progress (4): 316 kB | 118 kB | 192/263 kB | 28/31 kB Progress (4): 316 kB | 118 kB | 192/263 kB | 31 kB Progress (4): 316 kB | 118 kB | 196/263 kB | 31 kB Progress (4): 316 kB | 118 kB | 200/263 kB | 31 kB Progress (4): 316 kB | 118 kB | 204/263 kB | 31 kB Progress (4): 316 kB | 118 kB | 208/263 kB | 31 kB Progress (4): 316 kB | 118 kB | 212/263 kB | 31 kB Progress (4): 316 kB | 118 kB | 216/263 kB | 31 kB Progress (4): 316 kB | 118 kB | 220/263 kB | 31 kB Progress (4): 316 kB | 118 kB | 225/263 kB | 31 kB Progress (4): 316 kB | 118 kB | 229/263 kB | 31 kB Progress (4): 316 kB | 118 kB | 233/263 kB | 31 kB Progress (4): 316 kB | 118 kB | 237/263 kB | 31 kB Progress (4): 316 kB | 118 kB | 241/263 kB | 31 kB Progress (4): 316 kB | 118 kB | 245/263 kB | 31 kB Progress (4): 316 kB | 118 kB | 249/263 kB | 31 kB Progress (4): 316 kB | 118 kB | 253/263 kB | 31 kB Progress (4): 316 kB | 118 kB | 257/263 kB | 31 kB Progress (4): 316 kB | 118 kB | 261/263 kB | 31 kB Progress (4): 316 kB | 118 kB | 263 kB | 31 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/surefire/surefire-api/2.12.4/surefire-api-2.12.4.jar (118 kB at 3.0 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/reporting/maven-reporting-api/2.0.9/maven-reporting-api-2.0.9.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/commons/commons-lang3/3.1/commons-lang3-3.1.jar (316 kB at 7.2 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-toolchain/2.0.9/maven-toolchain-2.0.9.jar Progress (3): 263 kB | 31 kB | 4.1/232 kB Progress (3): 263 kB | 31 kB | 7.7/232 kB Progress (3): 263 kB | 31 kB | 12/232 kB Progress (3): 263 kB | 31 kB | 16/232 kB Progress (3): 263 kB | 31 kB | 20/232 kB Progress (3): 263 kB | 31 kB | 24/232 kB Progress (3): 263 kB | 31 kB | 28/232 kB Progress (3): 263 kB | 31 kB | 32/232 kB Progress (3): 263 kB | 31 kB | 36/232 kB Progress (3): 263 kB | 31 kB | 40/232 kB Progress (3): 263 kB | 31 kB | 45/232 kB Progress (3): 263 kB | 31 kB | 49/232 kB Progress (3): 263 kB | 31 kB | 53/232 kB Progress (3): 263 kB | 31 kB | 57/232 kB Progress (3): 263 kB | 31 kB | 61/232 kB Progress (3): 263 kB | 31 kB | 65/232 kB Progress (3): 263 kB | 31 kB | 69/232 kB Progress (3): 263 kB | 31 kB | 73/232 kB Progress (3): 263 kB | 31 kB | 77/232 kB Progress (3): 263 kB | 31 kB | 81/232 kB Progress (3): 263 kB | 31 kB | 86/232 kB Progress (3): 263 kB | 31 kB | 90/232 kB Progress (3): 263 kB | 31 kB | 94/232 kB Progress (3): 263 kB | 31 kB | 98/232 kB Progress (3): 263 kB | 31 kB | 102/232 kB Progress (3): 263 kB | 31 kB | 106/232 kB Progress (3): 263 kB | 31 kB | 110/232 kB Progress (3): 263 kB | 31 kB | 114/232 kB Progress (3): 263 kB | 31 kB | 118/232 kB Progress (3): 263 kB | 31 kB | 122/232 kB Progress (3): 263 kB | 31 kB | 126/232 kB Progress (3): 263 kB | 31 kB | 131/232 kB Progress (3): 263 kB | 31 kB | 135/232 kB Progress (3): 263 kB | 31 kB | 139/232 kB Progress (3): 263 kB | 31 kB | 143/232 kB Progress (3): 263 kB | 31 kB | 147/232 kB Progress (3): 263 kB | 31 kB | 151/232 kB Progress (3): 263 kB | 31 kB | 155/232 kB Progress (3): 263 kB | 31 kB | 159/232 kB Progress (3): 263 kB | 31 kB | 163/232 kB Progress (3): 263 kB | 31 kB | 167/232 kB Progress (3): 263 kB | 31 kB | 172/232 kB Progress (3): 263 kB | 31 kB | 176/232 kB Progress (3): 263 kB | 31 kB | 180/232 kB Progress (3): 263 kB | 31 kB | 184/232 kB Progress (3): 263 kB | 31 kB | 188/232 kB Progress (3): 263 kB | 31 kB | 192/232 kB Progress (3): 263 kB | 31 kB | 196/232 kB Progress (3): 263 kB | 31 kB | 200/232 kB Progress (3): 263 kB | 31 kB | 204/232 kB Progress (3): 263 kB | 31 kB | 208/232 kB Progress (3): 263 kB | 31 kB | 213/232 kB Progress (3): 263 kB | 31 kB | 217/232 kB Progress (3): 263 kB | 31 kB | 221/232 kB Progress (3): 263 kB | 31 kB | 225/232 kB Progress (3): 263 kB | 31 kB | 229/232 kB Progress (3): 263 kB | 31 kB | 232 kB Progress (4): 263 kB | 31 kB | 232 kB | 4.1/10 kB Progress (4): 263 kB | 31 kB | 232 kB | 7.7/10 kB Progress (4): 263 kB | 31 kB | 232 kB | 10 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-common-artifact-filters/1.3/maven-common-artifact-filters-1.3.jar (31 kB at 536 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugin-tools/maven-plugin-annotations/3.1/maven-plugin-annotations-3.1.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/surefire/maven-surefire-common/2.12.4/maven-surefire-common-2.12.4.jar (263 kB at 4.5 MB/s) Progress (3): 232 kB | 10 kB | 4.1/38 kB Progress (3): 232 kB | 10 kB | 7.7/38 kB Progress (3): 232 kB | 10 kB | 12/38 kB Progress (3): 232 kB | 10 kB | 16/38 kB Progress (3): 232 kB | 10 kB | 20/38 kB Progress (3): 232 kB | 10 kB | 24/38 kB Progress (3): 232 kB | 10 kB | 28/38 kB Progress (3): 232 kB | 10 kB | 32/38 kB Progress (3): 232 kB | 10 kB | 36/38 kB Progress (3): 232 kB | 10 kB | 38 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/3.0.8/plexus-utils-3.0.8.jar (232 kB at 3.6 MB/s) Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/reporting/maven-reporting-api/2.0.9/maven-reporting-api-2.0.9.jar (10 kB at 143 kB/s) Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-toolchain/2.0.9/maven-toolchain-2.0.9.jar (38 kB at 481 kB/s) Progress (1): 4.1/14 kB Progress (1): 7.7/14 kB Progress (1): 12/14 kB Progress (1): 14 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugin-tools/maven-plugin-annotations/3.1/maven-plugin-annotations-3.1.jar (14 kB at 135 kB/s) [INFO] Tests are skipped. [INFO] [INFO] --- maven-jar-plugin:3.3.0:jar (default-jar) @ simple-java-project --- Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/file-management/3.1.0/file-management-3.1.0.pom Progress (1): 4.1 kB Progress (1): 4.5 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/file-management/3.1.0/file-management-3.1.0.pom (4.5 kB at 93 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-components/36/maven-shared-components-36.pom Progress (1): 4.1 kB Progress (1): 4.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-components/36/maven-shared-components-36.pom (4.9 kB at 61 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/36/maven-parent-36.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 16 kB Progress (1): 20 kB Progress (1): 25 kB Progress (1): 29 kB Progress (1): 33 kB Progress (1): 37 kB Progress (1): 41 kB Progress (1): 45 kB Progress (1): 45 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/36/maven-parent-36.pom (45 kB at 798 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/apache/26/apache-26.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 16 kB Progress (1): 20 kB Progress (1): 21 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/apache/26/apache-26.pom (21 kB at 380 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/slf4j/slf4j-api/1.7.36/slf4j-api-1.7.36.pom Progress (1): 2.7 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/slf4j/slf4j-api/1.7.36/slf4j-api-1.7.36.pom (2.7 kB at 53 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/slf4j/slf4j-parent/1.7.36/slf4j-parent-1.7.36.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 14 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/slf4j/slf4j-parent/1.7.36/slf4j-parent-1.7.36.pom (14 kB at 288 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/3.3.0/plexus-utils-3.3.0.pom Progress (1): 4.1 kB Progress (1): 5.2 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/3.3.0/plexus-utils-3.3.0.pom (5.2 kB at 89 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/5.1/plexus-5.1.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 16 kB Progress (1): 20 kB Progress (1): 23 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/5.1/plexus-5.1.pom (23 kB at 388 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/commons-io/commons-io/2.11.0/commons-io-2.11.0.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 16 kB Progress (1): 20 kB Downloaded from central: https://repo.maven.apache.org/maven2/commons-io/commons-io/2.11.0/commons-io-2.11.0.pom (20 kB at 318 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/commons/commons-parent/52/commons-parent-52.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 16 kB Progress (1): 20 kB Progress (1): 25 kB Progress (1): 29 kB Progress (1): 33 kB Progress (1): 37 kB Progress (1): 41 kB Progress (1): 45 kB Progress (1): 49 kB Progress (1): 53 kB Progress (1): 57 kB Progress (1): 61 kB Progress (1): 66 kB Progress (1): 70 kB Progress (1): 74 kB Progress (1): 78 kB Progress (1): 79 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/commons/commons-parent/52/commons-parent-52.pom (79 kB at 991 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/junit/junit-bom/5.7.2/junit-bom-5.7.2.pom Progress (1): 4.1 kB Progress (1): 5.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/junit/junit-bom/5.7.2/junit-bom-5.7.2.pom (5.1 kB at 71 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-archiver/3.6.0/maven-archiver-3.6.0.pom Progress (1): 3.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-archiver/3.6.0/maven-archiver-3.6.0.pom (3.9 kB at 61 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-io/3.4.0/plexus-io-3.4.0.pom Progress (1): 4.1 kB Progress (1): 6.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-io/3.4.0/plexus-io-3.4.0.pom (6.0 kB at 82 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/10/plexus-10.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 16 kB Progress (1): 20 kB Progress (1): 25 kB Progress (1): 25 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/10/plexus-10.pom (25 kB at 368 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/javax/inject/javax.inject/1/javax.inject-1.pom Progress (1): 612 B Downloaded from central: https://repo.maven.apache.org/maven2/javax/inject/javax.inject/1/javax.inject-1.pom (612 B at 11 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-archiver/4.4.0/plexus-archiver-4.4.0.pom Progress (1): 4.1 kB Progress (1): 6.3 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-archiver/4.4.0/plexus-archiver-4.4.0.pom (6.3 kB at 60 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/commons/commons-compress/1.21/commons-compress-1.21.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 16 kB Progress (1): 20 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/commons/commons-compress/1.21/commons-compress-1.21.pom (20 kB at 259 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/iq80/snappy/snappy/0.4/snappy-0.4.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 15 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/iq80/snappy/snappy/0.4/snappy-0.4.pom (15 kB at 246 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/tukaani/xz/1.9/xz-1.9.pom Progress (1): 2.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/tukaani/xz/1.9/xz-1.9.pom (2.0 kB at 32 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-interpolation/1.26/plexus-interpolation-1.26.pom Progress (1): 2.7 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-interpolation/1.26/plexus-interpolation-1.26.pom (2.7 kB at 52 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/3.4.2/plexus-utils-3.4.2.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 8.2 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/3.4.2/plexus-utils-3.4.2.pom (8.2 kB at 130 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/8/plexus-8.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 16 kB Progress (1): 20 kB Progress (1): 25 kB Progress (1): 25 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/8/plexus-8.pom (25 kB at 410 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/file-management/3.1.0/file-management-3.1.0.jar Downloading from central: https://repo.maven.apache.org/maven2/org/slf4j/slf4j-api/1.7.36/slf4j-api-1.7.36.jar Downloading from central: https://repo.maven.apache.org/maven2/commons-io/commons-io/2.11.0/commons-io-2.11.0.jar Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-archiver/3.6.0/maven-archiver-3.6.0.jar Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-io/3.4.0/plexus-io-3.4.0.jar Progress (1): 4.1/327 kB Progress (1): 7.7/327 kB Progress (1): 12/327 kB Progress (1): 16/327 kB Progress (1): 20/327 kB Progress (1): 24/327 kB Progress (1): 28/327 kB Progress (1): 32/327 kB Progress (1): 36/327 kB Progress (1): 40/327 kB Progress (1): 44/327 kB Progress (1): 48/327 kB Progress (1): 53/327 kB Progress (1): 57/327 kB Progress (1): 61/327 kB Progress (1): 65/327 kB Progress (1): 69/327 kB Progress (1): 73/327 kB Progress (1): 77/327 kB Progress (1): 81/327 kB Progress (1): 85/327 kB Progress (1): 89/327 kB Progress (1): 93/327 kB Progress (1): 98/327 kB Progress (1): 102/327 kB Progress (1): 106/327 kB Progress (1): 110/327 kB Progress (1): 114/327 kB Progress (1): 118/327 kB Progress (1): 122/327 kB Progress (1): 126/327 kB Progress (2): 126/327 kB | 4.1/26 kB Progress (2): 130/327 kB | 4.1/26 kB Progress (2): 130/327 kB | 7.7/26 kB Progress (2): 130/327 kB | 12/26 kB Progress (2): 134/327 kB | 12/26 kB Progress (2): 139/327 kB | 12/26 kB Progress (2): 139/327 kB | 16/26 kB Progress (2): 143/327 kB | 16/26 kB Progress (2): 143/327 kB | 20/26 kB Progress (2): 147/327 kB | 20/26 kB Progress (2): 147/327 kB | 24/26 kB Progress (2): 147/327 kB | 26 kB Progress (2): 151/327 kB | 26 kB Progress (2): 155/327 kB | 26 kB Progress (2): 159/327 kB | 26 kB Progress (2): 163/327 kB | 26 kB Progress (2): 167/327 kB | 26 kB Progress (2): 171/327 kB | 26 kB Progress (2): 175/327 kB | 26 kB Progress (2): 179/327 kB | 26 kB Progress (3): 179/327 kB | 26 kB | 4.1/41 kB Progress (3): 184/327 kB | 26 kB | 4.1/41 kB Progress (3): 188/327 kB | 26 kB | 4.1/41 kB Progress (3): 188/327 kB | 26 kB | 7.7/41 kB Progress (3): 192/327 kB | 26 kB | 7.7/41 kB Progress (3): 196/327 kB | 26 kB | 7.7/41 kB Progress (3): 196/327 kB | 26 kB | 12/41 kB Progress (3): 196/327 kB | 26 kB | 16/41 kB Progress (3): 200/327 kB | 26 kB | 16/41 kB Progress (3): 204/327 kB | 26 kB | 16/41 kB Progress (3): 208/327 kB | 26 kB | 16/41 kB Progress (3): 212/327 kB | 26 kB | 16/41 kB Progress (3): 212/327 kB | 26 kB | 20/41 kB Progress (3): 212/327 kB | 26 kB | 24/41 kB Progress (3): 216/327 kB | 26 kB | 24/41 kB Progress (3): 216/327 kB | 26 kB | 28/41 kB Progress (3): 220/327 kB | 26 kB | 28/41 kB Progress (3): 220/327 kB | 26 kB | 32/41 kB Progress (3): 225/327 kB | 26 kB | 32/41 kB Progress (3): 229/327 kB | 26 kB | 32/41 kB Progress (3): 229/327 kB | 26 kB | 36/41 kB Progress (3): 229/327 kB | 26 kB | 40/41 kB Progress (3): 233/327 kB | 26 kB | 40/41 kB Progress (3): 233/327 kB | 26 kB | 41 kB Progress (3): 237/327 kB | 26 kB | 41 kB Progress (3): 241/327 kB | 26 kB | 41 kB Progress (3): 245/327 kB | 26 kB | 41 kB Progress (3): 249/327 kB | 26 kB | 41 kB Progress (3): 253/327 kB | 26 kB | 41 kB Progress (3): 257/327 kB | 26 kB | 41 kB Progress (3): 261/327 kB | 26 kB | 41 kB Progress (3): 266/327 kB | 26 kB | 41 kB Progress (3): 270/327 kB | 26 kB | 41 kB Progress (3): 274/327 kB | 26 kB | 41 kB Progress (3): 278/327 kB | 26 kB | 41 kB Progress (3): 282/327 kB | 26 kB | 41 kB Progress (3): 286/327 kB | 26 kB | 41 kB Progress (3): 290/327 kB | 26 kB | 41 kB Progress (3): 294/327 kB | 26 kB | 41 kB Progress (3): 298/327 kB | 26 kB | 41 kB Progress (3): 302/327 kB | 26 kB | 41 kB Progress (3): 306/327 kB | 26 kB | 41 kB Progress (3): 311/327 kB | 26 kB | 41 kB Progress (3): 315/327 kB | 26 kB | 41 kB Progress (3): 319/327 kB | 26 kB | 41 kB Progress (3): 323/327 kB | 26 kB | 41 kB Progress (3): 327/327 kB | 26 kB | 41 kB Progress (3): 327 kB | 26 kB | 41 kB Progress (4): 327 kB | 26 kB | 41 kB | 4.1/36 kB Progress (4): 327 kB | 26 kB | 41 kB | 7.7/36 kB Progress (4): 327 kB | 26 kB | 41 kB | 12/36 kB Progress (4): 327 kB | 26 kB | 41 kB | 16/36 kB Progress (4): 327 kB | 26 kB | 41 kB | 20/36 kB Progress (5): 327 kB | 26 kB | 41 kB | 20/36 kB | 4.1/79 kB Progress (5): 327 kB | 26 kB | 41 kB | 24/36 kB | 4.1/79 kB Progress (5): 327 kB | 26 kB | 41 kB | 24/36 kB | 7.7/79 kB Progress (5): 327 kB | 26 kB | 41 kB | 28/36 kB | 7.7/79 kB Progress (5): 327 kB | 26 kB | 41 kB | 28/36 kB | 12/79 kB Progress (5): 327 kB | 26 kB | 41 kB | 32/36 kB | 12/79 kB Progress (5): 327 kB | 26 kB | 41 kB | 32/36 kB | 16/79 kB Progress (5): 327 kB | 26 kB | 41 kB | 36/36 kB | 16/79 kB Progress (5): 327 kB | 26 kB | 41 kB | 36/36 kB | 20/79 kB Progress (5): 327 kB | 26 kB | 41 kB | 36 kB | 20/79 kB Progress (5): 327 kB | 26 kB | 41 kB | 36 kB | 24/79 kB Progress (5): 327 kB | 26 kB | 41 kB | 36 kB | 28/79 kB Progress (5): 327 kB | 26 kB | 41 kB | 36 kB | 32/79 kB Progress (5): 327 kB | 26 kB | 41 kB | 36 kB | 36/79 kB Progress (5): 327 kB | 26 kB | 41 kB | 36 kB | 40/79 kB Progress (5): 327 kB | 26 kB | 41 kB | 36 kB | 44/79 kB Progress (5): 327 kB | 26 kB | 41 kB | 36 kB | 48/79 kB Progress (5): 327 kB | 26 kB | 41 kB | 36 kB | 53/79 kB Progress (5): 327 kB | 26 kB | 41 kB | 36 kB | 57/79 kB Progress (5): 327 kB | 26 kB | 41 kB | 36 kB | 61/79 kB Progress (5): 327 kB | 26 kB | 41 kB | 36 kB | 65/79 kB Progress (5): 327 kB | 26 kB | 41 kB | 36 kB | 69/79 kB Progress (5): 327 kB | 26 kB | 41 kB | 36 kB | 73/79 kB Progress (5): 327 kB | 26 kB | 41 kB | 36 kB | 77/79 kB Progress (5): 327 kB | 26 kB | 41 kB | 36 kB | 79 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-archiver/3.6.0/maven-archiver-3.6.0.jar (26 kB at 875 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/javax/inject/javax.inject/1/javax.inject-1.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/slf4j/slf4j-api/1.7.36/slf4j-api-1.7.36.jar (41 kB at 1.2 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-archiver/4.4.0/plexus-archiver-4.4.0.jar Downloaded from central: https://repo.maven.apache.org/maven2/commons-io/commons-io/2.11.0/commons-io-2.11.0.jar (327 kB at 8.2 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/commons/commons-compress/1.21/commons-compress-1.21.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-io/3.4.0/plexus-io-3.4.0.jar (79 kB at 1.7 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/iq80/snappy/snappy/0.4/snappy-0.4.jar Progress (2): 36 kB | 2.5 kB Progress (3): 36 kB | 2.5 kB | 4.1/211 kB Progress (3): 36 kB | 2.5 kB | 7.7/211 kB Progress (3): 36 kB | 2.5 kB | 12/211 kB Progress (3): 36 kB | 2.5 kB | 16/211 kB Progress (3): 36 kB | 2.5 kB | 20/211 kB Progress (3): 36 kB | 2.5 kB | 24/211 kB Progress (3): 36 kB | 2.5 kB | 28/211 kB Progress (3): 36 kB | 2.5 kB | 32/211 kB Progress (3): 36 kB | 2.5 kB | 36/211 kB Progress (3): 36 kB | 2.5 kB | 40/211 kB Progress (4): 36 kB | 2.5 kB | 40/211 kB | 0/1.0 MB Progress (4): 36 kB | 2.5 kB | 45/211 kB | 0/1.0 MB Progress (4): 36 kB | 2.5 kB | 49/211 kB | 0/1.0 MB Progress (4): 36 kB | 2.5 kB | 53/211 kB | 0/1.0 MB Progress (4): 36 kB | 2.5 kB | 53/211 kB | 0/1.0 MB Progress (4): 36 kB | 2.5 kB | 57/211 kB | 0/1.0 MB Progress (4): 36 kB | 2.5 kB | 61/211 kB | 0/1.0 MB Progress (4): 36 kB | 2.5 kB | 61/211 kB | 0/1.0 MB Progress (4): 36 kB | 2.5 kB | 65/211 kB | 0/1.0 MB Progress (4): 36 kB | 2.5 kB | 69/211 kB | 0/1.0 MB Progress (4): 36 kB | 2.5 kB | 69/211 kB | 0/1.0 MB Progress (4): 36 kB | 2.5 kB | 73/211 kB | 0/1.0 MB Progress (4): 36 kB | 2.5 kB | 77/211 kB | 0/1.0 MB Progress (4): 36 kB | 2.5 kB | 81/211 kB | 0/1.0 MB Progress (4): 36 kB | 2.5 kB | 86/211 kB | 0/1.0 MB Progress (4): 36 kB | 2.5 kB | 86/211 kB | 0/1.0 MB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/file-management/3.1.0/file-management-3.1.0.jar (36 kB at 661 kB/s) Progress (3): 2.5 kB | 90/211 kB | 0/1.0 MB Progress (3): 2.5 kB | 90/211 kB | 0/1.0 MB Downloading from central: https://repo.maven.apache.org/maven2/org/tukaani/xz/1.9/xz-1.9.jar Progress (3): 2.5 kB | 94/211 kB | 0/1.0 MB Progress (3): 2.5 kB | 98/211 kB | 0/1.0 MB Progress (3): 2.5 kB | 98/211 kB | 0.1/1.0 MB Progress (3): 2.5 kB | 102/211 kB | 0.1/1.0 MB Progress (3): 2.5 kB | 102/211 kB | 0.1/1.0 MB Progress (3): 2.5 kB | 106/211 kB | 0.1/1.0 MB Progress (3): 2.5 kB | 106/211 kB | 0.1/1.0 MB Progress (3): 2.5 kB | 110/211 kB | 0.1/1.0 MB Progress (3): 2.5 kB | 110/211 kB | 0.1/1.0 MB Progress (3): 2.5 kB | 114/211 kB | 0.1/1.0 MB Progress (3): 2.5 kB | 118/211 kB | 0.1/1.0 MB Progress (3): 2.5 kB | 122/211 kB | 0.1/1.0 MB Progress (3): 2.5 kB | 122/211 kB | 0.1/1.0 MB Progress (3): 2.5 kB | 126/211 kB | 0.1/1.0 MB Progress (3): 2.5 kB | 126/211 kB | 0.1/1.0 MB Progress (3): 2.5 kB | 131/211 kB | 0.1/1.0 MB Progress (3): 2.5 kB | 135/211 kB | 0.1/1.0 MB Progress (3): 2.5 kB | 139/211 kB | 0.1/1.0 MB Progress (3): 2.5 kB | 139/211 kB | 0.1/1.0 MB Progress (3): 2.5 kB | 139/211 kB | 0.1/1.0 MB Progress (3): 2.5 kB | 143/211 kB | 0.1/1.0 MB Progress (3): 2.5 kB | 143/211 kB | 0.1/1.0 MB Progress (3): 2.5 kB | 147/211 kB | 0.1/1.0 MB Progress (3): 2.5 kB | 151/211 kB | 0.1/1.0 MB Progress (3): 2.5 kB | 155/211 kB | 0.1/1.0 MB Progress (3): 2.5 kB | 155/211 kB | 0.1/1.0 MB Progress (3): 2.5 kB | 155/211 kB | 0.1/1.0 MB Progress (3): 2.5 kB | 159/211 kB | 0.1/1.0 MB Progress (3): 2.5 kB | 163/211 kB | 0.1/1.0 MB Progress (3): 2.5 kB | 167/211 kB | 0.1/1.0 MB Progress (3): 2.5 kB | 167/211 kB | 0.1/1.0 MB Progress (3): 2.5 kB | 172/211 kB | 0.1/1.0 MB Progress (3): 2.5 kB | 172/211 kB | 0.1/1.0 MB Progress (3): 2.5 kB | 172/211 kB | 0.2/1.0 MB Progress (3): 2.5 kB | 172/211 kB | 0.2/1.0 MB Progress (3): 2.5 kB | 172/211 kB | 0.2/1.0 MB Progress (3): 2.5 kB | 176/211 kB | 0.2/1.0 MB Progress (3): 2.5 kB | 176/211 kB | 0.2/1.0 MB Progress (3): 2.5 kB | 180/211 kB | 0.2/1.0 MB Progress (3): 2.5 kB | 184/211 kB | 0.2/1.0 MB Progress (3): 2.5 kB | 184/211 kB | 0.2/1.0 MB Progress (3): 2.5 kB | 188/211 kB | 0.2/1.0 MB Progress (3): 2.5 kB | 188/211 kB | 0.2/1.0 MB Progress (3): 2.5 kB | 192/211 kB | 0.2/1.0 MB Progress (3): 2.5 kB | 192/211 kB | 0.2/1.0 MB Progress (3): 2.5 kB | 196/211 kB | 0.2/1.0 MB Progress (3): 2.5 kB | 196/211 kB | 0.2/1.0 MB Progress (3): 2.5 kB | 200/211 kB | 0.2/1.0 MB Progress (3): 2.5 kB | 204/211 kB | 0.2/1.0 MB Progress (3): 2.5 kB | 204/211 kB | 0.2/1.0 MB Progress (3): 2.5 kB | 208/211 kB | 0.2/1.0 MB Progress (3): 2.5 kB | 208/211 kB | 0.2/1.0 MB Progress (3): 2.5 kB | 211 kB | 0.2/1.0 MB Progress (3): 2.5 kB | 211 kB | 0.2/1.0 MB Progress (3): 2.5 kB | 211 kB | 0.2/1.0 MB Progress (3): 2.5 kB | 211 kB | 0.3/1.0 MB Progress (3): 2.5 kB | 211 kB | 0.3/1.0 MB Progress (3): 2.5 kB | 211 kB | 0.3/1.0 MB Progress (3): 2.5 kB | 211 kB | 0.3/1.0 MB Progress (3): 2.5 kB | 211 kB | 0.3/1.0 MB Progress (3): 2.5 kB | 211 kB | 0.3/1.0 MB Progress (3): 2.5 kB | 211 kB | 0.3/1.0 MB Progress (3): 2.5 kB | 211 kB | 0.3/1.0 MB Progress (3): 2.5 kB | 211 kB | 0.3/1.0 MB Progress (3): 2.5 kB | 211 kB | 0.3/1.0 MB Progress (3): 2.5 kB | 211 kB | 0.3/1.0 MB Progress (3): 2.5 kB | 211 kB | 0.3/1.0 MB Progress (3): 2.5 kB | 211 kB | 0.4/1.0 MB Progress (3): 2.5 kB | 211 kB | 0.4/1.0 MB Progress (3): 2.5 kB | 211 kB | 0.4/1.0 MB Progress (3): 2.5 kB | 211 kB | 0.4/1.0 MB Progress (3): 2.5 kB | 211 kB | 0.4/1.0 MB Progress (3): 2.5 kB | 211 kB | 0.4/1.0 MB Downloaded from central: https://repo.maven.apache.org/maven2/javax/inject/javax.inject/1/javax.inject-1.jar (2.5 kB at 42 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-interpolation/1.26/plexus-interpolation-1.26.jar Progress (2): 211 kB | 0.4/1.0 MB Progress (2): 211 kB | 0.4/1.0 MB Progress (2): 211 kB | 0.4/1.0 MB Progress (2): 211 kB | 0.4/1.0 MB Progress (2): 211 kB | 0.4/1.0 MB Progress (2): 211 kB | 0.4/1.0 MB Progress (2): 211 kB | 0.5/1.0 MB Progress (2): 211 kB | 0.5/1.0 MB Progress (2): 211 kB | 0.5/1.0 MB Progress (2): 211 kB | 0.5/1.0 MB Progress (2): 211 kB | 0.5/1.0 MB Progress (2): 211 kB | 0.5/1.0 MB Progress (2): 211 kB | 0.5/1.0 MB Progress (2): 211 kB | 0.5/1.0 MB Progress (2): 211 kB | 0.5/1.0 MB Progress (2): 211 kB | 0.5/1.0 MB Progress (2): 211 kB | 0.5/1.0 MB Progress (2): 211 kB | 0.5/1.0 MB Progress (2): 211 kB | 0.5/1.0 MB Progress (2): 211 kB | 0.6/1.0 MB Progress (2): 211 kB | 0.6/1.0 MB Progress (2): 211 kB | 0.6/1.0 MB Progress (2): 211 kB | 0.6/1.0 MB Progress (2): 211 kB | 0.6/1.0 MB Progress (2): 211 kB | 0.6/1.0 MB Progress (2): 211 kB | 0.6/1.0 MB Progress (2): 211 kB | 0.6/1.0 MB Progress (2): 211 kB | 0.6/1.0 MB Progress (2): 211 kB | 0.6/1.0 MB Progress (2): 211 kB | 0.6/1.0 MB Progress (2): 211 kB | 0.6/1.0 MB Progress (2): 211 kB | 0.7/1.0 MB Progress (2): 211 kB | 0.7/1.0 MB Progress (2): 211 kB | 0.7/1.0 MB Progress (2): 211 kB | 0.7/1.0 MB Progress (2): 211 kB | 0.7/1.0 MB Progress (2): 211 kB | 0.7/1.0 MB Progress (2): 211 kB | 0.7/1.0 MB Progress (2): 211 kB | 0.7/1.0 MB Progress (2): 211 kB | 0.7/1.0 MB Progress (2): 211 kB | 0.7/1.0 MB Progress (2): 211 kB | 0.7/1.0 MB Progress (2): 211 kB | 0.7/1.0 MB Progress (2): 211 kB | 0.8/1.0 MB Progress (2): 211 kB | 0.8/1.0 MB Progress (2): 211 kB | 0.8/1.0 MB Progress (2): 211 kB | 0.8/1.0 MB Progress (2): 211 kB | 0.8/1.0 MB Progress (2): 211 kB | 0.8/1.0 MB Progress (2): 211 kB | 0.8/1.0 MB Progress (2): 211 kB | 0.8/1.0 MB Progress (2): 211 kB | 0.8/1.0 MB Progress (2): 211 kB | 0.8/1.0 MB Progress (2): 211 kB | 0.8/1.0 MB Progress (2): 211 kB | 0.8/1.0 MB Progress (2): 211 kB | 0.9/1.0 MB Progress (2): 211 kB | 0.9/1.0 MB Progress (2): 211 kB | 0.9/1.0 MB Progress (2): 211 kB | 0.9/1.0 MB Progress (2): 211 kB | 0.9/1.0 MB Progress (2): 211 kB | 0.9/1.0 MB Progress (2): 211 kB | 0.9/1.0 MB Progress (2): 211 kB | 0.9/1.0 MB Progress (2): 211 kB | 0.9/1.0 MB Progress (2): 211 kB | 0.9/1.0 MB Progress (2): 211 kB | 0.9/1.0 MB Progress (2): 211 kB | 0.9/1.0 MB Progress (2): 211 kB | 1.0/1.0 MB Progress (2): 211 kB | 1.0/1.0 MB Progress (2): 211 kB | 1.0/1.0 MB Progress (2): 211 kB | 1.0/1.0 MB Progress (2): 211 kB | 1.0/1.0 MB Progress (2): 211 kB | 1.0/1.0 MB Progress (2): 211 kB | 1.0/1.0 MB Progress (2): 211 kB | 1.0/1.0 MB Progress (2): 211 kB | 1.0/1.0 MB Progress (2): 211 kB | 1.0 MB Progress (3): 211 kB | 1.0 MB | 4.1/58 kB Progress (3): 211 kB | 1.0 MB | 7.7/58 kB Progress (3): 211 kB | 1.0 MB | 12/58 kB Progress (3): 211 kB | 1.0 MB | 16/58 kB Progress (3): 211 kB | 1.0 MB | 20/58 kB Progress (3): 211 kB | 1.0 MB | 24/58 kB Progress (3): 211 kB | 1.0 MB | 28/58 kB Progress (3): 211 kB | 1.0 MB | 32/58 kB Progress (3): 211 kB | 1.0 MB | 36/58 kB Progress (3): 211 kB | 1.0 MB | 40/58 kB Progress (3): 211 kB | 1.0 MB | 44/58 kB Progress (3): 211 kB | 1.0 MB | 48/58 kB Progress (3): 211 kB | 1.0 MB | 52/58 kB Progress (3): 211 kB | 1.0 MB | 57/58 kB Progress (3): 211 kB | 1.0 MB | 58 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-archiver/4.4.0/plexus-archiver-4.4.0.jar (211 kB at 2.9 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/3.4.2/plexus-utils-3.4.2.jar Progress (3): 1.0 MB | 58 kB | 4.1/85 kB Progress (3): 1.0 MB | 58 kB | 7.7/85 kB Progress (3): 1.0 MB | 58 kB | 12/85 kB Progress (3): 1.0 MB | 58 kB | 16/85 kB Progress (3): 1.0 MB | 58 kB | 20/85 kB Progress (3): 1.0 MB | 58 kB | 24/85 kB Progress (3): 1.0 MB | 58 kB | 28/85 kB Progress (3): 1.0 MB | 58 kB | 32/85 kB Progress (3): 1.0 MB | 58 kB | 36/85 kB Progress (3): 1.0 MB | 58 kB | 40/85 kB Progress (3): 1.0 MB | 58 kB | 44/85 kB Progress (3): 1.0 MB | 58 kB | 48/85 kB Progress (3): 1.0 MB | 58 kB | 53/85 kB Progress (3): 1.0 MB | 58 kB | 57/85 kB Progress (3): 1.0 MB | 58 kB | 61/85 kB Progress (3): 1.0 MB | 58 kB | 65/85 kB Progress (3): 1.0 MB | 58 kB | 69/85 kB Progress (3): 1.0 MB | 58 kB | 73/85 kB Progress (3): 1.0 MB | 58 kB | 77/85 kB Progress (3): 1.0 MB | 58 kB | 81/85 kB Progress (3): 1.0 MB | 58 kB | 85/85 kB Progress (3): 1.0 MB | 58 kB | 85 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/commons/commons-compress/1.21/commons-compress-1.21.jar (1.0 MB at 13 MB/s) Progress (3): 58 kB | 85 kB | 4.1/116 kB Progress (3): 58 kB | 85 kB | 7.7/116 kB Progress (3): 58 kB | 85 kB | 12/116 kB Progress (3): 58 kB | 85 kB | 16/116 kB Progress (3): 58 kB | 85 kB | 20/116 kB Progress (3): 58 kB | 85 kB | 24/116 kB Progress (3): 58 kB | 85 kB | 28/116 kB Progress (3): 58 kB | 85 kB | 32/116 kB Progress (3): 58 kB | 85 kB | 36/116 kB Progress (3): 58 kB | 85 kB | 40/116 kB Progress (3): 58 kB | 85 kB | 45/116 kB Progress (3): 58 kB | 85 kB | 49/116 kB Progress (3): 58 kB | 85 kB | 53/116 kB Progress (3): 58 kB | 85 kB | 57/116 kB Progress (3): 58 kB | 85 kB | 61/116 kB Progress (3): 58 kB | 85 kB | 65/116 kB Progress (3): 58 kB | 85 kB | 69/116 kB Progress (3): 58 kB | 85 kB | 73/116 kB Progress (3): 58 kB | 85 kB | 77/116 kB Progress (3): 58 kB | 85 kB | 81/116 kB Progress (3): 58 kB | 85 kB | 86/116 kB Progress (3): 58 kB | 85 kB | 90/116 kB Progress (3): 58 kB | 85 kB | 94/116 kB Progress (3): 58 kB | 85 kB | 98/116 kB Progress (3): 58 kB | 85 kB | 102/116 kB Progress (3): 58 kB | 85 kB | 106/116 kB Progress (3): 58 kB | 85 kB | 110/116 kB Progress (3): 58 kB | 85 kB | 114/116 kB Progress (3): 58 kB | 85 kB | 116 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-interpolation/1.26/plexus-interpolation-1.26.jar (85 kB at 959 kB/s) Downloaded from central: https://repo.maven.apache.org/maven2/org/iq80/snappy/snappy/0.4/snappy-0.4.jar (58 kB at 623 kB/s) Progress (2): 116 kB | 4.1/267 kB Progress (2): 116 kB | 7.7/267 kB Progress (2): 116 kB | 12/267 kB Progress (2): 116 kB | 16/267 kB Progress (2): 116 kB | 20/267 kB Progress (2): 116 kB | 24/267 kB Progress (2): 116 kB | 28/267 kB Progress (2): 116 kB | 32/267 kB Progress (2): 116 kB | 36/267 kB Progress (2): 116 kB | 40/267 kB Progress (2): 116 kB | 45/267 kB Progress (2): 116 kB | 49/267 kB Progress (2): 116 kB | 53/267 kB Progress (2): 116 kB | 57/267 kB Progress (2): 116 kB | 61/267 kB Progress (2): 116 kB | 65/267 kB Progress (2): 116 kB | 69/267 kB Progress (2): 116 kB | 73/267 kB Progress (2): 116 kB | 77/267 kB Progress (2): 116 kB | 81/267 kB Progress (2): 116 kB | 86/267 kB Progress (2): 116 kB | 90/267 kB Progress (2): 116 kB | 94/267 kB Progress (2): 116 kB | 98/267 kB Progress (2): 116 kB | 102/267 kB Progress (2): 116 kB | 106/267 kB Progress (2): 116 kB | 110/267 kB Progress (2): 116 kB | 114/267 kB Progress (2): 116 kB | 118/267 kB Progress (2): 116 kB | 122/267 kB Progress (2): 116 kB | 126/267 kB Progress (2): 116 kB | 131/267 kB Progress (2): 116 kB | 135/267 kB Progress (2): 116 kB | 139/267 kB Progress (2): 116 kB | 143/267 kB Progress (2): 116 kB | 147/267 kB Progress (2): 116 kB | 151/267 kB Progress (2): 116 kB | 155/267 kB Progress (2): 116 kB | 159/267 kB Progress (2): 116 kB | 163/267 kB Progress (2): 116 kB | 167/267 kB Progress (2): 116 kB | 172/267 kB Progress (2): 116 kB | 176/267 kB Progress (2): 116 kB | 180/267 kB Progress (2): 116 kB | 184/267 kB Progress (2): 116 kB | 188/267 kB Progress (2): 116 kB | 192/267 kB Progress (2): 116 kB | 196/267 kB Progress (2): 116 kB | 200/267 kB Progress (2): 116 kB | 204/267 kB Progress (2): 116 kB | 208/267 kB Progress (2): 116 kB | 213/267 kB Progress (2): 116 kB | 217/267 kB Progress (2): 116 kB | 221/267 kB Progress (2): 116 kB | 225/267 kB Progress (2): 116 kB | 229/267 kB Progress (2): 116 kB | 233/267 kB Progress (2): 116 kB | 237/267 kB Progress (2): 116 kB | 241/267 kB Progress (2): 116 kB | 245/267 kB Progress (2): 116 kB | 249/267 kB Progress (2): 116 kB | 253/267 kB Progress (2): 116 kB | 257/267 kB Progress (2): 116 kB | 261/267 kB Progress (2): 116 kB | 265/267 kB Progress (2): 116 kB | 267 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/tukaani/xz/1.9/xz-1.9.jar (116 kB at 1.1 MB/s) Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/3.4.2/plexus-utils-3.4.2.jar (267 kB at 2.3 MB/s) [INFO] Building jar: /work/target/hacbs-test.jar [INFO] [INFO] --- maven-shade-plugin:3.2.4:shade (default) @ simple-java-project --- Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-api/3.0/maven-plugin-api-3.0.pom Progress (1): 2.3 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-api/3.0/maven-plugin-api-3.0.pom (2.3 kB at 48 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven/3.0/maven-3.0.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 16 kB Progress (1): 20 kB Progress (1): 22 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven/3.0/maven-3.0.pom (22 kB at 576 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/15/maven-parent-15.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 16 kB Progress (1): 20 kB Progress (1): 24 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/15/maven-parent-15.pom (24 kB at 533 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-model/3.0/maven-model-3.0.pom Progress (1): 3.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-model/3.0/maven-model-3.0.pom (3.9 kB at 70 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/2.0.4/plexus-utils-2.0.4.pom Progress (1): 3.3 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/2.0.4/plexus-utils-2.0.4.pom (3.3 kB at 74 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact/3.0/maven-artifact-3.0.pom Progress (1): 1.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact/3.0/maven-artifact-3.0.pom (1.9 kB at 36 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/sisu/sisu-inject-plexus/1.4.2/sisu-inject-plexus-1.4.2.pom Progress (1): 4.1 kB Progress (1): 5.4 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/sisu/sisu-inject-plexus/1.4.2/sisu-inject-plexus-1.4.2.pom (5.4 kB at 114 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/sisu/inject/guice-plexus/1.4.2/guice-plexus-1.4.2.pom Progress (1): 3.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/sisu/inject/guice-plexus/1.4.2/guice-plexus-1.4.2.pom (3.1 kB at 64 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/sisu/inject/guice-bean/1.4.2/guice-bean-1.4.2.pom Progress (1): 2.6 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/sisu/inject/guice-bean/1.4.2/guice-bean-1.4.2.pom (2.6 kB at 55 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/sisu/sisu-inject/1.4.2/sisu-inject-1.4.2.pom Progress (1): 1.2 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/sisu/sisu-inject/1.4.2/sisu-inject-1.4.2.pom (1.2 kB at 22 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/sisu/sisu-parent/1.4.2/sisu-parent-1.4.2.pom Progress (1): 4.1 kB Progress (1): 7.8 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/sisu/sisu-parent/1.4.2/sisu-parent-1.4.2.pom (7.8 kB at 165 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/forge/forge-parent/6/forge-parent-6.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 11 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/forge/forge-parent/6/forge-parent-6.pom (11 kB at 199 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-component-annotations/2.0.0/plexus-component-annotations-2.0.0.pom Progress (1): 750 B Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-component-annotations/2.0.0/plexus-component-annotations-2.0.0.pom (750 B at 18 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-containers/2.0.0/plexus-containers-2.0.0.pom Progress (1): 4.1 kB Progress (1): 4.8 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-containers/2.0.0/plexus-containers-2.0.0.pom (4.8 kB at 100 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-classworlds/2.2.3/plexus-classworlds-2.2.3.pom Progress (1): 4.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-classworlds/2.2.3/plexus-classworlds-2.2.3.pom (4.0 kB at 93 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/sisu/sisu-inject-bean/1.4.2/sisu-inject-bean-1.4.2.pom Progress (1): 4.1 kB Progress (1): 5.5 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/sisu/sisu-inject-bean/1.4.2/sisu-inject-bean-1.4.2.pom (5.5 kB at 99 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/sisu/sisu-guice/2.1.7/sisu-guice-2.1.7.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 11 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/sisu/sisu-guice/2.1.7/sisu-guice-2.1.7.pom (11 kB at 221 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-core/3.0/maven-core-3.0.pom Progress (1): 4.1 kB Progress (1): 6.6 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-core/3.0/maven-core-3.0.pom (6.6 kB at 147 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-settings/3.0/maven-settings-3.0.pom Progress (1): 1.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-settings/3.0/maven-settings-3.0.pom (1.9 kB at 38 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-settings-builder/3.0/maven-settings-builder-3.0.pom Progress (1): 2.2 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-settings-builder/3.0/maven-settings-builder-3.0.pom (2.2 kB at 46 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-interpolation/1.14/plexus-interpolation-1.14.pom Progress (1): 910 B Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-interpolation/1.14/plexus-interpolation-1.14.pom (910 B at 19 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-components/1.1.18/plexus-components-1.1.18.pom Progress (1): 4.1 kB Progress (1): 5.4 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-components/1.1.18/plexus-components-1.1.18.pom (5.4 kB at 107 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-repository-metadata/3.0/maven-repository-metadata-3.0.pom Progress (1): 1.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-repository-metadata/3.0/maven-repository-metadata-3.0.pom (1.9 kB at 39 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-model-builder/3.0/maven-model-builder-3.0.pom Progress (1): 2.2 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-model-builder/3.0/maven-model-builder-3.0.pom (2.2 kB at 44 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-aether-provider/3.0/maven-aether-provider-3.0.pom Progress (1): 2.5 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-aether-provider/3.0/maven-aether-provider-3.0.pom (2.5 kB at 43 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/aether/aether-api/1.7/aether-api-1.7.pom Progress (1): 1.7 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/aether/aether-api/1.7/aether-api-1.7.pom (1.7 kB at 38 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/aether/aether-parent/1.7/aether-parent-1.7.pom Progress (1): 4.1 kB Progress (1): 7.7 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/aether/aether-parent/1.7/aether-parent-1.7.pom (7.7 kB at 172 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/aether/aether-util/1.7/aether-util-1.7.pom Progress (1): 2.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/aether/aether-util/1.7/aether-util-1.7.pom (2.1 kB at 38 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/aether/aether-impl/1.7/aether-impl-1.7.pom Progress (1): 3.7 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/aether/aether-impl/1.7/aether-impl-1.7.pom (3.7 kB at 72 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/aether/aether-spi/1.7/aether-spi-1.7.pom Progress (1): 1.7 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/aether/aether-spi/1.7/aether-spi-1.7.pom (1.7 kB at 39 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-artifact-transfer/0.12.0/maven-artifact-transfer-0.12.0.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 11 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-artifact-transfer/0.12.0/maven-artifact-transfer-0.12.0.pom (11 kB at 274 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-components/33/maven-shared-components-33.pom Progress (1): 4.1 kB Progress (1): 5.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-components/33/maven-shared-components-33.pom (5.1 kB at 127 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/33/maven-parent-33.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 16 kB Progress (1): 20 kB Progress (1): 25 kB Progress (1): 29 kB Progress (1): 33 kB Progress (1): 37 kB Progress (1): 41 kB Progress (1): 44 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/33/maven-parent-33.pom (44 kB at 1.1 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/apache/21/apache-21.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 16 kB Progress (1): 17 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/apache/21/apache-21.pom (17 kB at 364 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-common-artifact-filters/3.0.1/maven-common-artifact-filters-3.0.1.pom Progress (1): 4.1 kB Progress (1): 4.8 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-common-artifact-filters/3.0.1/maven-common-artifact-filters-3.0.1.pom (4.8 kB at 99 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-components/30/maven-shared-components-30.pom Progress (1): 4.1 kB Progress (1): 4.6 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-components/30/maven-shared-components-30.pom (4.6 kB at 92 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/30/maven-parent-30.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 16 kB Progress (1): 20 kB Progress (1): 25 kB Progress (1): 29 kB Progress (1): 33 kB Progress (1): 37 kB Progress (1): 41 kB Progress (1): 41 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/30/maven-parent-30.pom (41 kB at 918 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/apache/18/apache-18.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 16 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/apache/18/apache-18.pom (16 kB at 341 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-utils/3.1.0/maven-shared-utils-3.1.0.pom Progress (1): 4.1 kB Progress (1): 5.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-utils/3.1.0/maven-shared-utils-3.1.0.pom (5.0 kB at 119 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/commons-io/commons-io/2.5/commons-io-2.5.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 13 kB Downloaded from central: https://repo.maven.apache.org/maven2/commons-io/commons-io/2.5/commons-io-2.5.pom (13 kB at 316 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/commons/commons-parent/39/commons-parent-39.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 16 kB Progress (1): 20 kB Progress (1): 25 kB Progress (1): 29 kB Progress (1): 33 kB Progress (1): 37 kB Progress (1): 41 kB Progress (1): 45 kB Progress (1): 49 kB Progress (1): 53 kB Progress (1): 57 kB Progress (1): 61 kB Progress (1): 62 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/commons/commons-parent/39/commons-parent-39.pom (62 kB at 1.4 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/apache/16/apache-16.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 15 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/apache/16/apache-16.pom (15 kB at 321 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/3.1.1/plexus-utils-3.1.1.pom Progress (1): 4.1 kB Progress (1): 5.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/3.1.1/plexus-utils-3.1.1.pom (5.1 kB at 101 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/4.0/plexus-4.0.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 16 kB Progress (1): 20 kB Progress (1): 22 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/4.0/plexus-4.0.pom (22 kB at 478 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/commons-codec/commons-codec/1.11/commons-codec-1.11.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 14 kB Downloaded from central: https://repo.maven.apache.org/maven2/commons-codec/commons-codec/1.11/commons-codec-1.11.pom (14 kB at 285 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/commons/commons-parent/42/commons-parent-42.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 16 kB Progress (1): 20 kB Progress (1): 25 kB Progress (1): 29 kB Progress (1): 33 kB Progress (1): 37 kB Progress (1): 41 kB Progress (1): 45 kB Progress (1): 49 kB Progress (1): 53 kB Progress (1): 57 kB Progress (1): 61 kB Progress (1): 66 kB Progress (1): 68 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/commons/commons-parent/42/commons-parent-42.pom (68 kB at 1.4 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/slf4j/slf4j-api/1.7.5/slf4j-api-1.7.5.pom Progress (1): 2.7 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/slf4j/slf4j-api/1.7.5/slf4j-api-1.7.5.pom (2.7 kB at 58 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/slf4j/slf4j-parent/1.7.5/slf4j-parent-1.7.5.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/slf4j/slf4j-parent/1.7.5/slf4j-parent-1.7.5.pom (12 kB at 268 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/ow2/asm/asm/8.0/asm-8.0.pom Progress (1): 2.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/ow2/asm/asm/8.0/asm-8.0.pom (2.9 kB at 67 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/ow2/ow2/1.5/ow2-1.5.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 11 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/ow2/ow2/1.5/ow2-1.5.pom (11 kB at 288 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/ow2/asm/asm-commons/8.0/asm-commons-8.0.pom Progress (1): 3.7 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/ow2/asm/asm-commons/8.0/asm-commons-8.0.pom (3.7 kB at 89 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/ow2/asm/asm-tree/8.0/asm-tree-8.0.pom Progress (1): 3.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/ow2/asm/asm-tree/8.0/asm-tree-8.0.pom (3.1 kB at 58 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/ow2/asm/asm-analysis/8.0/asm-analysis-8.0.pom Progress (1): 3.2 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/ow2/asm/asm-analysis/8.0/asm-analysis-8.0.pom (3.2 kB at 75 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/jdom/jdom2/2.0.6/jdom2-2.0.6.pom Progress (1): 4.1 kB Progress (1): 4.6 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/jdom/jdom2/2.0.6/jdom2-2.0.6.pom (4.6 kB at 128 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-dependency-tree/3.0.1/maven-dependency-tree-3.0.1.pom Progress (1): 4.1 kB Progress (1): 7.5 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-dependency-tree/3.0.1/maven-dependency-tree-3.0.1.pom (7.5 kB at 183 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/eclipse/aether/aether-util/0.9.0.M2/aether-util-0.9.0.M2.pom Progress (1): 2.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/eclipse/aether/aether-util/0.9.0.M2/aether-util-0.9.0.M2.pom (2.0 kB at 42 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/eclipse/aether/aether/0.9.0.M2/aether-0.9.0.M2.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 16 kB Progress (1): 20 kB Progress (1): 25 kB Progress (1): 28 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/eclipse/aether/aether/0.9.0.M2/aether-0.9.0.M2.pom (28 kB at 619 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/commons-io/commons-io/2.6/commons-io-2.6.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 14 kB Downloaded from central: https://repo.maven.apache.org/maven2/commons-io/commons-io/2.6/commons-io-2.6.pom (14 kB at 356 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/vafer/jdependency/2.4.0/jdependency-2.4.0.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 15 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/vafer/jdependency/2.4.0/jdependency-2.4.0.pom (15 kB at 321 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/ow2/asm/asm-util/8.0/asm-util-8.0.pom Progress (1): 3.7 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/ow2/asm/asm-util/8.0/asm-util-8.0.pom (3.7 kB at 89 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/com/google/guava/guava/28.2-android/guava-28.2-android.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 11 kB Downloaded from central: https://repo.maven.apache.org/maven2/com/google/guava/guava/28.2-android/guava-28.2-android.pom (11 kB at 273 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/com/google/guava/guava-parent/28.2-android/guava-parent-28.2-android.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 13 kB Downloaded from central: https://repo.maven.apache.org/maven2/com/google/guava/guava-parent/28.2-android/guava-parent-28.2-android.pom (13 kB at 287 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/com/google/guava/failureaccess/1.0.1/failureaccess-1.0.1.pom Progress (1): 2.4 kB Downloaded from central: https://repo.maven.apache.org/maven2/com/google/guava/failureaccess/1.0.1/failureaccess-1.0.1.pom (2.4 kB at 60 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/com/google/guava/guava-parent/26.0-android/guava-parent-26.0-android.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 10 kB Downloaded from central: https://repo.maven.apache.org/maven2/com/google/guava/guava-parent/26.0-android/guava-parent-26.0-android.pom (10 kB at 268 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/oss/oss-parent/9/oss-parent-9.pom Progress (1): 4.1 kB Progress (1): 6.6 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/oss/oss-parent/9/oss-parent-9.pom (6.6 kB at 173 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/com/google/guava/listenablefuture/9999.0-empty-to-avoid-conflict-with-guava/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.pom Progress (1): 2.3 kB Downloaded from central: https://repo.maven.apache.org/maven2/com/google/guava/listenablefuture/9999.0-empty-to-avoid-conflict-with-guava/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.pom (2.3 kB at 54 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/com/google/code/findbugs/jsr305/3.0.2/jsr305-3.0.2.pom Progress (1): 4.1 kB Progress (1): 4.3 kB Downloaded from central: https://repo.maven.apache.org/maven2/com/google/code/findbugs/jsr305/3.0.2/jsr305-3.0.2.pom (4.3 kB at 97 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/oss/oss-parent/7/oss-parent-7.pom Progress (1): 4.1 kB Progress (1): 4.8 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/oss/oss-parent/7/oss-parent-7.pom (4.8 kB at 124 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/checkerframework/checker-compat-qual/2.5.5/checker-compat-qual-2.5.5.pom Progress (1): 2.7 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/checkerframework/checker-compat-qual/2.5.5/checker-compat-qual-2.5.5.pom (2.7 kB at 65 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/com/google/errorprone/error_prone_annotations/2.3.4/error_prone_annotations-2.3.4.pom Progress (1): 2.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/com/google/errorprone/error_prone_annotations/2.3.4/error_prone_annotations-2.3.4.pom (2.1 kB at 50 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/com/google/errorprone/error_prone_parent/2.3.4/error_prone_parent-2.3.4.pom Progress (1): 4.1 kB Progress (1): 5.4 kB Downloaded from central: https://repo.maven.apache.org/maven2/com/google/errorprone/error_prone_parent/2.3.4/error_prone_parent-2.3.4.pom (5.4 kB at 132 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/com/google/j2objc/j2objc-annotations/1.3/j2objc-annotations-1.3.pom Progress (1): 2.8 kB Downloaded from central: https://repo.maven.apache.org/maven2/com/google/j2objc/j2objc-annotations/1.3/j2objc-annotations-1.3.pom (2.8 kB at 69 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/commons/commons-lang3/3.7/commons-lang3-3.7.pom Progress (1): 4.1 kB Progress (1): 8.2 kB Progress (1): 12 kB Progress (1): 16 kB Progress (1): 20 kB Progress (1): 25 kB Progress (1): 28 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/commons/commons-lang3/3.7/commons-lang3-3.7.pom (28 kB at 626 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-api/3.0/maven-plugin-api-3.0.jar Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/sisu/sisu-inject-bean/1.4.2/sisu-inject-bean-1.4.2.jar Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-model/3.0/maven-model-3.0.jar Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/sisu/sisu-inject-plexus/1.4.2/sisu-inject-plexus-1.4.2.jar Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/sisu/sisu-guice/2.1.7/sisu-guice-2.1.7-noaop.jar Progress (1): 4.1/49 kB Progress (1): 7.7/49 kB Progress (1): 12/49 kB Progress (1): 16/49 kB Progress (1): 20/49 kB Progress (1): 24/49 kB Progress (1): 28/49 kB Progress (1): 32/49 kB Progress (1): 36/49 kB Progress (1): 40/49 kB Progress (1): 45/49 kB Progress (1): 49/49 kB Progress (1): 49 kB Progress (2): 49 kB | 4.1/202 kB Progress (2): 49 kB | 7.7/202 kB Progress (2): 49 kB | 12/202 kB Progress (2): 49 kB | 16/202 kB Progress (2): 49 kB | 20/202 kB Progress (2): 49 kB | 24/202 kB Progress (2): 49 kB | 28/202 kB Progress (2): 49 kB | 32/202 kB Progress (2): 49 kB | 36/202 kB Progress (2): 49 kB | 40/202 kB Progress (2): 49 kB | 45/202 kB Progress (2): 49 kB | 49/202 kB Progress (2): 49 kB | 53/202 kB Progress (2): 49 kB | 57/202 kB Progress (2): 49 kB | 61/202 kB Progress (2): 49 kB | 65/202 kB Progress (2): 49 kB | 69/202 kB Progress (2): 49 kB | 73/202 kB Progress (2): 49 kB | 77/202 kB Progress (2): 49 kB | 81/202 kB Progress (2): 49 kB | 86/202 kB Progress (2): 49 kB | 90/202 kB Progress (2): 49 kB | 94/202 kB Progress (2): 49 kB | 98/202 kB Progress (2): 49 kB | 102/202 kB Progress (2): 49 kB | 106/202 kB Progress (2): 49 kB | 110/202 kB Progress (2): 49 kB | 114/202 kB Progress (2): 49 kB | 118/202 kB Progress (2): 49 kB | 122/202 kB Progress (3): 49 kB | 122/202 kB | 4.1/153 kB Progress (3): 49 kB | 122/202 kB | 7.7/153 kB Progress (3): 49 kB | 122/202 kB | 12/153 kB Progress (3): 49 kB | 122/202 kB | 16/153 kB Progress (3): 49 kB | 122/202 kB | 20/153 kB Progress (3): 49 kB | 122/202 kB | 24/153 kB Progress (3): 49 kB | 122/202 kB | 28/153 kB Progress (3): 49 kB | 122/202 kB | 32/153 kB Progress (3): 49 kB | 122/202 kB | 36/153 kB Progress (3): 49 kB | 122/202 kB | 40/153 kB Progress (3): 49 kB | 126/202 kB | 40/153 kB Progress (3): 49 kB | 126/202 kB | 45/153 kB Progress (3): 49 kB | 131/202 kB | 45/153 kB Progress (3): 49 kB | 135/202 kB | 45/153 kB Progress (3): 49 kB | 135/202 kB | 49/153 kB Progress (3): 49 kB | 139/202 kB | 49/153 kB Progress (3): 49 kB | 139/202 kB | 53/153 kB Progress (3): 49 kB | 139/202 kB | 57/153 kB Progress (3): 49 kB | 143/202 kB | 57/153 kB Progress (3): 49 kB | 143/202 kB | 61/153 kB Progress (3): 49 kB | 147/202 kB | 61/153 kB Progress (3): 49 kB | 147/202 kB | 65/153 kB Progress (3): 49 kB | 151/202 kB | 65/153 kB Progress (3): 49 kB | 151/202 kB | 69/153 kB Progress (3): 49 kB | 155/202 kB | 69/153 kB Progress (3): 49 kB | 155/202 kB | 73/153 kB Progress (3): 49 kB | 155/202 kB | 77/153 kB Progress (3): 49 kB | 155/202 kB | 81/153 kB Progress (3): 49 kB | 155/202 kB | 86/153 kB Progress (3): 49 kB | 155/202 kB | 90/153 kB Progress (3): 49 kB | 155/202 kB | 94/153 kB Progress (3): 49 kB | 155/202 kB | 98/153 kB Progress (3): 49 kB | 155/202 kB | 102/153 kB Progress (3): 49 kB | 155/202 kB | 106/153 kB Progress (3): 49 kB | 155/202 kB | 110/153 kB Progress (3): 49 kB | 155/202 kB | 114/153 kB Progress (3): 49 kB | 155/202 kB | 118/153 kB Progress (4): 49 kB | 155/202 kB | 118/153 kB | 4.1/472 kB Progress (4): 49 kB | 159/202 kB | 118/153 kB | 4.1/472 kB Progress (4): 49 kB | 159/202 kB | 118/153 kB | 7.7/472 kB Progress (4): 49 kB | 159/202 kB | 122/153 kB | 7.7/472 kB Progress (4): 49 kB | 159/202 kB | 122/153 kB | 12/472 kB Progress (4): 49 kB | 163/202 kB | 122/153 kB | 12/472 kB Progress (4): 49 kB | 163/202 kB | 122/153 kB | 16/472 kB Progress (4): 49 kB | 163/202 kB | 126/153 kB | 16/472 kB Progress (4): 49 kB | 167/202 kB | 126/153 kB | 16/472 kB Progress (4): 49 kB | 167/202 kB | 126/153 kB | 20/472 kB Progress (4): 49 kB | 172/202 kB | 126/153 kB | 20/472 kB Progress (4): 49 kB | 172/202 kB | 131/153 kB | 20/472 kB Progress (4): 49 kB | 172/202 kB | 131/153 kB | 24/472 kB Progress (4): 49 kB | 176/202 kB | 131/153 kB | 24/472 kB Progress (4): 49 kB | 176/202 kB | 131/153 kB | 28/472 kB Progress (4): 49 kB | 176/202 kB | 135/153 kB | 28/472 kB Progress (4): 49 kB | 176/202 kB | 135/153 kB | 32/472 kB Progress (4): 49 kB | 180/202 kB | 135/153 kB | 32/472 kB Progress (4): 49 kB | 180/202 kB | 139/153 kB | 32/472 kB Progress (4): 49 kB | 184/202 kB | 139/153 kB | 32/472 kB Progress (4): 49 kB | 184/202 kB | 143/153 kB | 32/472 kB Progress (4): 49 kB | 184/202 kB | 143/153 kB | 36/472 kB Progress (4): 49 kB | 188/202 kB | 143/153 kB | 36/472 kB Progress (4): 49 kB | 188/202 kB | 143/153 kB | 40/472 kB Progress (4): 49 kB | 188/202 kB | 147/153 kB | 40/472 kB Progress (4): 49 kB | 192/202 kB | 147/153 kB | 40/472 kB Progress (4): 49 kB | 192/202 kB | 151/153 kB | 40/472 kB Progress (4): 49 kB | 192/202 kB | 151/153 kB | 45/472 kB Progress (4): 49 kB | 192/202 kB | 153 kB | 45/472 kB Progress (4): 49 kB | 196/202 kB | 153 kB | 45/472 kB Progress (4): 49 kB | 196/202 kB | 153 kB | 49/472 kB Progress (4): 49 kB | 200/202 kB | 153 kB | 49/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 49/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 53/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 57/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 61/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 65/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 69/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 73/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 77/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 81/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 86/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 90/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 94/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 98/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 102/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 106/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 110/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 114/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 118/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 122/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 126/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 131/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 135/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 139/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 143/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 147/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 151/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 155/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 159/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 163/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 167/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 172/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 176/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 180/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 184/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 188/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 192/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 196/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 200/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 204/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 208/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 212/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 217/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 221/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 225/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 229/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 233/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 237/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 240/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 244/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 248/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 252/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 256/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 260/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 265/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 269/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 273/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 277/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 281/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 285/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 289/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 293/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 297/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 301/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 306/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 310/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 314/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 318/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 322/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 326/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 330/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 334/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 338/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 342/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 346/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 351/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 355/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 359/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 363/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 367/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 371/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 375/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 379/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 383/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 387/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 392/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 396/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 400/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 404/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 408/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 412/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 416/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 420/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 424/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 428/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 432/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 437/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 441/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 445/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 449/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 453/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 457/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 459/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 463/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 467/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 472/472 kB Progress (4): 49 kB | 202 kB | 153 kB | 472 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-api/3.0/maven-plugin-api-3.0.jar (49 kB at 1.4 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-core/3.0/maven-core-3.0.jar Progress (4): 202 kB | 153 kB | 472 kB | 4.1/165 kB Progress (4): 202 kB | 153 kB | 472 kB | 7.7/165 kB Progress (4): 202 kB | 153 kB | 472 kB | 12/165 kB Progress (4): 202 kB | 153 kB | 472 kB | 16/165 kB Progress (4): 202 kB | 153 kB | 472 kB | 20/165 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/sisu/sisu-inject-bean/1.4.2/sisu-inject-bean-1.4.2.jar (153 kB at 3.6 MB/s) Progress (3): 202 kB | 472 kB | 24/165 kB Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-settings/3.0/maven-settings-3.0.jar Progress (3): 202 kB | 472 kB | 28/165 kB Progress (3): 202 kB | 472 kB | 32/165 kB Progress (3): 202 kB | 472 kB | 36/165 kB Progress (3): 202 kB | 472 kB | 40/165 kB Progress (3): 202 kB | 472 kB | 45/165 kB Progress (3): 202 kB | 472 kB | 49/165 kB Progress (3): 202 kB | 472 kB | 53/165 kB Progress (3): 202 kB | 472 kB | 57/165 kB Progress (3): 202 kB | 472 kB | 61/165 kB Progress (3): 202 kB | 472 kB | 65/165 kB Progress (3): 202 kB | 472 kB | 69/165 kB Progress (3): 202 kB | 472 kB | 73/165 kB Progress (3): 202 kB | 472 kB | 77/165 kB Progress (3): 202 kB | 472 kB | 81/165 kB Progress (3): 202 kB | 472 kB | 85/165 kB Progress (3): 202 kB | 472 kB | 89/165 kB Progress (3): 202 kB | 472 kB | 93/165 kB Progress (3): 202 kB | 472 kB | 98/165 kB Progress (3): 202 kB | 472 kB | 102/165 kB Progress (3): 202 kB | 472 kB | 106/165 kB Progress (3): 202 kB | 472 kB | 110/165 kB Progress (3): 202 kB | 472 kB | 114/165 kB Progress (3): 202 kB | 472 kB | 118/165 kB Progress (3): 202 kB | 472 kB | 122/165 kB Progress (3): 202 kB | 472 kB | 126/165 kB Progress (3): 202 kB | 472 kB | 130/165 kB Progress (3): 202 kB | 472 kB | 134/165 kB Progress (3): 202 kB | 472 kB | 139/165 kB Progress (3): 202 kB | 472 kB | 143/165 kB Progress (3): 202 kB | 472 kB | 147/165 kB Progress (3): 202 kB | 472 kB | 151/165 kB Progress (3): 202 kB | 472 kB | 155/165 kB Progress (3): 202 kB | 472 kB | 159/165 kB Progress (3): 202 kB | 472 kB | 163/165 kB Progress (3): 202 kB | 472 kB | 165 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/sisu/sisu-inject-plexus/1.4.2/sisu-inject-plexus-1.4.2.jar (202 kB at 4.5 MB/s) Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/sisu/sisu-guice/2.1.7/sisu-guice-2.1.7-noaop.jar (472 kB at 10 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-settings-builder/3.0/maven-settings-builder-3.0.jar Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-repository-metadata/3.0/maven-repository-metadata-3.0.jar Progress (2): 165 kB | 4.1/527 kB Progress (2): 165 kB | 7.7/527 kB Progress (2): 165 kB | 12/527 kB Progress (2): 165 kB | 16/527 kB Progress (2): 165 kB | 20/527 kB Progress (2): 165 kB | 24/527 kB Progress (2): 165 kB | 28/527 kB Progress (2): 165 kB | 32/527 kB Progress (2): 165 kB | 36/527 kB Progress (2): 165 kB | 40/527 kB Progress (2): 165 kB | 44/527 kB Progress (2): 165 kB | 48/527 kB Progress (2): 165 kB | 53/527 kB Progress (2): 165 kB | 57/527 kB Progress (2): 165 kB | 61/527 kB Progress (2): 165 kB | 65/527 kB Progress (2): 165 kB | 69/527 kB Progress (2): 165 kB | 73/527 kB Progress (2): 165 kB | 77/527 kB Progress (2): 165 kB | 81/527 kB Progress (2): 165 kB | 85/527 kB Progress (2): 165 kB | 89/527 kB Progress (2): 165 kB | 93/527 kB Progress (2): 165 kB | 98/527 kB Progress (2): 165 kB | 102/527 kB Progress (2): 165 kB | 106/527 kB Progress (2): 165 kB | 110/527 kB Progress (2): 165 kB | 114/527 kB Progress (2): 165 kB | 118/527 kB Progress (2): 165 kB | 122/527 kB Progress (2): 165 kB | 126/527 kB Progress (2): 165 kB | 130/527 kB Progress (2): 165 kB | 134/527 kB Progress (2): 165 kB | 139/527 kB Progress (2): 165 kB | 143/527 kB Progress (2): 165 kB | 147/527 kB Progress (2): 165 kB | 151/527 kB Progress (2): 165 kB | 155/527 kB Progress (2): 165 kB | 159/527 kB Progress (2): 165 kB | 163/527 kB Progress (2): 165 kB | 167/527 kB Progress (2): 165 kB | 171/527 kB Progress (2): 165 kB | 175/527 kB Progress (2): 165 kB | 179/527 kB Progress (2): 165 kB | 184/527 kB Progress (2): 165 kB | 188/527 kB Progress (2): 165 kB | 192/527 kB Progress (2): 165 kB | 196/527 kB Progress (2): 165 kB | 200/527 kB Progress (2): 165 kB | 204/527 kB Progress (2): 165 kB | 208/527 kB Progress (2): 165 kB | 212/527 kB Progress (2): 165 kB | 216/527 kB Progress (2): 165 kB | 220/527 kB Progress (2): 165 kB | 225/527 kB Progress (2): 165 kB | 229/527 kB Progress (2): 165 kB | 233/527 kB Progress (2): 165 kB | 237/527 kB Progress (2): 165 kB | 241/527 kB Progress (2): 165 kB | 245/527 kB Progress (2): 165 kB | 249/527 kB Progress (2): 165 kB | 253/527 kB Progress (2): 165 kB | 257/527 kB Progress (2): 165 kB | 261/527 kB Progress (2): 165 kB | 266/527 kB Progress (2): 165 kB | 270/527 kB Progress (2): 165 kB | 274/527 kB Progress (2): 165 kB | 278/527 kB Progress (2): 165 kB | 282/527 kB Progress (2): 165 kB | 286/527 kB Progress (2): 165 kB | 290/527 kB Progress (2): 165 kB | 294/527 kB Progress (2): 165 kB | 298/527 kB Progress (2): 165 kB | 302/527 kB Progress (2): 165 kB | 306/527 kB Progress (2): 165 kB | 311/527 kB Progress (2): 165 kB | 315/527 kB Progress (2): 165 kB | 319/527 kB Progress (2): 165 kB | 323/527 kB Progress (2): 165 kB | 327/527 kB Progress (2): 165 kB | 331/527 kB Progress (2): 165 kB | 335/527 kB Progress (2): 165 kB | 339/527 kB Progress (2): 165 kB | 343/527 kB Progress (2): 165 kB | 347/527 kB Progress (2): 165 kB | 352/527 kB Progress (2): 165 kB | 356/527 kB Progress (2): 165 kB | 360/527 kB Progress (2): 165 kB | 364/527 kB Progress (2): 165 kB | 368/527 kB Progress (2): 165 kB | 372/527 kB Progress (2): 165 kB | 376/527 kB Progress (2): 165 kB | 380/527 kB Progress (2): 165 kB | 384/527 kB Progress (2): 165 kB | 388/527 kB Progress (2): 165 kB | 392/527 kB Progress (2): 165 kB | 397/527 kB Progress (2): 165 kB | 401/527 kB Progress (2): 165 kB | 405/527 kB Progress (2): 165 kB | 409/527 kB Progress (2): 165 kB | 413/527 kB Progress (2): 165 kB | 417/527 kB Progress (2): 165 kB | 421/527 kB Progress (2): 165 kB | 425/527 kB Progress (2): 165 kB | 429/527 kB Progress (2): 165 kB | 433/527 kB Progress (2): 165 kB | 438/527 kB Progress (2): 165 kB | 442/527 kB Progress (2): 165 kB | 446/527 kB Progress (2): 165 kB | 450/527 kB Progress (2): 165 kB | 454/527 kB Progress (2): 165 kB | 458/527 kB Progress (2): 165 kB | 462/527 kB Progress (2): 165 kB | 466/527 kB Progress (2): 165 kB | 470/527 kB Progress (2): 165 kB | 474/527 kB Progress (2): 165 kB | 479/527 kB Progress (2): 165 kB | 483/527 kB Progress (2): 165 kB | 487/527 kB Progress (2): 165 kB | 491/527 kB Progress (2): 165 kB | 495/527 kB Progress (2): 165 kB | 499/527 kB Progress (2): 165 kB | 503/527 kB Progress (2): 165 kB | 507/527 kB Progress (2): 165 kB | 511/527 kB Progress (2): 165 kB | 515/527 kB Progress (2): 165 kB | 519/527 kB Progress (2): 165 kB | 524/527 kB Progress (2): 165 kB | 527 kB Progress (3): 165 kB | 527 kB | 4.1/47 kB Progress (3): 165 kB | 527 kB | 7.7/47 kB Progress (3): 165 kB | 527 kB | 12/47 kB Progress (3): 165 kB | 527 kB | 16/47 kB Progress (3): 165 kB | 527 kB | 20/47 kB Progress (3): 165 kB | 527 kB | 24/47 kB Progress (3): 165 kB | 527 kB | 28/47 kB Progress (3): 165 kB | 527 kB | 32/47 kB Progress (3): 165 kB | 527 kB | 36/47 kB Progress (3): 165 kB | 527 kB | 40/47 kB Progress (3): 165 kB | 527 kB | 44/47 kB Progress (3): 165 kB | 527 kB | 47 kB Progress (4): 165 kB | 527 kB | 47 kB | 4.1/38 kB Progress (4): 165 kB | 527 kB | 47 kB | 7.7/38 kB Progress (4): 165 kB | 527 kB | 47 kB | 12/38 kB Progress (4): 165 kB | 527 kB | 47 kB | 16/38 kB Progress (4): 165 kB | 527 kB | 47 kB | 20/38 kB Progress (4): 165 kB | 527 kB | 47 kB | 24/38 kB Progress (4): 165 kB | 527 kB | 47 kB | 28/38 kB Progress (4): 165 kB | 527 kB | 47 kB | 32/38 kB Progress (4): 165 kB | 527 kB | 47 kB | 36/38 kB Progress (4): 165 kB | 527 kB | 47 kB | 38 kB Progress (5): 165 kB | 527 kB | 47 kB | 38 kB | 4.1/30 kB Progress (5): 165 kB | 527 kB | 47 kB | 38 kB | 7.7/30 kB Progress (5): 165 kB | 527 kB | 47 kB | 38 kB | 12/30 kB Progress (5): 165 kB | 527 kB | 47 kB | 38 kB | 16/30 kB Progress (5): 165 kB | 527 kB | 47 kB | 38 kB | 20/30 kB Progress (5): 165 kB | 527 kB | 47 kB | 38 kB | 24/30 kB Progress (5): 165 kB | 527 kB | 47 kB | 38 kB | 28/30 kB Progress (5): 165 kB | 527 kB | 47 kB | 38 kB | 30 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-core/3.0/maven-core-3.0.jar (527 kB at 7.9 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-model-builder/3.0/maven-model-builder-3.0.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-settings/3.0/maven-settings-3.0.jar (47 kB at 648 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-aether-provider/3.0/maven-aether-provider-3.0.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-settings-builder/3.0/maven-settings-builder-3.0.jar (38 kB at 511 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/aether/aether-impl/1.7/aether-impl-1.7.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-repository-metadata/3.0/maven-repository-metadata-3.0.jar (30 kB at 376 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/aether/aether-spi/1.7/aether-spi-1.7.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-model/3.0/maven-model-3.0.jar (165 kB at 2.0 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/aether/aether-api/1.7/aether-api-1.7.jar Progress (1): 4.1/148 kB Progress (1): 7.7/148 kB Progress (1): 12/148 kB Progress (1): 16/148 kB Progress (1): 20/148 kB Progress (1): 24/148 kB Progress (1): 28/148 kB Progress (1): 32/148 kB Progress (1): 36/148 kB Progress (1): 40/148 kB Progress (1): 45/148 kB Progress (1): 49/148 kB Progress (1): 53/148 kB Progress (1): 57/148 kB Progress (1): 61/148 kB Progress (1): 65/148 kB Progress (1): 69/148 kB Progress (1): 73/148 kB Progress (1): 77/148 kB Progress (1): 81/148 kB Progress (1): 86/148 kB Progress (1): 90/148 kB Progress (1): 94/148 kB Progress (1): 98/148 kB Progress (1): 102/148 kB Progress (1): 106/148 kB Progress (1): 110/148 kB Progress (1): 114/148 kB Progress (1): 118/148 kB Progress (1): 122/148 kB Progress (1): 126/148 kB Progress (1): 131/148 kB Progress (1): 135/148 kB Progress (1): 139/148 kB Progress (1): 143/148 kB Progress (1): 147/148 kB Progress (1): 148 kB Progress (2): 148 kB | 3.4/51 kB Progress (2): 148 kB | 7.5/51 kB Progress (2): 148 kB | 12/51 kB Progress (2): 148 kB | 16/51 kB Progress (2): 148 kB | 20/51 kB Progress (2): 148 kB | 24/51 kB Progress (2): 148 kB | 28/51 kB Progress (2): 148 kB | 32/51 kB Progress (2): 148 kB | 36/51 kB Progress (2): 148 kB | 40/51 kB Progress (2): 148 kB | 44/51 kB Progress (2): 148 kB | 48/51 kB Progress (2): 148 kB | 51 kB Progress (3): 148 kB | 51 kB | 4.1/106 kB Progress (3): 148 kB | 51 kB | 7.7/106 kB Progress (3): 148 kB | 51 kB | 12/106 kB Progress (3): 148 kB | 51 kB | 16/106 kB Progress (3): 148 kB | 51 kB | 20/106 kB Progress (3): 148 kB | 51 kB | 24/106 kB Progress (3): 148 kB | 51 kB | 28/106 kB Progress (3): 148 kB | 51 kB | 32/106 kB Progress (3): 148 kB | 51 kB | 36/106 kB Progress (3): 148 kB | 51 kB | 40/106 kB Progress (3): 148 kB | 51 kB | 45/106 kB Progress (3): 148 kB | 51 kB | 49/106 kB Progress (3): 148 kB | 51 kB | 53/106 kB Progress (3): 148 kB | 51 kB | 57/106 kB Progress (3): 148 kB | 51 kB | 61/106 kB Progress (3): 148 kB | 51 kB | 65/106 kB Progress (3): 148 kB | 51 kB | 69/106 kB Progress (3): 148 kB | 51 kB | 73/106 kB Progress (3): 148 kB | 51 kB | 77/106 kB Progress (3): 148 kB | 51 kB | 81/106 kB Progress (3): 148 kB | 51 kB | 86/106 kB Progress (3): 148 kB | 51 kB | 90/106 kB Progress (3): 148 kB | 51 kB | 94/106 kB Progress (3): 148 kB | 51 kB | 98/106 kB Progress (3): 148 kB | 51 kB | 102/106 kB Progress (3): 148 kB | 51 kB | 106/106 kB Progress (3): 148 kB | 51 kB | 106 kB Progress (4): 148 kB | 51 kB | 106 kB | 4.1/14 kB Progress (4): 148 kB | 51 kB | 106 kB | 7.5/14 kB Progress (4): 148 kB | 51 kB | 106 kB | 12/14 kB Progress (4): 148 kB | 51 kB | 106 kB | 14 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-model-builder/3.0/maven-model-builder-3.0.jar (148 kB at 1.5 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/aether/aether-util/1.7/aether-util-1.7.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-aether-provider/3.0/maven-aether-provider-3.0.jar (51 kB at 492 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-interpolation/1.14/plexus-interpolation-1.14.jar Progress (3): 106 kB | 14 kB | 4.1/74 kB Progress (3): 106 kB | 14 kB | 7.7/74 kB Progress (3): 106 kB | 14 kB | 12/74 kB Progress (3): 106 kB | 14 kB | 16/74 kB Progress (3): 106 kB | 14 kB | 20/74 kB Progress (3): 106 kB | 14 kB | 24/74 kB Progress (3): 106 kB | 14 kB | 28/74 kB Progress (3): 106 kB | 14 kB | 32/74 kB Progress (3): 106 kB | 14 kB | 36/74 kB Progress (3): 106 kB | 14 kB | 40/74 kB Progress (3): 106 kB | 14 kB | 44/74 kB Progress (3): 106 kB | 14 kB | 48/74 kB Progress (3): 106 kB | 14 kB | 53/74 kB Progress (3): 106 kB | 14 kB | 57/74 kB Progress (3): 106 kB | 14 kB | 61/74 kB Progress (3): 106 kB | 14 kB | 65/74 kB Progress (3): 106 kB | 14 kB | 69/74 kB Progress (3): 106 kB | 14 kB | 73/74 kB Progress (3): 106 kB | 14 kB | 74 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/aether/aether-spi/1.7/aether-spi-1.7.jar (14 kB at 114 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-classworlds/2.2.3/plexus-classworlds-2.2.3.jar Progress (3): 106 kB | 74 kB | 4.1/108 kB Progress (3): 106 kB | 74 kB | 8.2/108 kB Progress (3): 106 kB | 74 kB | 12/108 kB Progress (3): 106 kB | 74 kB | 16/108 kB Progress (3): 106 kB | 74 kB | 20/108 kB Progress (3): 106 kB | 74 kB | 25/108 kB Progress (3): 106 kB | 74 kB | 29/108 kB Progress (3): 106 kB | 74 kB | 33/108 kB Progress (3): 106 kB | 74 kB | 37/108 kB Progress (3): 106 kB | 74 kB | 41/108 kB Progress (3): 106 kB | 74 kB | 45/108 kB Progress (3): 106 kB | 74 kB | 49/108 kB Progress (3): 106 kB | 74 kB | 53/108 kB Progress (3): 106 kB | 74 kB | 57/108 kB Progress (3): 106 kB | 74 kB | 61/108 kB Progress (3): 106 kB | 74 kB | 66/108 kB Progress (3): 106 kB | 74 kB | 70/108 kB Progress (3): 106 kB | 74 kB | 74/108 kB Progress (3): 106 kB | 74 kB | 78/108 kB Progress (3): 106 kB | 74 kB | 82/108 kB Progress (3): 106 kB | 74 kB | 86/108 kB Progress (3): 106 kB | 74 kB | 90/108 kB Progress (3): 106 kB | 74 kB | 94/108 kB Progress (3): 106 kB | 74 kB | 98/108 kB Progress (3): 106 kB | 74 kB | 102/108 kB Progress (3): 106 kB | 74 kB | 106/108 kB Progress (3): 106 kB | 74 kB | 108 kB Progress (4): 106 kB | 74 kB | 108 kB | 4.1/61 kB Progress (4): 106 kB | 74 kB | 108 kB | 7.7/61 kB Progress (4): 106 kB | 74 kB | 108 kB | 12/61 kB Progress (4): 106 kB | 74 kB | 108 kB | 16/61 kB Progress (4): 106 kB | 74 kB | 108 kB | 20/61 kB Progress (4): 106 kB | 74 kB | 108 kB | 24/61 kB Progress (4): 106 kB | 74 kB | 108 kB | 28/61 kB Progress (4): 106 kB | 74 kB | 108 kB | 32/61 kB Progress (4): 106 kB | 74 kB | 108 kB | 36/61 kB Progress (4): 106 kB | 74 kB | 108 kB | 40/61 kB Progress (4): 106 kB | 74 kB | 108 kB | 45/61 kB Progress (4): 106 kB | 74 kB | 108 kB | 49/61 kB Progress (4): 106 kB | 74 kB | 108 kB | 53/61 kB Progress (4): 106 kB | 74 kB | 108 kB | 57/61 kB Progress (4): 106 kB | 74 kB | 108 kB | 61/61 kB Progress (4): 106 kB | 74 kB | 108 kB | 61 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/aether/aether-impl/1.7/aether-impl-1.7.jar (106 kB at 837 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-component-annotations/2.0.0/plexus-component-annotations-2.0.0.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/aether/aether-util/1.7/aether-util-1.7.jar (108 kB at 782 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/plexus/plexus-sec-dispatcher/1.3/plexus-sec-dispatcher-1.3.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/aether/aether-api/1.7/aether-api-1.7.jar (74 kB at 534 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/plexus/plexus-cipher/1.4/plexus-cipher-1.4.jar Progress (2): 61 kB | 4.1/4.2 kB Progress (2): 61 kB | 4.2 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-interpolation/1.14/plexus-interpolation-1.14.jar (61 kB at 433 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact/3.0/maven-artifact-3.0.jar Progress (2): 4.2 kB | 4.1/46 kB Progress (2): 4.2 kB | 7.7/46 kB Progress (2): 4.2 kB | 12/46 kB Progress (2): 4.2 kB | 16/46 kB Progress (2): 4.2 kB | 20/46 kB Progress (2): 4.2 kB | 24/46 kB Progress (2): 4.2 kB | 28/46 kB Progress (2): 4.2 kB | 32/46 kB Progress (2): 4.2 kB | 36/46 kB Progress (2): 4.2 kB | 40/46 kB Progress (2): 4.2 kB | 44/46 kB Progress (2): 4.2 kB | 46 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-component-annotations/2.0.0/plexus-component-annotations-2.0.0.jar (4.2 kB at 27 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/3.3.0/plexus-utils-3.3.0.jar Progress (2): 46 kB | 4.1/29 kB Progress (2): 46 kB | 7.7/29 kB Progress (2): 46 kB | 12/29 kB Progress (2): 46 kB | 16/29 kB Progress (2): 46 kB | 20/29 kB Progress (2): 46 kB | 24/29 kB Progress (2): 46 kB | 28/29 kB Progress (2): 46 kB | 29 kB Progress (3): 46 kB | 29 kB | 4.1/52 kB Progress (3): 46 kB | 29 kB | 7.7/52 kB Progress (3): 46 kB | 29 kB | 12/52 kB Progress (3): 46 kB | 29 kB | 16/52 kB Progress (3): 46 kB | 29 kB | 20/52 kB Progress (3): 46 kB | 29 kB | 24/52 kB Progress (3): 46 kB | 29 kB | 28/52 kB Progress (3): 46 kB | 29 kB | 32/52 kB Progress (3): 46 kB | 29 kB | 36/52 kB Progress (3): 46 kB | 29 kB | 40/52 kB Progress (3): 46 kB | 29 kB | 45/52 kB Progress (3): 46 kB | 29 kB | 49/52 kB Progress (3): 46 kB | 29 kB | 52 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-classworlds/2.2.3/plexus-classworlds-2.2.3.jar (46 kB at 274 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-artifact-transfer/0.12.0/maven-artifact-transfer-0.12.0.jar Progress (3): 29 kB | 52 kB | 4.1/263 kB Progress (3): 29 kB | 52 kB | 7.7/263 kB Progress (3): 29 kB | 52 kB | 12/263 kB Progress (3): 29 kB | 52 kB | 16/263 kB Progress (3): 29 kB | 52 kB | 20/263 kB Progress (3): 29 kB | 52 kB | 24/263 kB Progress (4): 29 kB | 52 kB | 24/263 kB | 4.1/13 kB Progress (4): 29 kB | 52 kB | 28/263 kB | 4.1/13 kB Progress (4): 29 kB | 52 kB | 32/263 kB | 4.1/13 kB Progress (4): 29 kB | 52 kB | 32/263 kB | 7.7/13 kB Progress (4): 29 kB | 52 kB | 36/263 kB | 7.7/13 kB Progress (4): 29 kB | 52 kB | 40/263 kB | 7.7/13 kB Progress (4): 29 kB | 52 kB | 40/263 kB | 12/13 kB Progress (4): 29 kB | 52 kB | 40/263 kB | 13 kB Progress (4): 29 kB | 52 kB | 45/263 kB | 13 kB Progress (4): 29 kB | 52 kB | 49/263 kB | 13 kB Progress (4): 29 kB | 52 kB | 53/263 kB | 13 kB Progress (4): 29 kB | 52 kB | 57/263 kB | 13 kB Progress (4): 29 kB | 52 kB | 61/263 kB | 13 kB Progress (4): 29 kB | 52 kB | 65/263 kB | 13 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/plexus/plexus-sec-dispatcher/1.3/plexus-sec-dispatcher-1.3.jar (29 kB at 168 kB/s) Progress (3): 52 kB | 69/263 kB | 13 kB Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-common-artifact-filters/3.0.1/maven-common-artifact-filters-3.0.1.jar Progress (3): 52 kB | 73/263 kB | 13 kB Progress (3): 52 kB | 77/263 kB | 13 kB Progress (3): 52 kB | 81/263 kB | 13 kB Progress (3): 52 kB | 86/263 kB | 13 kB Progress (3): 52 kB | 90/263 kB | 13 kB Progress (3): 52 kB | 94/263 kB | 13 kB Progress (3): 52 kB | 98/263 kB | 13 kB Progress (3): 52 kB | 102/263 kB | 13 kB Progress (3): 52 kB | 106/263 kB | 13 kB Progress (3): 52 kB | 110/263 kB | 13 kB Progress (3): 52 kB | 114/263 kB | 13 kB Progress (3): 52 kB | 118/263 kB | 13 kB Progress (3): 52 kB | 122/263 kB | 13 kB Progress (3): 52 kB | 126/263 kB | 13 kB Progress (3): 52 kB | 131/263 kB | 13 kB Progress (3): 52 kB | 135/263 kB | 13 kB Progress (3): 52 kB | 139/263 kB | 13 kB Progress (3): 52 kB | 143/263 kB | 13 kB Progress (3): 52 kB | 147/263 kB | 13 kB Progress (3): 52 kB | 151/263 kB | 13 kB Progress (3): 52 kB | 155/263 kB | 13 kB Progress (3): 52 kB | 159/263 kB | 13 kB Progress (3): 52 kB | 163/263 kB | 13 kB Progress (3): 52 kB | 167/263 kB | 13 kB Progress (3): 52 kB | 172/263 kB | 13 kB Progress (3): 52 kB | 176/263 kB | 13 kB Progress (3): 52 kB | 180/263 kB | 13 kB Progress (3): 52 kB | 184/263 kB | 13 kB Progress (3): 52 kB | 188/263 kB | 13 kB Progress (3): 52 kB | 192/263 kB | 13 kB Progress (3): 52 kB | 196/263 kB | 13 kB Progress (3): 52 kB | 200/263 kB | 13 kB Progress (3): 52 kB | 204/263 kB | 13 kB Progress (3): 52 kB | 208/263 kB | 13 kB Progress (3): 52 kB | 213/263 kB | 13 kB Progress (3): 52 kB | 217/263 kB | 13 kB Progress (3): 52 kB | 221/263 kB | 13 kB Progress (3): 52 kB | 225/263 kB | 13 kB Progress (3): 52 kB | 229/263 kB | 13 kB Progress (3): 52 kB | 233/263 kB | 13 kB Progress (3): 52 kB | 237/263 kB | 13 kB Progress (3): 52 kB | 241/263 kB | 13 kB Progress (3): 52 kB | 245/263 kB | 13 kB Progress (3): 52 kB | 249/263 kB | 13 kB Progress (3): 52 kB | 253/263 kB | 13 kB Progress (3): 52 kB | 258/263 kB | 13 kB Progress (3): 52 kB | 262/263 kB | 13 kB Progress (3): 52 kB | 263 kB | 13 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact/3.0/maven-artifact-3.0.jar (52 kB at 284 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-utils/3.1.0/maven-shared-utils-3.1.0.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/plexus/plexus-cipher/1.4/plexus-cipher-1.4.jar (13 kB at 73 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/commons-codec/commons-codec/1.11/commons-codec-1.11.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/3.3.0/plexus-utils-3.3.0.jar (263 kB at 1.4 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/slf4j/slf4j-api/1.7.5/slf4j-api-1.7.5.jar Progress (1): 4.1/120 kB Progress (1): 7.7/120 kB Progress (1): 12/120 kB Progress (1): 16/120 kB Progress (1): 20/120 kB Progress (1): 24/120 kB Progress (1): 28/120 kB Progress (1): 32/120 kB Progress (1): 36/120 kB Progress (1): 40/120 kB Progress (1): 44/120 kB Progress (1): 48/120 kB Progress (1): 53/120 kB Progress (1): 57/120 kB Progress (1): 61/120 kB Progress (1): 65/120 kB Progress (1): 69/120 kB Progress (1): 73/120 kB Progress (1): 77/120 kB Progress (1): 81/120 kB Progress (1): 85/120 kB Progress (1): 89/120 kB Progress (1): 93/120 kB Progress (1): 98/120 kB Progress (1): 102/120 kB Progress (1): 106/120 kB Progress (1): 110/120 kB Progress (1): 114/120 kB Progress (1): 118/120 kB Progress (1): 120 kB Progress (2): 120 kB | 4.1/61 kB Progress (2): 120 kB | 7.7/61 kB Progress (2): 120 kB | 12/61 kB Progress (2): 120 kB | 16/61 kB Progress (2): 120 kB | 20/61 kB Progress (2): 120 kB | 24/61 kB Progress (2): 120 kB | 28/61 kB Progress (2): 120 kB | 32/61 kB Progress (2): 120 kB | 36/61 kB Progress (2): 120 kB | 40/61 kB Progress (2): 120 kB | 45/61 kB Progress (2): 120 kB | 49/61 kB Progress (2): 120 kB | 53/61 kB Progress (2): 120 kB | 57/61 kB Progress (2): 120 kB | 61/61 kB Progress (2): 120 kB | 61 kB Progress (3): 120 kB | 61 kB | 4.1/164 kB Progress (3): 120 kB | 61 kB | 7.7/164 kB Progress (3): 120 kB | 61 kB | 12/164 kB Progress (3): 120 kB | 61 kB | 16/164 kB Progress (3): 120 kB | 61 kB | 20/164 kB Progress (3): 120 kB | 61 kB | 24/164 kB Progress (3): 120 kB | 61 kB | 28/164 kB Progress (3): 120 kB | 61 kB | 32/164 kB Progress (3): 120 kB | 61 kB | 36/164 kB Progress (3): 120 kB | 61 kB | 40/164 kB Progress (3): 120 kB | 61 kB | 45/164 kB Progress (3): 120 kB | 61 kB | 49/164 kB Progress (3): 120 kB | 61 kB | 53/164 kB Progress (3): 120 kB | 61 kB | 57/164 kB Progress (3): 120 kB | 61 kB | 61/164 kB Progress (3): 120 kB | 61 kB | 65/164 kB Progress (3): 120 kB | 61 kB | 69/164 kB Progress (3): 120 kB | 61 kB | 73/164 kB Progress (3): 120 kB | 61 kB | 77/164 kB Progress (3): 120 kB | 61 kB | 81/164 kB Progress (3): 120 kB | 61 kB | 86/164 kB Progress (3): 120 kB | 61 kB | 90/164 kB Progress (3): 120 kB | 61 kB | 94/164 kB Progress (3): 120 kB | 61 kB | 98/164 kB Progress (4): 120 kB | 61 kB | 98/164 kB | 4.1/26 kB Progress (4): 120 kB | 61 kB | 98/164 kB | 7.7/26 kB Progress (4): 120 kB | 61 kB | 98/164 kB | 12/26 kB Progress (4): 120 kB | 61 kB | 98/164 kB | 16/26 kB Progress (4): 120 kB | 61 kB | 98/164 kB | 20/26 kB Progress (4): 120 kB | 61 kB | 98/164 kB | 24/26 kB Progress (4): 120 kB | 61 kB | 98/164 kB | 26 kB Progress (4): 120 kB | 61 kB | 102/164 kB | 26 kB Progress (4): 120 kB | 61 kB | 106/164 kB | 26 kB Progress (4): 120 kB | 61 kB | 110/164 kB | 26 kB Progress (4): 120 kB | 61 kB | 114/164 kB | 26 kB Progress (4): 120 kB | 61 kB | 118/164 kB | 26 kB Progress (4): 120 kB | 61 kB | 122/164 kB | 26 kB Progress (4): 120 kB | 61 kB | 126/164 kB | 26 kB Progress (4): 120 kB | 61 kB | 131/164 kB | 26 kB Progress (4): 120 kB | 61 kB | 135/164 kB | 26 kB Progress (4): 120 kB | 61 kB | 139/164 kB | 26 kB Progress (4): 120 kB | 61 kB | 143/164 kB | 26 kB Progress (5): 120 kB | 61 kB | 143/164 kB | 26 kB | 4.1/335 kB Progress (5): 120 kB | 61 kB | 147/164 kB | 26 kB | 4.1/335 kB Progress (5): 120 kB | 61 kB | 147/164 kB | 26 kB | 7.7/335 kB Progress (5): 120 kB | 61 kB | 147/164 kB | 26 kB | 12/335 kB Progress (5): 120 kB | 61 kB | 147/164 kB | 26 kB | 16/335 kB Progress (5): 120 kB | 61 kB | 147/164 kB | 26 kB | 20/335 kB Progress (5): 120 kB | 61 kB | 147/164 kB | 26 kB | 24/335 kB Progress (5): 120 kB | 61 kB | 147/164 kB | 26 kB | 28/335 kB Progress (5): 120 kB | 61 kB | 147/164 kB | 26 kB | 32/335 kB Progress (5): 120 kB | 61 kB | 147/164 kB | 26 kB | 36/335 kB Progress (5): 120 kB | 61 kB | 147/164 kB | 26 kB | 40/335 kB Progress (5): 120 kB | 61 kB | 151/164 kB | 26 kB | 40/335 kB Progress (5): 120 kB | 61 kB | 151/164 kB | 26 kB | 45/335 kB Progress (5): 120 kB | 61 kB | 155/164 kB | 26 kB | 45/335 kB Progress (5): 120 kB | 61 kB | 159/164 kB | 26 kB | 45/335 kB Progress (5): 120 kB | 61 kB | 159/164 kB | 26 kB | 49/335 kB Progress (5): 120 kB | 61 kB | 163/164 kB | 26 kB | 49/335 kB Progress (5): 120 kB | 61 kB | 163/164 kB | 26 kB | 53/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 53/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 57/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 61/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 65/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 69/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 73/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 77/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 81/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 86/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 90/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 94/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 98/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 102/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 106/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 110/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 114/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 118/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 122/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 126/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 131/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 135/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 139/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 143/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 147/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 151/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 155/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 159/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 163/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 167/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 172/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 176/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 180/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 184/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 188/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 192/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 196/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 200/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 204/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 208/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 213/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 217/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 221/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 225/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 229/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 233/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 237/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 241/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 245/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 249/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 253/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 258/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 262/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 266/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 270/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 274/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 278/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 282/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 286/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 290/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 294/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 299/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 303/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 307/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 311/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 315/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 319/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 323/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 327/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 331/335 kB Progress (5): 120 kB | 61 kB | 164 kB | 26 kB | 335 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-artifact-transfer/0.12.0/maven-artifact-transfer-0.12.0.jar (120 kB at 573 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/ow2/asm/asm/8.0/asm-8.0.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-common-artifact-filters/3.0.1/maven-common-artifact-filters-3.0.1.jar (61 kB at 290 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/ow2/asm/asm-commons/8.0/asm-commons-8.0.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/slf4j/slf4j-api/1.7.5/slf4j-api-1.7.5.jar (26 kB at 121 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/ow2/asm/asm-tree/8.0/asm-tree-8.0.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-utils/3.1.0/maven-shared-utils-3.1.0.jar (164 kB at 751 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/ow2/asm/asm-analysis/8.0/asm-analysis-8.0.jar Downloaded from central: https://repo.maven.apache.org/maven2/commons-codec/commons-codec/1.11/commons-codec-1.11.jar (335 kB at 1.5 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/jdom/jdom2/2.0.6/jdom2-2.0.6.jar Progress (1): 4.1/122 kB Progress (1): 8.2/122 kB Progress (1): 12/122 kB Progress (1): 16/122 kB Progress (1): 20/122 kB Progress (1): 25/122 kB Progress (1): 29/122 kB Progress (1): 33/122 kB Progress (1): 37/122 kB Progress (1): 41/122 kB Progress (1): 45/122 kB Progress (1): 49/122 kB Progress (1): 53/122 kB Progress (1): 57/122 kB Progress (2): 57/122 kB | 4.1/53 kB Progress (2): 61/122 kB | 4.1/53 kB Progress (2): 66/122 kB | 4.1/53 kB Progress (2): 66/122 kB | 7.7/53 kB Progress (2): 70/122 kB | 7.7/53 kB Progress (2): 70/122 kB | 12/53 kB Progress (2): 74/122 kB | 12/53 kB Progress (2): 74/122 kB | 16/53 kB Progress (2): 78/122 kB | 16/53 kB Progress (2): 82/122 kB | 16/53 kB Progress (2): 82/122 kB | 20/53 kB Progress (2): 86/122 kB | 20/53 kB Progress (2): 86/122 kB | 24/53 kB Progress (2): 90/122 kB | 24/53 kB Progress (2): 90/122 kB | 28/53 kB Progress (2): 90/122 kB | 32/53 kB Progress (2): 94/122 kB | 32/53 kB Progress (2): 98/122 kB | 32/53 kB Progress (2): 98/122 kB | 36/53 kB Progress (2): 102/122 kB | 36/53 kB Progress (2): 102/122 kB | 40/53 kB Progress (2): 106/122 kB | 40/53 kB Progress (2): 106/122 kB | 45/53 kB Progress (2): 111/122 kB | 45/53 kB Progress (2): 111/122 kB | 49/53 kB Progress (2): 115/122 kB | 49/53 kB Progress (2): 119/122 kB | 49/53 kB Progress (2): 119/122 kB | 53 kB Progress (2): 122 kB | 53 kB Progress (3): 122 kB | 53 kB | 4.1/33 kB Progress (3): 122 kB | 53 kB | 7.7/33 kB Progress (3): 122 kB | 53 kB | 12/33 kB Progress (3): 122 kB | 53 kB | 16/33 kB Progress (3): 122 kB | 53 kB | 20/33 kB Progress (3): 122 kB | 53 kB | 24/33 kB Progress (3): 122 kB | 53 kB | 28/33 kB Progress (3): 122 kB | 53 kB | 32/33 kB Progress (3): 122 kB | 53 kB | 33 kB Progress (4): 122 kB | 53 kB | 33 kB | 4.1/72 kB Progress (4): 122 kB | 53 kB | 33 kB | 7.7/72 kB Progress (4): 122 kB | 53 kB | 33 kB | 12/72 kB Progress (4): 122 kB | 53 kB | 33 kB | 16/72 kB Progress (4): 122 kB | 53 kB | 33 kB | 20/72 kB Progress (4): 122 kB | 53 kB | 33 kB | 24/72 kB Progress (4): 122 kB | 53 kB | 33 kB | 28/72 kB Progress (4): 122 kB | 53 kB | 33 kB | 32/72 kB Progress (4): 122 kB | 53 kB | 33 kB | 36/72 kB Progress (4): 122 kB | 53 kB | 33 kB | 40/72 kB Progress (4): 122 kB | 53 kB | 33 kB | 45/72 kB Progress (4): 122 kB | 53 kB | 33 kB | 49/72 kB Progress (4): 122 kB | 53 kB | 33 kB | 53/72 kB Progress (4): 122 kB | 53 kB | 33 kB | 57/72 kB Progress (4): 122 kB | 53 kB | 33 kB | 61/72 kB Progress (4): 122 kB | 53 kB | 33 kB | 65/72 kB Progress (4): 122 kB | 53 kB | 33 kB | 69/72 kB Progress (4): 122 kB | 53 kB | 33 kB | 72 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 4.1/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 7.7/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 12/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 16/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 20/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 24/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 28/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 32/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 36/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 40/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 45/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 49/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 53/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 57/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 61/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 65/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 69/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 73/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 77/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 81/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 86/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 90/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 94/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 98/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 102/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 106/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 110/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 114/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 118/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 122/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 126/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 131/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 135/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 139/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 143/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 147/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 151/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 155/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 159/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 163/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 167/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 172/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 176/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 180/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 184/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 188/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 192/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 196/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 200/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 204/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 208/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 212/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 217/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 221/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 225/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 229/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 233/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 237/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 240/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 244/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 248/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 252/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 256/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 260/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 265/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 269/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 273/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 277/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 281/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 285/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 289/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 293/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 297/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 301/305 kB Progress (5): 122 kB | 53 kB | 33 kB | 72 kB | 305 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/ow2/asm/asm-analysis/8.0/asm-analysis-8.0.jar (33 kB at 133 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-dependency-tree/3.0.1/maven-dependency-tree-3.0.1.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/ow2/asm/asm/8.0/asm-8.0.jar (122 kB at 485 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/eclipse/aether/aether-util/0.9.0.M2/aether-util-0.9.0.M2.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/ow2/asm/asm-tree/8.0/asm-tree-8.0.jar (53 kB at 209 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/commons-io/commons-io/2.6/commons-io-2.6.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/jdom/jdom2/2.0.6/jdom2-2.0.6.jar (305 kB at 1.2 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/vafer/jdependency/2.4.0/jdependency-2.4.0.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/ow2/asm/asm-commons/8.0/asm-commons-8.0.jar (72 kB at 271 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/ow2/asm/asm-util/8.0/asm-util-8.0.jar Progress (1): 4.1/215 kB Progress (1): 7.7/215 kB Progress (1): 12/215 kB Progress (1): 16/215 kB Progress (1): 20/215 kB Progress (1): 24/215 kB Progress (1): 28/215 kB Progress (1): 32/215 kB Progress (1): 36/215 kB Progress (1): 40/215 kB Progress (1): 45/215 kB Progress (1): 49/215 kB Progress (1): 53/215 kB Progress (1): 57/215 kB Progress (1): 61/215 kB Progress (1): 65/215 kB Progress (1): 69/215 kB Progress (1): 73/215 kB Progress (1): 77/215 kB Progress (1): 81/215 kB Progress (1): 86/215 kB Progress (1): 90/215 kB Progress (2): 90/215 kB | 4.1/37 kB Progress (2): 94/215 kB | 4.1/37 kB Progress (2): 94/215 kB | 7.7/37 kB Progress (2): 98/215 kB | 7.7/37 kB Progress (2): 98/215 kB | 12/37 kB Progress (2): 102/215 kB | 12/37 kB Progress (2): 102/215 kB | 16/37 kB Progress (2): 106/215 kB | 16/37 kB Progress (2): 110/215 kB | 16/37 kB Progress (2): 110/215 kB | 20/37 kB Progress (2): 114/215 kB | 20/37 kB Progress (2): 114/215 kB | 24/37 kB Progress (2): 118/215 kB | 24/37 kB Progress (2): 118/215 kB | 28/37 kB Progress (2): 122/215 kB | 28/37 kB Progress (2): 122/215 kB | 32/37 kB Progress (2): 126/215 kB | 32/37 kB Progress (2): 126/215 kB | 36/37 kB Progress (2): 131/215 kB | 36/37 kB Progress (2): 131/215 kB | 37 kB Progress (2): 135/215 kB | 37 kB Progress (2): 139/215 kB | 37 kB Progress (2): 143/215 kB | 37 kB Progress (2): 147/215 kB | 37 kB Progress (2): 151/215 kB | 37 kB Progress (2): 155/215 kB | 37 kB Progress (2): 159/215 kB | 37 kB Progress (2): 163/215 kB | 37 kB Progress (2): 167/215 kB | 37 kB Progress (2): 172/215 kB | 37 kB Progress (2): 176/215 kB | 37 kB Progress (2): 180/215 kB | 37 kB Progress (2): 184/215 kB | 37 kB Progress (2): 188/215 kB | 37 kB Progress (2): 192/215 kB | 37 kB Progress (2): 196/215 kB | 37 kB Progress (2): 200/215 kB | 37 kB Progress (2): 204/215 kB | 37 kB Progress (2): 208/215 kB | 37 kB Progress (2): 213/215 kB | 37 kB Progress (2): 215 kB | 37 kB Progress (3): 215 kB | 37 kB | 4.1/134 kB Progress (3): 215 kB | 37 kB | 7.7/134 kB Progress (3): 215 kB | 37 kB | 12/134 kB Progress (3): 215 kB | 37 kB | 16/134 kB Progress (3): 215 kB | 37 kB | 20/134 kB Progress (3): 215 kB | 37 kB | 24/134 kB Progress (3): 215 kB | 37 kB | 28/134 kB Progress (3): 215 kB | 37 kB | 32/134 kB Progress (3): 215 kB | 37 kB | 36/134 kB Progress (3): 215 kB | 37 kB | 40/134 kB Progress (3): 215 kB | 37 kB | 45/134 kB Progress (3): 215 kB | 37 kB | 49/134 kB Progress (3): 215 kB | 37 kB | 53/134 kB Progress (3): 215 kB | 37 kB | 57/134 kB Progress (3): 215 kB | 37 kB | 61/134 kB Progress (3): 215 kB | 37 kB | 65/134 kB Progress (3): 215 kB | 37 kB | 69/134 kB Progress (3): 215 kB | 37 kB | 73/134 kB Progress (3): 215 kB | 37 kB | 77/134 kB Progress (3): 215 kB | 37 kB | 81/134 kB Progress (3): 215 kB | 37 kB | 86/134 kB Progress (3): 215 kB | 37 kB | 90/134 kB Progress (3): 215 kB | 37 kB | 94/134 kB Progress (3): 215 kB | 37 kB | 98/134 kB Progress (3): 215 kB | 37 kB | 102/134 kB Progress (3): 215 kB | 37 kB | 106/134 kB Progress (3): 215 kB | 37 kB | 110/134 kB Progress (3): 215 kB | 37 kB | 114/134 kB Progress (3): 215 kB | 37 kB | 118/134 kB Progress (3): 215 kB | 37 kB | 122/134 kB Progress (3): 215 kB | 37 kB | 126/134 kB Progress (3): 215 kB | 37 kB | 131/134 kB Progress (3): 215 kB | 37 kB | 134 kB Progress (4): 215 kB | 37 kB | 134 kB | 3.4/180 kB Progress (4): 215 kB | 37 kB | 134 kB | 7.5/180 kB Progress (4): 215 kB | 37 kB | 134 kB | 12/180 kB Progress (4): 215 kB | 37 kB | 134 kB | 16/180 kB Progress (4): 215 kB | 37 kB | 134 kB | 20/180 kB Progress (4): 215 kB | 37 kB | 134 kB | 24/180 kB Progress (4): 215 kB | 37 kB | 134 kB | 28/180 kB Progress (4): 215 kB | 37 kB | 134 kB | 32/180 kB Progress (4): 215 kB | 37 kB | 134 kB | 36/180 kB Progress (4): 215 kB | 37 kB | 134 kB | 40/180 kB Progress (4): 215 kB | 37 kB | 134 kB | 44/180 kB Progress (4): 215 kB | 37 kB | 134 kB | 48/180 kB Progress (4): 215 kB | 37 kB | 134 kB | 53/180 kB Progress (4): 215 kB | 37 kB | 134 kB | 57/180 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-dependency-tree/3.0.1/maven-dependency-tree-3.0.1.jar (37 kB at 129 kB/s) Progress (3): 215 kB | 134 kB | 61/180 kB Downloading from central: https://repo.maven.apache.org/maven2/com/google/guava/guava/28.2-android/guava-28.2-android.jar Progress (3): 215 kB | 134 kB | 65/180 kB Progress (3): 215 kB | 134 kB | 69/180 kB Progress (3): 215 kB | 134 kB | 73/180 kB Progress (3): 215 kB | 134 kB | 77/180 kB Progress (3): 215 kB | 134 kB | 81/180 kB Progress (3): 215 kB | 134 kB | 85/180 kB Progress (3): 215 kB | 134 kB | 89/180 kB Progress (3): 215 kB | 134 kB | 93/180 kB Progress (3): 215 kB | 134 kB | 98/180 kB Progress (3): 215 kB | 134 kB | 102/180 kB Progress (3): 215 kB | 134 kB | 106/180 kB Progress (3): 215 kB | 134 kB | 110/180 kB Progress (3): 215 kB | 134 kB | 114/180 kB Progress (3): 215 kB | 134 kB | 118/180 kB Progress (3): 215 kB | 134 kB | 122/180 kB Progress (3): 215 kB | 134 kB | 126/180 kB Progress (3): 215 kB | 134 kB | 130/180 kB Progress (3): 215 kB | 134 kB | 134/180 kB Progress (3): 215 kB | 134 kB | 139/180 kB Progress (3): 215 kB | 134 kB | 143/180 kB Progress (3): 215 kB | 134 kB | 147/180 kB Progress (3): 215 kB | 134 kB | 151/180 kB Progress (3): 215 kB | 134 kB | 155/180 kB Progress (3): 215 kB | 134 kB | 159/180 kB Progress (3): 215 kB | 134 kB | 163/180 kB Progress (3): 215 kB | 134 kB | 167/180 kB Progress (3): 215 kB | 134 kB | 171/180 kB Progress (3): 215 kB | 134 kB | 175/180 kB Progress (3): 215 kB | 134 kB | 179/180 kB Progress (3): 215 kB | 134 kB | 180 kB Downloaded from central: https://repo.maven.apache.org/maven2/commons-io/commons-io/2.6/commons-io-2.6.jar (215 kB at 748 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/com/google/guava/failureaccess/1.0.1/failureaccess-1.0.1.jar Progress (3): 134 kB | 180 kB | 4.1/85 kB Progress (3): 134 kB | 180 kB | 7.7/85 kB Progress (3): 134 kB | 180 kB | 12/85 kB Progress (3): 134 kB | 180 kB | 16/85 kB Progress (3): 134 kB | 180 kB | 20/85 kB Progress (3): 134 kB | 180 kB | 24/85 kB Progress (3): 134 kB | 180 kB | 28/85 kB Progress (3): 134 kB | 180 kB | 32/85 kB Progress (3): 134 kB | 180 kB | 36/85 kB Progress (3): 134 kB | 180 kB | 40/85 kB Progress (3): 134 kB | 180 kB | 44/85 kB Progress (3): 134 kB | 180 kB | 48/85 kB Progress (3): 134 kB | 180 kB | 53/85 kB Progress (3): 134 kB | 180 kB | 57/85 kB Progress (3): 134 kB | 180 kB | 61/85 kB Progress (3): 134 kB | 180 kB | 65/85 kB Progress (3): 134 kB | 180 kB | 69/85 kB Progress (3): 134 kB | 180 kB | 73/85 kB Progress (3): 134 kB | 180 kB | 77/85 kB Progress (3): 134 kB | 180 kB | 81/85 kB Progress (3): 134 kB | 180 kB | 85 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/eclipse/aether/aether-util/0.9.0.M2/aether-util-0.9.0.M2.jar (134 kB at 453 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/com/google/guava/listenablefuture/9999.0-empty-to-avoid-conflict-with-guava/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar Progress (3): 180 kB | 85 kB | 3.3/4.6 kB Progress (3): 180 kB | 85 kB | 4.6 kB Progress (4): 180 kB | 85 kB | 4.6 kB | 0/2.6 MB Progress (4): 180 kB | 85 kB | 4.6 kB | 0/2.6 MB Progress (4): 180 kB | 85 kB | 4.6 kB | 0/2.6 MB Progress (4): 180 kB | 85 kB | 4.6 kB | 0.1/2.6 MB Progress (4): 180 kB | 85 kB | 4.6 kB | 0.1/2.6 MB Progress (4): 180 kB | 85 kB | 4.6 kB | 0.1/2.6 MB Progress (4): 180 kB | 85 kB | 4.6 kB | 0.1/2.6 MB Progress (4): 180 kB | 85 kB | 4.6 kB | 0.1/2.6 MB Progress (4): 180 kB | 85 kB | 4.6 kB | 0.1/2.6 MB Downloaded from central: https://repo.maven.apache.org/maven2/org/vafer/jdependency/2.4.0/jdependency-2.4.0.jar (180 kB at 581 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/com/google/code/findbugs/jsr305/3.0.2/jsr305-3.0.2.jar Progress (3): 85 kB | 4.6 kB | 0.2/2.6 MB Progress (3): 85 kB | 4.6 kB | 0.2/2.6 MB Progress (3): 85 kB | 4.6 kB | 0.2/2.6 MB Progress (3): 85 kB | 4.6 kB | 0.2/2.6 MB Progress (3): 85 kB | 4.6 kB | 0.2/2.6 MB Progress (3): 85 kB | 4.6 kB | 0.2/2.6 MB Progress (3): 85 kB | 4.6 kB | 0.3/2.6 MB Progress (3): 85 kB | 4.6 kB | 0.3/2.6 MB Progress (3): 85 kB | 4.6 kB | 0.3/2.6 MB Progress (3): 85 kB | 4.6 kB | 0.3/2.6 MB Progress (3): 85 kB | 4.6 kB | 0.3/2.6 MB Progress (3): 85 kB | 4.6 kB | 0.3/2.6 MB Progress (3): 85 kB | 4.6 kB | 0.4/2.6 MB Progress (4): 85 kB | 4.6 kB | 0.4/2.6 MB | 2.2 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/ow2/asm/asm-util/8.0/asm-util-8.0.jar (85 kB at 270 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/checkerframework/checker-compat-qual/2.5.5/checker-compat-qual-2.5.5.jar Progress (3): 4.6 kB | 0.4/2.6 MB | 2.2 kB Progress (3): 4.6 kB | 0.4/2.6 MB | 2.2 kB Progress (3): 4.6 kB | 0.4/2.6 MB | 2.2 kB Progress (3): 4.6 kB | 0.4/2.6 MB | 2.2 kB Progress (3): 4.6 kB | 0.4/2.6 MB | 2.2 kB Progress (3): 4.6 kB | 0.5/2.6 MB | 2.2 kB Progress (3): 4.6 kB | 0.5/2.6 MB | 2.2 kB Progress (3): 4.6 kB | 0.5/2.6 MB | 2.2 kB Progress (3): 4.6 kB | 0.5/2.6 MB | 2.2 kB Progress (3): 4.6 kB | 0.5/2.6 MB | 2.2 kB Progress (3): 4.6 kB | 0.5/2.6 MB | 2.2 kB Progress (3): 4.6 kB | 0.6/2.6 MB | 2.2 kB Progress (3): 4.6 kB | 0.6/2.6 MB | 2.2 kB Progress (3): 4.6 kB | 0.6/2.6 MB | 2.2 kB Progress (3): 4.6 kB | 0.6/2.6 MB | 2.2 kB Progress (3): 4.6 kB | 0.6/2.6 MB | 2.2 kB Progress (3): 4.6 kB | 0.6/2.6 MB | 2.2 kB Progress (3): 4.6 kB | 0.7/2.6 MB | 2.2 kB Progress (3): 4.6 kB | 0.7/2.6 MB | 2.2 kB Downloaded from central: https://repo.maven.apache.org/maven2/com/google/guava/failureaccess/1.0.1/failureaccess-1.0.1.jar (4.6 kB at 14 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/com/google/errorprone/error_prone_annotations/2.3.4/error_prone_annotations-2.3.4.jar Progress (2): 0.7/2.6 MB | 2.2 kB Progress (2): 0.7/2.6 MB | 2.2 kB Progress (2): 0.7/2.6 MB | 2.2 kB Progress (2): 0.7/2.6 MB | 2.2 kB Progress (2): 0.8/2.6 MB | 2.2 kB Progress (2): 0.8/2.6 MB | 2.2 kB Progress (2): 0.8/2.6 MB | 2.2 kB Progress (2): 0.8/2.6 MB | 2.2 kB Progress (2): 0.8/2.6 MB | 2.2 kB Progress (2): 0.8/2.6 MB | 2.2 kB Progress (2): 0.8/2.6 MB | 2.2 kB Progress (2): 0.9/2.6 MB | 2.2 kB Progress (2): 0.9/2.6 MB | 2.2 kB Progress (2): 0.9/2.6 MB | 2.2 kB Progress (2): 0.9/2.6 MB | 2.2 kB Progress (2): 0.9/2.6 MB | 2.2 kB Progress (2): 0.9/2.6 MB | 2.2 kB Progress (2): 1.0/2.6 MB | 2.2 kB Progress (2): 1.0/2.6 MB | 2.2 kB Progress (2): 1.0/2.6 MB | 2.2 kB Progress (2): 1.0/2.6 MB | 2.2 kB Progress (2): 1.0/2.6 MB | 2.2 kB Progress (2): 1.0/2.6 MB | 2.2 kB Progress (2): 1.1/2.6 MB | 2.2 kB Progress (2): 1.1/2.6 MB | 2.2 kB Progress (2): 1.1/2.6 MB | 2.2 kB Progress (2): 1.1/2.6 MB | 2.2 kB Progress (2): 1.1/2.6 MB | 2.2 kB Progress (2): 1.1/2.6 MB | 2.2 kB Progress (2): 1.2/2.6 MB | 2.2 kB Progress (2): 1.2/2.6 MB | 2.2 kB Progress (2): 1.2/2.6 MB | 2.2 kB Progress (2): 1.2/2.6 MB | 2.2 kB Progress (2): 1.2/2.6 MB | 2.2 kB Progress (2): 1.2/2.6 MB | 2.2 kB Progress (2): 1.3/2.6 MB | 2.2 kB Progress (2): 1.3/2.6 MB | 2.2 kB Progress (2): 1.3/2.6 MB | 2.2 kB Progress (2): 1.3/2.6 MB | 2.2 kB Progress (2): 1.3/2.6 MB | 2.2 kB Progress (2): 1.3/2.6 MB | 2.2 kB Progress (2): 1.4/2.6 MB | 2.2 kB Progress (2): 1.4/2.6 MB | 2.2 kB Progress (2): 1.4/2.6 MB | 2.2 kB Progress (2): 1.4/2.6 MB | 2.2 kB Progress (2): 1.4/2.6 MB | 2.2 kB Progress (2): 1.4/2.6 MB | 2.2 kB Progress (2): 1.5/2.6 MB | 2.2 kB Progress (2): 1.5/2.6 MB | 2.2 kB Progress (2): 1.5/2.6 MB | 2.2 kB Progress (2): 1.5/2.6 MB | 2.2 kB Progress (2): 1.5/2.6 MB | 2.2 kB Progress (2): 1.5/2.6 MB | 2.2 kB Progress (2): 1.6/2.6 MB | 2.2 kB Progress (2): 1.6/2.6 MB | 2.2 kB Progress (2): 1.6/2.6 MB | 2.2 kB Progress (2): 1.6/2.6 MB | 2.2 kB Progress (2): 1.6/2.6 MB | 2.2 kB Progress (2): 1.6/2.6 MB | 2.2 kB Progress (2): 1.7/2.6 MB | 2.2 kB Progress (2): 1.7/2.6 MB | 2.2 kB Progress (2): 1.7/2.6 MB | 2.2 kB Progress (2): 1.7/2.6 MB | 2.2 kB Progress (2): 1.7/2.6 MB | 2.2 kB Progress (2): 1.7/2.6 MB | 2.2 kB Progress (2): 1.8/2.6 MB | 2.2 kB Progress (2): 1.8/2.6 MB | 2.2 kB Progress (2): 1.8/2.6 MB | 2.2 kB Progress (2): 1.8/2.6 MB | 2.2 kB Progress (3): 1.8/2.6 MB | 2.2 kB | 4.1/20 kB Progress (3): 1.8/2.6 MB | 2.2 kB | 4.1/20 kB Progress (3): 1.8/2.6 MB | 2.2 kB | 7.7/20 kB Progress (3): 1.8/2.6 MB | 2.2 kB | 7.7/20 kB Progress (3): 1.8/2.6 MB | 2.2 kB | 12/20 kB Progress (3): 1.8/2.6 MB | 2.2 kB | 16/20 kB Progress (3): 1.8/2.6 MB | 2.2 kB | 16/20 kB Progress (3): 1.8/2.6 MB | 2.2 kB | 20 kB Progress (3): 1.9/2.6 MB | 2.2 kB | 20 kB Progress (3): 1.9/2.6 MB | 2.2 kB | 20 kB Progress (3): 1.9/2.6 MB | 2.2 kB | 20 kB Progress (3): 1.9/2.6 MB | 2.2 kB | 20 kB Downloaded from central: https://repo.maven.apache.org/maven2/com/google/guava/listenablefuture/9999.0-empty-to-avoid-conflict-with-guava/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar (2.2 kB at 6.6 kB/s) Progress (2): 1.9/2.6 MB | 20 kB Downloading from central: https://repo.maven.apache.org/maven2/com/google/j2objc/j2objc-annotations/1.3/j2objc-annotations-1.3.jar Progress (2): 1.9/2.6 MB | 20 kB Progress (2): 2.0/2.6 MB | 20 kB Progress (2): 2.0/2.6 MB | 20 kB Progress (2): 2.0/2.6 MB | 20 kB Progress (2): 2.0/2.6 MB | 20 kB Progress (2): 2.0/2.6 MB | 20 kB Progress (2): 2.0/2.6 MB | 20 kB Progress (2): 2.1/2.6 MB | 20 kB Progress (2): 2.1/2.6 MB | 20 kB Progress (2): 2.1/2.6 MB | 20 kB Progress (2): 2.1/2.6 MB | 20 kB Progress (2): 2.1/2.6 MB | 20 kB Progress (2): 2.1/2.6 MB | 20 kB Progress (2): 2.2/2.6 MB | 20 kB Progress (2): 2.2/2.6 MB | 20 kB Progress (2): 2.2/2.6 MB | 20 kB Progress (2): 2.2/2.6 MB | 20 kB Progress (2): 2.2/2.6 MB | 20 kB Progress (2): 2.2/2.6 MB | 20 kB Progress (2): 2.3/2.6 MB | 20 kB Progress (2): 2.3/2.6 MB | 20 kB Progress (2): 2.3/2.6 MB | 20 kB Progress (2): 2.3/2.6 MB | 20 kB Progress (2): 2.3/2.6 MB | 20 kB Progress (2): 2.3/2.6 MB | 20 kB Progress (2): 2.4/2.6 MB | 20 kB Progress (2): 2.4/2.6 MB | 20 kB Progress (2): 2.4/2.6 MB | 20 kB Progress (2): 2.4/2.6 MB | 20 kB Progress (2): 2.4/2.6 MB | 20 kB Progress (2): 2.4/2.6 MB | 20 kB Progress (2): 2.5/2.6 MB | 20 kB Progress (3): 2.5/2.6 MB | 20 kB | 4.1/14 kB Progress (3): 2.5/2.6 MB | 20 kB | 4.1/14 kB Progress (3): 2.5/2.6 MB | 20 kB | 7.7/14 kB Progress (3): 2.5/2.6 MB | 20 kB | 12/14 kB Progress (3): 2.5/2.6 MB | 20 kB | 14 kB Progress (4): 2.5/2.6 MB | 20 kB | 14 kB | 4.1/5.9 kB Progress (4): 2.5/2.6 MB | 20 kB | 14 kB | 4.1/5.9 kB Progress (4): 2.5/2.6 MB | 20 kB | 14 kB | 5.9 kB Progress (4): 2.5/2.6 MB | 20 kB | 14 kB | 5.9 kB Progress (4): 2.5/2.6 MB | 20 kB | 14 kB | 5.9 kB Progress (4): 2.5/2.6 MB | 20 kB | 14 kB | 5.9 kB Progress (4): 2.6/2.6 MB | 20 kB | 14 kB | 5.9 kB Progress (4): 2.6/2.6 MB | 20 kB | 14 kB | 5.9 kB Progress (4): 2.6/2.6 MB | 20 kB | 14 kB | 5.9 kB Progress (4): 2.6/2.6 MB | 20 kB | 14 kB | 5.9 kB Progress (4): 2.6/2.6 MB | 20 kB | 14 kB | 5.9 kB Progress (4): 2.6 MB | 20 kB | 14 kB | 5.9 kB Progress (5): 2.6 MB | 20 kB | 14 kB | 5.9 kB | 4.1/8.8 kB Progress (5): 2.6 MB | 20 kB | 14 kB | 5.9 kB | 7.7/8.8 kB Progress (5): 2.6 MB | 20 kB | 14 kB | 5.9 kB | 8.8 kB Downloaded from central: https://repo.maven.apache.org/maven2/com/google/guava/guava/28.2-android/guava-28.2-android.jar (2.6 MB at 7.4 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/commons/commons-lang3/3.7/commons-lang3-3.7.jar Downloaded from central: https://repo.maven.apache.org/maven2/com/google/code/findbugs/jsr305/3.0.2/jsr305-3.0.2.jar (20 kB at 56 kB/s) Downloaded from central: https://repo.maven.apache.org/maven2/org/checkerframework/checker-compat-qual/2.5.5/checker-compat-qual-2.5.5.jar (5.9 kB at 16 kB/s) Downloaded from central: https://repo.maven.apache.org/maven2/com/google/j2objc/j2objc-annotations/1.3/j2objc-annotations-1.3.jar (8.8 kB at 24 kB/s) Downloaded from central: https://repo.maven.apache.org/maven2/com/google/errorprone/error_prone_annotations/2.3.4/error_prone_annotations-2.3.4.jar (14 kB at 38 kB/s) Progress (1): 4.1/500 kB Progress (1): 7.7/500 kB Progress (1): 12/500 kB Progress (1): 16/500 kB Progress (1): 20/500 kB Progress (1): 24/500 kB Progress (1): 28/500 kB Progress (1): 32/500 kB Progress (1): 36/500 kB Progress (1): 40/500 kB Progress (1): 44/500 kB Progress (1): 48/500 kB Progress (1): 53/500 kB Progress (1): 57/500 kB Progress (1): 61/500 kB Progress (1): 65/500 kB Progress (1): 69/500 kB Progress (1): 73/500 kB Progress (1): 77/500 kB Progress (1): 81/500 kB Progress (1): 85/500 kB Progress (1): 89/500 kB Progress (1): 93/500 kB Progress (1): 98/500 kB Progress (1): 102/500 kB Progress (1): 106/500 kB Progress (1): 110/500 kB Progress (1): 114/500 kB Progress (1): 118/500 kB Progress (1): 122/500 kB Progress (1): 126/500 kB Progress (1): 130/500 kB Progress (1): 134/500 kB Progress (1): 139/500 kB Progress (1): 143/500 kB Progress (1): 147/500 kB Progress (1): 151/500 kB Progress (1): 155/500 kB Progress (1): 159/500 kB Progress (1): 163/500 kB Progress (1): 167/500 kB Progress (1): 171/500 kB Progress (1): 175/500 kB Progress (1): 179/500 kB Progress (1): 184/500 kB Progress (1): 188/500 kB Progress (1): 192/500 kB Progress (1): 196/500 kB Progress (1): 200/500 kB Progress (1): 204/500 kB Progress (1): 208/500 kB Progress (1): 212/500 kB Progress (1): 216/500 kB Progress (1): 220/500 kB Progress (1): 225/500 kB Progress (1): 229/500 kB Progress (1): 233/500 kB Progress (1): 237/500 kB Progress (1): 241/500 kB Progress (1): 245/500 kB Progress (1): 249/500 kB Progress (1): 253/500 kB Progress (1): 257/500 kB Progress (1): 261/500 kB Progress (1): 265/500 kB Progress (1): 270/500 kB Progress (1): 274/500 kB Progress (1): 278/500 kB Progress (1): 282/500 kB Progress (1): 286/500 kB Progress (1): 290/500 kB Progress (1): 294/500 kB Progress (1): 298/500 kB Progress (1): 302/500 kB Progress (1): 306/500 kB Progress (1): 311/500 kB Progress (1): 315/500 kB Progress (1): 319/500 kB Progress (1): 323/500 kB Progress (1): 327/500 kB Progress (1): 331/500 kB Progress (1): 335/500 kB Progress (1): 339/500 kB Progress (1): 343/500 kB Progress (1): 347/500 kB Progress (1): 352/500 kB Progress (1): 356/500 kB Progress (1): 360/500 kB Progress (1): 364/500 kB Progress (1): 368/500 kB Progress (1): 372/500 kB Progress (1): 376/500 kB Progress (1): 380/500 kB Progress (1): 384/500 kB Progress (1): 388/500 kB Progress (1): 392/500 kB Progress (1): 397/500 kB Progress (1): 401/500 kB Progress (1): 405/500 kB Progress (1): 409/500 kB Progress (1): 413/500 kB Progress (1): 417/500 kB Progress (1): 421/500 kB Progress (1): 425/500 kB Progress (1): 429/500 kB Progress (1): 433/500 kB Progress (1): 438/500 kB Progress (1): 442/500 kB Progress (1): 446/500 kB Progress (1): 450/500 kB Progress (1): 454/500 kB Progress (1): 458/500 kB Progress (1): 462/500 kB Progress (1): 466/500 kB Progress (1): 470/500 kB Progress (1): 474/500 kB Progress (1): 478/500 kB Progress (1): 483/500 kB Progress (1): 487/500 kB Progress (1): 491/500 kB Progress (1): 495/500 kB Progress (1): 499/500 kB Progress (1): 500 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/commons/commons-lang3/3.7/commons-lang3-3.7.jar (500 kB at 1.3 MB/s) [INFO] Including io.github.stuartwdouglas.hacbs-test.simple:simple-jdk17:jar:0.1.2 in the shaded jar. [INFO] Including io.github.stuartwdouglas.hacbs-test.shaded:shaded-jdk11:jar:1.9 in the shaded jar. [INFO] Including io.github.stuartwdouglas.hacbs-test.simple:simple-jdk8:jar:1.2.4 in the shaded jar. [INFO] Including io.github.stuartwdouglas.hacbs-test.gradle:hacbs-test-simple-gradle-jdk8:jar:1.1 in the shaded jar. [WARNING] hacbs-test-simple-gradle-jdk8-1.1.jar, hacbs-test.jar, shaded-jdk11-1.9.jar, simple-jdk17-0.1.2.jar, simple-jdk8-1.2.4.jar define 1 overlapping resource: [WARNING] - META-INF/MANIFEST.MF [WARNING] shaded-jdk11-1.9.jar, simple-jdk8-1.2.4.jar define 3 overlapping classes and resources: [WARNING] - META-INF/maven/io.github.stuartwdouglas.hacbs-test.simple/simple-jdk8/pom.properties [WARNING] - META-INF/maven/io.github.stuartwdouglas.hacbs-test.simple/simple-jdk8/pom.xml [WARNING] - io.github.stuartwdouglas.hacbstest.simple.simplejdk8.Placeholder [WARNING] maven-shade-plugin has detected that some class files are [WARNING] present in two or more JARs. When this happens, only one [WARNING] single version of the class is copied to the uber jar. [WARNING] Usually this is not harmful and you can skip these warnings, [WARNING] otherwise try to manually exclude artifacts based on [WARNING] mvn dependency:tree -Ddetail=true and the above output. [WARNING] See http://maven.apache.org/plugins/maven-shade-plugin/ [INFO] Replacing original artifact with shaded artifact. [INFO] Replacing /work/target/hacbs-test.jar with /work/target/simple-java-project-1.0-SNAPSHOT-shaded.jar [INFO] ------------------------------------------------------------------------ [INFO] BUILD SUCCESS [INFO] ------------------------------------------------------------------------ [INFO] Total time: 23.419 s [INFO] Finished at: 2026-04-19T13:54:52Z [INFO] ------------------------------------------------------------------------ [2/2] STEP 1/10: FROM registry.access.redhat.com/ubi8/openjdk-17-runtime:1.23 [2/2] STEP 2/10: USER 185 [2/2] STEP 3/10: WORKDIR /work/ [2/2] STEP 4/10: COPY --from=builder /work/target/hacbs-test.jar /deployments [2/2] STEP 5/10: EXPOSE 8081 [2/2] STEP 6/10: ENV AB_JOLOKIA_OFF="" [2/2] STEP 7/10: ENV JAVA_APP_JAR="/deployments/hacbs-test.jar" [2/2] STEP 8/10: COPY labels.json /usr/share/buildinfo/labels.json [2/2] STEP 9/10: COPY labels.json /root/buildinfo/labels.json [2/2] STEP 10/10: LABEL "architecture"="x86_64" "vcs-type"="git" "vcs-ref"="1dc6580ea2177581106ef7a7bc3a5373b5412958" "org.opencontainers.image.revision"="1dc6580ea2177581106ef7a7bc3a5373b5412958" "org.opencontainers.image.source"="https://github.com/redhat-appstudio-qe/hacbs-test-project-konflux-demo" "build-date"="2026-04-19T13:54:02Z" "org.opencontainers.image.created"="2026-04-19T13:54:02Z" [2/2] COMMIT quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal:1dc6580ea2177581106ef7a7bc3a5373b5412958 --> 477faa991965 Successfully tagged quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal:1dc6580ea2177581106ef7a7bc3a5373b5412958 477faa9919655f645592ba9c127d3c87b3f7a6c272cbdcb63f0593da7cb8f054 [2026-04-19T13:54:54,142232024+00:00] Unsetting proxy [2026-04-19T13:54:54,143457076+00:00] Add metadata Recording base image digests used registry.access.redhat.com/ubi8/openjdk-17:1.23 registry.access.redhat.com/ubi8/openjdk-17:1.23@sha256:6e6e98401043d71da4c926b39f81212e3706b217cafc4486a021d8fd70942a2c registry.access.redhat.com/ubi8/openjdk-17-runtime:1.23 registry.access.redhat.com/ubi8/openjdk-17-runtime:1.23@sha256:16c9eb408282e44fa73ca965e1c17985a918e547e3e93ab361377b26358ac998 Getting image source signatures Copying blob sha256:d02ad0be35fee22b3f64a3fd06d0c2706975b6cebff156e618d8a733b6b65bb1 Copying blob sha256:731ab6a4578231c25989402ed2e317a416e5cc5470b94e3bd903ded3688705ac Copying blob sha256:90168dace6ac682b637f792ee2ace5eb28ab551affc91d45ba799bcd18295421 Copying config sha256:477faa9919655f645592ba9c127d3c87b3f7a6c272cbdcb63f0593da7cb8f054 Writing manifest to image destination [2026-04-19T13:54:57,984778645+00:00] End build pod: konflux-demo-component-kcal-on-push-f7qsx-build-container-pod | container step-push: [2026-04-19T13:54:58,501389250+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2026-04-19T13:55:01,300482805+00:00] Convert image [2026-04-19T13:55:01,301827995+00:00] Push image with unique tag Pushing to quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal:konflux-demo-component-kcal-on-push-f7qsx-build-container [retry] executing: buildah push --format=docker --retry 3 --tls-verify=true quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal:1dc6580ea2177581106ef7a7bc3a5373b5412958 docker://quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal:konflux-demo-component-kcal-on-push-f7qsx-build-container Getting image source signatures Copying blob sha256:d02ad0be35fee22b3f64a3fd06d0c2706975b6cebff156e618d8a733b6b65bb1 Copying blob sha256:90168dace6ac682b637f792ee2ace5eb28ab551affc91d45ba799bcd18295421 Copying blob sha256:731ab6a4578231c25989402ed2e317a416e5cc5470b94e3bd903ded3688705ac Copying config sha256:477faa9919655f645592ba9c127d3c87b3f7a6c272cbdcb63f0593da7cb8f054 Writing manifest to image destination [2026-04-19T13:55:40,688284852+00:00] Push image with git revision Pushing to quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal:1dc6580ea2177581106ef7a7bc3a5373b5412958 [retry] executing: buildah push --format=docker --retry 3 --tls-verify=true --digestfile /var/workdir/image-digest quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal:1dc6580ea2177581106ef7a7bc3a5373b5412958 docker://quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal:1dc6580ea2177581106ef7a7bc3a5373b5412958 Getting image source signatures Copying blob sha256:d02ad0be35fee22b3f64a3fd06d0c2706975b6cebff156e618d8a733b6b65bb1 Copying blob sha256:90168dace6ac682b637f792ee2ace5eb28ab551affc91d45ba799bcd18295421 Copying blob sha256:731ab6a4578231c25989402ed2e317a416e5cc5470b94e3bd903ded3688705ac Copying config sha256:477faa9919655f645592ba9c127d3c87b3f7a6c272cbdcb63f0593da7cb8f054 Writing manifest to image destination sha256:f0ff358b512eda5911cbbf3fa9c6626dea34634679b8d5ff7e453e15dcb96625quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal:1dc6580ea2177581106ef7a7bc3a5373b5412958 [retry] executing: kubectl get configmap cluster-config -n konflux-info -o json Keyless signing is disabled (none of rekorInternalUrl, fulcioInternalUrl, defaultOIDCIssuer, tufInternalUrl are configured in the konflux-info/cluster-config configmap) [2026-04-19T13:55:42,210844289+00:00] End push pod: konflux-demo-component-kcal-on-push-f7qsx-build-container-pod | container step-sbom-syft-generate: [2026-04-19T13:55:42,690440668+00:00] Generate SBOM Running syft on the image Running syft on the source code [0000] WARN no explicit name and version provided for directory source, deriving artifact ID from the given path (which is not ideal) [2026-04-19T13:55:51,615207442+00:00] End sbom-syft-generate pod: konflux-demo-component-kcal-on-push-f7qsx-build-container-pod | container step-prepare-sboms: [2026-04-19T13:55:51,859565556+00:00] Prepare SBOM [2026-04-19T13:55:51,863445029+00:00] Generate SBOM with mobster Skipping SBOM validation 2026-04-19 13:55:53,052 [INFO] mobster.log: Logging level set to 20 2026-04-19 13:55:53,142 [INFO] mobster.oci: Fetching manifest for registry.access.redhat.com/ubi8/openjdk-17-runtime@sha256:16c9eb408282e44fa73ca965e1c17985a918e547e3e93ab361377b26358ac998 2026-04-19 13:55:53,705 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type spdxjson failed for registry.access.redhat.com/ubi8/openjdk-17-runtime@sha256:83d4edae6b3967e539ef4ec566e3bb865a84506a6a1fe7e4770320da72e56dbb with output b"Error: no attestations with predicate type 'https://spdx.dev/Document' found\nerror during command execution: no attestations with predicate type 'https://spdx.dev/Document' found\n" 2026-04-19 13:55:53,971 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type cyclonedx failed for registry.access.redhat.com/ubi8/openjdk-17-runtime@sha256:83d4edae6b3967e539ef4ec566e3bb865a84506a6a1fe7e4770320da72e56dbb with output b"Error: no attestations with predicate type 'https://cyclonedx.org/bom' found\nerror during command execution: no attestations with predicate type 'https://cyclonedx.org/bom' found\n" 2026-04-19 13:55:54,350 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type spdxjson failed for registry.access.redhat.com/ubi8/openjdk-17-runtime@sha256:83d4edae6b3967e539ef4ec566e3bb865a84506a6a1fe7e4770320da72e56dbb with output b"Error: no attestations with predicate type 'https://spdx.dev/Document' found\nerror during command execution: no attestations with predicate type 'https://spdx.dev/Document' found\n" 2026-04-19 13:55:54,660 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type cyclonedx failed for registry.access.redhat.com/ubi8/openjdk-17-runtime@sha256:83d4edae6b3967e539ef4ec566e3bb865a84506a6a1fe7e4770320da72e56dbb with output b"Error: no attestations with predicate type 'https://cyclonedx.org/bom' found\nerror during command execution: no attestations with predicate type 'https://cyclonedx.org/bom' found\n" 2026-04-19 13:55:55,165 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type spdxjson failed for registry.access.redhat.com/ubi8/openjdk-17-runtime@sha256:83d4edae6b3967e539ef4ec566e3bb865a84506a6a1fe7e4770320da72e56dbb with output b"Error: no attestations with predicate type 'https://spdx.dev/Document' found\nerror during command execution: no attestations with predicate type 'https://spdx.dev/Document' found\n" 2026-04-19 13:55:55,450 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type cyclonedx failed for registry.access.redhat.com/ubi8/openjdk-17-runtime@sha256:83d4edae6b3967e539ef4ec566e3bb865a84506a6a1fe7e4770320da72e56dbb with output b"Error: no attestations with predicate type 'https://cyclonedx.org/bom' found\nerror during command execution: no attestations with predicate type 'https://cyclonedx.org/bom' found\n" 2026-04-19 13:55:55,997 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type spdxjson failed for registry.access.redhat.com/ubi8/openjdk-17-runtime@sha256:83d4edae6b3967e539ef4ec566e3bb865a84506a6a1fe7e4770320da72e56dbb with output b"Error: no attestations with predicate type 'https://spdx.dev/Document' found\nerror during command execution: no attestations with predicate type 'https://spdx.dev/Document' found\n" 2026-04-19 13:55:56,207 [WARNING] mobster.oci.cosign.anonymous_fetcher: Cosign fetching attestation of type cyclonedx failed for registry.access.redhat.com/ubi8/openjdk-17-runtime@sha256:83d4edae6b3967e539ef4ec566e3bb865a84506a6a1fe7e4770320da72e56dbb with output b"Error: no attestations with predicate type 'https://cyclonedx.org/bom' found\nerror during command execution: no attestations with predicate type 'https://cyclonedx.org/bom' found\n" 2026-04-19 13:55:56,208 [INFO] mobster.cmd.generate.oci_image.contextual_sbom.contextualize: Contextual mechanism won't be used, there is no parent image SBOM. 2026-04-19 13:55:56,208 [INFO] mobster.cmd.generate.oci_image: Contextual SBOM workflow finished successfully. 2026-04-19 13:55:56,208 [INFO] mobster.log: Contextual workflow completed in 3.09s 2026-04-19 13:55:56,247 [INFO] mobster.main: Exiting with code 0. [2026-04-19T13:55:56,324614682+00:00] End prepare-sboms pod: konflux-demo-component-kcal-on-push-f7qsx-build-container-pod | container step-upload-sbom: [2026-04-19T13:55:57,004817623+00:00] Upload SBOM INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' Using token for quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal Pushing sbom to registry [retry] executing: cosign attach sbom --sbom sbom.json --type spdx quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal:1dc6580ea2177581106ef7a7bc3a5373b5412958@sha256:f0ff358b512eda5911cbbf3fa9c6626dea34634679b8d5ff7e453e15dcb96625 WARNING: SBOM attachments are deprecated and support will be removed in a Cosign release soon after 2024-02-22 (see https://github.com/sigstore/cosign/issues/2755). Instead, please use SBOM attestations. WARNING: Attaching SBOMs this way does not sign them. To sign them, use 'cosign attest --predicate sbom.json --key <key path>'. Uploading SBOM file for [quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal@sha256:f0ff358b512eda5911cbbf3fa9c6626dea34634679b8d5ff7e453e15dcb96625] to [quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal:sha256-f0ff358b512eda5911cbbf3fa9c6626dea34634679b8d5ff7e453e15dcb96625.sbom] with mediaType [text/spdx+json]. quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal@sha256:06d1af9e3437b2f14c56ff431813a7abbe37521bb9782c294d310318c45717c7 [2026-04-19T13:56:00,815730849+00:00] End upload-sbom pod: konflux-demo-component-kcal-on-push-f7qsx-build-image-index-pod | init container: prepare 2026/04/19 13:56:11 Entrypoint initialization pod: konflux-demo-component-kcal-on-push-f7qsx-build-image-index-pod | init container: place-scripts 2026/04/19 13:56:12 Decoded script /tekton/scripts/script-0-qm8q7 2026/04/19 13:56:12 Decoded script /tekton/scripts/script-1-8g5dm 2026/04/19 13:56:12 Decoded script /tekton/scripts/script-2-vgtz7 pod: konflux-demo-component-kcal-on-push-f7qsx-build-image-index-pod | container step-build: [2026-04-19T13:56:22,767437359+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' Running konflux-build-cli time="2026-04-19T13:56:25Z" level=info msg="[param] image: quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal:1dc6580ea2177581106ef7a7bc3a5373b5412958" time="2026-04-19T13:56:25Z" level=info msg="[param] images: [quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal:1dc6580ea2177581106ef7a7bc3a5373b5412958@sha256:f0ff358b512eda5911cbbf3fa9c6626dea34634679b8d5ff7e453e15dcb96625]" time="2026-04-19T13:56:25Z" level=info msg="[param] buildah-format: docker" time="2026-04-19T13:56:25Z" level=info msg="[param] always-build-index: false" time="2026-04-19T13:56:25Z" level=info msg="[param] additional-tags: [konflux-demo-component-kcal-on-push-f7qsx-build-image-index]" time="2026-04-19T13:56:25Z" level=info msg="[param] output-manifest-path: /index-build-data/manifest_data.json" time="2026-04-19T13:56:25Z" level=info msg="[param] result-path-image-digest: /tekton/results/IMAGE_DIGEST" time="2026-04-19T13:56:25Z" level=info msg="[param] result-path-image-url: /tekton/results/IMAGE_URL" time="2026-04-19T13:56:25Z" level=info msg="[param] result-path-image-ref: /tekton/results/IMAGE_REF" time="2026-04-19T13:56:25Z" level=info msg="[param] result-path-images: /tekton/results/IMAGES" time="2026-04-19T13:56:25Z" level=info msg="Creating manifest list: quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal:1dc6580ea2177581106ef7a7bc3a5373b5412958" time="2026-04-19T13:56:25Z" level=info msg="buildah [stdout] 253b1ff2bf5fc7ff783737e040a30861883fd20e0353a7408737fd071a868274" logger=CliExecutor time="2026-04-19T13:56:25Z" level=info msg="Skipping image index generation. Returning results for single image." {"image_digest":"sha256:f0ff358b512eda5911cbbf3fa9c6626dea34634679b8d5ff7e453e15dcb96625","image_url":"quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal:1dc6580ea2177581106ef7a7bc3a5373b5412958","image_ref":"quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal@sha256:f0ff358b512eda5911cbbf3fa9c6626dea34634679b8d5ff7e453e15dcb96625","images":"quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal@sha256:f0ff358b512eda5911cbbf3fa9c6626dea34634679b8d5ff7e453e15dcb96625"} pod: konflux-demo-component-kcal-on-push-f7qsx-build-image-index-pod | container step-create-sbom: The manifest_data.json file does not exist. Skipping the SBOM creation... pod: konflux-demo-component-kcal-on-push-f7qsx-build-image-index-pod | container step-upload-sbom: [2026-04-19T13:56:26,273140088+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' The index.spdx.json file does not exists. Skipping the SBOM upload... pod: konflux-demo-component-kcal-on-push-f7qsx-clair-scan-pod | init container: prepare 2026/04/19 14:00:13 Entrypoint initialization pod: konflux-demo-component-kcal-on-push-f7qsx-clair-scan-pod | init container: place-scripts 2026/04/19 14:00:13 Decoded script /tekton/scripts/script-0-z7v25 2026/04/19 14:00:13 Decoded script /tekton/scripts/script-1-48vvz 2026/04/19 14:00:13 Decoded script /tekton/scripts/script-2-pd5pr 2026/04/19 14:00:13 Decoded script /tekton/scripts/script-3-hlknf pod: konflux-demo-component-kcal-on-push-f7qsx-clair-scan-pod | container step-get-image-manifests: Inspecting raw image manifest quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal@sha256:f0ff358b512eda5911cbbf3fa9c6626dea34634679b8d5ff7e453e15dcb96625. pod: konflux-demo-component-kcal-on-push-f7qsx-clair-scan-pod | container step-get-vulnerabilities: Running clair-action on amd64 image manifest... �[90m2026-04-19T14:00:17Z�[0m �[32mINF�[0m �[1mmatchers created�[0m �[36mcomponent=�[0mlibvuln/New �[36mmatchers=�[0m[{"docs":"https://pkg.go.dev/github.com/quay/claircore/suse","name":"suse"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/ubuntu","name":"ubuntu-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/rhel","name":"rhel"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/gobin","name":"gobin"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/java","name":"java-maven"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/photon","name":"photon"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/rhel/rhcc","name":"rhel-container-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/alpine","name":"alpine-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/debian","name":"debian-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/oracle","name":"oracle"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/ruby","name":"ruby-gem"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/aws","name":"aws-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/python","name":"python"}] �[90m2026-04-19T14:00:17Z�[0m �[32mINF�[0m �[1mlibvuln initialized�[0m �[36mcomponent=�[0mlibvuln/New �[90m2026-04-19T14:00:18Z�[0m �[32mINF�[0m �[1mregistered configured scanners�[0m �[36mcomponent=�[0mlibindex/New �[90m2026-04-19T14:00:18Z�[0m �[32mINF�[0m �[1mNewLayerScanner: constructing a new layer-scanner�[0m �[36mcomponent=�[0mindexer.NewLayerScanner �[90m2026-04-19T14:00:18Z�[0m �[32mINF�[0m �[1mindex request start�[0m �[36mcomponent=�[0mlibindex/Libindex.Index �[36mmanifest=�[0msha256:f0ff358b512eda5911cbbf3fa9c6626dea34634679b8d5ff7e453e15dcb96625 �[90m2026-04-19T14:00:18Z�[0m �[32mINF�[0m �[1mstarting scan�[0m �[36mcomponent=�[0mindexer/controller/Controller.Index �[36mmanifest=�[0msha256:f0ff358b512eda5911cbbf3fa9c6626dea34634679b8d5ff7e453e15dcb96625 �[90m2026-04-19T14:00:18Z�[0m �[32mINF�[0m �[1mmanifest to be scanned�[0m �[36mcomponent=�[0mindexer/controller/Controller.Index �[36mmanifest=�[0msha256:f0ff358b512eda5911cbbf3fa9c6626dea34634679b8d5ff7e453e15dcb96625 �[36mstate=�[0mCheckManifest �[90m2026-04-19T14:00:18Z�[0m �[32mINF�[0m �[1mlayers fetch start�[0m �[36mcomponent=�[0mindexer/controller/Controller.Index �[36mmanifest=�[0msha256:f0ff358b512eda5911cbbf3fa9c6626dea34634679b8d5ff7e453e15dcb96625 �[36mstate=�[0mFetchLayers �[90m2026-04-19T14:00:20Z�[0m �[32mINF�[0m �[1mlayers fetch success�[0m �[36mcomponent=�[0mindexer/controller/Controller.Index �[36mmanifest=�[0msha256:f0ff358b512eda5911cbbf3fa9c6626dea34634679b8d5ff7e453e15dcb96625 �[36mstate=�[0mFetchLayers �[90m2026-04-19T14:00:20Z�[0m �[32mINF�[0m �[1mlayers fetch done�[0m �[36mcomponent=�[0mindexer/controller/Controller.Index �[36mmanifest=�[0msha256:f0ff358b512eda5911cbbf3fa9c6626dea34634679b8d5ff7e453e15dcb96625 �[36mstate=�[0mFetchLayers �[90m2026-04-19T14:00:20Z�[0m �[32mINF�[0m �[1mlayers scan start�[0m �[36mcomponent=�[0mindexer/controller/Controller.Index �[36mmanifest=�[0msha256:f0ff358b512eda5911cbbf3fa9c6626dea34634679b8d5ff7e453e15dcb96625 �[36mstate=�[0mScanLayers �[90m2026-04-19T14:00:20Z�[0m �[32mINF�[0m �[1mfound buildinfo Dockerfile�[0m �[36mcomponent=�[0mrhel/rhcc/scanner.Scan �[36mkind=�[0mpackage �[36mlayer=�[0msha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2 �[36mmanifest=�[0msha256:f0ff358b512eda5911cbbf3fa9c6626dea34634679b8d5ff7e453e15dcb96625 �[36mpath=�[0mroot/buildinfo/Dockerfile-ubi8-openjdk-17-runtime-1.23-4.1776047406 �[36mscanner=�[0mrhel_containerscanner �[36mstate=�[0mScanLayers �[90m2026-04-19T14:00:20Z�[0m �[32mINF�[0m �[1mskipping jar�[0m �[36mcomponent=�[0mjava/Scanner.Scan �[36mfile=�[0musr/lib/jvm/java-17-openjdk-17.0.18.0.8-1.el8.x86_64/lib/jrt-fs.jar �[36mkind=�[0mpackage �[36mlayer=�[0msha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2 �[36mmanifest=�[0msha256:f0ff358b512eda5911cbbf3fa9c6626dea34634679b8d5ff7e453e15dcb96625 �[36mreason=�[0m"jar: unidentified jar: jrt-fs.jar" �[36mscanner=�[0mjava �[36mstate=�[0mScanLayers �[36mversion=�[0m6 �[90m2026-04-19T14:00:20Z�[0m �[32mINF�[0m �[1mlayers scan done�[0m �[36mcomponent=�[0mindexer/controller/Controller.Index �[36mmanifest=�[0msha256:f0ff358b512eda5911cbbf3fa9c6626dea34634679b8d5ff7e453e15dcb96625 �[36mstate=�[0mScanLayers �[90m2026-04-19T14:00:20Z�[0m �[32mINF�[0m �[1mstarting index manifest�[0m �[36mcomponent=�[0mindexer/controller/Controller.Index �[36mmanifest=�[0msha256:f0ff358b512eda5911cbbf3fa9c6626dea34634679b8d5ff7e453e15dcb96625 �[36mstate=�[0mIndexManifest �[90m2026-04-19T14:00:20Z�[0m �[32mINF�[0m �[1mfinishing scan�[0m �[36mcomponent=�[0mindexer/controller/Controller.Index �[36mmanifest=�[0msha256:f0ff358b512eda5911cbbf3fa9c6626dea34634679b8d5ff7e453e15dcb96625 �[36mstate=�[0mIndexFinished �[90m2026-04-19T14:00:20Z�[0m �[32mINF�[0m �[1mmanifest successfully scanned�[0m �[36mcomponent=�[0mindexer/controller/Controller.Index �[36mmanifest=�[0msha256:f0ff358b512eda5911cbbf3fa9c6626dea34634679b8d5ff7e453e15dcb96625 �[36mstate=�[0mIndexFinished �[90m2026-04-19T14:00:21Z�[0m �[32mINF�[0m �[1mindex request done�[0m �[36mcomponent=�[0mlibindex/Libindex.Index �[36mmanifest=�[0msha256:f0ff358b512eda5911cbbf3fa9c6626dea34634679b8d5ff7e453e15dcb96625 { "manifest_hash": "sha256:f0ff358b512eda5911cbbf3fa9c6626dea34634679b8d5ff7e453e15dcb96625", "packages": { "+XM+s3niWaEk1U5jnR5DpA==": { "id": "+XM+s3niWaEk1U5jnR5DpA==", "name": "libyaml", "version": "0.1.7-5.el8", "kind": "binary", "source": { "id": "", "name": "libyaml", "version": "0.1.7-5.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "+Xr7HyTxXf0c8jLaUyo3xA==": { "id": "+Xr7HyTxXf0c8jLaUyo3xA==", "name": "libidn2", "version": "2.2.0-1.el8", "kind": "binary", "source": { "id": "", "name": "libidn2", "version": "2.2.0-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "+hvIC0Et/RtHi7EAFCmfEw==": { "id": "+hvIC0Et/RtHi7EAFCmfEw==", "name": "file-libs", "version": "5.33-27.el8_10", "kind": "binary", "source": { "id": "", "name": "file", "version": "5.33-27.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "+qrxjVH7Im8eBfrz4h4P/w==": { "id": "+qrxjVH7Im8eBfrz4h4P/w==", "name": "shadow-utils", "version": "2:4.6-23.el8_10", "kind": "binary", "source": { "id": "", "name": "shadow-utils", "version": "4.6-23.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "/ji9IJ9FfNcwqVRbMWZshQ==": { "id": "/ji9IJ9FfNcwqVRbMWZshQ==", "name": "nss-softokn-freebl", "version": "3.112.0-4.el8_10", "kind": "binary", "source": { "id": "", "name": "nss", "version": "3.112.0-4.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "0+9x6aIRcNDCM7R94cpzew==": { "id": "0+9x6aIRcNDCM7R94cpzew==", "name": "java-17-openjdk-headless", "version": "1:17.0.18.0.8-1.el8", "kind": "binary", "source": { "id": "", "name": "java-17-openjdk", "version": "17.0.18.0.8-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "1gormAsAjMuks2JveQRd0Q==": { "id": "1gormAsAjMuks2JveQRd0Q==", "name": "gobject-introspection", "version": "1.56.1-1.el8", "kind": "binary", "source": { "id": "", "name": "gobject-introspection", "version": "1.56.1-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "22yBCZl99yVP86UHT7jTdw==": { "id": "22yBCZl99yVP86UHT7jTdw==", "name": "tzdata", "version": "2026a-1.el8", "kind": "binary", "source": { "id": "", "name": "tzdata", "version": "2026a-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "2PBlaOceApWEi634ZUHO/g==": { "id": "2PBlaOceApWEi634ZUHO/g==", "name": "platform-python", "version": "3.6.8-75.el8_10", "kind": "binary", "source": { "id": "", "name": "python3", "version": "3.6.8-75.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "3+d+oaGDGj9g2+1RFZjY5A==": { "id": "3+d+oaGDGj9g2+1RFZjY5A==", "name": "gmp", "version": "1:6.1.2-11.el8", "kind": "binary", "source": { "id": "", "name": "gmp", "version": "6.1.2-11.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "3OVNevSm98h4f1fmX4IZwQ==": { "id": "3OVNevSm98h4f1fmX4IZwQ==", "name": "org.example:simple-java-project", "version": "1.0-SNAPSHOT", "kind": "binary", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "", "cpe": "" }, "3jI2apoRMNGhHa141Q5dlQ==": { "id": "3jI2apoRMNGhHa141Q5dlQ==", "name": "libksba", "version": "1.3.5-9.el8_7", "kind": "binary", "source": { "id": "", "name": "libksba", "version": "1.3.5-9.el8_7", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "3uSX4NgBxQvC8LEk48QoOQ==": { "id": "3uSX4NgBxQvC8LEk48QoOQ==", "name": "cyrus-sasl-lib", "version": "2.1.27-6.el8_5", "kind": "binary", "source": { "id": "", "name": "cyrus-sasl", "version": "2.1.27-6.el8_5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "45rvgYmy022Tx6fVWfking==": { "id": "45rvgYmy022Tx6fVWfking==", "name": "publicsuffix-list-dafsa", "version": "20180723-1.el8", "kind": "binary", "source": { "id": "", "name": "publicsuffix-list", "version": "20180723-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "47OMpR7yEmE4lttsyWq3fw==": { "id": "47OMpR7yEmE4lttsyWq3fw==", "name": "libusbx", "version": "1.0.23-4.el8", "kind": "binary", "source": { "id": "", "name": "libusbx", "version": "1.0.23-4.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "4ZgMXaHDWnwPnqKlcJzEIw==": { "id": "4ZgMXaHDWnwPnqKlcJzEIw==", "name": "krb5-libs", "version": "1.18.2-32.el8_10", "kind": "binary", "source": { "id": "", "name": "krb5", "version": "1.18.2-32.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "4flTdmUV4iK1Ax+LXJm8qQ==": { "id": "4flTdmUV4iK1Ax+LXJm8qQ==", "name": "gnutls", "version": "3.6.16-8.el8_10.5", "kind": "binary", "source": { "id": "", "name": "gnutls", "version": "3.6.16-8.el8_10.5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "4sG4bBloak5Sz907ZDRs6Q==": { "id": "4sG4bBloak5Sz907ZDRs6Q==", "name": "libnsl2", "version": "1.2.0-2.20180605git4a062cf.el8", "kind": "binary", "source": { "id": "", "name": "libnsl2", "version": "1.2.0-2.20180605git4a062cf.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "4uQuJg+li+gGAwnGRDcs+w==": { "id": "4uQuJg+li+gGAwnGRDcs+w==", "name": "nss", "version": "3.112.0-4.el8_10", "kind": "binary", "source": { "id": "", "name": "nss", "version": "3.112.0-4.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "5U8sNbKx0xZsaHcVt4MmxA==": { "id": "5U8sNbKx0xZsaHcVt4MmxA==", "name": "chkconfig", "version": "1.19.2-1.el8", "kind": "binary", "source": { "id": "", "name": "chkconfig", "version": "1.19.2-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "67DLnC895xbDFuD3MGhCtQ==": { "id": "67DLnC895xbDFuD3MGhCtQ==", "name": "io.github.stuartwdouglas.hacbs-test.simple:simple-jdk8", "version": "1.2.4", "kind": "binary", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "", "cpe": "" }, "6KnijwRsfeerWmf5Zl8NWw==": { "id": "6KnijwRsfeerWmf5Zl8NWw==", "name": "sed", "version": "4.5-5.el8", "kind": "binary", "source": { "id": "", "name": "sed", "version": "4.5-5.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "7eg89eCgA75bJ7WhhN/T4Q==": { "id": "7eg89eCgA75bJ7WhhN/T4Q==", "name": "libtasn1", "version": "4.13-5.el8_10", "kind": "binary", "source": { "id": "", "name": "libtasn1", "version": "4.13-5.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "9uhqFNTCJ7/bpzSlc7qCaQ==": { "id": "9uhqFNTCJ7/bpzSlc7qCaQ==", "name": "libgcrypt", "version": "1.8.5-7.el8_6", "kind": "binary", "source": { "id": "", "name": "libgcrypt", "version": "1.8.5-7.el8_6", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "AIs6pmCup5N9+6Ag6e2/og==": { "id": "AIs6pmCup5N9+6Ag6e2/og==", "name": "openssl-libs", "version": "1:1.1.1k-15.el8_6", "kind": "binary", "source": { "id": "", "name": "openssl", "version": "1.1.1k-15.el8_6", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "AuC6XQzcU/5tB4luIfjLFg==": { "id": "AuC6XQzcU/5tB4luIfjLFg==", "name": "elfutils-libelf", "version": "0.190-2.el8", "kind": "binary", "source": { "id": "", "name": "elfutils", "version": "0.190-2.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "AziZ1oGI+oDXVPzldKNj+w==": { "id": "AziZ1oGI+oDXVPzldKNj+w==", "name": "openldap", "version": "2.4.46-21.el8_10", "kind": "binary", "source": { "id": "", "name": "openldap", "version": "2.4.46-21.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "BPsD0kkdIoK3KQUZ5DpJjw==": { "id": "BPsD0kkdIoK3KQUZ5DpJjw==", "name": "dbus-libs", "version": "1:1.12.8-27.el8_10", "kind": "binary", "source": { "id": "", "name": "dbus", "version": "1.12.8-27.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "BmK1zIjr5KsuOODCYwxRCw==": { "id": "BmK1zIjr5KsuOODCYwxRCw==", "name": "libpsl", "version": "0.20.2-6.el8", "kind": "binary", "source": { "id": "", "name": "libpsl", "version": "0.20.2-6.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "CbqHQON08ZsUvPS9XDaTFA==": { "id": "CbqHQON08ZsUvPS9XDaTFA==", "name": "rpm", "version": "4.14.3-32.el8_10", "kind": "binary", "source": { "id": "", "name": "rpm", "version": "4.14.3-32.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "Cklbj7Y2kf3vqxqc0m1GHQ==": { "id": "Cklbj7Y2kf3vqxqc0m1GHQ==", "name": "librhsm", "version": "0.0.3-5.el8", "kind": "binary", "source": { "id": "", "name": "librhsm", "version": "0.0.3-5.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "D/ASdBsgxLNlG5Q8U7UPsQ==": { "id": "D/ASdBsgxLNlG5Q8U7UPsQ==", "name": "rootfiles", "version": "8.1-22.el8", "kind": "binary", "source": { "id": "", "name": "rootfiles", "version": "8.1-22.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "D9iJYSwBt2n6JCuuNo2fKg==": { "id": "D9iJYSwBt2n6JCuuNo2fKg==", "name": "audit-libs", "version": "3.1.2-1.el8_10.1", "kind": "binary", "source": { "id": "", "name": "audit", "version": "3.1.2-1.el8_10.1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "DV119Dw0W4RdsbJkdoHU9w==": { "id": "DV119Dw0W4RdsbJkdoHU9w==", "name": "curl", "version": "7.61.1-34.el8_10.11", "kind": "binary", "source": { "id": "", "name": "curl", "version": "7.61.1-34.el8_10.11", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "DgyhtZBcSIlVmY6xC8s1mA==": { "id": "DgyhtZBcSIlVmY6xC8s1mA==", "name": "coreutils-single", "version": "8.30-17.el8_10", "kind": "binary", "source": { "id": "", "name": "coreutils", "version": "8.30-17.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "EGfzPeF6a5hj9x4BwoN25A==": { "id": "EGfzPeF6a5hj9x4BwoN25A==", "name": "libcap", "version": "2.48-6.el8_9", "kind": "binary", "source": { "id": "", "name": "libcap", "version": "2.48-6.el8_9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "EiNiLT8ulizCzEWcybhizQ==": { "id": "EiNiLT8ulizCzEWcybhizQ==", "name": "lz4-libs", "version": "1.8.3-5.el8_10", "kind": "binary", "source": { "id": "", "name": "lz4", "version": "1.8.3-5.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "F7AOP7tK5AfUXV1g9iTzFA==": { "id": "F7AOP7tK5AfUXV1g9iTzFA==", "name": "mpfr", "version": "3.1.6-1.el8", "kind": "binary", "source": { "id": "", "name": "mpfr", "version": "3.1.6-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "FS5/DAbDsXWURU9onlACPA==": { "id": "FS5/DAbDsXWURU9onlACPA==", "name": "alsa-lib", "version": "1.2.10-2.el8", "kind": "binary", "source": { "id": "", "name": "alsa-lib", "version": "1.2.10-2.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "G+gX+j4AbiCorxKiF1UojA==": { "id": "G+gX+j4AbiCorxKiF1UojA==", "name": "libsolv", "version": "0.7.20-6.el8", "kind": "binary", "source": { "id": "", "name": "libsolv", "version": "0.7.20-6.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "GLKhGblbPbPbtDKwfpCv5A==": { "id": "GLKhGblbPbPbtDKwfpCv5A==", "name": "filesystem", "version": "3.8-6.el8", "kind": "binary", "source": { "id": "", "name": "filesystem", "version": "3.8-6.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "Gg1Q6hponuT1eSJHwaJ83w==": { "id": "Gg1Q6hponuT1eSJHwaJ83w==", "name": "libcap-ng", "version": "0.7.11-1.el8", "kind": "binary", "source": { "id": "", "name": "libcap-ng", "version": "0.7.11-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "HMIoZ/TKrKhxI1rD26qmpw==": { "id": "HMIoZ/TKrKhxI1rD26qmpw==", "name": "json-c", "version": "0.13.1-3.el8", "kind": "binary", "source": { "id": "", "name": "json-c", "version": "0.13.1-3.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "IzLcxZDtcvtJR5Gwdq9HDg==": { "id": "IzLcxZDtcvtJR5Gwdq9HDg==", "name": "libattr", "version": "2.4.48-3.el8", "kind": "binary", "source": { "id": "", "name": "attr", "version": "2.4.48-3.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "J34PJ2GThOWZuKVgFIoieA==": { "id": "J34PJ2GThOWZuKVgFIoieA==", "name": "zlib", "version": "1.2.11-25.el8", "kind": "binary", "source": { "id": "", "name": "zlib", "version": "1.2.11-25.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "JNDNKhJbFTSevs7EALfE9A==": { "id": "JNDNKhJbFTSevs7EALfE9A==", "name": "p11-kit", "version": "0.23.22-2.el8", "kind": "binary", "source": { "id": "", "name": "p11-kit", "version": "0.23.22-2.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "JvPeDbC4IianXNphFOy9jw==": { "id": "JvPeDbC4IianXNphFOy9jw==", "name": "openjdk-17-runtime-ubi8-container", "version": "1.23-4.1776047406", "kind": "source", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "rhctag:1.23.0.0.0.0.0.0.0.0", "arch": "x86_64", "cpe": "" }, "LXiVkIlXLq/usMYIwCTH8Q==": { "id": "LXiVkIlXLq/usMYIwCTH8Q==", "name": "libsmartcols", "version": "2.32.1-48.el8_10", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.32.1-48.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "LkoLKEri5dIAb0vFMkSOag==": { "id": "LkoLKEri5dIAb0vFMkSOag==", "name": "glibc-common", "version": "2.28-251.el8_10.31", "kind": "binary", "source": { "id": "", "name": "glibc", "version": "2.28-251.el8_10.31", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "N1RbIRo2SyHosQefv+skDw==": { "id": "N1RbIRo2SyHosQefv+skDw==", "name": "gawk", "version": "4.2.1-4.el8", "kind": "binary", "source": { "id": "", "name": "gawk", "version": "4.2.1-4.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "N3ZaMrNJKoumMpaY0smlMQ==": { "id": "N3ZaMrNJKoumMpaY0smlMQ==", "name": "sqlite-libs", "version": "3.26.0-20.el8_10", "kind": "binary", "source": { "id": "", "name": "sqlite", "version": "3.26.0-20.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "N5EuVcX6TPHBo7OPtax5uA==": { "id": "N5EuVcX6TPHBo7OPtax5uA==", "name": "crypto-policies-scripts", "version": "20230731-1.git3177e06.el8", "kind": "binary", "source": { "id": "", "name": "crypto-policies", "version": "20230731-1.git3177e06.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "NJbhst8VIOwst++ZzRP6tA==": { "id": "NJbhst8VIOwst++ZzRP6tA==", "name": "libpeas", "version": "1.22.0-6.el8", "kind": "binary", "source": { "id": "", "name": "libpeas", "version": "1.22.0-6.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "NguWV8S6YQYvQsGQDJm2Rg==": { "id": "NguWV8S6YQYvQsGQDJm2Rg==", "name": "ncurses-base", "version": "6.1-10.20180224.el8", "kind": "binary", "source": { "id": "", "name": "ncurses", "version": "6.1-10.20180224.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "NsvPyDc//39XTuXcn3j2uQ==": { "id": "NsvPyDc//39XTuXcn3j2uQ==", "name": "gdbm", "version": "1:1.18-2.el8", "kind": "binary", "source": { "id": "", "name": "gdbm", "version": "1.18-2.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "ORsDK2A5479NPB0r01PoXQ==": { "id": "ORsDK2A5479NPB0r01PoXQ==", "name": "libcurl", "version": "7.61.1-34.el8_10.11", "kind": "binary", "source": { "id": "", "name": "curl", "version": "7.61.1-34.el8_10.11", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "P5Se4zJpr8ZUwZNUojfuzA==": { "id": "P5Se4zJpr8ZUwZNUojfuzA==", "name": "libxcrypt", "version": "4.1.1-6.el8", "kind": "binary", "source": { "id": "", "name": "libxcrypt", "version": "4.1.1-6.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "POPH5BJ/Q4Bfen05TT291g==": { "id": "POPH5BJ/Q4Bfen05TT291g==", "name": "nss-util", "version": "3.112.0-4.el8_10", "kind": "binary", "source": { "id": "", "name": "nss", "version": "3.112.0-4.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "Q0uPb/t/3IQ8GEwlv/J3Cw==": { "id": "Q0uPb/t/3IQ8GEwlv/J3Cw==", "name": "libmount", "version": "2.32.1-48.el8_10", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.32.1-48.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "QC6e3OaV78mjs678tGU2KQ==": { "id": "QC6e3OaV78mjs678tGU2KQ==", "name": "libssh", "version": "0.9.6-16.el8_10", "kind": "binary", "source": { "id": "", "name": "libssh", "version": "0.9.6-16.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "QXEDMSZisv5SUXtJo7Fs5g==": { "id": "QXEDMSZisv5SUXtJo7Fs5g==", "name": "gpgme", "version": "1.13.1-12.el8", "kind": "binary", "source": { "id": "", "name": "gpgme", "version": "1.13.1-12.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "RKXYZTbYgViwzC05uqeDSg==": { "id": "RKXYZTbYgViwzC05uqeDSg==", "name": "io.github.stuartwdouglas.hacbs-test.simple:simple-jdk17", "version": "0.1.2", "kind": "binary", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "", "cpe": "" }, "RRWuvyUdhwGbBo2a/Ra1hw==": { "id": "RRWuvyUdhwGbBo2a/Ra1hw==", "name": "libselinux", "version": "2.9-11.el8_10", "kind": "binary", "source": { "id": "", "name": "libselinux", "version": "2.9-11.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "RtrzwDgrQgu9S5B72s2sww==": { "id": "RtrzwDgrQgu9S5B72s2sww==", "name": "libunistring", "version": "0.9.9-3.el8", "kind": "binary", "source": { "id": "", "name": "libunistring", "version": "0.9.9-3.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "TARQvmsLVC/S1fQD1jO4Xw==": { "id": "TARQvmsLVC/S1fQD1jO4Xw==", "name": "gdbm-libs", "version": "1:1.18-2.el8", "kind": "binary", "source": { "id": "", "name": "gdbm", "version": "1.18-2.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "U3ZkYu9FoEzQITrVBlQtLA==": { "id": "U3ZkYu9FoEzQITrVBlQtLA==", "name": "glibc", "version": "2.28-251.el8_10.31", "kind": "binary", "source": { "id": "", "name": "glibc", "version": "2.28-251.el8_10.31", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "USWNn71p+k059dbiu5HDEA==": { "id": "USWNn71p+k059dbiu5HDEA==", "name": "libassuan", "version": "2.5.1-3.el8", "kind": "binary", "source": { "id": "", "name": "libassuan", "version": "2.5.1-3.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "UUZyda9G/ffvF6rJ5W1UnQ==": { "id": "UUZyda9G/ffvF6rJ5W1UnQ==", "name": "libstdc++", "version": "8.5.0-28.el8_10", "kind": "binary", "source": { "id": "", "name": "gcc", "version": "8.5.0-28.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "Vax934M9zGbzjdT3Y/XU9w==": { "id": "Vax934M9zGbzjdT3Y/XU9w==", "name": "glibc-minimal-langpack", "version": "2.28-251.el8_10.31", "kind": "binary", "source": { "id": "", "name": "glibc", "version": "2.28-251.el8_10.31", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "VrCmPwuY69qW5jl9ctxOZg==": { "id": "VrCmPwuY69qW5jl9ctxOZg==", "name": "libtirpc", "version": "1.1.4-12.el8_10", "kind": "binary", "source": { "id": "", "name": "libtirpc", "version": "1.1.4-12.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "W66WOQ3v6r7mSn6+o7gaew==": { "id": "W66WOQ3v6r7mSn6+o7gaew==", "name": "popt", "version": "1.18-1.el8", "kind": "binary", "source": { "id": "", "name": "popt", "version": "1.18-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "Wq1n4jzKBPdL9z5l5HD99w==": { "id": "Wq1n4jzKBPdL9z5l5HD99w==", "name": "libarchive", "version": "3.3.3-6.el8_10", "kind": "binary", "source": { "id": "", "name": "libarchive", "version": "3.3.3-6.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "YjDcGmvP0/z8VqRiUvkhOQ==": { "id": "YjDcGmvP0/z8VqRiUvkhOQ==", "name": "gnupg2", "version": "2.2.20-4.el8_10", "kind": "binary", "source": { "id": "", "name": "gnupg2", "version": "2.2.20-4.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "Za0y7YiKRidyIBZNIzq/Ng==": { "id": "Za0y7YiKRidyIBZNIzq/Ng==", "name": "librepo", "version": "1.14.2-5.el8", "kind": "binary", "source": { "id": "", "name": "librepo", "version": "1.14.2-5.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "ar0do80Wlk1FaVvtx66g6Q==": { "id": "ar0do80Wlk1FaVvtx66g6Q==", "name": "brotli", "version": "1.0.6-4.el8_10", "kind": "binary", "source": { "id": "", "name": "brotli", "version": "1.0.6-4.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "auI8KtI6OozP7EAIr9UlQQ==": { "id": "auI8KtI6OozP7EAIr9UlQQ==", "name": "pcre2", "version": "10.32-3.el8_6", "kind": "binary", "source": { "id": "", "name": "pcre2", "version": "10.32-3.el8_6", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "bWUdPEYmtshwdmuX5VapfQ==": { "id": "bWUdPEYmtshwdmuX5VapfQ==", "name": "libblkid", "version": "2.32.1-48.el8_10", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.32.1-48.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "bmxL3lydQy0yU8g1iBgovg==": { "id": "bmxL3lydQy0yU8g1iBgovg==", "name": "libsepol", "version": "2.9-3.el8", "kind": "binary", "source": { "id": "", "name": "libsepol", "version": "2.9-3.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "cXCMP7NdkMDf1+Rb1IEktQ==": { "id": "cXCMP7NdkMDf1+Rb1IEktQ==", "name": "libsemanage", "version": "2.9-12.el8_10", "kind": "binary", "source": { "id": "", "name": "libsemanage", "version": "2.9-12.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "dOBT1Qffq44NOVuk9chDyg==": { "id": "dOBT1Qffq44NOVuk9chDyg==", "name": "readline", "version": "7.0-10.el8", "kind": "binary", "source": { "id": "", "name": "readline", "version": "7.0-10.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "dOwQwVL1NxmF6ouACZklrQ==": { "id": "dOwQwVL1NxmF6ouACZklrQ==", "name": "p11-kit-trust", "version": "0.23.22-2.el8", "kind": "binary", "source": { "id": "", "name": "p11-kit", "version": "0.23.22-2.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "dSjxsaDISLUiFwRTCSO8Tg==": { "id": "dSjxsaDISLUiFwRTCSO8Tg==", "name": "crypto-policies", "version": "20230731-1.git3177e06.el8", "kind": "binary", "source": { "id": "", "name": "crypto-policies", "version": "20230731-1.git3177e06.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "dtGaxafuhIU1Ppty914fJw==": { "id": "dtGaxafuhIU1Ppty914fJw==", "name": "nspr", "version": "4.36.0-2.el8_10", "kind": "binary", "source": { "id": "", "name": "nspr", "version": "4.36.0-2.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "eZ7CwFvwDCQu4vzKyuIZgA==": { "id": "eZ7CwFvwDCQu4vzKyuIZgA==", "name": "basesystem", "version": "11-5.el8", "kind": "binary", "source": { "id": "", "name": "basesystem", "version": "11-5.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "f/Al/eNlUhjEgKSV0J2z7w==": { "id": "f/Al/eNlUhjEgKSV0J2z7w==", "name": "python3-pip-wheel", "version": "9.0.3-24.el8", "kind": "binary", "source": { "id": "", "name": "python-pip", "version": "9.0.3-24.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "f1lteJj1IxLDbDb+BI8yjg==": { "id": "f1lteJj1IxLDbDb+BI8yjg==", "name": "ca-certificates", "version": "2025.2.80_v9.0.304-80.2.el8_10", "kind": "binary", "source": { "id": "", "name": "ca-certificates", "version": "2025.2.80_v9.0.304-80.2.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "g146nKetkX1f4hfH1b5RWA==": { "id": "g146nKetkX1f4hfH1b5RWA==", "name": "libdb", "version": "5.3.28-42.el8_4", "kind": "binary", "source": { "id": "", "name": "libdb", "version": "5.3.28-42.el8_4", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "gMqsUnRclTj6iuxHCslNRA==": { "id": "gMqsUnRclTj6iuxHCslNRA==", "name": "libdnf", "version": "0.63.0-21.el8_10", "kind": "binary", "source": { "id": "", "name": "libdnf", "version": "0.63.0-21.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "gOaN4treTmKK7tU+N6AZ1w==": { "id": "gOaN4treTmKK7tU+N6AZ1w==", "name": "pcre", "version": "8.42-6.el8", "kind": "binary", "source": { "id": "", "name": "pcre", "version": "8.42-6.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "gtbMsmX05ZWh+bkM1Wprlw==": { "id": "gtbMsmX05ZWh+bkM1Wprlw==", "name": "bash", "version": "4.4.20-6.el8_10", "kind": "binary", "source": { "id": "", "name": "bash", "version": "4.4.20-6.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "h53SWWmMQUh4cLyBmYeNvw==": { "id": "h53SWWmMQUh4cLyBmYeNvw==", "name": "avahi-libs", "version": "0.7-27.el8_10.1", "kind": "binary", "source": { "id": "", "name": "avahi", "version": "0.7-27.el8_10.1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "hSTTMcRX1DBcXc+8jKeg3Q==": { "id": "hSTTMcRX1DBcXc+8jKeg3Q==", "name": "libgcc", "version": "8.5.0-28.el8_10", "kind": "binary", "source": { "id": "", "name": "gcc", "version": "8.5.0-28.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "hcJqCsCpWm+XI9JT6ImS5g==": { "id": "hcJqCsCpWm+XI9JT6ImS5g==", "name": "nettle", "version": "3.4.1-7.el8", "kind": "binary", "source": { "id": "", "name": "nettle", "version": "3.4.1-7.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "isPl2YxnCTfcLmUYH6Q0sA==": { "id": "isPl2YxnCTfcLmUYH6Q0sA==", "name": "libuuid", "version": "2.32.1-48.el8_10", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.32.1-48.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "j5YRt82iOHry4ndSyCLgaA==": { "id": "j5YRt82iOHry4ndSyCLgaA==", "name": "cups-libs", "version": "1:2.2.6-67.el8_10", "kind": "binary", "source": { "id": "", "name": "cups", "version": "2.2.6-67.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "jSeaYCeiTMhbTniYmwK8dQ==": { "id": "jSeaYCeiTMhbTniYmwK8dQ==", "name": "python3-libs", "version": "3.6.8-75.el8_10", "kind": "binary", "source": { "id": "", "name": "python3", "version": "3.6.8-75.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "jmNxyfDM4IV/F4mrfNTfyg==": { "id": "jmNxyfDM4IV/F4mrfNTfyg==", "name": "setup", "version": "2.12.2-9.el8", "kind": "binary", "source": { "id": "", "name": "setup", "version": "2.12.2-9.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "jtdCxL/eH5JTPcKstKunJg==": { "id": "jtdCxL/eH5JTPcKstKunJg==", "name": "grep", "version": "3.1-6.el8", "kind": "binary", "source": { "id": "", "name": "grep", "version": "3.1-6.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "k/BpvWmZ5EVfmiPqpZ3pGw==": { "id": "k/BpvWmZ5EVfmiPqpZ3pGw==", "name": "expat", "version": "2.5.0-1.el8_10", "kind": "binary", "source": { "id": "", "name": "expat", "version": "2.5.0-1.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "k4gCNgIfg7MM/e42ThRx2w==": { "id": "k4gCNgIfg7MM/e42ThRx2w==", "name": "libzstd", "version": "1.4.4-1.el8", "kind": "binary", "source": { "id": "", "name": "zstd", "version": "1.4.4-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "ka4b0+TZOGmroTz/rrRQcg==": { "id": "ka4b0+TZOGmroTz/rrRQcg==", "name": "nss-softokn", "version": "3.112.0-4.el8_10", "kind": "binary", "source": { "id": "", "name": "nss", "version": "3.112.0-4.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "kwc9NYOQig+qWs5qmBRL/w==": { "id": "kwc9NYOQig+qWs5qmBRL/w==", "name": "ncurses-libs", "version": "6.1-10.20180224.el8", "kind": "binary", "source": { "id": "", "name": "ncurses", "version": "6.1-10.20180224.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "lEFbOzBTlWwCqC/ZbjJfgQ==": { "id": "lEFbOzBTlWwCqC/ZbjJfgQ==", "name": "python3-setuptools-wheel", "version": "39.2.0-9.el8_10", "kind": "binary", "source": { "id": "", "name": "python-setuptools", "version": "39.2.0-9.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "lU0MYRg2dg5wynl2dMGsgA==": { "id": "lU0MYRg2dg5wynl2dMGsgA==", "name": "xz-libs", "version": "5.2.4-4.el8_6", "kind": "binary", "source": { "id": "", "name": "xz", "version": "5.2.4-4.el8_6", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "mAmp7BtGrfzV0HnAKw9sTw==": { "id": "mAmp7BtGrfzV0HnAKw9sTw==", "name": "libsigsegv", "version": "2.11-5.el8", "kind": "binary", "source": { "id": "", "name": "libsigsegv", "version": "2.11-5.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "mLwCNKs2wEtLWAiibtR4BQ==": { "id": "mLwCNKs2wEtLWAiibtR4BQ==", "name": "microdnf", "version": "3.8.0-2.el8", "kind": "binary", "source": { "id": "", "name": "microdnf", "version": "3.8.0-2.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "mkpeQMTn6iNiF+ShBe+oZg==": { "id": "mkpeQMTn6iNiF+ShBe+oZg==", "name": "libverto", "version": "0.3.2-2.el8", "kind": "binary", "source": { "id": "", "name": "libverto", "version": "0.3.2-2.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "mtrWxjnWyzrIFOuHVeUG6g==": { "id": "mtrWxjnWyzrIFOuHVeUG6g==", "name": "tar", "version": "2:1.30-11.el8_10", "kind": "binary", "source": { "id": "", "name": "tar", "version": "1.30-11.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "nDtLoMnkuhspYDn7NZEcjw==": { "id": "nDtLoMnkuhspYDn7NZEcjw==", "name": "findutils", "version": "1:4.6.0-24.el8_10", "kind": "binary", "source": { "id": "", "name": "findutils", "version": "4.6.0-24.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "o4v1nyEgxKUJdf78CSzLEg==": { "id": "o4v1nyEgxKUJdf78CSzLEg==", "name": "libgpg-error", "version": "1.31-1.el8", "kind": "binary", "source": { "id": "", "name": "libgpg-error", "version": "1.31-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "oPxhGBL0xk+N4XwwxvflAQ==": { "id": "oPxhGBL0xk+N4XwwxvflAQ==", "name": "redhat-release", "version": "8.10-0.3.el8", "kind": "binary", "source": { "id": "", "name": "redhat-release", "version": "8.10-0.3.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "oSDtB9GflLljTYeOAikyIQ==": { "id": "oSDtB9GflLljTYeOAikyIQ==", "name": "glib2", "version": "2.56.4-168.el8_10", "kind": "binary", "source": { "id": "", "name": "glib2", "version": "2.56.4-168.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "p9tXHgTBVU/b3sTnwfubzg==": { "id": "p9tXHgTBVU/b3sTnwfubzg==", "name": "libdb-utils", "version": "5.3.28-42.el8_4", "kind": "binary", "source": { "id": "", "name": "libdb", "version": "5.3.28-42.el8_4", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "pY2NT/GP1UxyOuAl2rKgCw==": { "id": "pY2NT/GP1UxyOuAl2rKgCw==", "name": "npth", "version": "1.5-4.el8", "kind": "binary", "source": { "id": "", "name": "npth", "version": "1.5-4.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "peUaHHW4E9Y6Nd8+gJR5cQ==": { "id": "peUaHHW4E9Y6Nd8+gJR5cQ==", "name": "libssh-config", "version": "0.9.6-16.el8_10", "kind": "binary", "source": { "id": "", "name": "libssh", "version": "0.9.6-16.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "pp9zZ0tBoevZ/s15eFRL8g==": { "id": "pp9zZ0tBoevZ/s15eFRL8g==", "name": "libacl", "version": "2.2.53-3.el8", "kind": "binary", "source": { "id": "", "name": "acl", "version": "2.2.53-3.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "q4X/5GGPJSNoqWY61ewdVA==": { "id": "q4X/5GGPJSNoqWY61ewdVA==", "name": "tzdata-java", "version": "2026a-1.el8", "kind": "binary", "source": { "id": "", "name": "tzdata", "version": "2026a-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "r23nOnTJvuvXzj0P21ldlw==": { "id": "r23nOnTJvuvXzj0P21ldlw==", "name": "rpm-libs", "version": "4.14.3-32.el8_10", "kind": "binary", "source": { "id": "", "name": "rpm", "version": "4.14.3-32.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "rFsA2fU/SFo3JGOkxRURTQ==": { "id": "rFsA2fU/SFo3JGOkxRURTQ==", "name": "keyutils-libs", "version": "1.5.10-9.el8", "kind": "binary", "source": { "id": "", "name": "keyutils", "version": "1.5.10-9.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "sMrsZHOrW8FfprPHZo6Jww==": { "id": "sMrsZHOrW8FfprPHZo6Jww==", "name": "libmodulemd", "version": "2.13.0-1.el8", "kind": "binary", "source": { "id": "", "name": "libmodulemd", "version": "2.13.0-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "sUhkiUesE2DHTU1IF7t+tw==": { "id": "sUhkiUesE2DHTU1IF7t+tw==", "name": "platform-python-setuptools", "version": "39.2.0-9.el8_10", "kind": "binary", "source": { "id": "", "name": "python-setuptools", "version": "39.2.0-9.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "trIX86+UkjuJsaeYfHvnYw==": { "id": "trIX86+UkjuJsaeYfHvnYw==", "name": "libnghttp2", "version": "1.33.0-6.el8_10.2", "kind": "binary", "source": { "id": "", "name": "nghttp2", "version": "1.33.0-6.el8_10.2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "u25cfo+Wn6RpzVY/kgcoGQ==": { "id": "u25cfo+Wn6RpzVY/kgcoGQ==", "name": "lksctp-tools", "version": "1.0.18-3.el8", "kind": "binary", "source": { "id": "", "name": "lksctp-tools", "version": "1.0.18-3.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "uAJuv5cA4XPhcDfjrdFI9w==": { "id": "uAJuv5cA4XPhcDfjrdFI9w==", "name": "javapackages-filesystem", "version": "5.3.0-1.module+el8+2447+6f56d9a6", "kind": "binary", "source": { "id": "", "name": "javapackages-tools", "version": "5.3.0-1.module+el8+2447+6f56d9a6", "kind": "source", "normalized_version": "", "module": "javapackages-runtime:201801", "cpe": "" }, "normalized_version": "", "module": "javapackages-runtime:201801", "arch": "noarch", "cpe": "" }, "uCw7c1p0VzVV36rFL2/j4Q==": { "id": "uCw7c1p0VzVV36rFL2/j4Q==", "name": "bzip2-libs", "version": "1.0.6-28.el8_10", "kind": "binary", "source": { "id": "", "name": "bzip2", "version": "1.0.6-28.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "v/KoDsdxOHqLHd7du8yyWQ==": { "id": "v/KoDsdxOHqLHd7du8yyWQ==", "name": "lua-libs", "version": "5.3.4-12.el8", "kind": "binary", "source": { "id": "", "name": "lua", "version": "5.3.4-12.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "v4V8PzD9YS+9p+1g+BPsfA==": { "id": "v4V8PzD9YS+9p+1g+BPsfA==", "name": "ubi8/openjdk-17-runtime", "version": "1.23-4.1776047406", "kind": "binary", "source": { "id": "JvPeDbC4IianXNphFOy9jw==", "name": "openjdk-17-runtime-ubi8-container", "version": "1.23-4.1776047406", "kind": "source", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "rhctag:1.23.0.0.0.0.0.0.0.0", "arch": "x86_64", "cpe": "" }, "normalized_version": "rhctag:1.23.0.0.0.0.0.0.0.0", "arch": "x86_64", "cpe": "" }, "wQToP4WURQ4/A8LQU1k5kA==": { "id": "wQToP4WURQ4/A8LQU1k5kA==", "name": "langpacks-en", "version": "1.0-12.el8", "kind": "binary", "source": { "id": "", "name": "langpacks", "version": "1.0-12.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "wiX2z3C4urSDsP+bIajgNg==": { "id": "wiX2z3C4urSDsP+bIajgNg==", "name": "io.github.stuartwdouglas.hacbs-test.shaded:shaded-jdk11", "version": "1.9", "kind": "binary", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "", "cpe": "" }, "wpJmhjYJz5TYuh0mbRPs4Q==": { "id": "wpJmhjYJz5TYuh0mbRPs4Q==", "name": "info", "version": "6.5-7.el8", "kind": "binary", "source": { "id": "", "name": "texinfo", "version": "6.5-7.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "xDLbw0lNdZ2pSj9R8k9t6A==": { "id": "xDLbw0lNdZ2pSj9R8k9t6A==", "name": "copy-jdk-configs", "version": "4.0-2.el8", "kind": "binary", "source": { "id": "", "name": "copy-jdk-configs", "version": "4.0-2.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "xTF9l16G3x26txeCsO9Bug==": { "id": "xTF9l16G3x26txeCsO9Bug==", "name": "json-glib", "version": "1.4.4-1.el8", "kind": "binary", "source": { "id": "", "name": "json-glib", "version": "1.4.4-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "xY/gcEds28iVWCynxOCw9g==": { "id": "xY/gcEds28iVWCynxOCw9g==", "name": "libcom_err", "version": "1.45.6-7.el8_10", "kind": "binary", "source": { "id": "", "name": "e2fsprogs", "version": "1.45.6-7.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "xvIYCTeML23osZxD1kFItQ==": { "id": "xvIYCTeML23osZxD1kFItQ==", "name": "lua", "version": "5.3.4-12.el8", "kind": "binary", "source": { "id": "", "name": "lua", "version": "5.3.4-12.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "y1KXv1Wa0o6q+5/jJ4FmmA==": { "id": "y1KXv1Wa0o6q+5/jJ4FmmA==", "name": "libxml2", "version": "2.9.7-21.el8_10.3", "kind": "binary", "source": { "id": "", "name": "libxml2", "version": "2.9.7-21.el8_10.3", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "yI01txXPQZENPfjF45L+Zw==": { "id": "yI01txXPQZENPfjF45L+Zw==", "name": "nss-sysinit", "version": "3.112.0-4.el8_10", "kind": "binary", "source": { "id": "", "name": "nss", "version": "3.112.0-4.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "yX08xXm2MSxk7s6Ui2Z6BQ==": { "id": "yX08xXm2MSxk7s6Ui2Z6BQ==", "name": "systemd-libs", "version": "239-82.el8_10.15", "kind": "binary", "source": { "id": "", "name": "systemd", "version": "239-82.el8_10.15", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "zAReYdYoHUkp8wr8i3SW2g==": { "id": "zAReYdYoHUkp8wr8i3SW2g==", "name": "libffi", "version": "3.1-24.el8", "kind": "binary", "source": { "id": "", "name": "libffi", "version": "3.1-24.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" } }, "distributions": { "76d24b18-4451-446c-90e0-8416e713e4e3": { "id": "76d24b18-4451-446c-90e0-8416e713e4e3", "did": "rhel", "name": "Red Hat Enterprise Linux Server", "version": "8", "version_code_name": "", "version_id": "8", "arch": "", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "pretty_name": "Red Hat Enterprise Linux Server 8" } }, "repository": { "24786b2f-2bbc-4492-807a-ede084e208c9": { "id": "24786b2f-2bbc-4492-807a-ede084e208c9", "name": "cpe:/a:redhat:enterprise_linux:8::appstream", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "3fdc4797-fd66-487e-949f-89714b333c7e": { "id": "3fdc4797-fd66-487e-949f-89714b333c7e", "name": "cpe:/o:redhat:enterprise_linux:8::baseos", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "6f0fdba0-1fb4-41e3-8c1e-af2473051444": { "id": "6f0fdba0-1fb4-41e3-8c1e-af2473051444", "name": "cpe:/a:redhat:enterprise_linux:8::appstream", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "d3216d8b-09f6-4149-9a37-cc012146e403": { "id": "d3216d8b-09f6-4149-9a37-cc012146e403", "name": "Red Hat Container Catalog", "uri": "https://catalog.redhat.com/software/containers/explore", "cpe": "" }, "eb9883d1-cc50-4e50-8135-aa87341fc643": { "id": "eb9883d1-cc50-4e50-8135-aa87341fc643", "name": "cpe:/o:redhat:enterprise_linux:8::baseos", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "f9e07276-1e52-4af7-91c5-aea136805162": { "id": "f9e07276-1e52-4af7-91c5-aea136805162", "name": "maven", "uri": "https://repo1.maven.apache.org/maven2", "cpe": "" } }, "environments": { "+XM+s3niWaEk1U5jnR5DpA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "+Xr7HyTxXf0c8jLaUyo3xA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "+hvIC0Et/RtHi7EAFCmfEw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "+qrxjVH7Im8eBfrz4h4P/w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "eb9883d1-cc50-4e50-8135-aa87341fc643", "6f0fdba0-1fb4-41e3-8c1e-af2473051444" ] } ], "/ji9IJ9FfNcwqVRbMWZshQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "eb9883d1-cc50-4e50-8135-aa87341fc643", "6f0fdba0-1fb4-41e3-8c1e-af2473051444" ] } ], "0+9x6aIRcNDCM7R94cpzew==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "eb9883d1-cc50-4e50-8135-aa87341fc643", "6f0fdba0-1fb4-41e3-8c1e-af2473051444" ] } ], "1gormAsAjMuks2JveQRd0Q==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "22yBCZl99yVP86UHT7jTdw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "2PBlaOceApWEi634ZUHO/g==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "eb9883d1-cc50-4e50-8135-aa87341fc643", "6f0fdba0-1fb4-41e3-8c1e-af2473051444" ] } ], "3+d+oaGDGj9g2+1RFZjY5A==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "3OVNevSm98h4f1fmX4IZwQ==": [ { "package_db": "maven:deployments/hacbs-test.jar", "introduced_in": "sha256:1259408a0a2871c51e403e1a21beceac1a43f23eb316c58c28a20d4023d8611a", "distribution_id": "", "repository_ids": [ "f9e07276-1e52-4af7-91c5-aea136805162" ] } ], "3jI2apoRMNGhHa141Q5dlQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "3uSX4NgBxQvC8LEk48QoOQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "45rvgYmy022Tx6fVWfking==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "47OMpR7yEmE4lttsyWq3fw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "4ZgMXaHDWnwPnqKlcJzEIw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "4flTdmUV4iK1Ax+LXJm8qQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "4sG4bBloak5Sz907ZDRs6Q==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "eb9883d1-cc50-4e50-8135-aa87341fc643", "6f0fdba0-1fb4-41e3-8c1e-af2473051444" ] } ], "4uQuJg+li+gGAwnGRDcs+w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "eb9883d1-cc50-4e50-8135-aa87341fc643", "6f0fdba0-1fb4-41e3-8c1e-af2473051444" ] } ], "5U8sNbKx0xZsaHcVt4MmxA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "67DLnC895xbDFuD3MGhCtQ==": [ { "package_db": "maven:deployments/hacbs-test.jar", "introduced_in": "sha256:1259408a0a2871c51e403e1a21beceac1a43f23eb316c58c28a20d4023d8611a", "distribution_id": "", "repository_ids": [ "f9e07276-1e52-4af7-91c5-aea136805162" ] } ], "6KnijwRsfeerWmf5Zl8NWw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "7eg89eCgA75bJ7WhhN/T4Q==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "9uhqFNTCJ7/bpzSlc7qCaQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "AIs6pmCup5N9+6Ag6e2/og==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "AuC6XQzcU/5tB4luIfjLFg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "AziZ1oGI+oDXVPzldKNj+w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "BPsD0kkdIoK3KQUZ5DpJjw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "eb9883d1-cc50-4e50-8135-aa87341fc643", "6f0fdba0-1fb4-41e3-8c1e-af2473051444" ] } ], "BmK1zIjr5KsuOODCYwxRCw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "CbqHQON08ZsUvPS9XDaTFA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "Cklbj7Y2kf3vqxqc0m1GHQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "D/ASdBsgxLNlG5Q8U7UPsQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "D9iJYSwBt2n6JCuuNo2fKg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "DV119Dw0W4RdsbJkdoHU9w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "DgyhtZBcSIlVmY6xC8s1mA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "EGfzPeF6a5hj9x4BwoN25A==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "EiNiLT8ulizCzEWcybhizQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "F7AOP7tK5AfUXV1g9iTzFA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "FS5/DAbDsXWURU9onlACPA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "eb9883d1-cc50-4e50-8135-aa87341fc643", "6f0fdba0-1fb4-41e3-8c1e-af2473051444" ] } ], "G+gX+j4AbiCorxKiF1UojA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "GLKhGblbPbPbtDKwfpCv5A==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "Gg1Q6hponuT1eSJHwaJ83w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "HMIoZ/TKrKhxI1rD26qmpw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "IzLcxZDtcvtJR5Gwdq9HDg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "J34PJ2GThOWZuKVgFIoieA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "JNDNKhJbFTSevs7EALfE9A==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "JvPeDbC4IianXNphFOy9jw==": [ { "package_db": "root/buildinfo/Dockerfile-ubi8-openjdk-17-runtime-1.23-4.1776047406", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": [ "d3216d8b-09f6-4149-9a37-cc012146e403", "d3216d8b-09f6-4149-9a37-cc012146e403" ] } ], "LXiVkIlXLq/usMYIwCTH8Q==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "LkoLKEri5dIAb0vFMkSOag==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "N1RbIRo2SyHosQefv+skDw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "N3ZaMrNJKoumMpaY0smlMQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "N5EuVcX6TPHBo7OPtax5uA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "eb9883d1-cc50-4e50-8135-aa87341fc643", "6f0fdba0-1fb4-41e3-8c1e-af2473051444" ] } ], "NJbhst8VIOwst++ZzRP6tA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "NguWV8S6YQYvQsGQDJm2Rg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "NsvPyDc//39XTuXcn3j2uQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "eb9883d1-cc50-4e50-8135-aa87341fc643", "6f0fdba0-1fb4-41e3-8c1e-af2473051444" ] } ], "ORsDK2A5479NPB0r01PoXQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "P5Se4zJpr8ZUwZNUojfuzA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "POPH5BJ/Q4Bfen05TT291g==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "eb9883d1-cc50-4e50-8135-aa87341fc643", "6f0fdba0-1fb4-41e3-8c1e-af2473051444" ] } ], "Q0uPb/t/3IQ8GEwlv/J3Cw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "QC6e3OaV78mjs678tGU2KQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "QXEDMSZisv5SUXtJo7Fs5g==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "RKXYZTbYgViwzC05uqeDSg==": [ { "package_db": "maven:deployments/hacbs-test.jar", "introduced_in": "sha256:1259408a0a2871c51e403e1a21beceac1a43f23eb316c58c28a20d4023d8611a", "distribution_id": "", "repository_ids": [ "f9e07276-1e52-4af7-91c5-aea136805162" ] } ], "RRWuvyUdhwGbBo2a/Ra1hw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "RtrzwDgrQgu9S5B72s2sww==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "TARQvmsLVC/S1fQD1jO4Xw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "eb9883d1-cc50-4e50-8135-aa87341fc643", "6f0fdba0-1fb4-41e3-8c1e-af2473051444" ] } ], "U3ZkYu9FoEzQITrVBlQtLA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "USWNn71p+k059dbiu5HDEA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "UUZyda9G/ffvF6rJ5W1UnQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "Vax934M9zGbzjdT3Y/XU9w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "VrCmPwuY69qW5jl9ctxOZg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "eb9883d1-cc50-4e50-8135-aa87341fc643", "6f0fdba0-1fb4-41e3-8c1e-af2473051444" ] } ], "W66WOQ3v6r7mSn6+o7gaew==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "Wq1n4jzKBPdL9z5l5HD99w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "YjDcGmvP0/z8VqRiUvkhOQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "Za0y7YiKRidyIBZNIzq/Ng==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "ar0do80Wlk1FaVvtx66g6Q==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "auI8KtI6OozP7EAIr9UlQQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "bWUdPEYmtshwdmuX5VapfQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "bmxL3lydQy0yU8g1iBgovg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "cXCMP7NdkMDf1+Rb1IEktQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "eb9883d1-cc50-4e50-8135-aa87341fc643", "6f0fdba0-1fb4-41e3-8c1e-af2473051444" ] } ], "dOBT1Qffq44NOVuk9chDyg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "dOwQwVL1NxmF6ouACZklrQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "dSjxsaDISLUiFwRTCSO8Tg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "dtGaxafuhIU1Ppty914fJw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "eb9883d1-cc50-4e50-8135-aa87341fc643", "6f0fdba0-1fb4-41e3-8c1e-af2473051444" ] } ], "eZ7CwFvwDCQu4vzKyuIZgA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "f/Al/eNlUhjEgKSV0J2z7w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "eb9883d1-cc50-4e50-8135-aa87341fc643", "6f0fdba0-1fb4-41e3-8c1e-af2473051444" ] } ], "f1lteJj1IxLDbDb+BI8yjg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "g146nKetkX1f4hfH1b5RWA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "gMqsUnRclTj6iuxHCslNRA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "gOaN4treTmKK7tU+N6AZ1w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "gtbMsmX05ZWh+bkM1Wprlw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "h53SWWmMQUh4cLyBmYeNvw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "eb9883d1-cc50-4e50-8135-aa87341fc643", "6f0fdba0-1fb4-41e3-8c1e-af2473051444" ] } ], "hSTTMcRX1DBcXc+8jKeg3Q==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "hcJqCsCpWm+XI9JT6ImS5g==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "isPl2YxnCTfcLmUYH6Q0sA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "j5YRt82iOHry4ndSyCLgaA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "eb9883d1-cc50-4e50-8135-aa87341fc643", "6f0fdba0-1fb4-41e3-8c1e-af2473051444" ] } ], "jSeaYCeiTMhbTniYmwK8dQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "eb9883d1-cc50-4e50-8135-aa87341fc643", "6f0fdba0-1fb4-41e3-8c1e-af2473051444" ] } ], "jmNxyfDM4IV/F4mrfNTfyg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "jtdCxL/eH5JTPcKstKunJg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "k/BpvWmZ5EVfmiPqpZ3pGw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "eb9883d1-cc50-4e50-8135-aa87341fc643", "6f0fdba0-1fb4-41e3-8c1e-af2473051444" ] } ], "k4gCNgIfg7MM/e42ThRx2w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "ka4b0+TZOGmroTz/rrRQcg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "eb9883d1-cc50-4e50-8135-aa87341fc643", "6f0fdba0-1fb4-41e3-8c1e-af2473051444" ] } ], "kwc9NYOQig+qWs5qmBRL/w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "lEFbOzBTlWwCqC/ZbjJfgQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "eb9883d1-cc50-4e50-8135-aa87341fc643", "6f0fdba0-1fb4-41e3-8c1e-af2473051444" ] } ], "lU0MYRg2dg5wynl2dMGsgA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "mAmp7BtGrfzV0HnAKw9sTw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "mLwCNKs2wEtLWAiibtR4BQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "mkpeQMTn6iNiF+ShBe+oZg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "mtrWxjnWyzrIFOuHVeUG6g==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "eb9883d1-cc50-4e50-8135-aa87341fc643", "6f0fdba0-1fb4-41e3-8c1e-af2473051444" ] } ], "nDtLoMnkuhspYDn7NZEcjw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "eb9883d1-cc50-4e50-8135-aa87341fc643", "6f0fdba0-1fb4-41e3-8c1e-af2473051444" ] } ], "o4v1nyEgxKUJdf78CSzLEg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "oPxhGBL0xk+N4XwwxvflAQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "oSDtB9GflLljTYeOAikyIQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "p9tXHgTBVU/b3sTnwfubzg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "pY2NT/GP1UxyOuAl2rKgCw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "peUaHHW4E9Y6Nd8+gJR5cQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "pp9zZ0tBoevZ/s15eFRL8g==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "q4X/5GGPJSNoqWY61ewdVA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "eb9883d1-cc50-4e50-8135-aa87341fc643", "6f0fdba0-1fb4-41e3-8c1e-af2473051444" ] } ], "r23nOnTJvuvXzj0P21ldlw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "rFsA2fU/SFo3JGOkxRURTQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "sMrsZHOrW8FfprPHZo6Jww==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "sUhkiUesE2DHTU1IF7t+tw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "eb9883d1-cc50-4e50-8135-aa87341fc643", "6f0fdba0-1fb4-41e3-8c1e-af2473051444" ] } ], "trIX86+UkjuJsaeYfHvnYw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "eb9883d1-cc50-4e50-8135-aa87341fc643", "6f0fdba0-1fb4-41e3-8c1e-af2473051444" ] } ], "u25cfo+Wn6RpzVY/kgcoGQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "eb9883d1-cc50-4e50-8135-aa87341fc643", "6f0fdba0-1fb4-41e3-8c1e-af2473051444" ] } ], "uAJuv5cA4XPhcDfjrdFI9w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "eb9883d1-cc50-4e50-8135-aa87341fc643", "6f0fdba0-1fb4-41e3-8c1e-af2473051444" ] } ], "uCw7c1p0VzVV36rFL2/j4Q==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "v/KoDsdxOHqLHd7du8yyWQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "v4V8PzD9YS+9p+1g+BPsfA==": [ { "package_db": "root/buildinfo/Dockerfile-ubi8-openjdk-17-runtime-1.23-4.1776047406", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": [ "d3216d8b-09f6-4149-9a37-cc012146e403", "d3216d8b-09f6-4149-9a37-cc012146e403" ] } ], "wQToP4WURQ4/A8LQU1k5kA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "wiX2z3C4urSDsP+bIajgNg==": [ { "package_db": "maven:deployments/hacbs-test.jar", "introduced_in": "sha256:1259408a0a2871c51e403e1a21beceac1a43f23eb316c58c28a20d4023d8611a", "distribution_id": "", "repository_ids": [ "f9e07276-1e52-4af7-91c5-aea136805162" ] } ], "wpJmhjYJz5TYuh0mbRPs4Q==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "xDLbw0lNdZ2pSj9R8k9t6A==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "eb9883d1-cc50-4e50-8135-aa87341fc643", "6f0fdba0-1fb4-41e3-8c1e-af2473051444" ] } ], "xTF9l16G3x26txeCsO9Bug==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "xY/gcEds28iVWCynxOCw9g==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "xvIYCTeML23osZxD1kFItQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "eb9883d1-cc50-4e50-8135-aa87341fc643", "6f0fdba0-1fb4-41e3-8c1e-af2473051444" ] } ], "y1KXv1Wa0o6q+5/jJ4FmmA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "yI01txXPQZENPfjF45L+Zw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:8d3eef592277c4f368304d2f9988a04513f3a3cf21a0cfdf9f0722a7e9faa2a2", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "eb9883d1-cc50-4e50-8135-aa87341fc643", "6f0fdba0-1fb4-41e3-8c1e-af2473051444" ] } ], "yX08xXm2MSxk7s6Ui2Z6BQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ], "zAReYdYoHUkp8wr8i3SW2g==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "", "repository_ids": null }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:aa62cc7304168fb37d0a24f7004a5509bd1eecc1789c65820c866eb23792edcd", "distribution_id": "76d24b18-4451-446c-90e0-8416e713e4e3", "repository_ids": [ "24786b2f-2bbc-4492-807a-ede084e208c9", "3fdc4797-fd66-487e-949f-89714b333c7e" ] } ] }, "vulnerabilities": { "+nHq7dak7Hkjcru/xpwzhQ==": { "id": "+nHq7dak7Hkjcru/xpwzhQ==", "updater": "rhel-vex", "name": "CVE-2020-12413", "description": "A flaw was found in Mozilla nss. A raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being able to compute the pre-master secret in connections which have used a Diffie-Hellman(DH) based ciphersuite. In such a case this would result in the attacker being able to eavesdrop on all encrypted communications sent over that TLS connection. The highest threat from this vulnerability is to data confidentiality.", "issued": "2020-09-09T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-12413 https://bugzilla.redhat.com/show_bug.cgi?id=1877557 https://www.cve.org/CVERecord?id=CVE-2020-12413 https://nvd.nist.gov/vuln/detail/CVE-2020-12413 https://raccoon-attack.com/RacoonAttack.pdf https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-12413.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "nss", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "/1CYFiexnJcM7p4YrI/FVg==": { "id": "/1CYFiexnJcM7p4YrI/FVg==", "updater": "rhel-vex", "name": "CVE-2023-4504", "description": "A vulnerability was found in CUPS and libppd, where a failure to validate the length provided in an attacker-crafted PPD PostScript document can lead to a heap-based buffer overflow, causing a denial of service or, in some cases, execute arbitrary code, depending on how the application processes untrusted PPD files.", "issued": "2023-09-20T12:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4504 https://bugzilla.redhat.com/show_bug.cgi?id=2238509 https://www.cve.org/CVERecord?id=CVE-2023-4504 https://nvd.nist.gov/vuln/detail/CVE-2023-4504 https://takeonme.org/cves/CVE-2023-4504.html https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4504.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "cups", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "/QaL/BUIdoF2MAB/C1YiGQ==": { "id": "/QaL/BUIdoF2MAB/C1YiGQ==", "updater": "rhel-vex", "name": "CVE-2026-4424", "description": "A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a specially crafted RAR archive, leading to the disclosure of sensitive heap memory information without requiring authentication or user interaction.", "issued": "2026-03-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4424 https://bugzilla.redhat.com/show_bug.cgi?id=2449006 https://www.cve.org/CVERecord?id=CVE-2026-4424 https://nvd.nist.gov/vuln/detail/CVE-2026-4424 https://github.com/libarchive/libarchive/pull/2898 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4424.json https://access.redhat.com/errata/RHSA-2026:8534", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "High", "package": { "id": "", "name": "libarchive", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.3.3-7.el8_10", "arch_op": "pattern match" }, "0QzoXQSqkKieJ7Oc+px0JA==": { "id": "0QzoXQSqkKieJ7Oc+px0JA==", "updater": "rhel-vex", "name": "CVE-2025-13837", "description": "A flaw was found in the plistlib module in the Python standard library. The amount of data to read from a Plist file is specified in the file itself. This issue allows a specially crafted Plist file to cause an application to allocate a large amount of memory, potentially resulting in allocations errors, swapping, out-of-memory conditions or even system freezes.", "issued": "2025-12-01T18:13:32Z", "links": "https://access.redhat.com/security/cve/CVE-2025-13837 https://bugzilla.redhat.com/show_bug.cgi?id=2418084 https://www.cve.org/CVERecord?id=CVE-2025-13837 https://nvd.nist.gov/vuln/detail/CVE-2025-13837 https://github.com/python/cpython/issues/119342 https://github.com/python/cpython/pull/119343 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-13837.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "0WTD6ZUY2Zj2w0R3oyPWRw==": { "id": "0WTD6ZUY2Zj2w0R3oyPWRw==", "updater": "rhel-vex", "name": "CVE-2026-34980", "description": "A flaw was found in OpenPrinting CUPS. An unauthorized client can exploit this vulnerability by sending a specially crafted print job to a shared PostScript queue without authentication. The server improperly handles the `page-border` value, allowing an attacker to embed and reparse malicious text as a trusted scheduler control record. This can lead to arbitrary code execution with the privileges of the 'lp' user, potentially compromising the affected system.", "issued": "2026-04-03T21:18:09Z", "links": "https://access.redhat.com/security/cve/CVE-2026-34980 https://bugzilla.redhat.com/show_bug.cgi?id=2454954 https://www.cve.org/CVERecord?id=CVE-2026-34980 https://nvd.nist.gov/vuln/detail/CVE-2026-34980 https://github.com/OpenPrinting/cups/security/advisories/GHSA-4852-v58g-6cwf https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-34980.json", "severity": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "cups", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "0fCtWwB6iclgRvIA+IqiJQ==": { "id": "0fCtWwB6iclgRvIA+IqiJQ==", "updater": "rhel-vex", "name": "CVE-2026-1484", "description": "A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the library may miscalculate buffer boundaries. This can cause memory writes outside the allocated buffer. Applications that process untrusted or extremely large Base64 input using GLib may crash or behave unpredictably.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-1484 https://bugzilla.redhat.com/show_bug.cgi?id=2433259 https://www.cve.org/CVERecord?id=CVE-2026-1484 https://nvd.nist.gov/vuln/detail/CVE-2026-1484 https://gitlab.gnome.org/GNOME/glib/-/issues/3870 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1484.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "0nQ3GJDLY22M176Z5ESg6A==": { "id": "0nQ3GJDLY22M176Z5ESg6A==", "updater": "rhel-vex", "name": "CVE-2025-68972", "description": "A flaw was found in GnuPG. An adversary can exploit this vulnerability by crafting a signed message that includes a form feed character (\\f) at the end of a plaintext line. This allows the adversary to append additional, unsigned text to the message while the signature verification still reports success. This issue leads to an integrity bypass, potentially enabling the spoofing of signed communications.", "issued": "2025-12-27T22:52:30Z", "links": "https://access.redhat.com/security/cve/CVE-2025-68972 https://bugzilla.redhat.com/show_bug.cgi?id=2425646 https://www.cve.org/CVERecord?id=CVE-2025-68972 https://nvd.nist.gov/vuln/detail/CVE-2025-68972 https://gpg.fail/formfeed https://news.ycombinator.com/item?id=46404339 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-68972.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "1lUHOMB3ANHGWpqCBv9Ynw==": { "id": "1lUHOMB3ANHGWpqCBv9Ynw==", "updater": "rhel-vex", "name": "CVE-2026-4105", "description": "A flaw was found in systemd. The systemd-machined service contains an Improper Access Control vulnerability due to insufficient validation of the class parameter in the RegisterMachine D-Bus (Desktop Bus) method. A local unprivileged user can exploit this by attempting to register a machine with a specific class value, which may leave behind a usable, attacker-controlled machine object. This allows the attacker to invoke methods on the privileged object, leading to the execution of arbitrary commands with root privileges on the host system.", "issued": "2026-03-13T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4105 https://bugzilla.redhat.com/show_bug.cgi?id=2447262 https://www.cve.org/CVERecord?id=CVE-2026-4105 https://nvd.nist.gov/vuln/detail/CVE-2026-4105 https://github.com/systemd/systemd/security/advisories/GHSA-4h6x-r8vx-3862 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4105.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "1vG4ZYIu07BTj9XJ+a+P9Q==": { "id": "1vG4ZYIu07BTj9XJ+a+P9Q==", "updater": "rhel-vex", "name": "CVE-2026-27171", "description": "A flaw was found in zlib. An attacker providing specially crafted input to the `crc32_combine64` or `crc32_combine_gen64` functions could trigger an infinite loop within the `x2nmodp` function. This leads to excessive CPU consumption, which can result in a Denial of Service (DoS) for the affected system.", "issued": "2026-02-18T02:36:19Z", "links": "https://access.redhat.com/security/cve/CVE-2026-27171 https://bugzilla.redhat.com/show_bug.cgi?id=2440530 https://www.cve.org/CVERecord?id=CVE-2026-27171 https://nvd.nist.gov/vuln/detail/CVE-2026-27171 https://7asecurity.com/blog/2026/02/zlib-7asecurity-audit/ https://7asecurity.com/reports/pentest-report-zlib-RC1.1.pdf https://github.com/madler/zlib/issues/904 https://github.com/madler/zlib/releases/tag/v1.3.2 https://ostif.org/zlib-audit-complete/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-27171.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "java-17-openjdk", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "29qrZyz+fmdn9Nzjpl2/Pg==": { "id": "29qrZyz+fmdn9Nzjpl2/Pg==", "updater": "rhel-vex", "name": "CVE-2026-22693", "description": "A null pointer dereference vector has been discovered in the harfbuzz package. A null pointer dereference vulnerability exists in the SubtableUnicodesCache::create function located in src/hb-ot-cmap-table.hh:1672-1673. The function fails to check if hb_malloc returns NULL before using placement new to construct an object at the returned pointer address. When hb_malloc fails to allocate memory (which can occur in low-memory conditions or when using custom allocators that simulate allocation failures), it returns NULL. The code then attempts to call the constructor on this null pointer using placement new syntax, resulting in undefined behavior and a Segmentation Fault.", "issued": "2026-01-10T05:53:21Z", "links": "https://access.redhat.com/security/cve/CVE-2026-22693 https://bugzilla.redhat.com/show_bug.cgi?id=2428439 https://www.cve.org/CVERecord?id=CVE-2026-22693 https://nvd.nist.gov/vuln/detail/CVE-2026-22693 https://github.com/harfbuzz/harfbuzz/commit/1265ff8d990284f04d8768f35b0e20ae5f60daae https://github.com/harfbuzz/harfbuzz/security/advisories/GHSA-xvjr-f2r9-c7ww https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-22693.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "2U8ppg+02PjFDuM5YqFstQ==": { "id": "2U8ppg+02PjFDuM5YqFstQ==", "updater": "rhel-vex", "name": "CVE-2025-15282", "description": "Missing newline filtering has been discovered in Python. User-controlled data URLs parsed by urllib.request.DataHandler allow injecting headers through newlines in the data URL mediatype.", "issued": "2026-01-20T21:35:13Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15282 https://bugzilla.redhat.com/show_bug.cgi?id=2431366 https://www.cve.org/CVERecord?id=CVE-2025-15282 https://nvd.nist.gov/vuln/detail/CVE-2025-15282 https://github.com/python/cpython/issues/143925 https://github.com/python/cpython/pull/143926 https://mail.python.org/archives/list/security-announce@python.org/thread/X66HL7SISGJT33J53OHXMZT4DFLMHVKF/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15282.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "3IgZDz5UYkhu/U1/4kSWKg==": { "id": "3IgZDz5UYkhu/U1/4kSWKg==", "updater": "rhel-vex", "name": "CVE-2021-25317", "description": "It was found that some Linux vendors may assign the ownership of the /var/log/cups directory to the `lp` user. This could allow an attacker with such privileges to create empty files in arbitrary locations, or to force arbitrary files to be opened and closed, using a symlink attack. This has a low impact on the integrity of the system.", "issued": "2021-04-29T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-25317 https://bugzilla.redhat.com/show_bug.cgi?id=1949119 https://www.cve.org/CVERecord?id=CVE-2021-25317 https://nvd.nist.gov/vuln/detail/CVE-2021-25317 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-25317.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "cups", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "3O4IzHXnRQMZXCe1gYATvw==": { "id": "3O4IzHXnRQMZXCe1gYATvw==", "updater": "rhel-vex", "name": "CVE-2026-22185", "description": "A flaw was found in OpenLDAP Lightning Memory-Mapped Database (LMDB) mdb_load. When processing malformed input, a local attacker can exploit a heap buffer underflow vulnerability in the readline() function. This can lead to an out-of-bounds read, potentially causing a denial of service (DoS) and limited disclosure of heap memory contents.", "issued": "2026-01-07T20:26:30Z", "links": "https://access.redhat.com/security/cve/CVE-2026-22185 https://bugzilla.redhat.com/show_bug.cgi?id=2427679 https://www.cve.org/CVERecord?id=CVE-2026-22185 https://nvd.nist.gov/vuln/detail/CVE-2026-22185 https://seclists.org/fulldisclosure/2026/Jan/5 https://seclists.org/fulldisclosure/2026/Jan/8 https://www.openldap.org/ https://www.vulncheck.com/advisories/openldap-lmdb-mdb-load-heap-buffer-underflow-in-readline https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-22185.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "openldap", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "4/mftydHpy90Umw3G0mTuQ==": { "id": "4/mftydHpy90Umw3G0mTuQ==", "updater": "rhel-vex", "name": "CVE-2018-1000879", "description": "libarchive version commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 onwards (release v3.3.0 onwards) contains a CWE-476: NULL Pointer Dereference vulnerability in ACL parser - libarchive/archive_acl.c, archive_acl_from_text_l() that can result in Crash/DoS. This attack appear to be exploitable via the victim must open a specially crafted archive file.", "issued": "2018-11-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2018-1000879 https://bugzilla.redhat.com/show_bug.cgi?id=1663890 https://www.cve.org/CVERecord?id=CVE-2018-1000879 https://nvd.nist.gov/vuln/detail/CVE-2018-1000879 https://security.access.redhat.com/data/csaf/v2/vex/2018/cve-2018-1000879.json", "severity": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "5B1tQ2BK8z/YjRkYcvwqag==": { "id": "5B1tQ2BK8z/YjRkYcvwqag==", "updater": "rhel-vex", "name": "CVE-2019-19244", "description": "A flaw was found in the way SQLite handled certain types of SQL queries using DISTINCT, OVER and ORDER BY clauses. A remote attacker could exploit this flaw by providing a malicious SQL query that, when processed by an application linked to SQLite, would crash the application causing a denial of service.", "issued": "2019-11-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2019-19244 https://bugzilla.redhat.com/show_bug.cgi?id=1777945 https://www.cve.org/CVERecord?id=CVE-2019-19244 https://nvd.nist.gov/vuln/detail/CVE-2019-19244 https://security.access.redhat.com/data/csaf/v2/vex/2019/cve-2019-19244.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "sqlite", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "5ZHvcDYhgzWjwNpRgF2u1w==": { "id": "5ZHvcDYhgzWjwNpRgF2u1w==", "updater": "rhel-vex", "name": "CVE-2025-1795", "description": "A flaw was found in Python. When a separating comma ends up on a folded line during an address list folding of email headers, the comma is unintentionally unicode encoded. The expected behavior is that the separating comma remains unencoded. This can result in the address header being misinterpreted by some mail servers.", "issued": "2025-02-28T18:59:31Z", "links": "https://access.redhat.com/security/cve/CVE-2025-1795 https://bugzilla.redhat.com/show_bug.cgi?id=2349061 https://www.cve.org/CVERecord?id=CVE-2025-1795 https://nvd.nist.gov/vuln/detail/CVE-2025-1795 https://github.com/python/cpython/commit/09fab93c3d857496c0bd162797fab816c311ee48 https://github.com/python/cpython/commit/70754d21c288535e86070ca7a6e90dcb670b8593 https://github.com/python/cpython/commit/9148b77e0af91cdacaa7fe3dfac09635c3fe9a74 https://github.com/python/cpython/issues/100884 https://github.com/python/cpython/pull/100885 https://github.com/python/cpython/pull/119099 https://mail.python.org/archives/list/security-announce@python.org/thread/MB62IZMEC3UM6SGHP5LET5JX2Y7H4ZUR/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-1795.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "673FKazcUiydbfN5c6amaw==": { "id": "673FKazcUiydbfN5c6amaw==", "updater": "rhel-vex", "name": "CVE-2020-19190", "description": "A flaw has been identified in the ncurses library. This issue occurs when processing a crafted terminfo database, causing a heap-based buffer overflow, resulting in an application crash.", "issued": "2019-05-03T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-19190 https://bugzilla.redhat.com/show_bug.cgi?id=2234923 https://www.cve.org/CVERecord?id=CVE-2020-19190 https://nvd.nist.gov/vuln/detail/CVE-2020-19190 https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-19190.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "6Cqvzp5JbuVfHsuYnIJNFw==": { "id": "6Cqvzp5JbuVfHsuYnIJNFw==", "updater": "rhel-vex", "name": "CVE-2026-4438", "description": "A flaw was found in the GNU C library (glibc). When applications use the `gethostbyaddr` or `gethostbyaddr_r` functions with a `nsswitch.conf` configuration that specifies glibc's DNS backend, the library may return an invalid DNS hostname. This violates the DNS specification and could lead to applications receiving incorrect hostname information, potentially impacting network operations or security decisions.", "issued": "2026-03-20T19:59:06Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4438 https://bugzilla.redhat.com/show_bug.cgi?id=2449783 https://www.cve.org/CVERecord?id=CVE-2026-4438 https://nvd.nist.gov/vuln/detail/CVE-2026-4438 https://sourceware.org/bugzilla/show_bug.cgi?id=34015 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4438.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "6FQUI3OxX4C5skWXKgq80Q==": { "id": "6FQUI3OxX4C5skWXKgq80Q==", "updater": "rhel-vex", "name": "CVE-2023-0464", "description": "A security vulnerability has been identified in all supported OpenSSL versions related to verifying X.509 certificate chains that include policy constraints. This flaw allows attackers to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial of service (DoS) attack on affected systems. Policy processing is disabled by default but can be enabled by passing the -policy' argument to the command line utilities or calling the X509_VERIFY_PARAM_set1_policies()' function.", "issued": "2023-03-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-0464 https://bugzilla.redhat.com/show_bug.cgi?id=2181082 https://www.cve.org/CVERecord?id=CVE-2023-0464 https://nvd.nist.gov/vuln/detail/CVE-2023-0464 https://www.openssl.org/news/secadv/20230322.txt https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-0464.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "6Xr5PbPGSy+aHLDQ9q4L9w==": { "id": "6Xr5PbPGSy+aHLDQ9q4L9w==", "updater": "rhel-vex", "name": "CVE-2026-1502", "description": "A flaw was found in Python. This vulnerability allows for the injection of extra information into HTTP communication. Specifically, the system does not properly prevent special characters (carriage return and line feed) from being included in HTTP client proxy tunnel headers or host fields.", "issued": "2026-04-10T17:54:44Z", "links": "https://access.redhat.com/security/cve/CVE-2026-1502 https://bugzilla.redhat.com/show_bug.cgi?id=2457409 https://www.cve.org/CVERecord?id=CVE-2026-1502 https://nvd.nist.gov/vuln/detail/CVE-2026-1502 https://github.com/python/cpython/commit/05ed7ce7ae9e17c23a04085b2539fe6d6d3cef69 https://github.com/python/cpython/issues/146211 https://github.com/python/cpython/pull/146212 https://mail.python.org/archives/list/security-announce@python.org/thread/2IVPAEQWUJBCTQZEJEVTYCIKSMQPGRZ3/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1502.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "6p6EeZQEuYkK2CtO4ey3Ag==": { "id": "6p6EeZQEuYkK2CtO4ey3Ag==", "updater": "rhel-vex", "name": "CVE-2025-66293", "description": "An out of bounds read vulnerability has been discovered in libpng. This vulnerability is in libpng's simplified API allows reading up to 1012 bytes beyond the png_sRGB_base[512] array when processing valid palette PNG images with partial transparency and gamma correction. The PNG files that trigger this vulnerability are valid per the PNG specification; the bug is in libpng's internal state management.", "issued": "2025-12-03T20:33:57Z", "links": "https://access.redhat.com/security/cve/CVE-2025-66293 https://bugzilla.redhat.com/show_bug.cgi?id=2418711 https://www.cve.org/CVERecord?id=CVE-2025-66293 https://nvd.nist.gov/vuln/detail/CVE-2025-66293 https://github.com/pnggroup/libpng/commit/788a624d7387a758ffd5c7ab010f1870dea753a1 https://github.com/pnggroup/libpng/commit/a05a48b756de63e3234ea6b3b938b8f5f862484a https://github.com/pnggroup/libpng/issues/764 https://github.com/pnggroup/libpng/security/advisories/GHSA-9mpm-9pxh-mg4f https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-66293.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", "normalized_severity": "High", "package": { "id": "", "name": "java-17-openjdk", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "7Puka2o1jq4jSr2Hekrfhg==": { "id": "7Puka2o1jq4jSr2Hekrfhg==", "updater": "rhel-vex", "name": "CVE-2026-1757", "description": "A flaw was identified in the interactive shell of the xmllint utility, part of the libxml2 project, where memory allocated for user input is not properly released under certain conditions. When a user submits input consisting only of whitespace, the program skips command execution but fails to free the allocated buffer. Repeating this action causes memory to continuously accumulate. Over time, this can exhaust system memory and terminate the xmllint process, creating a denial-of-service condition on the local system.", "issued": "2026-02-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-1757 https://bugzilla.redhat.com/show_bug.cgi?id=2435940 https://www.cve.org/CVERecord?id=CVE-2026-1757 https://nvd.nist.gov/vuln/detail/CVE-2026-1757 https://gitlab.gnome.org/GNOME/libxml2/-/issues/1009 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1757.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "7lnphmrb/VojuhlikpNO5w==": { "id": "7lnphmrb/VojuhlikpNO5w==", "updater": "rhel-vex", "name": "CVE-2026-24401", "description": "A flaw was found in Avahi, a system that enables devices to discover services on a local network. A remote attacker can exploit this vulnerability by sending a specially crafted mDNS (multicast Domain Name System) response containing a recursive CNAME (Canonical Name) record. This triggers an uncontrolled recursion within the avahi-daemon process, leading to stack exhaustion and causing the service to crash. This results in a denial of service (DoS) for affected systems.", "issued": "2026-01-24T01:25:02Z", "links": "https://access.redhat.com/security/cve/CVE-2026-24401 https://bugzilla.redhat.com/show_bug.cgi?id=2432534 https://www.cve.org/CVERecord?id=CVE-2026-24401 https://nvd.nist.gov/vuln/detail/CVE-2026-24401 https://github.com/avahi/avahi/commit/78eab31128479f06e30beb8c1cbf99dd921e2524 https://github.com/avahi/avahi/issues/501 https://github.com/avahi/avahi/security/advisories/GHSA-h4vp-5m8j-f6w3 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-24401.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "avahi", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "86unVXyTxdffdcXWZTYw5g==": { "id": "86unVXyTxdffdcXWZTYw5g==", "updater": "rhel-vex", "name": "CVE-2023-0465", "description": "A flaw was found in OpenSSL. Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. OpenSSL and other certificate policy checks silently ignore invalid certificate policies in leaf certificates that are skipped for that certificate. A malicious CA could use this to deliberately assert invalid certificate policies to circumvent policy checking on the certificate altogether. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function.", "issued": "2023-03-28T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-0465 https://bugzilla.redhat.com/show_bug.cgi?id=2182561 https://www.cve.org/CVERecord?id=CVE-2023-0465 https://nvd.nist.gov/vuln/detail/CVE-2023-0465 https://www.openssl.org/news/secadv/20230328.txt https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-0465.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "8D3i4K1ylUr5dGk9imV9zA==": { "id": "8D3i4K1ylUr5dGk9imV9zA==", "updater": "rhel-vex", "name": "CVE-2025-69420", "description": "A flaw was found in OpenSSL. A type confusion vulnerability exists in the TimeStamp Response verification code, where an ASN1_TYPE union member is accessed without proper type validation. A remote attacker can exploit this by providing a malformed TimeStamp Response to an application that verifies timestamp responses. This can lead to an invalid or NULL pointer dereference, resulting in a Denial of Service (DoS) due to an application crash.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-69420 https://bugzilla.redhat.com/show_bug.cgi?id=2430388 https://www.cve.org/CVERecord?id=CVE-2025-69420 https://nvd.nist.gov/vuln/detail/CVE-2025-69420 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69420.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "8I2jFG8JRR+6+eqqYlXhAg==": { "id": "8I2jFG8JRR+6+eqqYlXhAg==", "updater": "rhel-vex", "name": "CVE-2018-20225", "description": "A vulnerability was found in python-pip due to a flaw in the --extra-index-url option, where it installs the version with the highest version number, even if the user intended to obtain a private package from a private index. Exploitation requires that the package does not already exist in the public index, allowing an attacker to place the package there with an arbitrary version number.", "issued": "2020-04-28T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2018-20225 https://bugzilla.redhat.com/show_bug.cgi?id=1835736 https://www.cve.org/CVERecord?id=CVE-2018-20225 https://nvd.nist.gov/vuln/detail/CVE-2018-20225 https://cowlicks.website/posts/arbitrary-code-execution-from-pips-extra-index-url.html https://security.access.redhat.com/data/csaf/v2/vex/2018/cve-2018-20225.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "python-pip", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "8KJb4x3mXgChaQULEsid2A==": { "id": "8KJb4x3mXgChaQULEsid2A==", "updater": "rhel-vex", "name": "CVE-2025-15224", "description": "A flaw was found in libcurl. When doing SSH-based transfers using either SCP or SFTP, and asked to do\npublic key authentication, curl would wrongly still ask and authenticate using\na locally running SSH agent.", "issued": "2026-01-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15224 https://bugzilla.redhat.com/show_bug.cgi?id=2426410 https://www.cve.org/CVERecord?id=CVE-2025-15224 https://nvd.nist.gov/vuln/detail/CVE-2025-15224 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15224.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "8Sec+JvKiQWGqYCOBdZhjg==": { "id": "8Sec+JvKiQWGqYCOBdZhjg==", "updater": "rhel-vex", "name": "CVE-2025-5918", "description": "A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memory corruption, or a denial-of-service condition.", "issued": "2025-05-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5918 https://bugzilla.redhat.com/show_bug.cgi?id=2370877 https://www.cve.org/CVERecord?id=CVE-2025-5918 https://nvd.nist.gov/vuln/detail/CVE-2025-5918 https://github.com/libarchive/libarchive/pull/2584 https://github.com/libarchive/libarchive/releases/tag/v3.8.0 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5918.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "8TgjbHNGzIFm7/fF9DBU7Q==": { "id": "8TgjbHNGzIFm7/fF9DBU7Q==", "updater": "rhel-vex", "name": "CVE-2026-34757", "description": "A flaw was found in libpng, a library used for handling PNG (Portable Network Graphics) image files. This vulnerability arises when an application reuses a pointer, previously obtained from functions like png_get_PLTE, by passing it back to a corresponding setter function within the same image structure. This action causes the setter to access memory that has already been deallocated, leading to a use-after-free condition. A local attacker could potentially exploit this flaw to corrupt image metadata or disclose sensitive information from the application's memory.", "issued": "2026-04-09T14:41:18Z", "links": "https://access.redhat.com/security/cve/CVE-2026-34757 https://bugzilla.redhat.com/show_bug.cgi?id=2456918 https://www.cve.org/CVERecord?id=CVE-2026-34757 https://nvd.nist.gov/vuln/detail/CVE-2026-34757 https://github.com/pnggroup/libpng/commit/398cbe3df03f4e11bb031e07f416dfdde3684e8a https://github.com/pnggroup/libpng/commit/55d20aaa322c9274491cda82c5cd4f99b48c6bcc https://github.com/pnggroup/libpng/issues/836 https://github.com/pnggroup/libpng/issues/837 https://github.com/pnggroup/libpng/security/advisories/GHSA-6fr7-g8h7-v645 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-34757.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "8ZxbhBIT+9Mj99/XbMpLSQ==": { "id": "8ZxbhBIT+9Mj99/XbMpLSQ==", "updater": "rhel-vex", "name": "CVE-2024-0232", "description": "A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading to a denial of service.", "issued": "2023-10-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-0232 https://bugzilla.redhat.com/show_bug.cgi?id=2243754 https://www.cve.org/CVERecord?id=CVE-2024-0232 https://nvd.nist.gov/vuln/detail/CVE-2024-0232 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-0232.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "sqlite", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "8qOJVWAut1+UqTXPOWH12g==": { "id": "8qOJVWAut1+UqTXPOWH12g==", "updater": "rhel-vex", "name": "CVE-2025-8291", "description": "A zip file handling flaw has been discovered in the python standard library `zipfile` module. The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory (EOCD) Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be abused to create ZIP archives that are handled differently by the 'zipfile' module compared to other ZIP implementations.", "issued": "2025-10-07T18:10:05Z", "links": "https://access.redhat.com/security/cve/CVE-2025-8291 https://bugzilla.redhat.com/show_bug.cgi?id=2402342 https://www.cve.org/CVERecord?id=CVE-2025-8291 https://nvd.nist.gov/vuln/detail/CVE-2025-8291 https://github.com/python/cpython/commit/162997bb70e067668c039700141770687bc8f267 https://github.com/python/cpython/commit/333d4a6f4967d3ace91492a39ededbcf3faa76a6 https://github.com/python/cpython/issues/139700 https://github.com/python/cpython/pull/139702 https://mail.python.org/archives/list/security-announce@python.org/thread/QECOPWMTH4VPPJAXAH2BGTA4XADOP62G/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-8291.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "8rvqTFlh9aOz4UvxQN0SBQ==": { "id": "8rvqTFlh9aOz4UvxQN0SBQ==", "updater": "rhel-vex", "name": "CVE-2026-3479", "description": "A flaw was found in Python's `pkgutil.get_data()` function, which is used to retrieve data from packages. This function did not properly validate the `resource` argument, allowing a local attacker to perform path traversal attacks. Path traversal enables an attacker to access files and directories stored outside the intended root directory, potentially leading to information disclosure or unintended file access.", "issued": "2026-03-18T18:13:42Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3479 https://bugzilla.redhat.com/show_bug.cgi?id=2448746 https://www.cve.org/CVERecord?id=CVE-2026-3479 https://nvd.nist.gov/vuln/detail/CVE-2026-3479 https://github.com/python/cpython/issues/146121 https://github.com/python/cpython/pull/146122 https://mail.python.org/archives/list/security-announce@python.org/thread/WYLLVQOOCKGK73JM7Z7ZSNOJC4N7BAWY/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3479.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "8rxYDEPu2XxazQ3cBUhX0Q==": { "id": "8rxYDEPu2XxazQ3cBUhX0Q==", "updater": "rhel-vex", "name": "CVE-2019-9923", "description": "pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers.", "issued": "2019-01-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2019-9923 https://bugzilla.redhat.com/show_bug.cgi?id=1691764 https://www.cve.org/CVERecord?id=CVE-2019-9923 https://nvd.nist.gov/vuln/detail/CVE-2019-9923 https://security.access.redhat.com/data/csaf/v2/vex/2019/cve-2019-9923.json", "severity": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "tar", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "92KuvWwbPhsQNPu0knrHAQ==": { "id": "92KuvWwbPhsQNPu0knrHAQ==", "updater": "rhel-vex", "name": "CVE-2025-6170", "description": "A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections.", "issued": "2025-06-16T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-6170 https://bugzilla.redhat.com/show_bug.cgi?id=2372952 https://www.cve.org/CVERecord?id=CVE-2025-6170 https://nvd.nist.gov/vuln/detail/CVE-2025-6170 https://gitlab.gnome.org/GNOME/libxml2/-/issues/941 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-6170.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "97PwDrD8knMveLXwKCvQjA==": { "id": "97PwDrD8knMveLXwKCvQjA==", "updater": "rhel-vex", "name": "CVE-2026-22795", "description": "A flaw was found in OpenSSL. This type confusion vulnerability allows a remote attacker to cause a Denial of Service (DoS) by tricking a user or application into processing a maliciously crafted PKCS#12 (Personal Information Exchange Syntax Standard) file. The vulnerability leads to an invalid or NULL pointer dereference, resulting in an application crash.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-22795 https://bugzilla.redhat.com/show_bug.cgi?id=2430389 https://www.cve.org/CVERecord?id=CVE-2026-22795 https://nvd.nist.gov/vuln/detail/CVE-2026-22795 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-22795.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "9jHXNtwzqlOir/Op7pd9+w==": { "id": "9jHXNtwzqlOir/Op7pd9+w==", "updater": "rhel-vex", "name": "CVE-2025-68276", "description": "A flaw was found in Avahi, a system that facilitates service discovery on a local network. An unprivileged local user can exploit this vulnerability by creating record browsers with the AVAHI_LOOKUP_USE_WIDE_AREA flag set via D-Bus. This can lead to a Denial of Service (DoS) by crashing the avahi-daemon, making the service unavailable.", "issued": "2026-01-12T17:31:49Z", "links": "https://access.redhat.com/security/cve/CVE-2025-68276 https://bugzilla.redhat.com/show_bug.cgi?id=2428713 https://www.cve.org/CVERecord?id=CVE-2025-68276 https://nvd.nist.gov/vuln/detail/CVE-2025-68276 https://github.com/avahi/avahi/commit/ede7048475c5d47d53890e3bc1350dda8e0b3688 https://github.com/avahi/avahi/pull/806 https://github.com/avahi/avahi/security/advisories/GHSA-mhf3-865v-g5rc https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-68276.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "avahi", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "9oBjtBiHtz7+Hwc4swPaAw==": { "id": "9oBjtBiHtz7+Hwc4swPaAw==", "updater": "rhel-vex", "name": "CVE-2026-34979", "description": "A flaw was found in OpenPrinting CUPS. A remote attacker could exploit a heap-based buffer overflow by sending specially crafted job attributes when building filter option strings. This could lead to a denial of service, making the printing system unavailable.", "issued": "2026-04-03T21:16:38Z", "links": "https://access.redhat.com/security/cve/CVE-2026-34979 https://bugzilla.redhat.com/show_bug.cgi?id=2454946 https://www.cve.org/CVERecord?id=CVE-2026-34979 https://nvd.nist.gov/vuln/detail/CVE-2026-34979 https://github.com/OpenPrinting/cups/security/advisories/GHSA-6qxf-7jx6-86fh https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-34979.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "cups", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "9uK7ZDYgFtqP786n0QunAg==": { "id": "9uK7ZDYgFtqP786n0QunAg==", "updater": "rhel-vex", "name": "CVE-2023-39804", "description": "A flaw was found in tar. This issue occurs when extended attributes are processed in PAX archives, and could allow an attacker to cause an application crash, resulting in a denial of service.", "issued": "2023-12-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-39804 https://bugzilla.redhat.com/show_bug.cgi?id=2254067 https://www.cve.org/CVERecord?id=CVE-2023-39804 https://nvd.nist.gov/vuln/detail/CVE-2023-39804 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-39804.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "tar", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "9zRC9UwUH2bQs1UcHQ5UTQ==": { "id": "9zRC9UwUH2bQs1UcHQ5UTQ==", "updater": "rhel-vex", "name": "CVE-2019-9937", "description": "In SQLite 3.27.2, interleaving reads and writes in a single transaction with an fts5 virtual table will lead to a NULL Pointer Dereference in fts5ChunkIterate in sqlite3.c. This is related to ext/fts5/fts5_hash.c and ext/fts5/fts5_index.c.", "issued": "2019-03-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2019-9937 https://bugzilla.redhat.com/show_bug.cgi?id=1692357 https://www.cve.org/CVERecord?id=CVE-2019-9937 https://nvd.nist.gov/vuln/detail/CVE-2019-9937 https://security.access.redhat.com/data/csaf/v2/vex/2019/cve-2019-9937.json", "severity": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "sqlite", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "A1UDSDMkPKOSx7ma/geQyg==": { "id": "A1UDSDMkPKOSx7ma/geQyg==", "updater": "rhel-vex", "name": "CVE-2025-68468", "description": "A flaw was found in Avahi. A remote attacker can cause a Denial of Service (DoS) by sending specially crafted unsolicited announcements containing CNAME resource records. These records, when pointing to other resource records with short Time-To-Live (TTL) values, can lead to the `avahi-daemon` crashing once they expire. This vulnerability impacts the availability of services relying on Avahi's service discovery.", "issued": "2026-01-12T17:38:10Z", "links": "https://access.redhat.com/security/cve/CVE-2025-68468 https://bugzilla.redhat.com/show_bug.cgi?id=2428714 https://www.cve.org/CVERecord?id=CVE-2025-68468 https://nvd.nist.gov/vuln/detail/CVE-2025-68468 https://github.com/avahi/avahi/commit/f66be13d7f31a3ef806d226bf8b67240179d309a https://github.com/avahi/avahi/issues/683 https://github.com/avahi/avahi/security/advisories/GHSA-cp79-r4x9-vf52 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-68468.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "avahi", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "AE8Cp1u8I9t52OYW7oGU4w==": { "id": "AE8Cp1u8I9t52OYW7oGU4w==", "updater": "rhel-vex", "name": "CVE-2024-57970", "description": "A flaw was found in the libarchive library. A specially-crafted tar file may trigger a head-based buffer over-read condition due to incorrect handling of truncation in the middle of a long GNU linkname. This issue can cause an application crash leading to a denial of service.", "issued": "2025-02-16T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-57970 https://bugzilla.redhat.com/show_bug.cgi?id=2345954 https://www.cve.org/CVERecord?id=CVE-2024-57970 https://nvd.nist.gov/vuln/detail/CVE-2024-57970 https://github.com/libarchive/libarchive/issues/2415 https://github.com/libarchive/libarchive/pull/2422 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-57970.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "AZQ9MHTiNLYiRU7sYZlVGw==": { "id": "AZQ9MHTiNLYiRU7sYZlVGw==", "updater": "rhel-vex", "name": "CVE-2022-4899", "description": "A vulnerability was found in zstd. This flaw allows an attacker to supply an empty string as an argument to the command line tool to cause a buffer overrun.", "issued": "2022-07-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-4899 https://bugzilla.redhat.com/show_bug.cgi?id=2179864 https://www.cve.org/CVERecord?id=CVE-2022-4899 https://nvd.nist.gov/vuln/detail/CVE-2022-4899 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-4899.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "zstd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "B5eXEM8SeidgdpzXoFJFGQ==": { "id": "B5eXEM8SeidgdpzXoFJFGQ==", "updater": "rhel-vex", "name": "CVE-2026-33636", "description": "A flaw was found in libpng. A remote attacker could exploit an out-of-bounds read and write vulnerability in the ARM/AArch64 Neon-optimized palette expansion path. This occurs when processing a final partial chunk of 8-bit paletted rows without verifying sufficient input pixels, leading to dereferencing pointers before the start of the row buffer and writing expanded pixel data to underflowed positions. This flaw can result in information disclosure and denial of service.", "issued": "2026-03-26T16:51:58Z", "links": "https://access.redhat.com/security/cve/CVE-2026-33636 https://bugzilla.redhat.com/show_bug.cgi?id=2451819 https://www.cve.org/CVERecord?id=CVE-2026-33636 https://nvd.nist.gov/vuln/detail/CVE-2026-33636 https://github.com/pnggroup/libpng/commit/7734cda20cf1236aef60f3bbd2267c97bbb40869 https://github.com/pnggroup/libpng/commit/aba9f18eba870d14fb52c5ba5d73451349e339c3 https://github.com/pnggroup/libpng/security/advisories/GHSA-wjr5-c57x-95m2 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33636.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "BV++s35Ur4bQRS6HK0QCIA==": { "id": "BV++s35Ur4bQRS6HK0QCIA==", "updater": "rhel-vex", "name": "CVE-2026-31789", "description": "A flaw was found in OpenSSL. This vulnerability, a heap buffer overflow, affects 32-bit systems when processing an unusually large X.509 certificate. If an application or service attempts to print or log such a specially crafted certificate, it could lead to a system crash or potentially allow an attacker to execute arbitrary code. This issue is considered low severity due to the specific conditions required for exploitation, including the need for an extremely large certificate and a 32-bit operating environment.", "issued": "2026-04-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-31789 https://bugzilla.redhat.com/show_bug.cgi?id=2451095 https://www.cve.org/CVERecord?id=CVE-2026-31789 https://nvd.nist.gov/vuln/detail/CVE-2026-31789 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-31789.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Bgew407C4GMDdNe8dNeN7w==": { "id": "Bgew407C4GMDdNe8dNeN7w==", "updater": "rhel-vex", "name": "CVE-2024-52615", "description": "A flaw was found in Avahi-daemon, which relies on fixed source ports for wide-area DNS queries. This issue simplifies attacks where malicious DNS responses are injected.", "issued": "2024-11-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-52615 https://bugzilla.redhat.com/show_bug.cgi?id=2326418 https://www.cve.org/CVERecord?id=CVE-2024-52615 https://nvd.nist.gov/vuln/detail/CVE-2024-52615 https://github.com/avahi/avahi/pull/577 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-52615.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "avahi", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "BooDzA4nzaDI1l3E5zAHgg==": { "id": "BooDzA4nzaDI1l3E5zAHgg==", "updater": "rhel-vex", "name": "CVE-2021-3997", "description": "A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp.", "issued": "2022-01-10T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-3997 https://bugzilla.redhat.com/show_bug.cgi?id=2024639 https://www.cve.org/CVERecord?id=CVE-2021-3997 https://nvd.nist.gov/vuln/detail/CVE-2021-3997 https://www.openwall.com/lists/oss-security/2022/01/10/2 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-3997.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "DDWmqlxBSfXi2KJJ5mwTNg==": { "id": "DDWmqlxBSfXi2KJJ5mwTNg==", "updater": "rhel-vex", "name": "CVE-2025-60753", "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", "issued": "2025-11-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-60753 https://bugzilla.redhat.com/show_bug.cgi?id=2412648 https://www.cve.org/CVERecord?id=CVE-2025-60753 https://nvd.nist.gov/vuln/detail/CVE-2025-60753 https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753 https://github.com/libarchive/libarchive/issues/2725 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-60753.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "EKs36DFwHVCzU/cF0Be9pQ==": { "id": "EKs36DFwHVCzU/cF0Be9pQ==", "updater": "rhel-vex", "name": "CVE-2023-29499", "description": "A flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to the expected format, leading to denial of service.", "issued": "2022-12-14T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-29499 https://bugzilla.redhat.com/show_bug.cgi?id=2211828 https://www.cve.org/CVERecord?id=CVE-2023-29499 https://nvd.nist.gov/vuln/detail/CVE-2023-29499 https://gitlab.gnome.org/GNOME/glib/-/issues/2794 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-29499.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "EQ4eP3gKo3y8JsWUiWr6+g==": { "id": "EQ4eP3gKo3y8JsWUiWr6+g==", "updater": "rhel-vex", "name": "CVE-2018-1000880", "description": "libarchive version commit 9693801580c0cf7c70e862d305270a16b52826a7 onwards (release v3.2.0 onwards) contains a CWE-20: Improper Input Validation vulnerability in WARC parser - libarchive/archive_read_support_format_warc.c, _warc_read() that can result in DoS - quasi-infinite run time and disk usage from tiny file. This attack appear to be exploitable via the victim must open a specially crafted WARC file.", "issued": "2018-11-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2018-1000880 https://bugzilla.redhat.com/show_bug.cgi?id=1663892 https://www.cve.org/CVERecord?id=CVE-2018-1000880 https://nvd.nist.gov/vuln/detail/CVE-2018-1000880 https://security.access.redhat.com/data/csaf/v2/vex/2018/cve-2018-1000880.json", "severity": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "EiJx6rOT8KoLX+Wu7/N6HQ==": { "id": "EiJx6rOT8KoLX+Wu7/N6HQ==", "updater": "rhel-vex", "name": "CVE-2025-27113", "description": "A flaw was found in libxml2. This vulnerability allows a NULL pointer dereference, leading to a potential crash or denial of service via a crafted XML pattern.", "issued": "2025-02-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-27113 https://bugzilla.redhat.com/show_bug.cgi?id=2346410 https://www.cve.org/CVERecord?id=CVE-2025-27113 https://nvd.nist.gov/vuln/detail/CVE-2025-27113 https://gitlab.gnome.org/GNOME/libxml2/-/issues/861 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-27113.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "EiL50P2QSOoRA18XAAH6Pg==": { "id": "EiL50P2QSOoRA18XAAH6Pg==", "updater": "rhel-vex", "name": "CVE-2023-32665", "description": "A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service.", "issued": "2022-12-14T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-32665 https://bugzilla.redhat.com/show_bug.cgi?id=2211827 https://www.cve.org/CVERecord?id=CVE-2023-32665 https://nvd.nist.gov/vuln/detail/CVE-2023-32665 https://gitlab.gnome.org/GNOME/glib/-/issues/2121 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-32665.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ElIjMFAz33tt/XVMysRkdA==": { "id": "ElIjMFAz33tt/XVMysRkdA==", "updater": "rhel-vex", "name": "CVE-2026-0988", "description": "A flaw was found in glib. Missing validation of offset and count parameters in the g_buffered_input_stream_peek() function can lead to an integer overflow during length calculation. When specially crafted values are provided, this overflow results in an incorrect size being passed to memcpy(), triggering a buffer overflow. This can cause application crashes, leading to a Denial of Service (DoS).", "issued": "2026-01-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0988 https://bugzilla.redhat.com/show_bug.cgi?id=2429886 https://www.cve.org/CVERecord?id=CVE-2026-0988 https://nvd.nist.gov/vuln/detail/CVE-2026-0988 https://gitlab.gnome.org/GNOME/glib/-/issues/3851 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0988.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "FkRDB0vpJYeh2ipqLS0/Iw==": { "id": "FkRDB0vpJYeh2ipqLS0/Iw==", "updater": "rhel-vex", "name": "CVE-2025-28164", "description": "A flaw was found in libpng. This buffer overflow vulnerability allows a local attacker to cause a denial of service (DoS) by exploiting the `png_create_read_struct()` function. This can lead to the affected system becoming unresponsive or crashing.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-28164 https://bugzilla.redhat.com/show_bug.cgi?id=2433398 https://www.cve.org/CVERecord?id=CVE-2025-28164 https://nvd.nist.gov/vuln/detail/CVE-2025-28164 https://gist.github.com/kittener/506516f8c22178005b4379c8b2a7de20 https://github.com/pnggroup/libpng/issues/655 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-28164.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Fp999hDC/lucBsNHwOlp/A==": { "id": "Fp999hDC/lucBsNHwOlp/A==", "updater": "rhel-vex", "name": "CVE-2024-13176", "description": "A timing side-channel vulnerability was found in OpenSSL. This vulnerability allows an attacker to recover the private key. However, measuring the timing would require local access to the signing application or a fast network connection with low latency. There is a timing signal of around 300 nanoseconds when the top word of the inverted ECDSA nonce value is zero. This issue can happen with significant probability only for some of the supported elliptic curves. In particular, the NIST P-521 curve is affected.", "issued": "2025-01-20T13:29:57Z", "links": "https://access.redhat.com/security/cve/CVE-2024-13176 https://bugzilla.redhat.com/show_bug.cgi?id=2338999 https://www.cve.org/CVERecord?id=CVE-2024-13176 https://nvd.nist.gov/vuln/detail/CVE-2024-13176 https://www.oracle.com/security-alerts/cpuapr2025.html#AppendixMSQL https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-13176.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "G7IyfoPhe9f8QzIGbOfn7Q==": { "id": "G7IyfoPhe9f8QzIGbOfn7Q==", "updater": "rhel-vex", "name": "CVE-2023-45322", "description": "A flaw was found in libxml2. In an out-of-memory condition or when limiting the memory allocation, processing a XML document using the HTML parser may result in a use-after-free vulnerability.", "issued": "2023-08-23T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-45322 https://bugzilla.redhat.com/show_bug.cgi?id=2242945 https://www.cve.org/CVERecord?id=CVE-2023-45322 https://nvd.nist.gov/vuln/detail/CVE-2023-45322 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-45322.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "H2CablNBrQ/I5AsUjk5xyw==": { "id": "H2CablNBrQ/I5AsUjk5xyw==", "updater": "rhel-vex", "name": "CVE-2018-20839", "description": "systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the KDGKBMODE (aka current keyboard mode) check is mishandled.", "issued": "2019-05-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2018-20839 https://bugzilla.redhat.com/show_bug.cgi?id=1716955 https://www.cve.org/CVERecord?id=CVE-2018-20839 https://nvd.nist.gov/vuln/detail/CVE-2018-20839 https://security.access.redhat.com/data/csaf/v2/vex/2018/cve-2018-20839.json", "severity": "CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "H9Ud41wofJc/QlL6Rm7WkA==": { "id": "H9Ud41wofJc/QlL6Rm7WkA==", "updater": "rhel-vex", "name": "CVE-2026-0968", "description": "A flaw was found in libssh in which a malicious SFTP (SSH File Transfer Protocol) server can exploit this by sending a malformed 'longname' field within an `SSH_FXP_NAME` message during a file listing operation. This missing null check can lead to reading beyond allocated memory on the heap. This can cause unexpected behavior or lead to a denial of service (DoS) due to application crashes.", "issued": "2026-02-10T18:46:58Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0968 https://bugzilla.redhat.com/show_bug.cgi?id=2436982 https://www.cve.org/CVERecord?id=CVE-2026-0968 https://nvd.nist.gov/vuln/detail/CVE-2026-0968 https://www.libssh.org/2026/02/10/libssh-0-12-0-and-0-11-4-security-releases/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0968.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libssh", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "HB9r/GLycEmk6aXttwtBlw==": { "id": "HB9r/GLycEmk6aXttwtBlw==", "updater": "rhel-vex", "name": "CVE-2025-11468", "description": "Missing character filtering has been discovered in Python. When folding a long comment in an email header containing exclusively unfoldable characters, the parenthesis would not be preserved. This could be used for injecting headers into email messages where addresses are user-controlled and not sanitized.", "issued": "2026-01-20T21:09:11Z", "links": "https://access.redhat.com/security/cve/CVE-2025-11468 https://bugzilla.redhat.com/show_bug.cgi?id=2431375 https://www.cve.org/CVERecord?id=CVE-2025-11468 https://nvd.nist.gov/vuln/detail/CVE-2025-11468 https://github.com/python/cpython/issues/143935 https://github.com/python/cpython/pull/143936 https://mail.python.org/archives/list/security-announce@python.org/thread/FELSEOLBI2QR6YLG6Q7VYF7FWSGQTKLI/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-11468.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "HKrLnQyTw1292mNt3MQ0aQ==": { "id": "HKrLnQyTw1292mNt3MQ0aQ==", "updater": "rhel-vex", "name": "CVE-2024-7592", "description": "A flaw was found in the `http.cookies` module in the Python package. When parsing cookies that contain backslashes, under certain circumstances, the module uses an algorithm with quadratic complexity, leading to excessive CPU consumption.", "issued": "2024-08-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-7592 https://bugzilla.redhat.com/show_bug.cgi?id=2305879 https://www.cve.org/CVERecord?id=CVE-2024-7592 https://nvd.nist.gov/vuln/detail/CVE-2024-7592 https://github.com/python/cpython/issues/123067 https://github.com/python/cpython/pull/123075 https://mail.python.org/archives/list/security-announce@python.org/thread/HXJAAAALNUNGCQUS2W7WR6GFIZIHFOOK/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-7592.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "HNpGGr9eP5twQKC3yCh1mA==": { "id": "HNpGGr9eP5twQKC3yCh1mA==", "updater": "rhel-vex", "name": "CVE-2025-5915", "description": "A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer over-read due to the size of a filter block potentially exceeding the Lempel-Ziv-Storer-Schieber (LZSS) window. This means the library may attempt to read beyond the allocated memory buffer, which can result in unpredictable program behavior, crashes (denial of service), or the disclosure of sensitive information from adjacent memory regions.", "issued": "2025-05-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5915 https://bugzilla.redhat.com/show_bug.cgi?id=2370865 https://www.cve.org/CVERecord?id=CVE-2025-5915 https://nvd.nist.gov/vuln/detail/CVE-2025-5915 https://github.com/libarchive/libarchive/pull/2599 https://github.com/libarchive/libarchive/releases/tag/v3.8.0 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5915.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "HTk+AAyRWNCrZTtBLx34Aw==": { "id": "HTk+AAyRWNCrZTtBLx34Aw==", "updater": "rhel-vex", "name": "CVE-2024-25260", "description": "A NULL pointer dereference vulnerability in the elfutils library has been discovered. This vulnerability occurs within the handle_verdef() function in the readelf.c source file. A NULL pointer dereference typically happens when a program attempts to access memory using a pointer that is not pointing anywhere (i.e., it's NULL), leading to a crash or potentially exploitable behavior.", "issued": "2024-02-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-25260 https://bugzilla.redhat.com/show_bug.cgi?id=2265194 https://www.cve.org/CVERecord?id=CVE-2024-25260 https://nvd.nist.gov/vuln/detail/CVE-2024-25260 https://github.com/schsiung/fuzzer_issues/issues/1 https://sourceware.org/bugzilla/show_bug.cgi?id=31058 https://sourceware.org/elfutils/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-25260.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "elfutils", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "HdAyLUATPStr/HXiy9fgQw==": { "id": "HdAyLUATPStr/HXiy9fgQw==", "updater": "rhel-vex", "name": "CVE-2026-0990", "description": "A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function when an XML catalog contains a delegate URI entry that references itself. A remote attacker could exploit this configuration-dependent issue by providing a specially crafted XML catalog, leading to infinite recursion and call stack exhaustion. This ultimately results in a segmentation fault, causing a Denial of Service (DoS) by crashing affected applications.", "issued": "2026-01-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0990 https://bugzilla.redhat.com/show_bug.cgi?id=2429959 https://www.cve.org/CVERecord?id=CVE-2026-0990 https://nvd.nist.gov/vuln/detail/CVE-2026-0990 https://gitlab.gnome.org/GNOME/libxml2/-/issues/1018 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0990.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "HuLJLN6ajygY/CpLyzV5lw==": { "id": "HuLJLN6ajygY/CpLyzV5lw==", "updater": "rhel-vex", "name": "CVE-2023-45803", "description": "A flaw was found in urllib3, an HTTP client library for Python. urllib3 doesn't remove the HTTP request body when an HTTP redirect response using status 301, 302, or 303, after changing the method in a request from one that could accept a request body such as `POST` to `GET`, as is required by HTTP RFCs. This issue requires a previously trusted service to become compromised in order to have an impact on confidentiality, therefore, the exploitability of this vulnerability is low. Additionally, many users aren't putting sensitive data in HTTP request bodies; if this is the case, this vulnerability isn't exploitable.", "issued": "2023-10-13T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-45803 https://bugzilla.redhat.com/show_bug.cgi?id=2246840 https://www.cve.org/CVERecord?id=CVE-2023-45803 https://nvd.nist.gov/vuln/detail/CVE-2023-45803 https://github.com/urllib3/urllib3/commit/4e98d57809dacab1cbe625fddeec1a290c478ea9 https://github.com/urllib3/urllib3/security/advisories/GHSA-g4mx-q9vg-27p4 https://www.rfc-editor.org/rfc/rfc9110.html#name-get https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-45803.json", "severity": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-pip", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "HuOxI+pWjgGV0XsBvltzlg==": { "id": "HuOxI+pWjgGV0XsBvltzlg==", "updater": "rhel-vex", "name": "CVE-2020-19187", "description": "A flaw was found in the ncurses library. This issue occurs when processing a crafted terminfo database, causing a heap-based buffer overflow, resulting in an application crash, leading to a denial of service.", "issued": "2019-05-03T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-19187 https://bugzilla.redhat.com/show_bug.cgi?id=2234911 https://www.cve.org/CVERecord?id=CVE-2020-19187 https://nvd.nist.gov/vuln/detail/CVE-2020-19187 https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-19187.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "I31WPu2ZGWOsqloSJfE2Fg==": { "id": "I31WPu2ZGWOsqloSJfE2Fg==", "updater": "rhel-vex", "name": "CVE-2026-25646", "description": "A heap based buffer overflow flaw has been discovered in LibPNG. Prior to version 1.6.55, an out-of-bounds read vulnerability exists in the png_set_quantize() API function. When the function is called with no histogram and the number of colors in the palette is more than twice the maximum supported by the user's display, certain palettes will cause the function to enter into an infinite loop that reads past the end of an internal heap-allocated buffer. The images that trigger this vulnerability are valid per the PNG specification.", "issued": "2026-02-10T17:04:38Z", "links": "https://access.redhat.com/security/cve/CVE-2026-25646 https://bugzilla.redhat.com/show_bug.cgi?id=2438542 https://www.cve.org/CVERecord?id=CVE-2026-25646 https://nvd.nist.gov/vuln/detail/CVE-2026-25646 http://www.openwall.com/lists/oss-security/2026/02/09/7 https://github.com/pnggroup/libpng/commit/01d03b8453eb30ade759cd45c707e5a1c7277d88 https://github.com/pnggroup/libpng/security/advisories/GHSA-g8hp-mq4h-rqm3 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-25646.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H", "normalized_severity": "High", "package": { "id": "", "name": "java-17-openjdk", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "IItHEdPWz5fl9O7ZhzjDAA==": { "id": "IItHEdPWz5fl9O7ZhzjDAA==", "updater": "rhel-vex", "name": "CVE-2026-0672", "description": "An injection flaw has been discovered in Python. When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control characters within cookie names, values, and parameters.", "issued": "2026-01-20T21:52:33Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0672 https://bugzilla.redhat.com/show_bug.cgi?id=2431374 https://www.cve.org/CVERecord?id=CVE-2026-0672 https://nvd.nist.gov/vuln/detail/CVE-2026-0672 https://github.com/python/cpython/issues/143919 https://github.com/python/cpython/pull/143920 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0672.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "K3eafQ/8P8PEZ3BPWZfCgg==": { "id": "K3eafQ/8P8PEZ3BPWZfCgg==", "updater": "rhel-vex", "name": "CVE-2026-27447", "description": "A flaw was found in OpenPrinting CUPS. This authorization bypass vulnerability allows an unprivileged user to gain unauthorized access to restricted operations. This can be exploited by using a username that differs only in case from an authorized user during authorization checks.", "issued": "2026-04-03T21:11:59Z", "links": "https://access.redhat.com/security/cve/CVE-2026-27447 https://bugzilla.redhat.com/show_bug.cgi?id=2454949 https://www.cve.org/CVERecord?id=CVE-2026-27447 https://nvd.nist.gov/vuln/detail/CVE-2026-27447 https://github.com/OpenPrinting/cups/commit/88516bf6d9e34cef7a64a704b856b837f70cd220 https://github.com/OpenPrinting/cups/security/advisories/GHSA-v987-m8hp-phj9 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-27447.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "cups", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "KCgCqCavM9U0xL+GHJqzSg==": { "id": "KCgCqCavM9U0xL+GHJqzSg==", "updater": "rhel-vex", "name": "CVE-2026-0964", "description": "A malicious SCP server can send unexpected paths that could make the\nclient application override local files outside of working directory.\nThis could be misused to create malicious executable or configuration\nfiles and make the user execute them under specific consequences.\n\nThis is the same issue as in OpenSSH, tracked as CVE-2019-6111.", "issued": "2026-02-10T18:44:42Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0964 https://bugzilla.redhat.com/show_bug.cgi?id=2436979 https://www.cve.org/CVERecord?id=CVE-2026-0964 https://nvd.nist.gov/vuln/detail/CVE-2026-0964 https://www.libssh.org/2026/02/10/libssh-0-12-0-and-0-11-4-security-releases/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0964.json", "severity": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "libssh", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "KExChYIaW0MvXNLWbjS/Hw==": { "id": "KExChYIaW0MvXNLWbjS/Hw==", "updater": "rhel-vex", "name": "CVE-2026-41080", "description": "A flaw was found in libexpat. A remote attacker could exploit this vulnerability by providing a specially crafted XML document that leverages insufficient entropy in the hash function. This can lead to hash flooding, a type of Denial of Service (DoS) attack, where the system becomes unresponsive or crashes due to excessive resource consumption.", "issued": "2026-04-16T16:52:01Z", "links": "https://access.redhat.com/security/cve/CVE-2026-41080 https://bugzilla.redhat.com/show_bug.cgi?id=2458967 https://www.cve.org/CVERecord?id=CVE-2026-41080 https://nvd.nist.gov/vuln/detail/CVE-2026-41080 https://github.com/libexpat/libexpat/issues/47 https://github.com/libexpat/libexpat/pull/1183 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-41080.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "KaROgE0QmtiOixMG9Wi1RA==": { "id": "KaROgE0QmtiOixMG9Wi1RA==", "updater": "rhel-vex", "name": "CVE-2023-32636", "description": "A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect glib distributors who followed the guidance of glib developers to backport the initial fix for CVE-2023-29499.", "issued": "2022-12-14T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-32636 https://bugzilla.redhat.com/show_bug.cgi?id=2211833 https://www.cve.org/CVERecord?id=CVE-2023-32636 https://nvd.nist.gov/vuln/detail/CVE-2023-32636 https://discourse.gnome.org/t/multiple-fixes-for-gvariant-normalisation-issues-in-glib/12835 https://gitlab.gnome.org/GNOME/glib/-/issues/2841 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-32636.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "L3k0cIIlkMGQFiWnZm8Mlg==": { "id": "L3k0cIIlkMGQFiWnZm8Mlg==", "updater": "rhel-vex", "name": "CVE-2025-12781", "description": "A flaw was found in the base64 module in the Python standard library. The b64decode, standard_b64decode and urlsafe_b64decode functions will always accept the '+' and '/' characters even when an alternative base64 alphabet is specified via the altchars parameter that excludes them. This input validation bypass allows malformed or unexpected data to pass through decoding filters, potentially causing logical errors or data integrity issues in applications relying on strict character sets.", "issued": "2026-01-21T19:34:47Z", "links": "https://access.redhat.com/security/cve/CVE-2025-12781 https://bugzilla.redhat.com/show_bug.cgi?id=2431736 https://www.cve.org/CVERecord?id=CVE-2025-12781 https://nvd.nist.gov/vuln/detail/CVE-2025-12781 https://github.com/python/cpython/issues/125346 https://github.com/python/cpython/pull/141128 https://mail.python.org/archives/list/security-announce@python.org/thread/KRI7GC6S27YV5NJ4FPDALS2WI5ENAFJ6/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-12781.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "L7QbkTbsy8v3tMfOqNsVKQ==": { "id": "L7QbkTbsy8v3tMfOqNsVKQ==", "updater": "rhel-vex", "name": "CVE-2024-7531", "description": "The Mozilla Foundation Security Advisory describes this flaw as:\n\nCalling PK11_Encrypt() in NSS using CKM_CHACHA20 and the same buffer for input and output can result in plaintext on Intel Sandy Bridge and later processors. In Firefox this only affects the QUIC header protection feature when the connection is using the ChaCha20-Poly1305 cipher suite. The most likely outcome is connection failure, but if the connection persists despite the high packet loss it could be possible for a network observer to identify packets as coming from the same source despite a network path change.", "issued": "2024-08-06T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-7531 https://bugzilla.redhat.com/show_bug.cgi?id=2303148 https://www.cve.org/CVERecord?id=CVE-2024-7531 https://nvd.nist.gov/vuln/detail/CVE-2024-7531 https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/#CVE-2024-7531 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-7531.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "nss", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "LWLSX4FCLbzYWK97i5Or+A==": { "id": "LWLSX4FCLbzYWK97i5Or+A==", "updater": "rhel-vex", "name": "CVE-2026-28389", "description": "A flaw was found in OpenSSL. A remote attacker could exploit this by sending a specially crafted Cryptographic Message Syntax (CMS) EnvelopedData message with KeyAgreeRecipientInfo. This vulnerability arises because the software attempts to process an optional field without verifying its existence, leading to a NULL pointer dereference. This can result in a Denial of Service (DoS) for applications that handle untrusted CMS data.", "issued": "2026-04-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-28389 https://bugzilla.redhat.com/show_bug.cgi?id=2451096 https://www.cve.org/CVERecord?id=CVE-2026-28389 https://nvd.nist.gov/vuln/detail/CVE-2026-28389 https://openssl-library.org/news/secadv/20260407.txt https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-28389.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Lt2Hg7sVYgz0GD7ldFmjjA==": { "id": "Lt2Hg7sVYgz0GD7ldFmjjA==", "updater": "rhel-vex", "name": "CVE-2026-32777", "description": "A flaw was found in libexpat. A remote attacker could exploit this vulnerability by providing specially crafted Document Type Definition (DTD) content. This could lead to an infinite loop during parsing, resulting in a Denial of Service (DoS) for the application using libexpat.", "issued": "2026-03-16T06:58:06Z", "links": "https://access.redhat.com/security/cve/CVE-2026-32777 https://bugzilla.redhat.com/show_bug.cgi?id=2447890 https://www.cve.org/CVERecord?id=CVE-2026-32777 https://nvd.nist.gov/vuln/detail/CVE-2026-32777 https://github.com/libexpat/libexpat/issues/1161 https://github.com/libexpat/libexpat/pull/1159 https://github.com/libexpat/libexpat/pull/1162 https://issues.oss-fuzz.com/issues/486993411 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-32777.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "MRnBR1NwPejsF0F/Po53Ew==": { "id": "MRnBR1NwPejsF0F/Po53Ew==", "updater": "rhel-vex", "name": "CVE-2019-8905", "description": "do_core_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printable, a different vulnerability than CVE-2018-10360.", "issued": "2019-02-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2019-8905 https://bugzilla.redhat.com/show_bug.cgi?id=1679181 https://www.cve.org/CVERecord?id=CVE-2019-8905 https://nvd.nist.gov/vuln/detail/CVE-2019-8905 https://security.access.redhat.com/data/csaf/v2/vex/2019/cve-2019-8905.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "file", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "MW3KGjkk7BWuR5JCc6cywg==": { "id": "MW3KGjkk7BWuR5JCc6cywg==", "updater": "rhel-vex", "name": "CVE-2024-52616", "description": "A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them sequentially after that. This predictable behavior facilitates DNS spoofing attacks, allowing attackers to guess transaction IDs.", "issued": "2024-11-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-52616 https://bugzilla.redhat.com/show_bug.cgi?id=2326429 https://www.cve.org/CVERecord?id=CVE-2024-52616 https://nvd.nist.gov/vuln/detail/CVE-2024-52616 https://github.com/avahi/avahi/pull/577 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-52616.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "avahi", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "O6eQrDqYe8zCvECWFMIzFQ==": { "id": "O6eQrDqYe8zCvECWFMIzFQ==", "updater": "rhel-vex", "name": "CVE-2019-8906", "description": "do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused.", "issued": "2019-01-03T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2019-8906 https://bugzilla.redhat.com/show_bug.cgi?id=1679175 https://www.cve.org/CVERecord?id=CVE-2019-8906 https://nvd.nist.gov/vuln/detail/CVE-2019-8906 https://security.access.redhat.com/data/csaf/v2/vex/2019/cve-2019-8906.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "file", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "O8fIVXqcGshIonMWsEH9gA==": { "id": "O8fIVXqcGshIonMWsEH9gA==", "updater": "rhel-vex", "name": "CVE-2025-5916", "description": "A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Archive (WARC) file that claims to have more than INT64_MAX - 4 content bytes. An attacker could craft a malicious WARC archive to induce this overflow, potentially leading to unpredictable program behavior, memory corruption, or a denial-of-service condition within applications that process such archives using libarchive. This bug affects libarchive versions prior to 3.8.0.", "issued": "2025-05-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5916 https://bugzilla.redhat.com/show_bug.cgi?id=2370872 https://www.cve.org/CVERecord?id=CVE-2025-5916 https://nvd.nist.gov/vuln/detail/CVE-2025-5916 https://github.com/libarchive/libarchive/pull/2568 https://github.com/libarchive/libarchive/releases/tag/v3.8.0 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5916.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "OFdQC3/0S5rItoyqpACTFw==": { "id": "OFdQC3/0S5rItoyqpACTFw==", "updater": "rhel-vex", "name": "CVE-2026-4224", "description": "A stack overflow flaw has been discovered in the python pyexpat module. When an Expat parser with a registered ElementDeclHandler parses an inline document type definition containing a deeply nested content model a C stack overflow occurs. This will result in a program crash.", "issued": "2026-03-16T17:52:26Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4224 https://bugzilla.redhat.com/show_bug.cgi?id=2448181 https://www.cve.org/CVERecord?id=CVE-2026-4224 https://nvd.nist.gov/vuln/detail/CVE-2026-4224 https://github.com/python/cpython/commit/196edfb06a7458377d4d0f4b3cd41724c1f3bd4a https://github.com/python/cpython/commit/e0a8a6da90597a924b300debe045cdb4628ee1f3 https://github.com/python/cpython/commit/eb0e8be3a7e11b87d198a2c3af1ed0eccf532768 https://github.com/python/cpython/issues/145986 https://github.com/python/cpython/pull/145987 https://mail.python.org/archives/list/security-announce@python.org/thread/5M7CGUW3XBRY7II4DK43KF7NQQ3TPZ6R/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4224.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "OLKvdPVgT9/lPcflJTxE3Q==": { "id": "OLKvdPVgT9/lPcflJTxE3Q==", "updater": "rhel-vex", "name": "CVE-2025-68160", "description": "A flaw was found in OpenSSL. This vulnerability involves an out-of-bounds write in the line-buffering BIO filter, which can lead to memory corruption. While exploitation is unlikely to be under direct attacker control, a successful attack could cause an application to crash, resulting in a Denial of Service (DoS).", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-68160 https://bugzilla.redhat.com/show_bug.cgi?id=2430380 https://www.cve.org/CVERecord?id=CVE-2025-68160 https://nvd.nist.gov/vuln/detail/CVE-2025-68160 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-68160.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "OPNDKUsVLJt2v1gO1zvkBA==": { "id": "OPNDKUsVLJt2v1gO1zvkBA==", "updater": "rhel-vex", "name": "CVE-2025-1632", "description": "A flaw was found in the bsdunzip utility of libarchive. In affected versions, a specially crafted file may trigger a null pointer dereference. This issue can lead to an application crash or other unexpected behavior. This bug does not compromise the integrity or availability of the base system.", "issued": "2025-02-24T13:31:08Z", "links": "https://access.redhat.com/security/cve/CVE-2025-1632 https://bugzilla.redhat.com/show_bug.cgi?id=2347309 https://www.cve.org/CVERecord?id=CVE-2025-1632 https://nvd.nist.gov/vuln/detail/CVE-2025-1632 https://github.com/Ekkosun/pocs/blob/main/bsdunzip-poc https://vuldb.com/?ctiid.296619 https://vuldb.com/?id.296619 https://vuldb.com/?submit.496460 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-1632.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "OTZM0RD60ajdSeEqWGkkTw==": { "id": "OTZM0RD60ajdSeEqWGkkTw==", "updater": "rhel-vex", "name": "CVE-2026-26740", "description": "A flaw was found in giflib. A remote attacker can exploit a buffer overflow vulnerability in the EGifGCBToExtension function by providing a specially crafted Graphics Control Extension (GCE) block. This allows overwriting an existing GCE block without proper size validation, leading to a denial of service (DoS) on the system.", "issued": "2026-03-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-26740 https://bugzilla.redhat.com/show_bug.cgi?id=2448747 https://www.cve.org/CVERecord?id=CVE-2026-26740 https://nvd.nist.gov/vuln/detail/CVE-2026-26740 https://github.com/zakkanijia/POC/blob/main/giflib/giftool/giflib_giftool_gce_len_heap_oobwrite_disclosure.md https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-26740.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "High", "package": { "id": "", "name": "java-17-openjdk", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "OgFGrvrnAoXXvapnatTrxQ==": { "id": "OgFGrvrnAoXXvapnatTrxQ==", "updater": "rhel-vex", "name": "CVE-2026-0965", "description": "A flaw was found in libssh where it can attempt to open arbitrary files during configuration parsing. A local attacker can exploit this by providing a malicious configuration file or when the system is misconfigured. This vulnerability could lead to a Denial of Service (DoS) by causing the system to try and access dangerous files, such as block devices or large system files, which can disrupt normal operations.", "issued": "2026-02-10T18:47:22Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0965 https://bugzilla.redhat.com/show_bug.cgi?id=2436980 https://www.cve.org/CVERecord?id=CVE-2026-0965 https://nvd.nist.gov/vuln/detail/CVE-2026-0965 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0965.json", "severity": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libssh", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Oi3Y6I7JDcoQrQyH+jMXWw==": { "id": "Oi3Y6I7JDcoQrQyH+jMXWw==", "updater": "rhel-vex", "name": "CVE-2025-14087", "description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "issued": "2025-12-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14087 https://bugzilla.redhat.com/show_bug.cgi?id=2419093 https://www.cve.org/CVERecord?id=CVE-2025-14087 https://nvd.nist.gov/vuln/detail/CVE-2025-14087 https://gitlab.gnome.org/GNOME/glib/-/issues/3834 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14087.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "OpUahpCA4oBceG962KxTMA==": { "id": "OpUahpCA4oBceG962KxTMA==", "updater": "rhel-vex", "name": "CVE-2026-22796", "description": "A flaw was found in OpenSSL. This type confusion vulnerability allows a remote attacker to cause a denial of service (DoS) by providing specially crafted PKCS#7 data to an application that performs signature verification. The vulnerability occurs because the application accesses an ASN1_TYPE union member without proper type validation, leading to an invalid or NULL pointer dereference and a crash.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-22796 https://bugzilla.redhat.com/show_bug.cgi?id=2430390 https://www.cve.org/CVERecord?id=CVE-2026-22796 https://nvd.nist.gov/vuln/detail/CVE-2026-22796 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-22796.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "PcNbuWOo0ahqjfbOQhXvvQ==": { "id": "PcNbuWOo0ahqjfbOQhXvvQ==", "updater": "rhel-vex", "name": "CVE-2024-41996", "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "issued": "2024-08-26T06:15:04Z", "links": "https://access.redhat.com/security/cve/CVE-2024-41996 https://bugzilla.redhat.com/show_bug.cgi?id=2307826 https://www.cve.org/CVERecord?id=CVE-2024-41996 https://nvd.nist.gov/vuln/detail/CVE-2024-41996 https://dheatattack.gitlab.io/details/ https://dheatattack.gitlab.io/faq/ https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1 https://github.com/openssl/openssl/issues/17374 https://openssl-library.org/post/2022-10-21-tls-groups-configuration/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-41996.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Pe4IHqZpuBtuSkrgd2HMEg==": { "id": "Pe4IHqZpuBtuSkrgd2HMEg==", "updater": "rhel-vex", "name": "CVE-2025-13034", "description": "A flaw was found in curl. When configured to use public key pinning with QUIC connections and GnuTLS, and with standard certificate verification explicitly disabled, curl could bypass the intended public key check. This oversight allows a malicious server to impersonate a legitimate one, potentially leading to unauthorized access or information disclosure due to a failure in verifying the server's identity.", "issued": "2026-01-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-13034 https://bugzilla.redhat.com/show_bug.cgi?id=2426406 https://www.cve.org/CVERecord?id=CVE-2025-13034 https://nvd.nist.gov/vuln/detail/CVE-2025-13034 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-13034.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Q5xJp4zJ1MCYcYbDi9qrdQ==": { "id": "Q5xJp4zJ1MCYcYbDi9qrdQ==", "updater": "rhel-vex", "name": "CVE-2026-25068", "description": "alsa-lib versions 1.2.2 up to and including 1.2.15.2, prior to commit 5f7fe33, contain a heap-based buffer overflow in the topology mixer control decoder. The tplg_decode_control_mixer1() function reads the num_channels field from untrusted .tplg data and uses it as a loop bound without validating it against the fixed-size channel array (SND_TPLG_MAX_CHAN). A crafted topology file with an excessive num_channels value can cause out-of-bounds heap writes, leading to a crash.", "issued": "2026-01-29T19:08:03Z", "links": "https://access.redhat.com/security/cve/CVE-2026-25068 https://bugzilla.redhat.com/show_bug.cgi?id=2435372 https://www.cve.org/CVERecord?id=CVE-2026-25068 https://nvd.nist.gov/vuln/detail/CVE-2026-25068 https://github.com/alsa-project/alsa-lib/commit/5f7fe33002d2d98d84f72e381ec2cccc0d5d3d40 https://www.vulncheck.com/advisories/alsa-lib-topology-decoder-heap-based-buffer-overflow https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-25068.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "alsa-lib", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "QSNBg/XspHcBwSxBTMU4rg==": { "id": "QSNBg/XspHcBwSxBTMU4rg==", "updater": "rhel-vex", "name": "CVE-2025-50181", "description": "A flaw was found in urllib3. The `PoolManager` class allows redirects to be disabled by configuring retries in a specific manner, effectively bypassing intended HTTP redirection behavior. A network attacker can leverage this configuration to manipulate request flows and disrupt service. This bypass occurs through improper handling of retry parameters during PoolManager instantiation. This issue can reult in a denial of service or unintended data exposure due to altered request destinations.", "issued": "2025-06-19T01:08:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-50181 https://bugzilla.redhat.com/show_bug.cgi?id=2373799 https://www.cve.org/CVERecord?id=CVE-2025-50181 https://nvd.nist.gov/vuln/detail/CVE-2025-50181 https://github.com/urllib3/urllib3/commit/f05b1329126d5be6de501f9d1e3e36738bc08857 https://github.com/urllib3/urllib3/security/advisories/GHSA-pq67-6m6q-mj2v https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-50181.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-pip", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "QUtTYJuHdkAOgtveagWUfA==": { "id": "QUtTYJuHdkAOgtveagWUfA==", "updater": "rhel-vex", "name": "CVE-2023-0466", "description": "A flaw was found in OpenSSL. The X509_VERIFY_PARAM_add0_policy() function is documented to enable the certificate policy check when doing certificate verification implicitly. However, implementing the function does not enable the check, allowing certificates with invalid or incorrect policies to pass the certificate verification. Suddenly enabling the policy check could break existing deployments, so it was decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() function. The applications that require OpenSSL to perform certificate policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly enable the policy check by calling X509_VERIFY_PARAM_set_flags() with the X509_V_FLAG_POLICY_CHECK flag argument. Certificate policy checks are disabled by default in OpenSSL and are not commonly used by applications.", "issued": "2023-03-28T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-0466 https://bugzilla.redhat.com/show_bug.cgi?id=2182565 https://www.cve.org/CVERecord?id=CVE-2023-0466 https://nvd.nist.gov/vuln/detail/CVE-2023-0466 https://www.openssl.org/news/secadv/20230328.txt https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-0466.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "QcOTYeOedG0AUhPSakMpIA==": { "id": "QcOTYeOedG0AUhPSakMpIA==", "updater": "rhel-vex", "name": "CVE-2024-4741", "description": "A use-after-free vulnerability was found in OpenSSL. Calling the OpenSSL API SSL_free_buffers function may cause memory to be accessed that was previously freed in some situations.", "issued": "2024-05-28T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-4741 https://bugzilla.redhat.com/show_bug.cgi?id=2283757 https://www.cve.org/CVERecord?id=CVE-2024-4741 https://nvd.nist.gov/vuln/detail/CVE-2024-4741 https://www.openssl.org/news/secadv/20240528.txt https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-4741.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "RVCidRUm4D1IKoPhoUi2AA==": { "id": "RVCidRUm4D1IKoPhoUi2AA==", "updater": "rhel-vex", "name": "CVE-2019-9674", "description": "A ZIP bomb attack was found in the Python zipfile module. A remote attacker could abuse this flaw by providing a specially crafted ZIP file that, when decompressed by zipfile, would exhaust system resources resulting in a denial of service.", "issued": "2019-03-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2019-9674 https://bugzilla.redhat.com/show_bug.cgi?id=1800749 https://www.cve.org/CVERecord?id=CVE-2019-9674 https://nvd.nist.gov/vuln/detail/CVE-2019-9674 https://security.access.redhat.com/data/csaf/v2/vex/2019/cve-2019-9674.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "RXjd5U95osIGXnqCa34Jkg==": { "id": "RXjd5U95osIGXnqCa34Jkg==", "updater": "rhel-vex", "name": "CVE-2026-0989", "description": "A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested \u003cinclude\u003e directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This may lead to stack exhaustion and application crashes, creating a denial-of-service risk.", "issued": "2026-01-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0989 https://bugzilla.redhat.com/show_bug.cgi?id=2429933 https://www.cve.org/CVERecord?id=CVE-2026-0989 https://nvd.nist.gov/vuln/detail/CVE-2026-0989 https://gitlab.gnome.org/GNOME/libxml2/-/issues/998 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0989.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "RYqFgDYIttLgJc8B82sK/w==": { "id": "RYqFgDYIttLgJc8B82sK/w==", "updater": "rhel-vex", "name": "CVE-2025-66382", "description": "A flaw was found in libexpat. This vulnerability allows a denial of service (DoS) by processing a crafted file with an approximate size of 2 MiB, leading to dozens of seconds of processing time.", "issued": "2025-11-28T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-66382 https://bugzilla.redhat.com/show_bug.cgi?id=2417661 https://www.cve.org/CVERecord?id=CVE-2025-66382 https://nvd.nist.gov/vuln/detail/CVE-2025-66382 https://github.com/libexpat/libexpat/issues/1076 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-66382.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "RdjNn4dAdZKcn6VS95a/SQ==": { "id": "RdjNn4dAdZKcn6VS95a/SQ==", "updater": "rhel-vex", "name": "CVE-2026-39314", "description": "A flaw was found in CUPS, an open-source printing system. An unprivileged local user can exploit an integer underflow vulnerability by providing a negative job-password-supported Internet Printing Protocol (IPP) attribute. This manipulation causes the cupsd root process to crash, which can be repeatedly triggered to achieve a sustained Denial of Service (DoS) on the system.", "issued": "2026-04-07T16:59:23Z", "links": "https://access.redhat.com/security/cve/CVE-2026-39314 https://bugzilla.redhat.com/show_bug.cgi?id=2456107 https://www.cve.org/CVERecord?id=CVE-2026-39314 https://nvd.nist.gov/vuln/detail/CVE-2026-39314 https://github.com/OpenPrinting/cups/security/advisories/GHSA-pp8w-2g52-7vj7 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-39314.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "cups", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Rfm1tD+QxSP/TVjKFDNabg==": { "id": "Rfm1tD+QxSP/TVjKFDNabg==", "updater": "rhel-vex", "name": "CVE-2026-0967", "description": "A flaw was found in libssh. A remote attacker, by controlling client configuration files or known_hosts files, could craft specific hostnames that when processed by the `match_pattern()` function can lead to inefficient regular expression backtracking. This can cause timeouts and resource exhaustion, resulting in a Denial of Service (DoS) for the client.", "issued": "2026-02-10T18:47:09Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0967 https://bugzilla.redhat.com/show_bug.cgi?id=2436981 https://www.cve.org/CVERecord?id=CVE-2026-0967 https://nvd.nist.gov/vuln/detail/CVE-2026-0967 https://www.libssh.org/2026/02/10/libssh-0-12-0-and-0-11-4-security-releases/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0967.json", "severity": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libssh", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Rw8DyDlyRHRJOeZaAbGMRA==": { "id": "Rw8DyDlyRHRJOeZaAbGMRA==", "updater": "rhel-vex", "name": "CVE-2025-59529", "description": "A flaw was found in avahi. The simple protocol server ignores the documented client limit and accepts unlimited connections, allowing for easy local Denial of Service.", "issued": "2025-12-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-59529 https://bugzilla.redhat.com/show_bug.cgi?id=2405338 https://www.cve.org/CVERecord?id=CVE-2025-59529 https://nvd.nist.gov/vuln/detail/CVE-2025-59529 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-59529.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "avahi", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "S7qx7a03HASsJhyQafvXjg==": { "id": "S7qx7a03HASsJhyQafvXjg==", "updater": "rhel-vex", "name": "CVE-2018-19211", "description": "In ncurses 6.1, there is a NULL pointer dereference at function _nc_parse_entry in parse_entry.c that will lead to a denial of service attack. The product proceeds to the dereference code path even after a \"dubious character `*' in name or alias field\" detection.", "issued": "2018-10-28T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2018-19211 https://bugzilla.redhat.com/show_bug.cgi?id=1652600 https://www.cve.org/CVERecord?id=CVE-2018-19211 https://nvd.nist.gov/vuln/detail/CVE-2018-19211 https://security.access.redhat.com/data/csaf/v2/vex/2018/cve-2018-19211.json", "severity": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "SHxE0qXbBmDEp/LL1ieJeA==": { "id": "SHxE0qXbBmDEp/LL1ieJeA==", "updater": "rhel-vex", "name": "CVE-2020-19189", "description": "A flaw has been identified in the ncurses library. This issue occurs when processing a crafted terminfo database, causing a heap-based buffer overflow, resulting in an application crash.", "issued": "2019-05-03T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-19189 https://bugzilla.redhat.com/show_bug.cgi?id=2234926 https://www.cve.org/CVERecord?id=CVE-2020-19189 https://nvd.nist.gov/vuln/detail/CVE-2020-19189 https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-19189.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "SixpK4TZp5ARiPVlZlGpew==": { "id": "SixpK4TZp5ARiPVlZlGpew==", "updater": "rhel-vex", "name": "CVE-2026-4878", "description": "A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use (TOCTOU) race condition in the `cap_set_file()` function. This allows an attacker with write access to a parent directory to redirect file capability updates to an attacker-controlled file. By doing so, capabilities can be injected into or stripped from unintended executables, leading to privilege escalation.", "issued": "2026-04-06T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4878 https://bugzilla.redhat.com/show_bug.cgi?id=2451615 https://www.cve.org/CVERecord?id=CVE-2026-4878 https://nvd.nist.gov/vuln/detail/CVE-2026-4878 https://bugzilla.redhat.com/show_bug.cgi?id=2447554 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4878.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "libcap", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "TLOrmSYL76Du+GI4WD9gMQ==": { "id": "TLOrmSYL76Du+GI4WD9gMQ==", "updater": "rhel-vex", "name": "CVE-2024-34459", "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", "issued": "2024-05-08T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-34459 https://bugzilla.redhat.com/show_bug.cgi?id=2280532 https://www.cve.org/CVERecord?id=CVE-2024-34459 https://nvd.nist.gov/vuln/detail/CVE-2024-34459 https://gitlab.gnome.org/GNOME/libxml2/-/issues/720 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-34459.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Te9j1HGn7feNCE/Fduu0+A==": { "id": "Te9j1HGn7feNCE/Fduu0+A==", "updater": "rhel-vex", "name": "CVE-2025-64505", "description": "A heap buffer over-read vulnerability exists in libpng's png_do_quantize function when processing PNG files with malformed palette indices. The vulnerability occurs when palette_lookup array bounds are not validated against externally-supplied image data, allowing an attacker to craft a PNG file with out-of-range palette indices that trigger out-of-bounds memory access.", "issued": "2025-11-24T23:38:40Z", "links": "https://access.redhat.com/security/cve/CVE-2025-64505 https://bugzilla.redhat.com/show_bug.cgi?id=2416905 https://www.cve.org/CVERecord?id=CVE-2025-64505 https://nvd.nist.gov/vuln/detail/CVE-2025-64505 https://github.com/pnggroup/libpng/commit/6a528eb5fd0dd7f6de1c39d30de0e41473431c37 https://github.com/pnggroup/libpng/pull/748 https://github.com/pnggroup/libpng/security/advisories/GHSA-4952-h5wq-4m42 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-64505.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "TuBnhFrkwMqIcYtYYgNGNQ==": { "id": "TuBnhFrkwMqIcYtYYgNGNQ==", "updater": "rhel-vex", "name": "CVE-2026-3784", "description": "A flaw was found in curl. This vulnerability allows curl to wrongly reuse an existing HTTP proxy connection when performing a CONNECT request to a server, even if the new request uses different authentication credentials for the HTTP proxy. This improper connection reuse could lead to an attacker gaining unauthorized access to resources or information intended for a different user.", "issued": "2026-03-11T10:09:21Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3784 https://bugzilla.redhat.com/show_bug.cgi?id=2446449 https://www.cve.org/CVERecord?id=CVE-2026-3784 https://nvd.nist.gov/vuln/detail/CVE-2026-3784 http://www.openwall.com/lists/oss-security/2026/03/11/3 https://curl.se/docs/CVE-2026-3784.html https://curl.se/docs/CVE-2026-3784.json https://hackerone.com/reports/3584903 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3784.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "UMD4nV1Ky5C5eKUMgtnKzw==": { "id": "UMD4nV1Ky5C5eKUMgtnKzw==", "updater": "rhel-vex", "name": "CVE-2021-20193", "description": "A flaw was found in the src/list.c of tar. This flaw allows an attacker who can submit a crafted input file to tar to cause uncontrolled consumption of memory. The highest threat from this vulnerability is to system availability.", "issued": "2021-01-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-20193 https://bugzilla.redhat.com/show_bug.cgi?id=1917565 https://www.cve.org/CVERecord?id=CVE-2021-20193 https://nvd.nist.gov/vuln/detail/CVE-2021-20193 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-20193.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "tar", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "UPzTyNn8ZLXlb+bwRFPPTA==": { "id": "UPzTyNn8ZLXlb+bwRFPPTA==", "updater": "rhel-vex", "name": "CVE-2023-2650", "description": "A flaw was found in OpenSSL resulting in a possible denial of service while translating ASN.1 object identifiers. Applications that use OBJ_obj2txt() directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience long delays when processing messages, which may lead to a denial of service.", "issued": "2023-05-30T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-2650 https://bugzilla.redhat.com/show_bug.cgi?id=2207947 https://www.cve.org/CVERecord?id=CVE-2023-2650 https://nvd.nist.gov/vuln/detail/CVE-2023-2650 https://www.openssl.org/news/secadv/20230530.txt https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-2650.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "UbmdE2pHXRFccv8l1e02Jw==": { "id": "UbmdE2pHXRFccv8l1e02Jw==", "updater": "rhel-vex", "name": "CVE-2023-4156", "description": "A heap out-of-bounds read flaw was found in builtin.c in the gawk package. This issue may lead to a crash and could be used to read sensitive information.", "issued": "2023-06-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4156 https://bugzilla.redhat.com/show_bug.cgi?id=2215930 https://www.cve.org/CVERecord?id=CVE-2023-4156 https://nvd.nist.gov/vuln/detail/CVE-2023-4156 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4156.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "gawk", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "UgHucRu0hN47CoyxGAMXTQ==": { "id": "UgHucRu0hN47CoyxGAMXTQ==", "updater": "rhel-vex", "name": "CVE-2026-28386", "description": "A flaw was found in openssl. Applications using AES-CFB128 encryption or decryption on systems with AVX-512 and VAES support may experience a Denial of Service (DoS). This occurs when processing partial cipher blocks, specifically if the input buffer ends at a memory page boundary and the subsequent page is unmapped. This can lead to an out-of-bounds read of up to 15 bytes and a potential application crash.", "issued": "2026-04-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-28386 https://bugzilla.redhat.com/show_bug.cgi?id=2451099 https://www.cve.org/CVERecord?id=CVE-2026-28386 https://nvd.nist.gov/vuln/detail/CVE-2026-28386 https://openssl-library.org/news/secadv/20260407.txt https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-28386.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "UoEFDYM+Gqf2mdRJh5HUFw==": { "id": "UoEFDYM+Gqf2mdRJh5HUFw==", "updater": "rhel-vex", "name": "CVE-2025-45582", "description": "A relative path traversal flaw was found in the gnu tar utility. When archives with relative paths are extracted without the ‘--keep-old-files’ (‘-k’), the extraction process may overwrite existing files that the current user has access to. The server may be impacted if these files are critical to the operation of some service.", "issued": "2025-07-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-45582 https://bugzilla.redhat.com/show_bug.cgi?id=2379592 https://www.cve.org/CVERecord?id=CVE-2025-45582 https://nvd.nist.gov/vuln/detail/CVE-2025-45582 https://github.com/i900008/vulndb/blob/main/Gnu_tar_vuln.md https://www.gnu.org/software/tar/ https://www.gnu.org/software/tar/manual/html_node/Integrity.html#Integrity https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-45582.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "tar", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "UyCjBcpeB0nhkRTVhUcAJQ==": { "id": "UyCjBcpeB0nhkRTVhUcAJQ==", "updater": "rhel-vex", "name": "CVE-2026-39316", "description": "A flaw was found in CUPS, an open-source printing system. This vulnerability, known as a use-after-free, occurs in the CUPS scheduler when temporary printers are automatically removed. The system fails to properly manage memory, leaving a pointer to a freed memory location. An attacker could exploit this to cause the CUPS daemon to crash, leading to a denial of service. In more severe scenarios, this could potentially allow an attacker to execute arbitrary code.", "issued": "2026-04-07T17:00:26Z", "links": "https://access.redhat.com/security/cve/CVE-2026-39316 https://bugzilla.redhat.com/show_bug.cgi?id=2456120 https://www.cve.org/CVERecord?id=CVE-2026-39316 https://nvd.nist.gov/vuln/detail/CVE-2026-39316 https://github.com/OpenPrinting/cups/security/advisories/GHSA-pjv5-prqp-46rg https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-39316.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "cups", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "VLzwKVDYC7fQrtcpCzjXjA==": { "id": "VLzwKVDYC7fQrtcpCzjXjA==", "updater": "rhel-vex", "name": "CVE-2025-69418", "description": "A flaw was found in OpenSSL. When applications directly call the low-level CRYPTO_ocb128_encrypt() or CRYPTO_ocb128_decrypt() functions with non-block-aligned lengths in a single call on hardware-accelerated builds, the trailing 1-15 bytes of a message may be exposed in cleartext. These exposed bytes are not covered by the authentication tag, allowing an attacker to read or tamper with them without detection.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-69418 https://bugzilla.redhat.com/show_bug.cgi?id=2430381 https://www.cve.org/CVERecord?id=CVE-2025-69418 https://nvd.nist.gov/vuln/detail/CVE-2025-69418 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69418.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "VPoF+qCqaQ4y2sVl2255/g==": { "id": "VPoF+qCqaQ4y2sVl2255/g==", "updater": "rhel-vex", "name": "CVE-2026-33416", "description": "A flaw was found in libpng, a library used for processing PNG (Portable Network Graphics) image files. This vulnerability arises from improper memory management where a heap-allocated buffer is aliased between internal data structures. When specific functions are called, a freed memory region can still be referenced, leading to a use-after-free condition. An attacker could potentially exploit this to achieve arbitrary code execution or cause a denial of service.", "issued": "2026-03-26T16:48:54Z", "links": "https://access.redhat.com/security/cve/CVE-2026-33416 https://bugzilla.redhat.com/show_bug.cgi?id=2451805 https://www.cve.org/CVERecord?id=CVE-2026-33416 https://nvd.nist.gov/vuln/detail/CVE-2026-33416 https://github.com/pnggroup/libpng/commit/23019269764e35ed8458e517f1897bd3c54820eb https://github.com/pnggroup/libpng/commit/7ea9eea884a2328cc7fdcb3c0c00246a50d90667 https://github.com/pnggroup/libpng/commit/a3a21443ed12bfa1ef46fa0d4fb2b74a0fa34a25 https://github.com/pnggroup/libpng/commit/c1b0318b393c90679e6fa5bc1d329fd5d5012ec1 https://github.com/pnggroup/libpng/pull/824 https://github.com/pnggroup/libpng/security/advisories/GHSA-m4pc-p4q3-4c7j https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33416.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "VsocCwaFpF6PzdX5PxR+sQ==": { "id": "VsocCwaFpF6PzdX5PxR+sQ==", "updater": "rhel-vex", "name": "CVE-2020-19185", "description": "A flaw has been identified in the ncurses library. This issue occurs when processing a crafted terminfo database, causing a heap-based buffer overflow, resulting in an application crash, causing denial of service.", "issued": "2019-05-03T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-19185 https://bugzilla.redhat.com/show_bug.cgi?id=2234924 https://www.cve.org/CVERecord?id=CVE-2020-19185 https://nvd.nist.gov/vuln/detail/CVE-2020-19185 https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-19185.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "W/DMqBRMDYVkVH3D67luGg==": { "id": "W/DMqBRMDYVkVH3D67luGg==", "updater": "rhel-vex", "name": "CVE-2025-64118", "description": "A flaw was found in node-tar, a Tar utility for Node.js. This vulnerability allows a local attacker to potentially disclose sensitive information. When the .t (or .list) function is used with { sync: true } to read tar entry contents, and the tar file is concurrently modified on disk to a smaller size, the function may return uninitialized memory contents. This could lead to the exposure of arbitrary data.", "issued": "2025-10-30T17:50:20Z", "links": "https://access.redhat.com/security/cve/CVE-2025-64118 https://bugzilla.redhat.com/show_bug.cgi?id=2407440 https://www.cve.org/CVERecord?id=CVE-2025-64118 https://nvd.nist.gov/vuln/detail/CVE-2025-64118 https://github.com/isaacs/node-tar/commit/5330eb04bc43014f216e5c271b40d5c00d45224d https://github.com/isaacs/node-tar/issues/445 https://github.com/isaacs/node-tar/pull/446 https://github.com/isaacs/node-tar/security/advisories/GHSA-29xp-372q-xqph https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-64118.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "tar", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "W/d4trZ7jb2yxjrq4cNOWA==": { "id": "W/d4trZ7jb2yxjrq4cNOWA==", "updater": "rhel-vex", "name": "CVE-2022-3219", "description": "A vulnerability was found in GnuPG. GnuPG can spin on a relatively small input by crafting a public key with thousands of signatures attached and compressed down to a few kilobytes. This issue can potentially cause a denial of service.", "issued": "2022-09-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-3219 https://bugzilla.redhat.com/show_bug.cgi?id=2127010 https://www.cve.org/CVERecord?id=CVE-2022-3219 https://nvd.nist.gov/vuln/detail/CVE-2022-3219 https://dev.gnupg.org/D556 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-3219.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "WGvgNwrW2u5APZcidQ6v1Q==": { "id": "WGvgNwrW2u5APZcidQ6v1Q==", "updater": "rhel-vex", "name": "CVE-2026-27456", "description": "A flaw was found in util-linux. When an /etc/fstab entry is configured with the user,loop options, the `mount` program checks the file path with user permissions but later opens it with root privileges. This creates a brief Time-of-Check-Time-of-Use (TOCTOU) window where an attacker can substitute the intended file with a malicious symbolic link. This allows a local unprivileged user to mount any root-owned file or block device that contains a valid filesystem, gaining full read access to its contents.", "issued": "2026-04-03T21:23:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-27456 https://bugzilla.redhat.com/show_bug.cgi?id=2454956 https://www.cve.org/CVERecord?id=CVE-2026-27456 https://nvd.nist.gov/vuln/detail/CVE-2026-27456 https://github.com/util-linux/util-linux/commit/5e390467b26a3cf3fecc04e1a0d482dff3162fc4 https://github.com/util-linux/util-linux/releases/tag/v2.41.4 https://github.com/util-linux/util-linux/security/advisories/GHSA-qq4x-vfq4-9h9g https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-27456.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "util-linux", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "WcChSpNAL6V9Xfxc9AqW7g==": { "id": "WcChSpNAL6V9Xfxc9AqW7g==", "updater": "rhel-vex", "name": "CVE-2025-15469", "description": "A flaw was found in openssl. When a user signs or verifies files larger than 16MB using the `openssl dgst` command with one-shot algorithms, the tool silently truncates the input to 16MB. This creates an integrity gap, allowing trailing data beyond the initial 16MB to be modified without detection because it remains unauthenticated. This vulnerability primarily impacts workflows that both sign and verify files using the affected `openssl dgst` command.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15469 https://bugzilla.redhat.com/show_bug.cgi?id=2430378 https://www.cve.org/CVERecord?id=CVE-2025-15469 https://nvd.nist.gov/vuln/detail/CVE-2025-15469 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15469.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "X37PWFfcTFBuBxL2613UQg==": { "id": "X37PWFfcTFBuBxL2613UQg==", "updater": "rhel-vex", "name": "CVE-2026-4786", "description": "A flaw was found in the Python webbrowser.open() API. If a specially crafted URL containing \"%action\" is processed, an attacker could bypass a previous mitigation for CVE-2026-4519. This bypass allows for command injection into the underlying shell, potentially leading to arbitrary code execution.", "issued": "2026-04-13T21:52:19Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4786 https://bugzilla.redhat.com/show_bug.cgi?id=2458049 https://www.cve.org/CVERecord?id=CVE-2026-4786 https://nvd.nist.gov/vuln/detail/CVE-2026-4786 https://github.com/python/cpython/issues/148169 https://github.com/python/cpython/pull/148170 https://mail.python.org/archives/list/security-announce@python.org/thread/JQDUNJVB4AQNTJECSUKOBDU3XCJIPSE5/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4786.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L", "normalized_severity": "High", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "XBiy/XVR6SoThCkYUmkD1g==": { "id": "XBiy/XVR6SoThCkYUmkD1g==", "updater": "rhel-vex", "name": "CVE-2026-33056", "description": "A flaw was found in tar-rs, a Rust library for reading and writing tar archives. When unpacking a crafted tar archive, an attacker can exploit a symbolic link vulnerability. By including a symlink followed by a directory with the same name, the library incorrectly applies file permissions to the symlink's target. This allows an attacker to modify the permissions of arbitrary directories outside the intended extraction location.", "issued": "2026-03-20T07:11:10Z", "links": "https://access.redhat.com/security/cve/CVE-2026-33056 https://bugzilla.redhat.com/show_bug.cgi?id=2449490 https://www.cve.org/CVERecord?id=CVE-2026-33056 https://nvd.nist.gov/vuln/detail/CVE-2026-33056 https://github.com/alexcrichton/tar-rs/commit/17b1fd84e632071cb8eef9d3709bf347bd266446 https://github.com/alexcrichton/tar-rs/security/advisories/GHSA-j4xf-2g29-59ph https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33056.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "tar", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "XXiaw1EwhFkuilI94EKiqQ==": { "id": "XXiaw1EwhFkuilI94EKiqQ==", "updater": "rhel-vex", "name": "CVE-2026-5713", "description": "A flaw was found in Python. A malicious Python process could exploit the \"profiling.sampling\" module and \"asyncio introspection capabilities\" to read and write memory addresses within a privileged process. This vulnerability occurs when the privileged process connects to the malicious process via its remote debugging feature, potentially leading to information disclosure and arbitrary code execution. Successful exploitation requires repeated connections, which may cause instability in the connecting process.", "issued": "2026-04-14T15:11:51Z", "links": "https://access.redhat.com/security/cve/CVE-2026-5713 https://bugzilla.redhat.com/show_bug.cgi?id=2458239 https://www.cve.org/CVERecord?id=CVE-2026-5713 https://nvd.nist.gov/vuln/detail/CVE-2026-5713 https://github.com/python/cpython/issues/148178 https://github.com/python/cpython/pull/148187 https://mail.python.org/archives/list/security-announce@python.org/thread/OG4RHARYSNIE22GGOMVMCRH76L5HKPLM/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5713.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "XbpXfbeApuDuIKvY0/qWiA==": { "id": "XbpXfbeApuDuIKvY0/qWiA==", "updater": "rhel-vex", "name": "CVE-2026-3731", "description": "A flaw was found in libssh. A remote attacker could trigger an out-of-bounds read vulnerability in the SFTP Extension Name Handler by manipulating the `idx` argument in the `sftp_extensions_get_name` or `sftp_extensions_get_data` functions. This could lead to a Denial of Service (DoS), making the affected system unresponsive.", "issued": "2026-03-08T10:32:19Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3731 https://bugzilla.redhat.com/show_bug.cgi?id=2445579 https://www.cve.org/CVERecord?id=CVE-2026-3731 https://nvd.nist.gov/vuln/detail/CVE-2026-3731 https://gitlab.com/libssh/libssh-mirror/-/commit/855a0853ad3abd4a6cd85ce06fce6d8d4c7a0b60 https://vuldb.com/?ctiid.349709 https://vuldb.com/?id.349709 https://vuldb.com/?submit.767120 https://www.libssh.org/files/0.12/libssh-0.12.0.tar.xz https://www.libssh.org/security/advisories/libssh-2026-sftp-extensions.txt https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3731.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "libssh", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "XygysGe2kdlyCRQHM1fu3w==": { "id": "XygysGe2kdlyCRQHM1fu3w==", "updater": "rhel-vex", "name": "CVE-2025-5917", "description": "A vulnerability has been identified in the libarchive library. This flaw involves an 'off-by-one' miscalculation when handling prefixes and suffixes for file names. This can lead to a 1-byte write overflow. While seemingly small, such an overflow can corrupt adjacent memory, leading to unpredictable program behavior, crashes, or in specific circumstances, could be leveraged as a building block for more sophisticated exploitation. This bug affects libarchive versions prior to 3.8.0.", "issued": "2025-05-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5917 https://bugzilla.redhat.com/show_bug.cgi?id=2370874 https://www.cve.org/CVERecord?id=CVE-2025-5917 https://nvd.nist.gov/vuln/detail/CVE-2025-5917 https://github.com/libarchive/libarchive/pull/2588 https://github.com/libarchive/libarchive/releases/tag/v3.8.0 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5917.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "YiJlkUTKf0/7+ORZMmQ2cw==": { "id": "YiJlkUTKf0/7+ORZMmQ2cw==", "updater": "rhel-vex", "name": "CVE-2025-25724", "description": "A flaw was found in the libarchive package. Affected versions of libarchive do not check a strftime return value, which can lead to a denial of service or unspecified other impacts via a crafted TAR archive that is read with a verbose value of 2. For example, the 100-byte buffer may not be sufficient for a custom locale.", "issued": "2025-03-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-25724 https://bugzilla.redhat.com/show_bug.cgi?id=2349221 https://www.cve.org/CVERecord?id=CVE-2025-25724 https://nvd.nist.gov/vuln/detail/CVE-2025-25724 https://gist.github.com/Ekkosun/a83870ce7f3b7813b9b462a395e8ad92 https://github.com/Ekkosun/pocs/blob/main/bsdtarbug https://github.com/libarchive/libarchive/blob/b439d586f53911c84be5e380445a8a259e19114c/tar/util.c#L751-L752 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-25724.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "YoCxZvEp16Bt9LDv+Ficeg==": { "id": "YoCxZvEp16Bt9LDv+Ficeg==", "updater": "rhel-vex", "name": "CVE-2025-64506", "description": "A buffer over read flaw has been discovered in libpng. A heap buffer over-read vulnerability exists in libpng's png_write_image_8bit function when processing 8-bit images through the simplified write API with convert_to_8bit enabled. The vulnerability affects 8-bit grayscale+alpha, RGB/RGBA, and images with incomplete row data. A conditional guard incorrectly allows 8-bit input to enter code expecting 16-bit input, causing reads up to 2 bytes beyond allocated buffer boundaries.", "issued": "2025-11-24T23:41:09Z", "links": "https://access.redhat.com/security/cve/CVE-2025-64506 https://bugzilla.redhat.com/show_bug.cgi?id=2416906 https://www.cve.org/CVERecord?id=CVE-2025-64506 https://nvd.nist.gov/vuln/detail/CVE-2025-64506 https://github.com/pnggroup/libpng/commit/2bd84c019c300b78e811743fbcddb67c9d9bf821 https://github.com/pnggroup/libpng/pull/749 https://github.com/pnggroup/libpng/security/advisories/GHSA-qpr4-xm66-hww6 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-64506.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ZTGiJlkqcqrCLJSY/Sq8lA==": { "id": "ZTGiJlkqcqrCLJSY/Sq8lA==", "updater": "rhel-vex", "name": "CVE-2020-19186", "description": "A flaw has been identified in the ncurses library. This issue occurs when processing a crafted terminfo database, causing a buffer over-read, resulting in an application crash.", "issued": "2019-05-03T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-19186 https://bugzilla.redhat.com/show_bug.cgi?id=2234908 https://www.cve.org/CVERecord?id=CVE-2020-19186 https://nvd.nist.gov/vuln/detail/CVE-2020-19186 https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-19186.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ZkEez7f24VNVhTaTCDhuEg==": { "id": "ZkEez7f24VNVhTaTCDhuEg==", "updater": "rhel-vex", "name": "CVE-2025-15468", "description": "A flaw was found in openssl. A remote attacker could trigger a NULL pointer dereference by sending an unknown or unsupported cipher ID during the client hello callback in applications using the QUIC (Quick UDP Internet Connections) protocol. This vulnerability, occurring when the SSL_CIPHER_find() function is called in this specific context, leads to an abnormal termination of the running process, causing a Denial of Service (DoS).", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15468 https://bugzilla.redhat.com/show_bug.cgi?id=2430377 https://www.cve.org/CVERecord?id=CVE-2025-15468 https://nvd.nist.gov/vuln/detail/CVE-2025-15468 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15468.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ZlxfTVb/4bi6yWQ+JLaOnw==": { "id": "ZlxfTVb/4bi6yWQ+JLaOnw==", "updater": "rhel-vex", "name": "CVE-2026-2297", "description": "A flaw was found in CPython. This vulnerability allows a local user with low privileges to bypass security auditing mechanisms. The issue occurs because the SourcelessFileLoader component, responsible for handling older Python compiled files (.pyc), does not properly trigger system audit events. This oversight could enable malicious activities to go undetected, compromising the integrity of the system.", "issued": "2026-03-04T22:10:43Z", "links": "https://access.redhat.com/security/cve/CVE-2026-2297 https://bugzilla.redhat.com/show_bug.cgi?id=2444691 https://www.cve.org/CVERecord?id=CVE-2026-2297 https://nvd.nist.gov/vuln/detail/CVE-2026-2297 https://github.com/python/cpython/commit/482d6f8bdba9da3725d272e8bb4a2d25fb6a603e https://github.com/python/cpython/commit/a51b1b512de1d56b3714b65628a2eae2b07e535e https://github.com/python/cpython/commit/e58e9802b9bec5cdbf48fc9bf1da5f4fda482e86 https://github.com/python/cpython/issues/145506 https://github.com/python/cpython/pull/145507 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-2297.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Znm2hdK/FULQhTTGTVX59Q==": { "id": "Znm2hdK/FULQhTTGTVX59Q==", "updater": "rhel-vex", "name": "CVE-2026-3783", "description": "A flaw was found in curl. When an OAuth2 bearer token is used for an HTTP(S) transfer that redirects to a second URL, curl could unintentionally leak the token. This occurs if the second hostname has entries in the `.netrc` file, allowing the bearer token intended for the first host to be sent to the redirected host. This information disclosure could allow an attacker to gain unauthorized access.", "issued": "2026-03-11T10:09:08Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3783 https://bugzilla.redhat.com/show_bug.cgi?id=2446450 https://www.cve.org/CVERecord?id=CVE-2026-3783 https://nvd.nist.gov/vuln/detail/CVE-2026-3783 http://www.openwall.com/lists/oss-security/2026/03/11/2 https://curl.se/docs/CVE-2026-3783.html https://curl.se/docs/CVE-2026-3783.json https://hackerone.com/reports/3583983 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3783.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Zp9+pixFuNBueE2yO610gQ==": { "id": "Zp9+pixFuNBueE2yO610gQ==", "updater": "rhel-vex", "name": "CVE-2024-56433", "description": "A flaw was found in shadow-utils. Affected versions of shadow-utils establish a default /etc/subuid behavior, for example, uid 100000 through 165535 for the first user account, that can conflict with the uids of users defined on locally administered networks. This issue potentially leads to account takeover by leveraging newuidmap for access to an NFS home directory or same-host resources for remote logins by these local network users.", "issued": "2024-12-26T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-56433 https://bugzilla.redhat.com/show_bug.cgi?id=2334165 https://www.cve.org/CVERecord?id=CVE-2024-56433 https://nvd.nist.gov/vuln/detail/CVE-2024-56433 https://github.com/shadow-maint/shadow/blob/e2512d5741d4a44bdd81a8c2d0029b6222728cf0/etc/login.defs#L238-L241 https://github.com/shadow-maint/shadow/issues/1157 https://github.com/shadow-maint/shadow/releases/tag/4.4 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-56433.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "shadow-utils", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ZvX4VR3jvMBd1Wq+RxNTgg==": { "id": "ZvX4VR3jvMBd1Wq+RxNTgg==", "updater": "rhel-vex", "name": "CVE-2020-35512", "description": "A use-after-free flaw was found in D-Bus when a system has multiple usernames sharing the same UID. When a set of policy rules references these usernames, D-Bus may free some memory in the heap, which is still used by data structures necessary for the other usernames sharing the UID, possibly leading to a crash or other undefined behaviors.", "issued": "2020-06-30T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-35512 https://bugzilla.redhat.com/show_bug.cgi?id=1909101 https://www.cve.org/CVERecord?id=CVE-2020-35512 https://nvd.nist.gov/vuln/detail/CVE-2020-35512 https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-35512.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "dbus", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "a067YUjLHWzR99JNl/RtGQ==": { "id": "a067YUjLHWzR99JNl/RtGQ==", "updater": "rhel-vex", "name": "CVE-2025-4598", "description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process.\n\nA SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "issued": "2025-05-29T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-4598 https://bugzilla.redhat.com/show_bug.cgi?id=2369242 https://www.cve.org/CVERecord?id=CVE-2025-4598 https://nvd.nist.gov/vuln/detail/CVE-2025-4598 https://www.openwall.com/lists/oss-security/2025/05/29/3 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-4598.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "avzu5SRbIjcduH4QdmZ1gg==": { "id": "avzu5SRbIjcduH4QdmZ1gg==", "updater": "rhel-vex", "name": "CVE-2026-0966", "description": "The API function `ssh_get_hexa()` is vulnerable, when 0-lenght\ninput is provided to this function. This function is used internally\nin `ssh_get_fingerprint_hash()` and `ssh_print_hexa()` (deprecated),\nwhich is vulnerable to the same input (length is provided by the\ncalling application).\n\nThe function is also used internally in the gssapi code for logging\nthe OIDs received by the server during GSSAPI authentication. This\ncould be triggered remotely, when the server allows GSSAPI authentication\nand logging verbosity is set at least to SSH_LOG_PACKET (3). This\ncould cause self-DoS of the per-connection daemon process.", "issued": "2026-02-10T18:47:15Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0966 https://bugzilla.redhat.com/show_bug.cgi?id=2433121 https://www.cve.org/CVERecord?id=CVE-2026-0966 https://nvd.nist.gov/vuln/detail/CVE-2026-0966 https://www.libssh.org/2026/02/10/libssh-0-12-0-and-0-11-4-security-releases/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0966.json", "severity": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "libssh", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "cCowLuOsLfTMmPFOoqUVww==": { "id": "cCowLuOsLfTMmPFOoqUVww==", "updater": "rhel-vex", "name": "CVE-2024-0397", "description": "A vulnerability was found in Python. A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “cert_store_stats()” and “get_ca_certs()”. The race condition can be triggered if the methods are called at the same time that certificates are loaded into the SSLContext, such as during the TLS handshake with a configured certificate directory.", "issued": "2024-06-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-0397 https://bugzilla.redhat.com/show_bug.cgi?id=2301891 https://www.cve.org/CVERecord?id=CVE-2024-0397 https://nvd.nist.gov/vuln/detail/CVE-2024-0397 https://mail.python.org/archives/list/security-announce@python.org/thread/BMAK5BCGKYWNJOACVUSLUF6SFGBIM4VP/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-0397.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "cW+DgNrGAeRAwNB4wrDZhw==": { "id": "cW+DgNrGAeRAwNB4wrDZhw==", "updater": "rhel-vex", "name": "CVE-2026-22695", "description": "A flaw was found in libpng, a reference library for processing PNG (Portable Network Graphics) image files. A local attacker could exploit a heap buffer over-read vulnerability in the `png_image_finish_read` function by tricking a user into processing a specially crafted interlaced 16-bit PNG file with an 8-bit output format and non-minimal row stride. This could lead to a denial of service (DoS) and potentially information disclosure.", "issued": "2026-01-12T22:55:40Z", "links": "https://access.redhat.com/security/cve/CVE-2026-22695 https://bugzilla.redhat.com/show_bug.cgi?id=2428825 https://www.cve.org/CVERecord?id=CVE-2026-22695 https://nvd.nist.gov/vuln/detail/CVE-2026-22695 https://github.com/pnggroup/libpng/commit/218612ddd6b17944e21eda56caf8b4bf7779d1ea https://github.com/pnggroup/libpng/commit/e4f7ad4ea2 https://github.com/pnggroup/libpng/issues/778 https://github.com/pnggroup/libpng/security/advisories/GHSA-mmq5-27w3-rxpp https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-22695.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "cqYWiTibDLM7aibErMKang==": { "id": "cqYWiTibDLM7aibErMKang==", "updater": "rhel-vex", "name": "CVE-2026-4437", "description": "A flaw was found in glibc (the GNU C Library). When an application uses the `gethostbyaddr` or `gethostbyaddr_r` functions with a `nsswitch.conf` configuration that specifies glibc's DNS backend, a remote attacker can send a specially crafted DNS (Domain Name System) response. This crafted response can cause the application to incorrectly interpret a non-answer section of the DNS response as a valid answer, leading to potential misbehavior or incorrect information processing.", "issued": "2026-03-20T19:59:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4437 https://bugzilla.redhat.com/show_bug.cgi?id=2449777 https://www.cve.org/CVERecord?id=CVE-2026-4437 https://nvd.nist.gov/vuln/detail/CVE-2026-4437 https://sourceware.org/bugzilla/show_bug.cgi?id=34014 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4437.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "crmilTSJ/pTSPBKY9EJmZg==": { "id": "crmilTSJ/pTSPBKY9EJmZg==", "updater": "rhel-vex", "name": "CVE-2025-14524", "description": "A flaw was found in curl. When an OAuth2 (Open Authorization) bearer token is used for an HTTP(S) transfer, and that transfer performs a cross-protocol redirect to a different scheme like IMAP, LDAP, POP3, or SMTP, curl might incorrectly pass the bearer token to the new target host. This could lead to information disclosure, where sensitive authentication tokens are exposed to unintended recipients.", "issued": "2026-01-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14524 https://bugzilla.redhat.com/show_bug.cgi?id=2426407 https://www.cve.org/CVERecord?id=CVE-2025-14524 https://nvd.nist.gov/vuln/detail/CVE-2025-14524 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14524.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "eCNdMtt9JN2Rrb8I23NIsA==": { "id": "eCNdMtt9JN2Rrb8I23NIsA==", "updater": "rhel-vex", "name": "CVE-2026-34990", "description": "A flaw was found in OpenPrinting CUPS. A local unprivileged user can exploit this vulnerability by coercing the `cupsd` service to authenticate to an attacker-controlled Internet Printing Protocol (IPP) service. This allows the user to create a persistent printer queue that can overwrite arbitrary files with root privileges. Successful exploitation can lead to privilege escalation and arbitrary root command execution.", "issued": "2026-04-03T21:14:09Z", "links": "https://access.redhat.com/security/cve/CVE-2026-34990 https://bugzilla.redhat.com/show_bug.cgi?id=2454947 https://www.cve.org/CVERecord?id=CVE-2026-34990 https://nvd.nist.gov/vuln/detail/CVE-2026-34990 https://github.com/OpenPrinting/cups/security/advisories/GHSA-c54j-2vqw-wpwp https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-34990.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "cups", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "eohUFw28jV3sGLZE2CBPXA==": { "id": "eohUFw28jV3sGLZE2CBPXA==", "updater": "rhel-vex", "name": "CVE-2025-4878", "description": "A vulnerability was found in libssh, where an uninitialized variable exists under certain conditions in the privatekey_from_file() function. This flaw can be triggered if the file specified by the filename doesn't exist and may lead to possible signing failures or heap corruption.", "issued": "2025-06-24T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-4878 https://bugzilla.redhat.com/show_bug.cgi?id=2376184 https://www.cve.org/CVERecord?id=CVE-2025-4878 https://nvd.nist.gov/vuln/detail/CVE-2025-4878 https://git.libssh.org/projects/libssh.git/commit/?id=697650caa97eaf7623924c75f9fcfec6dd423cd1 https://git.libssh.org/projects/libssh.git/commit/?id=b35ee876adc92a208d47194772e99f9c71e0bedb https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-4878.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "libssh", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "eqoqeJN8gMUINJLH2PXP7g==": { "id": "eqoqeJN8gMUINJLH2PXP7g==", "updater": "rhel-vex", "name": "CVE-2018-1000654", "description": "GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 contains a DoS, specifically CPU usage will reach 100% when running asn1Paser against the POC due to an issue in _asn1_expand_object_id(p_tree), after a long time, the program will be killed. This attack appears to be exploitable via parsing a crafted file.", "issued": "2018-08-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2018-1000654 https://bugzilla.redhat.com/show_bug.cgi?id=1621972 https://www.cve.org/CVERecord?id=CVE-2018-1000654 https://nvd.nist.gov/vuln/detail/CVE-2018-1000654 https://security.access.redhat.com/data/csaf/v2/vex/2018/cve-2018-1000654.json", "severity": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libtasn1", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "fXpWtuXNPi3tb2edhk37bw==": { "id": "fXpWtuXNPi3tb2edhk37bw==", "updater": "rhel-vex", "name": "CVE-2024-2236", "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", "issued": "2024-03-06T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-2236 https://bugzilla.redhat.com/show_bug.cgi?id=2245218 https://www.cve.org/CVERecord?id=CVE-2024-2236 https://nvd.nist.gov/vuln/detail/CVE-2024-2236 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-2236.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "libgcrypt", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "fayrPya6DVXP9weWvA6obQ==": { "id": "fayrPya6DVXP9weWvA6obQ==", "updater": "rhel-vex", "name": "CVE-2024-7264", "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "issued": "2024-07-31T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-7264 https://bugzilla.redhat.com/show_bug.cgi?id=2301888 https://www.cve.org/CVERecord?id=CVE-2024-7264 https://nvd.nist.gov/vuln/detail/CVE-2024-7264 https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixMSQL https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-7264.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "fvGjL9hw9hDQockMTb7lrA==": { "id": "fvGjL9hw9hDQockMTb7lrA==", "updater": "rhel-vex", "name": "CVE-2021-4209", "description": "A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances.", "issued": "2021-12-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-4209 https://bugzilla.redhat.com/show_bug.cgi?id=2044156 https://www.cve.org/CVERecord?id=CVE-2021-4209 https://nvd.nist.gov/vuln/detail/CVE-2021-4209 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-4209.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "gnutls", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "gaFOKxy9D9KR/Iyd+kDZoA==": { "id": "gaFOKxy9D9KR/Iyd+kDZoA==", "updater": "rhel-vex", "name": "CVE-2025-50182", "description": "A flaw was found in urllib3. The library fails to properly validate redirect URLs, allowing an attacker to manipulate redirect chains when used in environments like Pyodide utilizing the JavaScript Fetch API. This lack of validation can enable a remote attacker to control the redirect destination, leading to arbitrary URL redirection. Consequently, an attacker can redirect users to malicious websites. This \nvulnerability stems from a failure to constrain the redirect target.", "issued": "2025-06-19T01:42:44Z", "links": "https://access.redhat.com/security/cve/CVE-2025-50182 https://bugzilla.redhat.com/show_bug.cgi?id=2373800 https://www.cve.org/CVERecord?id=CVE-2025-50182 https://nvd.nist.gov/vuln/detail/CVE-2025-50182 https://github.com/urllib3/urllib3/commit/7eb4a2aafe49a279c29b6d1f0ed0f42e9736194f https://github.com/urllib3/urllib3/security/advisories/GHSA-48p4-8xcf-vxj5 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-50182.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-pip", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "gagftKXuSuh9pi4dRu9yPQ==": { "id": "gagftKXuSuh9pi4dRu9yPQ==", "updater": "rhel-vex", "name": "CVE-2024-2511", "description": "A flaw was found in OpenSSL. A malicious client can trigger an uncontrolled memory consumption, resulting in a Denial of Service. This issue occurs due to OpenSSL's TLSv1.3 session cache going into an incorrect state, leading to it failing to flush properly as it fills. OpenSSL must be configured with the non-default SSL_OP_NO_TICKET option enabled to be vulnerable. This issue only affects TLSv1.3 servers, while TLS clients are not affected.", "issued": "2024-04-08T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-2511 https://bugzilla.redhat.com/show_bug.cgi?id=2274020 https://www.cve.org/CVERecord?id=CVE-2024-2511 https://nvd.nist.gov/vuln/detail/CVE-2024-2511 https://www.openssl.org/news/vulnerabilities.html https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-2511.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "h6rS2s3xilGaG0a+pIjl8A==": { "id": "h6rS2s3xilGaG0a+pIjl8A==", "updater": "rhel-vex", "name": "CVE-2026-3644", "description": "A control character validation flaw has been discovered in the Python http.cookie module. The Morsel.update(), |= operator, and unpickling paths were not patched to resolve CVE-2026-0672, allowing control characters to bypass input validation. Additionally, BaseCookie.js_output() lacked the output validation applied to BaseCookie.output().", "issued": "2026-03-16T17:37:31Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3644 https://bugzilla.redhat.com/show_bug.cgi?id=2448168 https://www.cve.org/CVERecord?id=CVE-2026-3644 https://nvd.nist.gov/vuln/detail/CVE-2026-3644 https://github.com/python/cpython/commit/57e88c1cf95e1481b94ae57abe1010469d47a6b4 https://github.com/python/cpython/issues/145599 https://github.com/python/cpython/pull/145600 https://mail.python.org/archives/list/security-announce@python.org/thread/H6CADMBCDRFGWCMOXWUIHFJNV43GABJ7/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3644.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "hfBpyVezkUAf98QWnlvzIA==": { "id": "hfBpyVezkUAf98QWnlvzIA==", "updater": "rhel-vex", "name": "CVE-2026-34743", "description": "A flaw was found in XZ Utils. When the `lzma_index_decoder()` function processes an empty index, and a subsequent `lzma_index_append()` operation is performed, insufficient memory is allocated. This can lead to a buffer overflow, potentially causing a denial of service (DoS) for affected systems.", "issued": "2026-04-02T18:36:37Z", "links": "https://access.redhat.com/security/cve/CVE-2026-34743 https://bugzilla.redhat.com/show_bug.cgi?id=2454589 https://www.cve.org/CVERecord?id=CVE-2026-34743 https://nvd.nist.gov/vuln/detail/CVE-2026-34743 https://github.com/tukaani-project/xz/commit/c8c22869e780ff57c96b46939c3d79ff99395f87 https://github.com/tukaani-project/xz/releases/tag/v5.8.3 https://github.com/tukaani-project/xz/security/advisories/GHSA-x872-m794-cxhv https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-34743.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "xz", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "hkP7fdNBNcMv5alTtw0c+Q==": { "id": "hkP7fdNBNcMv5alTtw0c+Q==", "updater": "rhel-vex", "name": "CVE-2025-13151", "description": "A flaw was found in libtasn1. A remote attacker could exploit a stack-based buffer overflow vulnerability in the `asn1_expend_octet_string` function. This occurs due to a failure in validating the size of input data. Successful exploitation can lead to a Denial of Service (DoS) condition, making the affected system or application unavailable.", "issued": "2026-01-07T21:14:05Z", "links": "https://access.redhat.com/security/cve/CVE-2025-13151 https://bugzilla.redhat.com/show_bug.cgi?id=2427698 https://www.cve.org/CVERecord?id=CVE-2025-13151 https://nvd.nist.gov/vuln/detail/CVE-2025-13151 https://gitlab.com/gnutls/libtasn1 https://gitlab.com/gnutls/libtasn1/-/merge_requests/121 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-13151.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "libtasn1", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ho4M6//kfDyE5kZ9fbpV0g==": { "id": "ho4M6//kfDyE5kZ9fbpV0g==", "updater": "rhel-vex", "name": "CVE-2025-14819", "description": "A flaw was found in libcurl. When handling secure connections (TLS) and reusing connection settings, libcurl could incorrectly apply a cached security setting related to certificate chain validation. This could allow libcurl to accept a server's security certificate that it should have otherwise rejected, potentially compromising the integrity of the secure connection.", "issued": "2026-01-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14819 https://bugzilla.redhat.com/show_bug.cgi?id=2426408 https://www.cve.org/CVERecord?id=CVE-2025-14819 https://nvd.nist.gov/vuln/detail/CVE-2025-14819 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14819.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "iEGZHZXt8HWPSM5eJesddQ==": { "id": "iEGZHZXt8HWPSM5eJesddQ==", "updater": "rhel-vex", "name": "CVE-2025-7039", "description": "A flaw was found in glib. An integer overflow during temporary file creation leads to an out-of-bounds memory access, allowing an attacker to potentially perform path traversal or access private temporary file content by creating symbolic links. This vulnerability allows a local attacker to manipulate file paths and access unauthorized data. The core issue stems from insufficient validation of file path lengths during temporary file operations.", "issued": "2025-07-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-7039 https://bugzilla.redhat.com/show_bug.cgi?id=2392423 https://www.cve.org/CVERecord?id=CVE-2025-7039 https://nvd.nist.gov/vuln/detail/CVE-2025-7039 https://gitlab.gnome.org/GNOME/glib/-/issues/3716 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-7039.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "icj6a8bc4dYK/DJNvkU0+A==": { "id": "icj6a8bc4dYK/DJNvkU0+A==", "updater": "rhel-vex", "name": "CVE-2022-41409", "description": "A flaw was found in PCRE2, where it is susceptible to an integer overflow vulnerability triggered by a negative repeat value in the pcre2test subject line that causes infinite looping. This flaw allows a remote attacker to pass specially crafted data to the application, initiating an integer overflow and executing a denial of service (DoS) attack.", "issued": "2023-07-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-41409 https://bugzilla.redhat.com/show_bug.cgi?id=2260814 https://www.cve.org/CVERecord?id=CVE-2022-41409 https://nvd.nist.gov/vuln/detail/CVE-2022-41409 https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35 https://github.com/PCRE2Project/pcre2/issues/141 https://github.com/advisories/GHSA-4qfx-v7wh-3q4j https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-41409.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "pcre2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ieASPdYzGxWke8nZZhE02Q==": { "id": "ieASPdYzGxWke8nZZhE02Q==", "updater": "rhel-vex", "name": "CVE-2018-20657", "description": "A vulnerability was found in the demangle_template function in GNU libiberty, as distributed in GNU Binutils, where a memory leak could occur, a specially crafted file could cause the application to consume excessive memory, potentially leading to a crash.", "issued": "2018-12-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2018-20657 https://bugzilla.redhat.com/show_bug.cgi?id=1664708 https://www.cve.org/CVERecord?id=CVE-2018-20657 https://nvd.nist.gov/vuln/detail/CVE-2018-20657 https://security.access.redhat.com/data/csaf/v2/vex/2018/cve-2018-20657.json", "severity": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gcc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "j1KIfSLRyAo+5FqbDzJbtg==": { "id": "j1KIfSLRyAo+5FqbDzJbtg==", "updater": "rhel-vex", "name": "CVE-2025-5278", "description": "A flaw was found in GNU Coreutils. The sort utility's begfield() function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitive data.", "issued": "2025-05-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5278 https://bugzilla.redhat.com/show_bug.cgi?id=2368764 https://www.cve.org/CVERecord?id=CVE-2025-5278 https://nvd.nist.gov/vuln/detail/CVE-2025-5278 https://cgit.git.savannah.gnu.org/cgit/coreutils.git/commit/?id=8c9602e3a145e9596dc1a63c6ed67865814b6633 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5278.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "coreutils", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "jguV9kU5iHC5V/cF3+b/tg==": { "id": "jguV9kU5iHC5V/cF3+b/tg==", "updater": "rhel-vex", "name": "CVE-2025-3360", "description": "A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the g_date_time_new_from_iso8601() function.", "issued": "2025-04-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-3360 https://bugzilla.redhat.com/show_bug.cgi?id=2357754 https://www.cve.org/CVERecord?id=CVE-2025-3360 https://nvd.nist.gov/vuln/detail/CVE-2025-3360 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-3360.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "jw1ZiDut5Ot+DyVFjCrixg==": { "id": "jw1ZiDut5Ot+DyVFjCrixg==", "updater": "rhel-vex", "name": "CVE-2020-19188", "description": "A flaw was found in the ncurses library. This issue occurs when processing a crafted terminfo database, causing a stack-based buffer overflow, resulting in an application crash, leading to a denial of service.", "issued": "2019-05-03T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-19188 https://bugzilla.redhat.com/show_bug.cgi?id=2234913 https://www.cve.org/CVERecord?id=CVE-2020-19188 https://nvd.nist.gov/vuln/detail/CVE-2020-19188 https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-19188.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "kCsMurCi7F77HxJoLqd9jA==": { "id": "kCsMurCi7F77HxJoLqd9jA==", "updater": "rhel-vex", "name": "CVE-2026-34978", "description": "A flaw was found in OpenPrinting CUPS. A remote attacker can exploit a path traversal vulnerability in the RSS notifier by manipulating the `notify-recipient-uri`. This allows writing arbitrary RSS XML data to sensitive files outside the intended directory. This can lead to a denial of service (DoS) by corrupting critical system files, such as the job cache, causing the scheduler to fail and previously queued jobs to disappear.", "issued": "2026-04-03T21:15:15Z", "links": "https://access.redhat.com/security/cve/CVE-2026-34978 https://bugzilla.redhat.com/show_bug.cgi?id=2454957 https://www.cve.org/CVERecord?id=CVE-2026-34978 https://nvd.nist.gov/vuln/detail/CVE-2026-34978 https://github.com/OpenPrinting/cups/security/advisories/GHSA-f53q-7mxp-9gcr https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-34978.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "cups", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "kYYDrncBncmKkmFnSd5t3w==": { "id": "kYYDrncBncmKkmFnSd5t3w==", "updater": "rhel-vex", "name": "CVE-2017-6519", "description": "avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets. NOTE: this may overlap CVE-2015-2809.", "issued": "2015-03-31T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2017-6519 https://bugzilla.redhat.com/show_bug.cgi?id=1426712 https://www.cve.org/CVERecord?id=CVE-2017-6519 https://nvd.nist.gov/vuln/detail/CVE-2017-6519 https://www.kb.cert.org/vuls/id/550620 https://security.access.redhat.com/data/csaf/v2/vex/2017/cve-2017-6519.json", "severity": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "avahi", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "klCkJxhhNVG564GOUQMh+Q==": { "id": "klCkJxhhNVG564GOUQMh+Q==", "updater": "rhel-vex", "name": "CVE-2026-5745", "description": "A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archive_acl_from_text_nl() function. When processing a malformed ACL string (such as a bare \"d\" or \"default\" tag without subsequent fields), the function fails to perform adequate validation before advancing the pointer. An attacker can exploit this by providing a maliciously crafted archive, causing an application utilizing the libarchive API (such as bsdtar) to crash, resulting in a Denial of Service (DoS).", "issued": "2026-04-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-5745 https://bugzilla.redhat.com/show_bug.cgi?id=2455921 https://www.cve.org/CVERecord?id=CVE-2026-5745 https://nvd.nist.gov/vuln/detail/CVE-2026-5745 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5745.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "m8ueKfgkaYIYTU+xtIQcwA==": { "id": "m8ueKfgkaYIYTU+xtIQcwA==", "updater": "rhel-vex", "name": "CVE-2022-3857", "description": "[REJECTED CVE] A issue has been identified with libpng in png_setup_paeth_row() function. A crafted PNG image from a n attacker can lead to a segmentation fault and Denial of service.", "issued": "2022-11-04T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-3857 https://bugzilla.redhat.com/show_bug.cgi?id=2142600 https://www.cve.org/CVERecord?id=CVE-2022-3857 https://nvd.nist.gov/vuln/detail/CVE-2022-3857 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-3857.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "java-17-openjdk", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "mRazAXjBcgFrTolNDZHDsA==": { "id": "mRazAXjBcgFrTolNDZHDsA==", "updater": "rhel-vex", "name": "CVE-2025-6069", "description": "A denial-of-service (DoS) vulnerability has been discovered in Python's html.parser.HTMLParser class. When processing specially malformed HTML input, the parsing runtime can become quadratic with respect to the input size. This significantly increased processing time can lead to excessive resource consumption, ultimately causing a denial-of-service condition in applications that rely on this parser.", "issued": "2025-06-17T13:39:46Z", "links": "https://access.redhat.com/security/cve/CVE-2025-6069 https://bugzilla.redhat.com/show_bug.cgi?id=2373234 https://www.cve.org/CVERecord?id=CVE-2025-6069 https://nvd.nist.gov/vuln/detail/CVE-2025-6069 https://github.com/python/cpython/commit/4455cbabf991e202185a25a631af206f60bbc949 https://github.com/python/cpython/commit/6eb6c5dbfb528bd07d77b60fd71fd05d81d45c41 https://github.com/python/cpython/commit/d851f8e258c7328814943e923a7df81bca15df4b https://github.com/python/cpython/issues/135462 https://github.com/python/cpython/pull/135464 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-6069.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "mVT54HSCxoOy6IF9Noa/Zw==": { "id": "mVT54HSCxoOy6IF9Noa/Zw==", "updater": "rhel-vex", "name": "CVE-2026-6100", "description": "A flaw was found in Python's decompression modules, including `lzma.LZMADecompressor`, `bz2.BZ2Decompressor`, and `gzip.GzipFile`. This vulnerability, a use-after-free, can occur if a program attempts to re-use a decompression object after a memory allocation error, especially when the system is experiencing high memory usage. Exploitation of this flaw could potentially allow an attacker to execute arbitrary code or access sensitive data. The vulnerability is only present if the program re-uses decompressor instances across multiple decompression calls even after a `MemoryError` is raised during decompression. Using the helper functions to one-shot decompress data such as `lzma.decompress()`, `bz2.decompress()`, `gzip.decompress()`, and `zlib.decompress()` are not affected as a new decompressor instance is used per call. If the decompressor instance is not re-used after an error condition, this usage is similarly not vulnerable.", "issued": "2026-04-13T17:15:47Z", "links": "https://access.redhat.com/security/cve/CVE-2026-6100 https://bugzilla.redhat.com/show_bug.cgi?id=2457932 https://www.cve.org/CVERecord?id=CVE-2026-6100 https://nvd.nist.gov/vuln/detail/CVE-2026-6100 https://github.com/python/cpython/commit/6a5f79c8d7bbf22b083b240910c7a8781a59437d https://github.com/python/cpython/commit/8fc66aef6d7b3ae58f43f5c66f9366cc8cbbfcd2 https://github.com/python/cpython/commit/c3cf71c3366fe49acb776a639405c0eea6169c20 https://github.com/python/cpython/issues/148395 https://github.com/python/cpython/pull/148396 https://mail.python.org/archives/list/security-announce@python.org/thread/HTWB2Z6KT5QQX4RYEZAFININDHNOSIF3/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-6100.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "mouoWVvs12H8FynnB5qIsQ==": { "id": "mouoWVvs12H8FynnB5qIsQ==", "updater": "rhel-vex", "name": "CVE-2019-14250", "description": "This issue resides on libiberty code, a part of binutils, distributed with different versions of RH software. The vulnerability is triggered when the shstrndx (Section Header String Table Index) is zero in the ELF file. This specific condition leads to the integer overflow and subsequent buffer overflow.", "issued": "2019-08-09T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2019-14250 https://bugzilla.redhat.com/show_bug.cgi?id=1739490 https://www.cve.org/CVERecord?id=CVE-2019-14250 https://nvd.nist.gov/vuln/detail/CVE-2019-14250 https://security.access.redhat.com/data/csaf/v2/vex/2019/cve-2019-14250.json", "severity": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gcc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "n83jaRl/T6kiaoMyWtX8xw==": { "id": "n83jaRl/T6kiaoMyWtX8xw==", "updater": "rhel-vex", "name": "CVE-2021-24032", "description": "A flaw was found in zstd. While the final file mode is reflective of the input file, when compressing or uncompressing, the file can temporarily gain greater permissions than the input and potentially leading to security issues (especially if large files are being handled).", "issued": "2021-02-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-24032 https://bugzilla.redhat.com/show_bug.cgi?id=1928090 https://www.cve.org/CVERecord?id=CVE-2021-24032 https://nvd.nist.gov/vuln/detail/CVE-2021-24032 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-24032.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "zstd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "nYtstWEUOCTbjAlmYOKURA==": { "id": "nYtstWEUOCTbjAlmYOKURA==", "updater": "rhel-vex", "name": "CVE-2025-4516", "description": "A vulnerability has been identified in CPython's bytes.decode() function when used with the \"unicode_escape\" encoding and the \"ignore\" or \"replace\" error handling modes. This flaw can result in the incorrect decoding of byte strings. While this may not directly lead to traditional security breaches like data exfiltration, the resulting unexpected program behavior could introduce instability, logic errors, or unintended side effects within applications that rely on this specific decoding functionality.", "issued": "2025-05-15T13:29:20Z", "links": "https://access.redhat.com/security/cve/CVE-2025-4516 https://bugzilla.redhat.com/show_bug.cgi?id=2366509 https://www.cve.org/CVERecord?id=CVE-2025-4516 https://nvd.nist.gov/vuln/detail/CVE-2025-4516 https://github.com/python/cpython/commit/69b4387f78f413e8c47572a85b3478c47eba8142 https://github.com/python/cpython/commit/9f69a58623bd01349a18ba0c7a9cb1dad6a51e8e https://github.com/python/cpython/issues/133767 https://github.com/python/cpython/pull/129648 https://mail.python.org/archives/list/security-announce@python.org/thread/L75IPBBTSCYEF56I2M4KIW353BB3AY74/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-4516.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ngbKDtxhn33NKWC2lhOQNQ==": { "id": "ngbKDtxhn33NKWC2lhOQNQ==", "updater": "rhel-vex", "name": "CVE-2026-1485", "description": "A flaw was found in Glib's content type parsing logic. This buffer underflow vulnerability occurs because the length of a header line is stored in a signed integer, which can lead to integer wraparound for very large inputs. This results in pointer underflow and out-of-bounds memory access. Exploitation requires a local user to install or process a specially crafted treemagic file, which can lead to local denial of service or application instability.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-1485 https://bugzilla.redhat.com/show_bug.cgi?id=2433325 https://www.cve.org/CVERecord?id=CVE-2026-1485 https://nvd.nist.gov/vuln/detail/CVE-2026-1485 https://gitlab.gnome.org/GNOME/glib/-/issues/3871 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1485.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "npBrFSWnZYxq9cizdfDfCQ==": { "id": "npBrFSWnZYxq9cizdfDfCQ==", "updater": "rhel-vex", "name": "CVE-2026-1489", "description": "A flaw was found in GLib. An integer overflow vulnerability in its Unicode case conversion implementation can lead to memory corruption. By processing specially crafted and extremely large Unicode strings, an attacker could trigger an undersized memory allocation, resulting in out-of-bounds writes. This could cause applications utilizing GLib for string conversion to crash or become unstable.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-1489 https://bugzilla.redhat.com/show_bug.cgi?id=2433348 https://www.cve.org/CVERecord?id=CVE-2026-1489 https://nvd.nist.gov/vuln/detail/CVE-2026-1489 https://gitlab.gnome.org/GNOME/glib/-/issues/3872 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1489.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "npQpPXYG8xMJ1LRSVSnKGA==": { "id": "npQpPXYG8xMJ1LRSVSnKGA==", "updater": "rhel-vex", "name": "CVE-2025-8114", "description": "A flaw was found in libssh, a library that implements the SSH protocol. When calculating the session ID during the key exchange (KEX) process, an allocation failure in cryptographic functions may lead to a NULL pointer dereference. This issue can cause the client or server to crash.", "issued": "2025-07-24T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-8114 https://bugzilla.redhat.com/show_bug.cgi?id=2383220 https://www.cve.org/CVERecord?id=CVE-2025-8114 https://nvd.nist.gov/vuln/detail/CVE-2025-8114 https://git.libssh.org/projects/libssh.git/commit/?id=53ac23ded4cb2c5463f6c4cd1525331bd578812d https://git.libssh.org/projects/libssh.git/commit/?id=65f363c9 https://www.libssh.org/security/advisories/CVE-2025-8114.txt https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-8114.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libssh", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "p2qAiuM4AsdQ5J4fBWvbBA==": { "id": "p2qAiuM4AsdQ5J4fBWvbBA==", "updater": "rhel-vex", "name": "CVE-2025-14512", "description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "issued": "2025-12-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14512 https://bugzilla.redhat.com/show_bug.cgi?id=2421339 https://www.cve.org/CVERecord?id=CVE-2025-14512 https://nvd.nist.gov/vuln/detail/CVE-2025-14512 https://gitlab.gnome.org/GNOME/glib/-/issues/3845 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14512.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "pjb5LKdJAfqIzj4N6YBwUQ==": { "id": "pjb5LKdJAfqIzj4N6YBwUQ==", "updater": "rhel-vex", "name": "CVE-2024-11053", "description": "A flaw was found in curl. A logic error when processing credentials from the .netrc file while performing redirects allows the transfer of credentials from the original host to the followed-to host under certain circumstances, leaking the credentials to the followed-to host.", "issued": "2024-12-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-11053 https://bugzilla.redhat.com/show_bug.cgi?id=2331191 https://www.cve.org/CVERecord?id=CVE-2024-11053 https://nvd.nist.gov/vuln/detail/CVE-2024-11053 https://www.oracle.com/security-alerts/cpujan2025.html#AppendixMSQL https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-11053.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "qC/lM94bJkHuTCcx6Z47mQ==": { "id": "qC/lM94bJkHuTCcx6Z47mQ==", "updater": "rhel-vex", "name": "CVE-2026-32778", "description": "A flaw was found in libexpat. This vulnerability allows an attacker to trigger a NULL pointer dereference in the `setContext` function. This occurs when the system attempts to retry an operation after an out-of-memory condition, which can lead to a Denial of Service (DoS) for the affected application.", "issued": "2026-03-16T07:02:34Z", "links": "https://access.redhat.com/security/cve/CVE-2026-32778 https://bugzilla.redhat.com/show_bug.cgi?id=2447885 https://www.cve.org/CVERecord?id=CVE-2026-32778 https://nvd.nist.gov/vuln/detail/CVE-2026-32778 https://github.com/libexpat/libexpat/pull/1159 https://github.com/libexpat/libexpat/pull/1163 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-32778.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "qXNASosSuCsudML1MqXPjw==": { "id": "qXNASosSuCsudML1MqXPjw==", "updater": "rhel-vex", "name": "CVE-2023-27534", "description": "A path traversal vulnerability exists in curl \u003c8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's home directory. Attackers can exploit this flaw to bypass filtering or execute arbitrary code by crafting a path like /~2/foo while accessing a server with a specific user.", "issued": "2023-03-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-27534 https://bugzilla.redhat.com/show_bug.cgi?id=2179069 https://www.cve.org/CVERecord?id=CVE-2023-27534 https://nvd.nist.gov/vuln/detail/CVE-2023-27534 https://curl.se/docs/CVE-2023-27534.html https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-27534.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "qv1CBAIhzNsoWe8hSWlF1g==": { "id": "qv1CBAIhzNsoWe8hSWlF1g==", "updater": "rhel-vex", "name": "CVE-2026-28390", "description": "A flaw was found in OpenSSL. A remote attacker could exploit this vulnerability by sending a specially crafted Cryptographic Message Syntax (CMS) EnvelopedData message. During the processing of a KeyTransportRecipientInfo with RSA-OAEP encryption, the system attempts to access an optional parameter field without first verifying its presence. This leads to a NULL pointer dereference, which can cause applications processing the attacker-controlled CMS data to crash, resulting in a Denial of Service (DoS).", "issued": "2026-04-07T22:00:54Z", "links": "https://access.redhat.com/security/cve/CVE-2026-28390 https://bugzilla.redhat.com/show_bug.cgi?id=2456314 https://www.cve.org/CVERecord?id=CVE-2026-28390 https://nvd.nist.gov/vuln/detail/CVE-2026-28390 https://github.com/openssl/openssl/commit/01194a8f1941115cd0383bfa91c736dd3993c8bc https://github.com/openssl/openssl/commit/2e39b7a6993be445fddb9fbce316fa756e0397b6 https://github.com/openssl/openssl/commit/af2a5fecd3e71a29e7568f9c1453dec5cebbaff4 https://github.com/openssl/openssl/commit/ea7b4ea4f9f853521ba34830cbcadc970d2e0788 https://github.com/openssl/openssl/commit/fd2f1a6cf53b9ceeca723a001aa4b825d7c7ee75 https://openssl-library.org/news/secadv/20260407.txt https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-28390.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "rCI1GSL47zJlliQotxXM4Q==": { "id": "rCI1GSL47zJlliQotxXM4Q==", "updater": "rhel-vex", "name": "CVE-2026-2673", "description": "A key group selection preference flaw has been discovered in OpenSSL. An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the \"DEFAULT\" keyword. A less preferred key exchange may be used even when a more preferred group is supported by both client and server, if the group was not included among the client's initial predicated keyshares. This will sometimes be the case with the new hybrid post-quantum groups, if the client chooses to defer their use until specifically requested by the server. No OpenSSL FIPS modules are affected by this issue, the code in question lies outside the FIPS boundary.", "issued": "2026-03-13T13:23:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-2673 https://bugzilla.redhat.com/show_bug.cgi?id=2447327 https://www.cve.org/CVERecord?id=CVE-2026-2673 https://nvd.nist.gov/vuln/detail/CVE-2026-2673 https://github.com/openssl/openssl/commit/2157c9d81f7b0bd7dfa25b960e928ec28e8dd63f https://github.com/openssl/openssl/commit/85977e013f32ceb96aa034c0e741adddc1a05e34 https://openssl-library.org/news/secadv/20260313.txt https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-2673.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "rEd6JdG2xx5NZ9bcsFRNpw==": { "id": "rEd6JdG2xx5NZ9bcsFRNpw==", "updater": "rhel-vex", "name": "CVE-2026-28388", "description": "A flaw was found in OpenSSL. When processing a malformed delta Certificate Revocation List (CRL) that lacks a required CRL Number extension, a NULL pointer dereference can occur. This vulnerability can be exploited by a remote attacker who provides a specially crafted delta CRL to an application that has delta CRL processing enabled, leading to a Denial of Service (DoS) for the application.", "issued": "2026-04-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-28388 https://bugzilla.redhat.com/show_bug.cgi?id=2451097 https://www.cve.org/CVERecord?id=CVE-2026-28388 https://nvd.nist.gov/vuln/detail/CVE-2026-28388 https://openssl-library.org/news/secadv/20260407.txt https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-28388.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "rEg00U8+//igCt+0+QBUhA==": { "id": "rEg00U8+//igCt+0+QBUhA==", "updater": "rhel-vex", "name": "CVE-2023-50495", "description": "A vulnerability was found in the NCurses package, where a segmentation fault may be triggered through _nc_wrap_entry().", "issued": "2023-12-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-50495 https://bugzilla.redhat.com/show_bug.cgi?id=2254244 https://www.cve.org/CVERecord?id=CVE-2023-50495 https://nvd.nist.gov/vuln/detail/CVE-2023-50495 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-50495.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "rVgBV65FWtFg3jitEqotFA==": { "id": "rVgBV65FWtFg3jitEqotFA==", "updater": "rhel-vex", "name": "CVE-2024-0727", "description": "A flaw was found in OpenSSL. The optional ContentInfo fields can be set to null, even if the \"type\" is a valid value, which can lead to a null dereference error that may cause a denial of service.", "issued": "2024-01-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-0727 https://bugzilla.redhat.com/show_bug.cgi?id=2259944 https://www.cve.org/CVERecord?id=CVE-2024-0727 https://nvd.nist.gov/vuln/detail/CVE-2024-0727 https://github.com/openssl/openssl/pull/23362 https://www.openssl.org/news/secadv/20240125.txt https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-0727.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "rfyVleP0iFAaKAccoWyLNQ==": { "id": "rfyVleP0iFAaKAccoWyLNQ==", "updater": "rhel-vex", "name": "CVE-2026-3805", "description": "A flaw was found in curl. When handling a second Server Message Block (SMB) request to the same host, curl incorrectly accesses memory that has already been freed. This memory corruption vulnerability, known as a use-after-free, could allow a remote attacker to potentially execute arbitrary code or cause a denial of service.", "issued": "2026-03-11T10:09:37Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3805 https://bugzilla.redhat.com/show_bug.cgi?id=2446451 https://www.cve.org/CVERecord?id=CVE-2026-3805 https://nvd.nist.gov/vuln/detail/CVE-2026-3805 http://www.openwall.com/lists/oss-security/2026/03/11/4 https://curl.se/docs/CVE-2026-3805.html https://curl.se/docs/CVE-2026-3805.json https://hackerone.com/reports/3591944 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3805.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ruDQdx7OmIsgMCpioWbqOQ==": { "id": "ruDQdx7OmIsgMCpioWbqOQ==", "updater": "rhel-vex", "name": "CVE-2025-5351", "description": "A flaw was found in the key export functionality of libssh. The issue occurs in the internal function responsible for converting cryptographic keys into serialized formats. During error handling, a memory structure is freed but not cleared, leading to a potential double free issue if an additional failure occurs later in the function. This condition may result in heap corruption or application instability in low-memory scenarios, posing a risk to system reliability where key export operations are performed.", "issued": "2025-06-24T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5351 https://bugzilla.redhat.com/show_bug.cgi?id=2369367 https://www.cve.org/CVERecord?id=CVE-2025-5351 https://nvd.nist.gov/vuln/detail/CVE-2025-5351 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5351.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libssh", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "s1kzjy+cDztHEcgHrl7kHQ==": { "id": "s1kzjy+cDztHEcgHrl7kHQ==", "updater": "rhel-vex", "name": "CVE-2026-22801", "description": "A flaw was found in libpng, a reference library for PNG (Portable Network Graphics) raster image files. An integer truncation vulnerability exists in the png_write_image_16bit and png_write_image_8bit simplified write API functions. A local attacker could exploit this flaw by providing a negative row stride (for bottom-up image layouts) or a stride exceeding 65535 bytes, leading to a heap buffer over-read. This can result in information disclosure or a denial of service (DoS) to the system.", "issued": "2026-01-12T22:57:58Z", "links": "https://access.redhat.com/security/cve/CVE-2026-22801 https://bugzilla.redhat.com/show_bug.cgi?id=2428824 https://www.cve.org/CVERecord?id=CVE-2026-22801 https://nvd.nist.gov/vuln/detail/CVE-2026-22801 https://github.com/pnggroup/libpng/security/advisories/GHSA-vgjq-8cw5-ggw8 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-22801.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "sExC9WXn4M01POjg0haQrA==": { "id": "sExC9WXn4M01POjg0haQrA==", "updater": "rhel-vex", "name": "CVE-2026-34933", "description": "A flaw was found in Avahi. An unprivileged local user can exploit this vulnerability by sending a D-Bus method call with conflicting publish flags. This can lead to a denial of service (DoS) by crashing the avahi-daemon, making the service unavailable.", "issued": "2026-04-03T22:43:26Z", "links": "https://access.redhat.com/security/cve/CVE-2026-34933 https://bugzilla.redhat.com/show_bug.cgi?id=2454978 https://www.cve.org/CVERecord?id=CVE-2026-34933 https://nvd.nist.gov/vuln/detail/CVE-2026-34933 https://github.com/avahi/avahi/commit/625ca0fac19229f6dfa3a6c6b698ae657187e50c https://github.com/avahi/avahi/pull/891 https://github.com/avahi/avahi/security/advisories/GHSA-w65r-6gxh-vhvc https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-34933.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "avahi", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "sGwL9v57mGx7f18qBkIacA==": { "id": "sGwL9v57mGx7f18qBkIacA==", "updater": "rhel-vex", "name": "CVE-2025-6075", "description": "A vulnerability in Python’s os.path.expandvars() function that can cause performance degradation. When processing specially crafted, user-controlled input with nested environment variable patterns, the function exhibits quadratic time complexity, potentially leading to excessive CPU usage and denial of service (DoS) conditions. No code execution or data exposure occurs, so the impact is limited to performance slowdown.", "issued": "2025-10-31T16:41:34Z", "links": "https://access.redhat.com/security/cve/CVE-2025-6075 https://bugzilla.redhat.com/show_bug.cgi?id=2408891 https://www.cve.org/CVERecord?id=CVE-2025-6075 https://nvd.nist.gov/vuln/detail/CVE-2025-6075 https://github.com/python/cpython/issues/136065 https://mail.python.org/archives/list/security-announce@python.org/thread/IUP5QJ6D4KK6ULHOMPC7DPNKRYQTQNLA/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-6075.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "sRVcQFAdq4Ll42smqacaCw==": { "id": "sRVcQFAdq4Ll42smqacaCw==", "updater": "rhel-vex", "name": "CVE-2022-27943", "description": "A flaw was found in binutils, where GNU GCC is vulnerable to a denial of service caused by a stack consumption in the demangle_const() function in libiberty/rust-demangle.c. The vulnerability exists due to the application not properly controlling the consumption of internal resources. By persuading a victim to open a specially-crafted file, an attacker could cause a denial of service.", "issued": "2022-03-26T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-27943 https://bugzilla.redhat.com/show_bug.cgi?id=2071728 https://www.cve.org/CVERecord?id=CVE-2022-27943 https://nvd.nist.gov/vuln/detail/CVE-2022-27943 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-27943.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "gcc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "sThg2GGoKqa1RTJ5skEJTA==": { "id": "sThg2GGoKqa1RTJ5skEJTA==", "updater": "rhel-vex", "name": "CVE-2026-24883", "description": "A flaw was found in GnuPG. A remote attacker could provide a specially crafted long signature packet that, when processed, causes the application to crash. This vulnerability leads to a denial of service (DoS), making the GnuPG application unavailable to legitimate users.", "issued": "2026-01-27T18:43:18Z", "links": "https://access.redhat.com/security/cve/CVE-2026-24883 https://bugzilla.redhat.com/show_bug.cgi?id=2433463 https://www.cve.org/CVERecord?id=CVE-2026-24883 https://nvd.nist.gov/vuln/detail/CVE-2026-24883 https://dev.gnupg.org/T8049 https://www.openwall.com/lists/oss-security/2026/01/27/8 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-24883.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "t3XJyztcU9aOXTMLI8NRmA==": { "id": "t3XJyztcU9aOXTMLI8NRmA==", "updater": "rhel-vex", "name": "CVE-2026-29111", "description": "A flaw was found in systemd, a system and service manager. An unprivileged user can exploit this vulnerability by making an Inter-Process Communication (IPC) API call with spurious data. In older versions (v249 and earlier), this can lead to stack overwriting with attacker-controlled content, potentially enabling arbitrary code execution or privilege escalation. In newer versions (v250 and later), the flaw causes systemd to assert and freeze, resulting in a Denial of Service (DoS).", "issued": "2026-03-23T21:03:56Z", "links": "https://access.redhat.com/security/cve/CVE-2026-29111 https://bugzilla.redhat.com/show_bug.cgi?id=2450505 https://www.cve.org/CVERecord?id=CVE-2026-29111 https://nvd.nist.gov/vuln/detail/CVE-2026-29111 https://github.com/systemd/systemd/commit/1d22f706bd04f45f8422e17fbde3f56ece17758a https://github.com/systemd/systemd/commit/20021e7686426052e3a7505425d7e12085feb2a6 https://github.com/systemd/systemd/commit/21167006574d6b83813c7596759b474f56562412 https://github.com/systemd/systemd/commit/3cee294fe8cf4fa0eff933ab21416d099942cabd https://github.com/systemd/systemd/commit/42aee39107fbdd7db1ccd402a2151822b2805e9f https://github.com/systemd/systemd/commit/54588d2dedff54bfb6036670820650e4ea74628f https://github.com/systemd/systemd/commit/7ac3220213690e8a8d6d2a6e81e43bd1dce01d69 https://github.com/systemd/systemd/commit/80acea4ef80a4bb78560ed970c34952299b890d6 https://github.com/systemd/systemd/commit/b5fd14693057e5f2c9b4a49603be64ec3608ff6c https://github.com/systemd/systemd/commit/efa6ba2ab625aaa160ac435a09e6482fc63bdbe8 https://github.com/systemd/systemd/security/advisories/GHSA-gx6q-6f99-m764 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-29111.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "t4oe6DBPNf5Ikk93RfTdig==": { "id": "t4oe6DBPNf5Ikk93RfTdig==", "updater": "rhel-vex", "name": "CVE-2019-12904", "description": "[Disputed] A vulnerability has been identified in Libgcrypt due to a flaw in its C implementation of AES. This vulnerability enables a remote attacker to perform a flush-and-reload side-channel attack, potentially accessing sensitive information. The vulnerability arises from the availability of physical addresses to other processes, particularly on platforms lacking an assembly-language implementation.", "issued": "2019-07-16T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2019-12904 https://bugzilla.redhat.com/show_bug.cgi?id=1730320 https://www.cve.org/CVERecord?id=CVE-2019-12904 https://nvd.nist.gov/vuln/detail/CVE-2019-12904 https://dev.gnupg.org/T4541 https://lists.gnupg.org/pipermail/gcrypt-devel/2019-July/004760.html https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-12904.html https://security.access.redhat.com/data/csaf/v2/vex/2019/cve-2019-12904.json", "severity": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "libgcrypt", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "tYeLT/YUKIk7yaK07WvPeA==": { "id": "tYeLT/YUKIk7yaK07WvPeA==", "updater": "rhel-vex", "name": "CVE-2026-32776", "description": "A flaw was found in libexpat. A remote attacker could exploit this vulnerability by providing specially crafted XML content with empty external parameter entities. This could lead to a NULL pointer dereference, causing the application to crash and resulting in a Denial of Service (DoS).", "issued": "2026-03-16T06:54:20Z", "links": "https://access.redhat.com/security/cve/CVE-2026-32776 https://bugzilla.redhat.com/show_bug.cgi?id=2447888 https://www.cve.org/CVERecord?id=CVE-2026-32776 https://nvd.nist.gov/vuln/detail/CVE-2026-32776 https://github.com/libexpat/libexpat/pull/1158 https://github.com/libexpat/libexpat/pull/1159 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-32776.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "teoauN/Djw6odXikmjP4Lw==": { "id": "teoauN/Djw6odXikmjP4Lw==", "updater": "rhel-vex", "name": "CVE-2025-68471", "description": "A flaw was found in Avahi, a system that enables devices to discover services on a local network using the mDNS/DNS-SD (Multicast Domain Name System/DNS-based Service Discovery) protocols. A remote attacker can exploit this by sending two specific network messages, known as unsolicited announcements with CNAME resource records, within a two-second timeframe. This action can cause the `avahi-daemon` process to crash, leading to a Denial of Service (DoS) for the affected system.", "issued": "2026-01-12T17:39:57Z", "links": "https://access.redhat.com/security/cve/CVE-2025-68471 https://bugzilla.redhat.com/show_bug.cgi?id=2428717 https://www.cve.org/CVERecord?id=CVE-2025-68471 https://nvd.nist.gov/vuln/detail/CVE-2025-68471 https://github.com/avahi/avahi/commit/9c6eb53bf2e290aed84b1f207e3ce35c54cc0aa1 https://github.com/avahi/avahi/issues/678 https://github.com/avahi/avahi/security/advisories/GHSA-56rf-42xr-qmmg https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-68471.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "avahi", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "tlWVK61iOpKPkvmeShS9AQ==": { "id": "tlWVK61iOpKPkvmeShS9AQ==", "updater": "rhel-vex", "name": "CVE-2025-69421", "description": "A flaw was found in OpenSSL. This vulnerability allows a remote attacker to trigger a Denial of Service (DoS) by providing a specially crafted, malformed PKCS#12 file to an application that processes it. The flaw occurs due to a NULL pointer dereference in the PKCS12_item_decrypt_d2i_ex() function when handling the malformed file, leading to an application crash.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-69421 https://bugzilla.redhat.com/show_bug.cgi?id=2430387 https://www.cve.org/CVERecord?id=CVE-2025-69421 https://nvd.nist.gov/vuln/detail/CVE-2025-69421 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69421.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "tnBbKyfWYMq7GMqd8UCfIw==": { "id": "tnBbKyfWYMq7GMqd8UCfIw==", "updater": "rhel-vex", "name": "CVE-2025-70873", "description": "A flaw was found in SQLite. This information disclosure vulnerability exists within the zipfile extension, specifically in the zipfileInflate function. A remote attacker could exploit this by providing a specially crafted ZIP file. Successful exploitation could lead to the disclosure of sensitive heap memory information.", "issued": "2026-03-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-70873 https://bugzilla.redhat.com/show_bug.cgi?id=2447086 https://www.cve.org/CVERecord?id=CVE-2025-70873 https://nvd.nist.gov/vuln/detail/CVE-2025-70873 https://gist.github.com/cnwangjihe/f496393f30f5ecec5b18c8f5ab072054 https://sqlite.org/forum/forumpost/761eac3c82 https://sqlite.org/src/info/3d459f1fb1bd1b5e https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-70873.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "sqlite", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "u7b5r2PfK9a1QyjBR1cFRw==": { "id": "u7b5r2PfK9a1QyjBR1cFRw==", "updater": "rhel-vex", "name": "CVE-2026-4046", "description": "A flaw was found in glibc, the GNU C Library. A remote attacker could exploit this vulnerability by providing specially crafted inputs using the IBM1390 or IBM1399 character sets to the `iconv()` function. This could lead to an assertion failure, causing the application to crash and resulting in a Denial of Service (DoS).", "issued": "2026-03-30T17:16:11Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4046 https://bugzilla.redhat.com/show_bug.cgi?id=2453117 https://www.cve.org/CVERecord?id=CVE-2026-4046 https://nvd.nist.gov/vuln/detail/CVE-2026-4046 https://packages.fedoraproject.org/pkgs/glibc/glibc-gconv-extra/ https://sourceware.org/bugzilla/show_bug.cgi?id=33980 https://sourceware.org/git/?p=glibc.git;a=blob_plain;f=advisories/GLIBC-SA-2026-0007;hb=HEAD https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4046.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "uEggs7thHCRp4eZu5EDH0A==": { "id": "uEggs7thHCRp4eZu5EDH0A==", "updater": "rhel-vex", "name": "CVE-2026-27171", "description": "A flaw was found in zlib. An attacker providing specially crafted input to the `crc32_combine64` or `crc32_combine_gen64` functions could trigger an infinite loop within the `x2nmodp` function. This leads to excessive CPU consumption, which can result in a Denial of Service (DoS) for the affected system.", "issued": "2026-02-18T02:36:19Z", "links": "https://access.redhat.com/security/cve/CVE-2026-27171 https://bugzilla.redhat.com/show_bug.cgi?id=2440530 https://www.cve.org/CVERecord?id=CVE-2026-27171 https://nvd.nist.gov/vuln/detail/CVE-2026-27171 https://7asecurity.com/blog/2026/02/zlib-7asecurity-audit/ https://7asecurity.com/reports/pentest-report-zlib-RC1.1.pdf https://github.com/madler/zlib/issues/904 https://github.com/madler/zlib/releases/tag/v1.3.2 https://ostif.org/zlib-audit-complete/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-27171.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "zlib", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "uWVbYb9OwW4BBqLbnE2d4A==": { "id": "uWVbYb9OwW4BBqLbnE2d4A==", "updater": "rhel-vex", "name": "CVE-2026-23865", "description": "A flaw was found in Freetype. An integer overflow vulnerability exists when processing specially crafted OpenType variable fonts. A local attacker could exploit this by convincing a user to open a malicious font file, which may lead to an out-of-bounds read and potential information disclosure or denial of service.", "issued": "2026-03-02T16:09:42Z", "links": "https://access.redhat.com/security/cve/CVE-2026-23865 https://bugzilla.redhat.com/show_bug.cgi?id=2443891 https://www.cve.org/CVERecord?id=CVE-2026-23865 https://nvd.nist.gov/vuln/detail/CVE-2026-23865 https://gitlab.com/freetype/freetype/-/commit/fc85a255849229c024c8e65f536fe1875d84841c https://sourceforge.net/projects/freetype/files/freetype2/2.14.2/ https://www.facebook.com/security/advisories/cve-2026-23865 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-23865.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "uxd8tIEkk+r2hWTEgvyv8w==": { "id": "uxd8tIEkk+r2hWTEgvyv8w==", "updater": "rhel-vex", "name": "CVE-2019-9936", "description": "In SQLite 3.27.2, running fts5 prefix queries inside a transaction could trigger a heap-based buffer over-read in fts5HashEntrySort in sqlite3.c, which may lead to an information leak. This is related to ext/fts5/fts5_hash.c.", "issued": "2019-03-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2019-9936 https://bugzilla.redhat.com/show_bug.cgi?id=1692365 https://www.cve.org/CVERecord?id=CVE-2019-9936 https://nvd.nist.gov/vuln/detail/CVE-2019-9936 https://security.access.redhat.com/data/csaf/v2/vex/2019/cve-2019-9936.json", "severity": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "sqlite", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "v1exQXePimNPt3tveLBP9g==": { "id": "v1exQXePimNPt3tveLBP9g==", "updater": "rhel-vex", "name": "CVE-2026-1965", "description": "A flaw was found in curl. When an application uses libcurl to make multiple Negotiate-authenticated HTTP or HTTPS requests to the same server with different credentials, libcurl may incorrectly reuse an existing connection. This logical error can cause a subsequent request to be sent using the authentication of a previous user, leading to an authentication bypass.", "issued": "2026-03-11T10:08:52Z", "links": "https://access.redhat.com/security/cve/CVE-2026-1965 https://bugzilla.redhat.com/show_bug.cgi?id=2446448 https://www.cve.org/CVERecord?id=CVE-2026-1965 https://nvd.nist.gov/vuln/detail/CVE-2026-1965 https://curl.se/docs/CVE-2026-1965.html https://curl.se/docs/CVE-2026-1965.json https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1965.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "vTJZ/R8pdcyDbwAwRi8cBw==": { "id": "vTJZ/R8pdcyDbwAwRi8cBw==", "updater": "rhel-vex", "name": "CVE-2025-15079", "description": "A flaw was found in curl. When performing SSH-based transfers using SCP or SFTP, libcurl could mistakenly connect to hosts not listed in the user-specified knownhosts file. This occurs if the host is present in the libssh global knownhosts file, effectively bypassing the intended host verification. This could allow a remote attacker to connect to an untrusted host, potentially leading to information disclosure or man-in-the-middle attacks.", "issued": "2026-01-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15079 https://bugzilla.redhat.com/show_bug.cgi?id=2426409 https://www.cve.org/CVERecord?id=CVE-2025-15079 https://nvd.nist.gov/vuln/detail/CVE-2025-15079 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15079.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "vx2N2RZTm7neux8kVlqgEg==": { "id": "vx2N2RZTm7neux8kVlqgEg==", "updater": "rhel-vex", "name": "CVE-2026-5704", "description": "A flaw was found in tar. A remote attacker could exploit this vulnerability by crafting a malicious archive, leading to hidden file injection with fully attacker-controlled content. This bypasses pre-extraction inspection mechanisms, potentially allowing an attacker to introduce malicious files onto a system without detection.", "issued": "2026-04-06T13:36:20Z", "links": "https://access.redhat.com/security/cve/CVE-2026-5704 https://bugzilla.redhat.com/show_bug.cgi?id=2455360 https://www.cve.org/CVERecord?id=CVE-2026-5704 https://nvd.nist.gov/vuln/detail/CVE-2026-5704 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5704.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "tar", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "wbBiCPikq6Iz02EPsysTgA==": { "id": "wbBiCPikq6Iz02EPsysTgA==", "updater": "rhel-vex", "name": "CVE-2025-14017", "description": "A flaw was found in curl. When performing multi-threaded LDAPS (Lightweight Directory Access Protocol Secure) transfers, changes to Transport Layer Security (TLS) options in one thread could inadvertently apply globally, affecting other concurrent transfers. This could lead to unintended security posture changes, such as disabling certificate verification for other threads. This vulnerability can result in a security bypass, where expected security checks are not performed.", "issued": "2026-01-08T10:07:05Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14017 https://bugzilla.redhat.com/show_bug.cgi?id=2427870 https://www.cve.org/CVERecord?id=CVE-2025-14017 https://nvd.nist.gov/vuln/detail/CVE-2025-14017 https://curl.se/docs/CVE-2025-14017.html https://curl.se/docs/CVE-2025-14017.json https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14017.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "wxS+u/uf8o4sT9iSccXQwA==": { "id": "wxS+u/uf8o4sT9iSccXQwA==", "updater": "rhel-vex", "name": "CVE-2026-4426", "description": "A flaw was found in libarchive. An Undefined Behavior vulnerability exists in the zisofs decompression logic, caused by improper validation of a field (`pz_log2_bs`) read from ISO9660 Rock Ridge extensions. A remote attacker can exploit this by supplying a specially crafted ISO file. This can lead to incorrect memory allocation and potential application crashes, resulting in a denial-of-service (DoS) condition.", "issued": "2026-03-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4426 https://bugzilla.redhat.com/show_bug.cgi?id=2449010 https://www.cve.org/CVERecord?id=CVE-2026-4426 https://nvd.nist.gov/vuln/detail/CVE-2026-4426 https://github.com/libarchive/libarchive/pull/2897 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4426.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "xCUiEQAH1lfhrKtUxQDIYA==": { "id": "xCUiEQAH1lfhrKtUxQDIYA==", "updater": "rhel-vex", "name": "CVE-2021-39537", "description": "A heap overflow vulnerability has been identified in the ncurses package, particularly in the \"tic\". This flaw results from a lack of proper bounds checking during input processing. By exploiting this boundary error, an attacker can create a malicious file, deceive the victim into opening it using the affected software, and initiate an out-of-bounds write, potentially impacting system availability.", "issued": "2020-08-04T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-39537 https://bugzilla.redhat.com/show_bug.cgi?id=2006978 https://www.cve.org/CVERecord?id=CVE-2021-39537 https://nvd.nist.gov/vuln/detail/CVE-2021-39537 https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-39537.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "xKLQGv5zNwcnWtQQKiO3Ww==": { "id": "xKLQGv5zNwcnWtQQKiO3Ww==", "updater": "rhel-vex", "name": "CVE-2026-25645", "description": "A flaw was found in the `requests` HTTP library, specifically in the `requests.utils.extract_zipped_paths()` function, which is used to load Certificate Authority (CA) bundles. A local attacker can exploit this vulnerability by pre-creating a malicious CA bundle file in the system's temporary directory. When a vulnerable application initializes the `requests` library, it may load this malicious file instead of the legitimate CA bundle, leading to a bypass of security controls and potential integrity compromise.", "issued": "2026-03-25T17:02:48Z", "links": "https://access.redhat.com/security/cve/CVE-2026-25645 https://bugzilla.redhat.com/show_bug.cgi?id=2451408 https://www.cve.org/CVERecord?id=CVE-2026-25645 https://nvd.nist.gov/vuln/detail/CVE-2026-25645 https://github.com/psf/requests/commit/66d21cb07bd6255b1280291c4fafb71803cdb3b7 https://github.com/psf/requests/releases/tag/v2.33.0 https://github.com/psf/requests/security/advisories/GHSA-gc5v-m9x4-r6x2 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-25645.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-pip", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "xLIujTim86EomaRofe4tDg==": { "id": "xLIujTim86EomaRofe4tDg==", "updater": "rhel-vex", "name": "CVE-2023-32611", "description": "A flaw was found in GLib. GVariant deserialization is vulnerable to a slowdown issue where a crafted GVariant can cause excessive processing, leading to denial of service.", "issued": "2022-12-14T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-32611 https://bugzilla.redhat.com/show_bug.cgi?id=2211829 https://www.cve.org/CVERecord?id=CVE-2023-32611 https://nvd.nist.gov/vuln/detail/CVE-2023-32611 https://gitlab.gnome.org/GNOME/glib/-/issues/2797 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-32611.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "xYjfT47p5BaLoMKfWyn2HQ==": { "id": "xYjfT47p5BaLoMKfWyn2HQ==", "updater": "rhel-vex", "name": "CVE-2026-24515", "description": "In libexpat before 2.7.4, XML_ExternalEntityParserCreate does not copy unknown encoding handler user data.", "issued": "2026-01-23T07:46:36Z", "links": "https://access.redhat.com/security/cve/CVE-2026-24515 https://bugzilla.redhat.com/show_bug.cgi?id=2432312 https://www.cve.org/CVERecord?id=CVE-2026-24515 https://nvd.nist.gov/vuln/detail/CVE-2026-24515 https://github.com/libexpat/libexpat/pull/1131 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-24515.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "xjRJnKlNaH/FGi0NN5VKBQ==": { "id": "xjRJnKlNaH/FGi0NN5VKBQ==", "updater": "rhel-vex", "name": "CVE-2026-0992", "description": "A flaw was found in the libxml2 library. This uncontrolled resource consumption vulnerability occurs when processing XML catalogs that contain repeated \u003cnextCatalog\u003e elements pointing to the same downstream catalog. A remote attacker can exploit this by supplying crafted catalogs, causing the parser to redundantly traverse catalog chains. This leads to excessive CPU consumption and degrades application availability, resulting in a denial-of-service condition.", "issued": "2026-01-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0992 https://bugzilla.redhat.com/show_bug.cgi?id=2429975 https://www.cve.org/CVERecord?id=CVE-2026-0992 https://nvd.nist.gov/vuln/detail/CVE-2026-0992 https://gitlab.gnome.org/GNOME/libxml2/-/issues/1019 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0992.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "yGCmffaimhyTCMJRNZflXg==": { "id": "yGCmffaimhyTCMJRNZflXg==", "updater": "rhel-vex", "name": "CVE-2026-5121", "description": "A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buffer overflow. This could potentially allow for arbitrary code execution on the affected system.", "issued": "2026-03-30T07:44:15Z", "links": "https://access.redhat.com/security/cve/CVE-2026-5121 https://bugzilla.redhat.com/show_bug.cgi?id=2452945 https://www.cve.org/CVERecord?id=CVE-2026-5121 https://nvd.nist.gov/vuln/detail/CVE-2026-5121 https://github.com/advisories/GHSA-2vwv-vqpv-v8vc https://github.com/libarchive/libarchive/pull/2934 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5121.json https://access.redhat.com/errata/RHSA-2026:8534", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "libarchive", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|amd64|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.3.3-7.el8_10", "arch_op": "pattern match" }, "yePhQ2wYSrZV2+z+gEbpRg==": { "id": "yePhQ2wYSrZV2+z+gEbpRg==", "updater": "rhel-vex", "name": "CVE-2025-9714", "description": "A flaw was found in libxstl/libxml2. The 'exsltDynMapFunction' function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling 'dyn:map()', leading to stack exhaustion and a local denial of service.", "issued": "2025-09-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-9714 https://bugzilla.redhat.com/show_bug.cgi?id=2392605 https://www.cve.org/CVERecord?id=CVE-2025-9714 https://nvd.nist.gov/vuln/detail/CVE-2025-9714 https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21 https://gitlab.gnome.org/GNOME/libxslt/-/issues/148 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-9714.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "yuFlxOGqQlDuMCywIIELNw==": { "id": "yuFlxOGqQlDuMCywIIELNw==", "updater": "rhel-vex", "name": "CVE-2025-30258", "description": "A flaw was found in GnuPG. In affected versions, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that has incorrect usage flags, the user loses the ability to verify signatures made from certain other signing keys, leading to a verification denial of service.", "issued": "2025-03-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-30258 https://bugzilla.redhat.com/show_bug.cgi?id=2353427 https://www.cve.org/CVERecord?id=CVE-2025-30258 https://nvd.nist.gov/vuln/detail/CVE-2025-30258 https://dev.gnupg.org/T7527 https://dev.gnupg.org/rG48978ccb4e20866472ef18436a32744350a65158 https://lists.gnupg.org/pipermail/gnupg-announce/2025q1/000491.html https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-30258.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "zMNYUY09QO2aCVD23XG4dw==": { "id": "zMNYUY09QO2aCVD23XG4dw==", "updater": "rhel-vex", "name": "CVE-2025-8277", "description": "A flaw was found in libssh's handling of key exchange (KEX) processes when a client repeatedly sends incorrect KEX guesses. The library fails to free memory during these rekey operations, which can gradually exhaust system memory. This issue can lead to crashes on the client side, particularly when using libgcrypt, which impacts application stability and availability.", "issued": "2025-09-09T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-8277 https://bugzilla.redhat.com/show_bug.cgi?id=2383888 https://www.cve.org/CVERecord?id=CVE-2025-8277 https://nvd.nist.gov/vuln/detail/CVE-2025-8277 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-8277.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libssh", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" } }, "package_vulnerabilities": { "+hvIC0Et/RtHi7EAFCmfEw==": [ "O6eQrDqYe8zCvECWFMIzFQ==", "MRnBR1NwPejsF0F/Po53Ew==" ], "+qrxjVH7Im8eBfrz4h4P/w==": [ "Zp9+pixFuNBueE2yO610gQ==" ], "/ji9IJ9FfNcwqVRbMWZshQ==": [ "+nHq7dak7Hkjcru/xpwzhQ==", "L7QbkTbsy8v3tMfOqNsVKQ==" ], "0+9x6aIRcNDCM7R94cpzew==": [ "8TgjbHNGzIFm7/fF9DBU7Q==", "1vG4ZYIu07BTj9XJ+a+P9Q==", "B5eXEM8SeidgdpzXoFJFGQ==", "m8ueKfgkaYIYTU+xtIQcwA==", "Te9j1HGn7feNCE/Fduu0+A==", "YoCxZvEp16Bt9LDv+Ficeg==", "I31WPu2ZGWOsqloSJfE2Fg==", "uWVbYb9OwW4BBqLbnE2d4A==", "cW+DgNrGAeRAwNB4wrDZhw==", "VPoF+qCqaQ4y2sVl2255/g==", "s1kzjy+cDztHEcgHrl7kHQ==", "OTZM0RD60ajdSeEqWGkkTw==", "29qrZyz+fmdn9Nzjpl2/Pg==", "6p6EeZQEuYkK2CtO4ey3Ag==", "FkRDB0vpJYeh2ipqLS0/Iw==" ], "2PBlaOceApWEi634ZUHO/g==": [ "mRazAXjBcgFrTolNDZHDsA==", "h6rS2s3xilGaG0a+pIjl8A==", "mVT54HSCxoOy6IF9Noa/Zw==", "sGwL9v57mGx7f18qBkIacA==", "6Xr5PbPGSy+aHLDQ9q4L9w==", "RVCidRUm4D1IKoPhoUi2AA==", "L3k0cIIlkMGQFiWnZm8Mlg==", "XXiaw1EwhFkuilI94EKiqQ==", "X37PWFfcTFBuBxL2613UQg==", "0QzoXQSqkKieJ7Oc+px0JA==", "8qOJVWAut1+UqTXPOWH12g==", "HB9r/GLycEmk6aXttwtBlw==", "2U8ppg+02PjFDuM5YqFstQ==", "HKrLnQyTw1292mNt3MQ0aQ==", "ZlxfTVb/4bi6yWQ+JLaOnw==", "nYtstWEUOCTbjAlmYOKURA==", "5ZHvcDYhgzWjwNpRgF2u1w==", "IItHEdPWz5fl9O7ZhzjDAA==", "OFdQC3/0S5rItoyqpACTFw==", "8rvqTFlh9aOz4UvxQN0SBQ==", "cCowLuOsLfTMmPFOoqUVww==" ], "4flTdmUV4iK1Ax+LXJm8qQ==": [ "fvGjL9hw9hDQockMTb7lrA==" ], "4uQuJg+li+gGAwnGRDcs+w==": [ "+nHq7dak7Hkjcru/xpwzhQ==", "L7QbkTbsy8v3tMfOqNsVKQ==" ], "7eg89eCgA75bJ7WhhN/T4Q==": [ "eqoqeJN8gMUINJLH2PXP7g==", "hkP7fdNBNcMv5alTtw0c+Q==" ], "9uhqFNTCJ7/bpzSlc7qCaQ==": [ "t4oe6DBPNf5Ikk93RfTdig==", "fXpWtuXNPi3tb2edhk37bw==" ], "AIs6pmCup5N9+6Ag6e2/og==": [ "qv1CBAIhzNsoWe8hSWlF1g==", "UPzTyNn8ZLXlb+bwRFPPTA==", "WcChSpNAL6V9Xfxc9AqW7g==", "ZkEez7f24VNVhTaTCDhuEg==", "6FQUI3OxX4C5skWXKgq80Q==", "OpUahpCA4oBceG962KxTMA==", "QcOTYeOedG0AUhPSakMpIA==", "rEd6JdG2xx5NZ9bcsFRNpw==", "PcNbuWOo0ahqjfbOQhXvvQ==", "gagftKXuSuh9pi4dRu9yPQ==", "8D3i4K1ylUr5dGk9imV9zA==", "97PwDrD8knMveLXwKCvQjA==", "tlWVK61iOpKPkvmeShS9AQ==", "86unVXyTxdffdcXWZTYw5g==", "BV++s35Ur4bQRS6HK0QCIA==", "OLKvdPVgT9/lPcflJTxE3Q==", "UgHucRu0hN47CoyxGAMXTQ==", "rCI1GSL47zJlliQotxXM4Q==", "Fp999hDC/lucBsNHwOlp/A==", "VLzwKVDYC7fQrtcpCzjXjA==", "QUtTYJuHdkAOgtveagWUfA==", "LWLSX4FCLbzYWK97i5Or+A==", "rVgBV65FWtFg3jitEqotFA==" ], "AuC6XQzcU/5tB4luIfjLFg==": [ "HTk+AAyRWNCrZTtBLx34Aw==" ], "AziZ1oGI+oDXVPzldKNj+w==": [ "3O4IzHXnRQMZXCe1gYATvw==" ], "BPsD0kkdIoK3KQUZ5DpJjw==": [ "ZvX4VR3jvMBd1Wq+RxNTgg==" ], "DV119Dw0W4RdsbJkdoHU9w==": [ "qXNASosSuCsudML1MqXPjw==", "rfyVleP0iFAaKAccoWyLNQ==", "8KJb4x3mXgChaQULEsid2A==", "Znm2hdK/FULQhTTGTVX59Q==", "v1exQXePimNPt3tveLBP9g==", "pjb5LKdJAfqIzj4N6YBwUQ==", "crmilTSJ/pTSPBKY9EJmZg==", "fayrPya6DVXP9weWvA6obQ==", "TuBnhFrkwMqIcYtYYgNGNQ==", "ho4M6//kfDyE5kZ9fbpV0g==", "wbBiCPikq6Iz02EPsysTgA==", "vTJZ/R8pdcyDbwAwRi8cBw==", "Pe4IHqZpuBtuSkrgd2HMEg==" ], "DgyhtZBcSIlVmY6xC8s1mA==": [ "j1KIfSLRyAo+5FqbDzJbtg==" ], "EGfzPeF6a5hj9x4BwoN25A==": [ "SixpK4TZp5ARiPVlZlGpew==" ], "FS5/DAbDsXWURU9onlACPA==": [ "Q5xJp4zJ1MCYcYbDi9qrdQ==" ], "J34PJ2GThOWZuKVgFIoieA==": [ "uEggs7thHCRp4eZu5EDH0A==" ], "LXiVkIlXLq/usMYIwCTH8Q==": [ "WGvgNwrW2u5APZcidQ6v1Q==" ], "LkoLKEri5dIAb0vFMkSOag==": [ "6Cqvzp5JbuVfHsuYnIJNFw==", "u7b5r2PfK9a1QyjBR1cFRw==", "cqYWiTibDLM7aibErMKang==" ], "N1RbIRo2SyHosQefv+skDw==": [ "UbmdE2pHXRFccv8l1e02Jw==" ], "N3ZaMrNJKoumMpaY0smlMQ==": [ "8ZxbhBIT+9Mj99/XbMpLSQ==", "9zRC9UwUH2bQs1UcHQ5UTQ==", "uxd8tIEkk+r2hWTEgvyv8w==", "5B1tQ2BK8z/YjRkYcvwqag==", "tnBbKyfWYMq7GMqd8UCfIw==" ], "NguWV8S6YQYvQsGQDJm2Rg==": [ "xCUiEQAH1lfhrKtUxQDIYA==", "HuOxI+pWjgGV0XsBvltzlg==", "SHxE0qXbBmDEp/LL1ieJeA==", "rEg00U8+//igCt+0+QBUhA==", "jw1ZiDut5Ot+DyVFjCrixg==", "673FKazcUiydbfN5c6amaw==", "ZTGiJlkqcqrCLJSY/Sq8lA==", "VsocCwaFpF6PzdX5PxR+sQ==", "S7qx7a03HASsJhyQafvXjg==" ], "ORsDK2A5479NPB0r01PoXQ==": [ "qXNASosSuCsudML1MqXPjw==", "rfyVleP0iFAaKAccoWyLNQ==", "8KJb4x3mXgChaQULEsid2A==", "Znm2hdK/FULQhTTGTVX59Q==", "v1exQXePimNPt3tveLBP9g==", "pjb5LKdJAfqIzj4N6YBwUQ==", "crmilTSJ/pTSPBKY9EJmZg==", "fayrPya6DVXP9weWvA6obQ==", "TuBnhFrkwMqIcYtYYgNGNQ==", "ho4M6//kfDyE5kZ9fbpV0g==", "wbBiCPikq6Iz02EPsysTgA==", "vTJZ/R8pdcyDbwAwRi8cBw==", "Pe4IHqZpuBtuSkrgd2HMEg==" ], "POPH5BJ/Q4Bfen05TT291g==": [ "+nHq7dak7Hkjcru/xpwzhQ==", "L7QbkTbsy8v3tMfOqNsVKQ==" ], "Q0uPb/t/3IQ8GEwlv/J3Cw==": [ "WGvgNwrW2u5APZcidQ6v1Q==" ], "QC6e3OaV78mjs678tGU2KQ==": [ "eohUFw28jV3sGLZE2CBPXA==", "H9Ud41wofJc/QlL6Rm7WkA==", "avzu5SRbIjcduH4QdmZ1gg==", "OgFGrvrnAoXXvapnatTrxQ==", "XbpXfbeApuDuIKvY0/qWiA==", "ruDQdx7OmIsgMCpioWbqOQ==", "zMNYUY09QO2aCVD23XG4dw==", "npQpPXYG8xMJ1LRSVSnKGA==", "KCgCqCavM9U0xL+GHJqzSg==", "Rfm1tD+QxSP/TVjKFDNabg==" ], "U3ZkYu9FoEzQITrVBlQtLA==": [ "6Cqvzp5JbuVfHsuYnIJNFw==", "u7b5r2PfK9a1QyjBR1cFRw==", "cqYWiTibDLM7aibErMKang==" ], "UUZyda9G/ffvF6rJ5W1UnQ==": [ "sRVcQFAdq4Ll42smqacaCw==", "mouoWVvs12H8FynnB5qIsQ==", "ieASPdYzGxWke8nZZhE02Q==" ], "Vax934M9zGbzjdT3Y/XU9w==": [ "6Cqvzp5JbuVfHsuYnIJNFw==", "u7b5r2PfK9a1QyjBR1cFRw==", "cqYWiTibDLM7aibErMKang==" ], "Wq1n4jzKBPdL9z5l5HD99w==": [ "DDWmqlxBSfXi2KJJ5mwTNg==", "8Sec+JvKiQWGqYCOBdZhjg==", "wxS+u/uf8o4sT9iSccXQwA==", "AE8Cp1u8I9t52OYW7oGU4w==", "HNpGGr9eP5twQKC3yCh1mA==", "O8fIVXqcGshIonMWsEH9gA==", "EQ4eP3gKo3y8JsWUiWr6+g==", "XygysGe2kdlyCRQHM1fu3w==", "OPNDKUsVLJt2v1gO1zvkBA==", "YiJlkUTKf0/7+ORZMmQ2cw==", "4/mftydHpy90Umw3G0mTuQ==", "klCkJxhhNVG564GOUQMh+Q==", "/QaL/BUIdoF2MAB/C1YiGQ==", "yGCmffaimhyTCMJRNZflXg==" ], "YjDcGmvP0/z8VqRiUvkhOQ==": [ "yuFlxOGqQlDuMCywIIELNw==", "sThg2GGoKqa1RTJ5skEJTA==", "W/d4trZ7jb2yxjrq4cNOWA==", "0nQ3GJDLY22M176Z5ESg6A==" ], "auI8KtI6OozP7EAIr9UlQQ==": [ "icj6a8bc4dYK/DJNvkU0+A==" ], "bWUdPEYmtshwdmuX5VapfQ==": [ "WGvgNwrW2u5APZcidQ6v1Q==" ], "f/Al/eNlUhjEgKSV0J2z7w==": [ "QSNBg/XspHcBwSxBTMU4rg==", "xKLQGv5zNwcnWtQQKiO3Ww==", "gaFOKxy9D9KR/Iyd+kDZoA==", "HuLJLN6ajygY/CpLyzV5lw==", "8I2jFG8JRR+6+eqqYlXhAg==" ], "h53SWWmMQUh4cLyBmYeNvw==": [ "Bgew407C4GMDdNe8dNeN7w==", "9jHXNtwzqlOir/Op7pd9+w==", "Rw8DyDlyRHRJOeZaAbGMRA==", "A1UDSDMkPKOSx7ma/geQyg==", "MW3KGjkk7BWuR5JCc6cywg==", "kYYDrncBncmKkmFnSd5t3w==", "teoauN/Djw6odXikmjP4Lw==", "7lnphmrb/VojuhlikpNO5w==", "sExC9WXn4M01POjg0haQrA==" ], "hSTTMcRX1DBcXc+8jKeg3Q==": [ "sRVcQFAdq4Ll42smqacaCw==", "mouoWVvs12H8FynnB5qIsQ==", "ieASPdYzGxWke8nZZhE02Q==" ], "isPl2YxnCTfcLmUYH6Q0sA==": [ "WGvgNwrW2u5APZcidQ6v1Q==" ], "j5YRt82iOHry4ndSyCLgaA==": [ "/1CYFiexnJcM7p4YrI/FVg==", "eCNdMtt9JN2Rrb8I23NIsA==", "RdjNn4dAdZKcn6VS95a/SQ==", "K3eafQ/8P8PEZ3BPWZfCgg==", "UyCjBcpeB0nhkRTVhUcAJQ==", "kCsMurCi7F77HxJoLqd9jA==", "0WTD6ZUY2Zj2w0R3oyPWRw==", "9oBjtBiHtz7+Hwc4swPaAw==", "3IgZDz5UYkhu/U1/4kSWKg==" ], "jSeaYCeiTMhbTniYmwK8dQ==": [ "mRazAXjBcgFrTolNDZHDsA==", "h6rS2s3xilGaG0a+pIjl8A==", "mVT54HSCxoOy6IF9Noa/Zw==", "sGwL9v57mGx7f18qBkIacA==", "6Xr5PbPGSy+aHLDQ9q4L9w==", "RVCidRUm4D1IKoPhoUi2AA==", "L3k0cIIlkMGQFiWnZm8Mlg==", "XXiaw1EwhFkuilI94EKiqQ==", "X37PWFfcTFBuBxL2613UQg==", "0QzoXQSqkKieJ7Oc+px0JA==", "8qOJVWAut1+UqTXPOWH12g==", "HB9r/GLycEmk6aXttwtBlw==", "2U8ppg+02PjFDuM5YqFstQ==", "HKrLnQyTw1292mNt3MQ0aQ==", "ZlxfTVb/4bi6yWQ+JLaOnw==", "nYtstWEUOCTbjAlmYOKURA==", "5ZHvcDYhgzWjwNpRgF2u1w==", "IItHEdPWz5fl9O7ZhzjDAA==", "OFdQC3/0S5rItoyqpACTFw==", "8rvqTFlh9aOz4UvxQN0SBQ==", "cCowLuOsLfTMmPFOoqUVww==" ], "k/BpvWmZ5EVfmiPqpZ3pGw==": [ "qC/lM94bJkHuTCcx6Z47mQ==", "KExChYIaW0MvXNLWbjS/Hw==", "RYqFgDYIttLgJc8B82sK/w==", "xYjfT47p5BaLoMKfWyn2HQ==", "Lt2Hg7sVYgz0GD7ldFmjjA==", "tYeLT/YUKIk7yaK07WvPeA==" ], "k4gCNgIfg7MM/e42ThRx2w==": [ "n83jaRl/T6kiaoMyWtX8xw==", "AZQ9MHTiNLYiRU7sYZlVGw==" ], "ka4b0+TZOGmroTz/rrRQcg==": [ "+nHq7dak7Hkjcru/xpwzhQ==", "L7QbkTbsy8v3tMfOqNsVKQ==" ], "kwc9NYOQig+qWs5qmBRL/w==": [ "xCUiEQAH1lfhrKtUxQDIYA==", "HuOxI+pWjgGV0XsBvltzlg==", "SHxE0qXbBmDEp/LL1ieJeA==", "rEg00U8+//igCt+0+QBUhA==", "jw1ZiDut5Ot+DyVFjCrixg==", "673FKazcUiydbfN5c6amaw==", "ZTGiJlkqcqrCLJSY/Sq8lA==", "VsocCwaFpF6PzdX5PxR+sQ==", "S7qx7a03HASsJhyQafvXjg==" ], "lU0MYRg2dg5wynl2dMGsgA==": [ "hfBpyVezkUAf98QWnlvzIA==" ], "mtrWxjnWyzrIFOuHVeUG6g==": [ "UoEFDYM+Gqf2mdRJh5HUFw==", "8rxYDEPu2XxazQ3cBUhX0Q==", "9uK7ZDYgFtqP786n0QunAg==", "UMD4nV1Ky5C5eKUMgtnKzw==", "W/DMqBRMDYVkVH3D67luGg==", "XBiy/XVR6SoThCkYUmkD1g==", "vx2N2RZTm7neux8kVlqgEg==" ], "oSDtB9GflLljTYeOAikyIQ==": [ "0fCtWwB6iclgRvIA+IqiJQ==", "EiL50P2QSOoRA18XAAH6Pg==", "EKs36DFwHVCzU/cF0Be9pQ==", "xLIujTim86EomaRofe4tDg==", "KaROgE0QmtiOixMG9Wi1RA==", "ElIjMFAz33tt/XVMysRkdA==", "jguV9kU5iHC5V/cF3+b/tg==", "Oi3Y6I7JDcoQrQyH+jMXWw==", "p2qAiuM4AsdQ5J4fBWvbBA==", "iEGZHZXt8HWPSM5eJesddQ==", "npBrFSWnZYxq9cizdfDfCQ==", "ngbKDtxhn33NKWC2lhOQNQ==" ], "peUaHHW4E9Y6Nd8+gJR5cQ==": [ "eohUFw28jV3sGLZE2CBPXA==", "H9Ud41wofJc/QlL6Rm7WkA==", "avzu5SRbIjcduH4QdmZ1gg==", "OgFGrvrnAoXXvapnatTrxQ==", "XbpXfbeApuDuIKvY0/qWiA==", "ruDQdx7OmIsgMCpioWbqOQ==", "zMNYUY09QO2aCVD23XG4dw==", "npQpPXYG8xMJ1LRSVSnKGA==", "KCgCqCavM9U0xL+GHJqzSg==", "Rfm1tD+QxSP/TVjKFDNabg==" ], "y1KXv1Wa0o6q+5/jJ4FmmA==": [ "RXjd5U95osIGXnqCa34Jkg==", "HdAyLUATPStr/HXiy9fgQw==", "92KuvWwbPhsQNPu0knrHAQ==", "G7IyfoPhe9f8QzIGbOfn7Q==", "TLOrmSYL76Du+GI4WD9gMQ==", "7Puka2o1jq4jSr2Hekrfhg==", "xjRJnKlNaH/FGi0NN5VKBQ==", "yePhQ2wYSrZV2+z+gEbpRg==", "EiJx6rOT8KoLX+Wu7/N6HQ==" ], "yI01txXPQZENPfjF45L+Zw==": [ "+nHq7dak7Hkjcru/xpwzhQ==", "L7QbkTbsy8v3tMfOqNsVKQ==" ], "yX08xXm2MSxk7s6Ui2Z6BQ==": [ "H2CablNBrQ/I5AsUjk5xyw==", "BooDzA4nzaDI1l3E5zAHgg==", "1lUHOMB3ANHGWpqCBv9Ynw==", "a067YUjLHWzR99JNl/RtGQ==", "t3XJyztcU9aOXTMLI8NRmA==" ] }, "enrichments": {} } pod: konflux-demo-component-kcal-on-push-f7qsx-clair-scan-pod | container step-oci-attach-report: Selecting auth Using token for quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal Attaching clair-report-amd64.json to quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal@sha256:f0ff358b512eda5911cbbf3fa9c6626dea34634679b8d5ff7e453e15dcb96625 Executing: oras attach --no-tty --format go-template={{.digest}} --registry-config /home/oras/auth.json --artifact-type application/vnd.redhat.clair-report+json quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal@sha256:f0ff358b512eda5911cbbf3fa9c6626dea34634679b8d5ff7e453e15dcb96625 clair-report-amd64.json:application/vnd.redhat.clair-report+json pod: konflux-demo-component-kcal-on-push-f7qsx-clair-scan-pod | container step-conftest-vulnerabilities: [ { "filename": "/tekton/home/clair-result-amd64.json", "namespace": "required_checks", "successes": 5, "warnings": [ { "msg": "Found packages with high vulnerabilities associated with RHSA fixes. Consider updating to a newer version of those packages, they may no longer be affected by the reported CVEs.", "metadata": { "details": { "description": "Vulnerabilities found: libarchive-3.3.3-6.el8_10 (CVE-2026-4424)", "name": "clair_high_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 1 } }, { "msg": "Found packages with unpatched high vulnerabilities. These vulnerabilities don't have a known fix at this time.", "metadata": { "details": { "description": "Vulnerabilities found: python3-libs-3.6.8-75.el8_10 (CVE-2026-4786, CVE-2026-6100), java-17-openjdk-headless-1:17.0.18.0.8-1.el8 (CVE-2025-66293, CVE-2026-25646, CVE-2026-26740), platform-python-3.6.8-75.el8_10 (CVE-2026-4786, CVE-2026-6100), libcap-2.48-6.el8_9 (CVE-2026-4878)", "name": "clair_unpatched_high_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 8 } }, { "msg": "Found packages with medium vulnerabilities associated with RHSA fixes. Consider updating to a newer version of those packages, they may no longer be affected by the reported CVEs.", "metadata": { "details": { "description": "Vulnerabilities found: libarchive-3.3.3-6.el8_10 (CVE-2026-5121)", "name": "clair_medium_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 1 } }, { "msg": "Found packages with unpatched medium vulnerabilities. These vulnerabilities don't have a known fix at this time.", "metadata": { "details": { "description": "Vulnerabilities found: libssh-0.9.6-16.el8_10 (CVE-2025-5351, CVE-2025-8114, CVE-2026-0964, CVE-2026-0966, CVE-2026-3731), libblkid-2.32.1-48.el8_10 (CVE-2026-27456), systemd-libs-239-82.el8_10.15 (CVE-2018-20839, CVE-2025-4598, CVE-2026-29111, CVE-2026-4105), libarchive-3.3.3-6.el8_10 (CVE-2024-57970, CVE-2025-25724, CVE-2025-60753, CVE-2026-4426, CVE-2026-5745), glib2-2.56.4-168.el8_10 (CVE-2025-14087, CVE-2025-14512, CVE-2026-1484, CVE-2026-1489), libmount-2.32.1-48.el8_10 (CVE-2026-27456), libuuid-2.32.1-48.el8_10 (CVE-2026-27456), avahi-libs-0.7-27.el8_10.1 (CVE-2024-52615, CVE-2024-52616, CVE-2025-59529, CVE-2025-68276, CVE-2025-68468, CVE-2025-68471, CVE-2026-24401, CVE-2026-34933), file-libs-5.33-27.el8_10 (CVE-2019-8905), tar-2:1.30-11.el8_10 (CVE-2025-45582, CVE-2025-64118, CVE-2026-33056, CVE-2026-5704), xz-libs-5.2.4-4.el8_6 (CVE-2026-34743), expat-2.5.0-1.el8_10 (CVE-2026-32776, CVE-2026-32777, CVE-2026-32778), libssh-config-0.9.6-16.el8_10 (CVE-2025-5351, CVE-2025-8114, CVE-2026-0964, CVE-2026-0966, CVE-2026-3731), libsmartcols-2.32.1-48.el8_10 (CVE-2026-27456), python3-libs-3.6.8-75.el8_10 (CVE-2025-11468, CVE-2025-12781, CVE-2025-13837, CVE-2025-15282, CVE-2025-4516, CVE-2025-6069, CVE-2025-8291, CVE-2026-0672, CVE-2026-1502, CVE-2026-3644, CVE-2026-4224, CVE-2026-5713), java-17-openjdk-headless-1:17.0.18.0.8-1.el8 (CVE-2025-28164, CVE-2025-64505, CVE-2025-64506, CVE-2026-22693, CVE-2026-22695, CVE-2026-22801, CVE-2026-23865, CVE-2026-33416, CVE-2026-33636, CVE-2026-34757), libzstd-1.4.4-1.el8 (CVE-2022-4899), coreutils-single-8.30-17.el8_10 (CVE-2025-5278), openldap-2.4.46-21.el8_10 (CVE-2026-22185), glibc-common-2.28-251.el8_10.31 (CVE-2026-4046, CVE-2026-4437), libcurl-7.61.1-34.el8_10.11 (CVE-2025-13034, CVE-2025-14017, CVE-2026-1965, CVE-2026-3783, CVE-2026-3784, CVE-2026-3805), glibc-minimal-langpack-2.28-251.el8_10.31 (CVE-2026-4046, CVE-2026-4437), libxml2-2.9.7-21.el8_10.3 (CVE-2025-9714, CVE-2026-0990, CVE-2026-1757), curl-7.61.1-34.el8_10.11 (CVE-2025-13034, CVE-2025-14017, CVE-2026-1965, CVE-2026-3783, CVE-2026-3784, CVE-2026-3805), python3-pip-wheel-9.0.3-24.el8 (CVE-2023-45803, CVE-2025-50181, CVE-2025-50182, CVE-2026-25645), libgcrypt-1.8.5-7.el8_6 (CVE-2019-12904, CVE-2024-2236), openssl-libs-1:1.1.1k-15.el8_6 (CVE-2023-0466, CVE-2026-28390), alsa-lib-1.2.10-2.el8 (CVE-2026-25068), cups-libs-1:2.2.6-67.el8_10 (CVE-2023-4504, CVE-2026-27447, CVE-2026-34978, CVE-2026-34979, CVE-2026-34980, CVE-2026-34990, CVE-2026-39314, CVE-2026-39316), platform-python-3.6.8-75.el8_10 (CVE-2025-11468, CVE-2025-12781, CVE-2025-13837, CVE-2025-15282, CVE-2025-4516, CVE-2025-6069, CVE-2025-8291, CVE-2026-0672, CVE-2026-1502, CVE-2026-3644, CVE-2026-4224, CVE-2026-5713), glibc-2.28-251.el8_10.31 (CVE-2026-4046, CVE-2026-4437), gnupg2-2.2.20-4.el8_10 (CVE-2025-68972)", "name": "clair_unpatched_medium_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 120 } }, { "msg": "Found packages with unpatched low/negligible vulnerabilities. These vulnerabilities don't have a known fix at this time.", "metadata": { "details": { "description": "Vulnerabilities found: nss-3.112.0-4.el8_10 (CVE-2020-12413, CVE-2024-7531), gawk-4.2.1-4.el8 (CVE-2023-4156), libssh-0.9.6-16.el8_10 (CVE-2025-4878, CVE-2025-8277, CVE-2026-0965, CVE-2026-0967, CVE-2026-0968), systemd-libs-239-82.el8_10.15 (CVE-2021-3997), nss-util-3.112.0-4.el8_10 (CVE-2020-12413, CVE-2024-7531), libarchive-3.3.3-6.el8_10 (CVE-2018-1000879, CVE-2018-1000880, CVE-2025-1632, CVE-2025-5915, CVE-2025-5916, CVE-2025-5917, CVE-2025-5918), glib2-2.56.4-168.el8_10 (CVE-2023-29499, CVE-2023-32611, CVE-2023-32636, CVE-2023-32665, CVE-2025-3360, CVE-2025-7039, CVE-2026-0988, CVE-2026-1485), sqlite-libs-3.26.0-20.el8_10 (CVE-2019-19244, CVE-2019-9936, CVE-2019-9937, CVE-2024-0232, CVE-2025-70873), avahi-libs-0.7-27.el8_10.1 (CVE-2017-6519), nss-sysinit-3.112.0-4.el8_10 (CVE-2020-12413, CVE-2024-7531), file-libs-5.33-27.el8_10 (CVE-2019-8906), ncurses-base-6.1-10.20180224.el8 (CVE-2018-19211, CVE-2020-19185, CVE-2020-19186, CVE-2020-19187, CVE-2020-19188, CVE-2020-19189, CVE-2020-19190, CVE-2021-39537, CVE-2023-50495), tar-2:1.30-11.el8_10 (CVE-2019-9923, CVE-2021-20193, CVE-2023-39804), shadow-utils-2:4.6-23.el8_10 (CVE-2024-56433), expat-2.5.0-1.el8_10 (CVE-2025-66382, CVE-2026-24515, CVE-2026-41080), libssh-config-0.9.6-16.el8_10 (CVE-2025-4878, CVE-2025-8277, CVE-2026-0965, CVE-2026-0967, CVE-2026-0968), python3-libs-3.6.8-75.el8_10 (CVE-2019-9674, CVE-2024-0397, CVE-2024-7592, CVE-2025-1795, CVE-2025-6075, CVE-2026-2297, CVE-2026-3479), nss-softokn-freebl-3.112.0-4.el8_10 (CVE-2020-12413, CVE-2024-7531), java-17-openjdk-headless-1:17.0.18.0.8-1.el8 (CVE-2022-3857, CVE-2026-27171), libzstd-1.4.4-1.el8 (CVE-2021-24032), gnutls-3.6.16-8.el8_10.5 (CVE-2021-4209), nss-softokn-3.112.0-4.el8_10 (CVE-2020-12413, CVE-2024-7531), ncurses-libs-6.1-10.20180224.el8 (CVE-2018-19211, CVE-2020-19185, CVE-2020-19186, CVE-2020-19187, CVE-2020-19188, CVE-2020-19189, CVE-2020-19190, CVE-2021-39537, CVE-2023-50495), glibc-common-2.28-251.el8_10.31 (CVE-2026-4438), libcurl-7.61.1-34.el8_10.11 (CVE-2023-27534, CVE-2024-11053, CVE-2024-7264, CVE-2025-14524, CVE-2025-14819, CVE-2025-15079, CVE-2025-15224), libstdc++-8.5.0-28.el8_10 (CVE-2018-20657, CVE-2019-14250, CVE-2022-27943), pcre2-10.32-3.el8_6 (CVE-2022-41409), libgcc-8.5.0-28.el8_10 (CVE-2018-20657, CVE-2019-14250, CVE-2022-27943), libtasn1-4.13-5.el8_10 (CVE-2018-1000654, CVE-2025-13151), glibc-minimal-langpack-2.28-251.el8_10.31 (CVE-2026-4438), libxml2-2.9.7-21.el8_10.3 (CVE-2023-45322, CVE-2024-34459, CVE-2025-27113, CVE-2025-6170, CVE-2026-0989, CVE-2026-0992), curl-7.61.1-34.el8_10.11 (CVE-2023-27534, CVE-2024-11053, CVE-2024-7264, CVE-2025-14524, CVE-2025-14819, CVE-2025-15079, CVE-2025-15224), python3-pip-wheel-9.0.3-24.el8 (CVE-2018-20225), openssl-libs-1:1.1.1k-15.el8_6 (CVE-2023-0464, CVE-2023-0465, CVE-2023-2650, CVE-2024-0727, CVE-2024-13176, CVE-2024-2511, CVE-2024-41996, CVE-2024-4741, CVE-2025-15468, CVE-2025-15469, CVE-2025-68160, CVE-2025-69418, CVE-2025-69420, CVE-2025-69421, CVE-2026-22795, CVE-2026-22796, CVE-2026-2673, CVE-2026-28386, CVE-2026-28388, CVE-2026-28389, CVE-2026-31789), elfutils-libelf-0.190-2.el8 (CVE-2024-25260), dbus-libs-1:1.12.8-27.el8_10 (CVE-2020-35512), cups-libs-1:2.2.6-67.el8_10 (CVE-2021-25317), platform-python-3.6.8-75.el8_10 (CVE-2019-9674, CVE-2024-0397, CVE-2024-7592, CVE-2025-1795, CVE-2025-6075, CVE-2026-2297, CVE-2026-3479), glibc-2.28-251.el8_10.31 (CVE-2026-4438), gnupg2-2.2.20-4.el8_10 (CVE-2022-3219, CVE-2025-30258, CVE-2026-24883), zlib-1.2.11-25.el8 (CVE-2026-27171)", "name": "clair_unpatched_low_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 148 } } ] } ] {"vulnerabilities":{"critical":0,"high":1,"medium":1,"low":0,"unknown":0},"unpatched_vulnerabilities":{"critical":0,"high":8,"medium":120,"low":148,"unknown":0}} {"image": {"pullspec": "quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal:1dc6580ea2177581106ef7a7bc3a5373b5412958", "digests": ["sha256:f0ff358b512eda5911cbbf3fa9c6626dea34634679b8d5ff7e453e15dcb96625"]}} {"result":"SUCCESS","timestamp":"2026-04-19T14:00:34+00:00","note":"Task clair-scan completed: Refer to Tekton task result SCAN_OUTPUT for vulnerabilities scanned by Clair.","namespace":"default","successes":0,"failures":0,"warnings":0} pod: konflux-demo-component-kcal-on-push-f7qsx-clamav-scan-pod | init container: prepare 2026/04/19 14:00:13 Entrypoint initialization pod: konflux-demo-component-kcal-on-push-f7qsx-clamav-scan-pod | init container: place-scripts 2026/04/19 14:00:14 Decoded script /tekton/scripts/script-0-6zjcw 2026/04/19 14:00:14 Decoded script /tekton/scripts/script-1-sbfcj pod: konflux-demo-component-kcal-on-push-f7qsx-clamav-scan-pod | container step-extract-and-scan-image: Starting clamd ... clamd is ready! Detecting artifact type for quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal@sha256:f0ff358b512eda5911cbbf3fa9c6626dea34634679b8d5ff7e453e15dcb96625. Detected container image. Processing image manifests. Running "oc image extract" on image of arch amd64 Scanning image for arch amd64. This operation may take a while. ----------- SCAN SUMMARY ----------- Infected files: 0 Time: 51.448 sec (0 m 51 s) Start Date: 2026:04:19 14:00:33 End Date: 2026:04:19 14:01:25 Executed-on: Scan was executed on clamsdcan version - ClamAV 1.4.3/27975/Sat Apr 18 06:26:10 2026 Database version: 27975 [ { "filename": "/work/logs/clamscan-result-log-amd64.json", "namespace": "required_checks", "successes": 2 } ] {"timestamp":"1776607285","namespace":"required_checks","successes":2,"failures":0,"warnings":0,"result":"SUCCESS","note":"All checks passed successfully"} {"timestamp":"1776607285","namespace":"required_checks","successes":2,"failures":0,"warnings":0,"result":"SUCCESS","note":"All checks passed successfully"} {"timestamp":"1776607285","namespace":"required_checks","successes":2,"failures":0,"warnings":0,"result":"SUCCESS","note":"All checks passed successfully"} {"image": {"pullspec": "quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal:1dc6580ea2177581106ef7a7bc3a5373b5412958", "digests": ["sha256:f0ff358b512eda5911cbbf3fa9c6626dea34634679b8d5ff7e453e15dcb96625"]}} pod: konflux-demo-component-kcal-on-push-f7qsx-clamav-scan-pod | container step-upload: Selecting auth Using token for quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal Attaching to quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal:1dc6580ea2177581106ef7a7bc3a5373b5412958 Executing: oras attach --no-tty --registry-config /home/oras/auth.json --artifact-type application/vnd.clamav quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal:1dc6580ea2177581106ef7a7bc3a5373b5412958@sha256:f0ff358b512eda5911cbbf3fa9c6626dea34634679b8d5ff7e453e15dcb96625 clamscan-result-amd64.log:text/vnd.clamav clamscan-ec-test-amd64.json:application/vnd.konflux.test_output+json Preparing clamscan-result-amd64.log Preparing clamscan-ec-test-amd64.json Exists 44136fa355b3 application/vnd.oci.empty.v1+json Uploading 8602d60e2844 clamscan-result-amd64.log Uploading afe70c7fefa7 clamscan-ec-test-amd64.json Uploaded afe70c7fefa7 clamscan-ec-test-amd64.json Uploaded 8602d60e2844 clamscan-result-amd64.log Uploading dc2f735178ce application/vnd.oci.image.manifest.v1+json Uploaded dc2f735178ce application/vnd.oci.image.manifest.v1+json Attached to [registry] quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal:1dc6580ea2177581106ef7a7bc3a5373b5412958@sha256:f0ff358b512eda5911cbbf3fa9c6626dea34634679b8d5ff7e453e15dcb96625 Digest: sha256:dc2f735178ce273a2185770a27bc0ea2d4226a23e037976ce6e8d9c097bd34c2 pod: konflux-demo-component-kcal-on-push-f7qsx-clone-repository-pod | init container: prepare 2026/04/19 13:53:12 Entrypoint initialization pod: konflux-demo-component-kcal-on-push-f7qsx-clone-repository-pod | init container: place-scripts 2026/04/19 13:53:13 Decoded script /tekton/scripts/script-0-mgxff 2026/04/19 13:53:13 Decoded script /tekton/scripts/script-1-mnhpw pod: konflux-demo-component-kcal-on-push-f7qsx-clone-repository-pod | container step-clone: INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt {"level":"info","ts":1776606797.3590403,"caller":"git/git.go:394","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1776606797.5732179,"caller":"git/git.go:223","msg":"Successfully cloned https://github.com/redhat-appstudio-qe/hacbs-test-project-konflux-demo @ 1dc6580ea2177581106ef7a7bc3a5373b5412958 (grafted, HEAD) in path /var/workdir/source"} {"level":"info","ts":1776606797.5732567,"caller":"git/git.go:394","msg":"Retrying operation (attempt 1)"} {"level":"info","ts":1776606797.5961015,"caller":"git/git.go:277","msg":"Successfully initialized and updated submodules in path /var/workdir/source"} Merge option disabled. Using checked-out revision 1dc6580ea2177581106ef7a7bc3a5373b5412958 directly. pod: konflux-demo-component-kcal-on-push-f7qsx-clone-repository-pod | container step-symlink-check: Running symlink check pod: konflux-demo-component-kcal-on-push-f7qsx-clone-repository-pod | container step-create-trusted-artifact: Prepared artifact from /var/workdir/source (sha256:58cf784270f165085355f1ecd4e20ed0afb5d041bef39f1f0fc356c010ea208d) Using token for quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal Executing: oras push --registry-config /tmp/create-oci.sh.dpXj19/auth-mmeheK.json quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal:1dc6580ea2177581106ef7a7bc3a5373b5412958.git SOURCE_ARTIFACT Uploading 58cf784270f1 SOURCE_ARTIFACT Uploaded 58cf784270f1 SOURCE_ARTIFACT Pushed [registry] quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal:1dc6580ea2177581106ef7a7bc3a5373b5412958.git ArtifactType: application/vnd.unknown.artifact.v1 Digest: sha256:df05fd465f28807a73fd8af06355c121a153740af77cec3d1ca4144705440b83 Artifacts created pod: konflux-demo-component-kcal-on-push-f7qsx-init-pod | init container: prepare 2026/04/19 13:53:05 Entrypoint initialization pod: konflux-demo-component-kcal-on-push-f7qsx-init-pod | container step-init: time="2026-04-19T13:53:09Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-19T13:53:09Z" level=info msg="[param] enable: false" time="2026-04-19T13:53:09Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-19T13:53:09Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-19T13:53:09Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-19T13:53:09Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-19T13:53:09Z" level=info msg="Cache proxy is disabled in param or in backend" time="2026-04-19T13:53:09Z" level=info msg="[result] HTTP PROXY: " time="2026-04-19T13:53:09Z" level=info msg="[result] NO PROXY: " pod: konflux-demo-component-kcal-on-push-f7qsx-push-dockerfile-pod | init container: prepare 2026/04/19 13:56:53 Entrypoint initialization pod: konflux-demo-component-kcal-on-push-f7qsx-push-dockerfile-pod | container step-use-trusted-artifact: Using token for quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal Executing: oras blob fetch --registry-config /tmp/use-oci.sh.ryqBIZ/auth-yMURUj.json quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal@sha256:58cf784270f165085355f1ecd4e20ed0afb5d041bef39f1f0fc356c010ea208d --output - Restored artifact quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal@sha256:58cf784270f165085355f1ecd4e20ed0afb5d041bef39f1f0fc356c010ea208d to /var/workdir/source pod: konflux-demo-component-kcal-on-push-f7qsx-push-dockerfile-pod | container step-push: time="2026-04-19T13:57:11Z" level=info msg="[param] image-url: quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal:1dc6580ea2177581106ef7a7bc3a5373b5412958" time="2026-04-19T13:57:11Z" level=info msg="[param] image-digest: sha256:f0ff358b512eda5911cbbf3fa9c6626dea34634679b8d5ff7e453e15dcb96625" time="2026-04-19T13:57:11Z" level=info msg="[param] containerfile: Dockerfile" time="2026-04-19T13:57:11Z" level=info msg="[param] context: ." time="2026-04-19T13:57:11Z" level=info msg="[param] tag-suffix: .dockerfile" time="2026-04-19T13:57:11Z" level=info msg="[param] artifact-type: application/vnd.konflux.dockerfile" time="2026-04-19T13:57:11Z" level=info msg="[param] source: source" time="2026-04-19T13:57:11Z" level=info msg="[param] result-path-image-ref: /tekton/results/IMAGE_REF" time="2026-04-19T13:57:11Z" level=info msg="[param] alternative-filename: Dockerfile" time="2026-04-19T13:57:12Z" level=info msg="oras [stdout] quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal@sha256:1363cdb50d89b98d455e82148e111ce652d57431a94a6faa96cb864bc4c85bba" logger=CliExecutor time="2026-04-19T13:57:12Z" level=info msg="Containerfile '/var/workdir/source/Dockerfile' is pushed to registry with tag: sha256-f0ff358b512eda5911cbbf3fa9c6626dea34634679b8d5ff7e453e15dcb96625.dockerfile" {"image_ref":"quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal@sha256:1363cdb50d89b98d455e82148e111ce652d57431a94a6faa96cb864bc4c85bba"} pod: konflux-demo-component-kcal-on-push-f7qsx-sast-shell-check-pod | init container: prepare 2026/04/19 13:56:45 Entrypoint initialization pod: konflux-demo-component-kcal-on-push-f7qsx-sast-shell-check-pod | init container: place-scripts 2026/04/19 13:56:45 Decoded script /tekton/scripts/script-1-gbdgw 2026/04/19 13:56:45 Decoded script /tekton/scripts/script-2-zf6lz pod: konflux-demo-component-kcal-on-push-f7qsx-sast-shell-check-pod | container step-use-trusted-artifact: Using token for quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal Executing: oras blob fetch --registry-config /tmp/use-oci.sh.AMa3Ks/auth-lNDZIy.json quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal@sha256:58cf784270f165085355f1ecd4e20ed0afb5d041bef39f1f0fc356c010ea208d --output - Restored artifact quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal@sha256:58cf784270f165085355f1ecd4e20ed0afb5d041bef39f1f0fc356c010ea208d to /var/workdir/source WARN: artifact URI not provided, (given: =/var/workdir/cachi2) pod: konflux-demo-component-kcal-on-push-f7qsx-sast-shell-check-pod | container step-sast-shell-check: + source /utils.sh ++ OPM_RENDER_CACHE=/tmp/konflux-test-opm-cache ++ DEFAULT_INDEX_IMAGE=registry.redhat.io/redhat/redhat-operator-index + trap 'handle_error /tekton/results/TEST_OUTPUT' EXIT + [[ -z '' ]] + PROJECT_NAME=konflux-demo-component-kcal INFO: The PROJECT_NAME used is: konflux-demo-component-kcal + echo 'INFO: The PROJECT_NAME used is: konflux-demo-component-kcal' + ca_bundle=/mnt/trusted-ca/ca-bundle.crt + '[' -f /mnt/trusted-ca/ca-bundle.crt ']' INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt + echo 'INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt' + cp -vf /mnt/trusted-ca/ca-bundle.crt /etc/pki/ca-trust/source/anchors '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' + update-ca-trust ++ rpm -q --queryformat '%{NAME}-%{VERSION}-%{RELEASE}\n' ShellCheck + PACKAGE_VERSION=ShellCheck-0.10.0-3.el9 + OUTPUT_FILE=shellcheck-results.json + SOURCE_CODE_DIR=/var/workdir/source + declare -a ALL_TARGETS + IFS=, + read -ra TARGET_ARRAY + for d in "${TARGET_ARRAY[@]}" + potential_path=/var/workdir/source/. ++ realpath -m /var/workdir/source/. + resolved_path=/var/workdir/source + [[ /var/workdir/source == \/\v\a\r\/\w\o\r\k\d\i\r\/\s\o\u\r\c\e* ]] + ALL_TARGETS+=("$resolved_path") + '[' -z '' ']' + '[' -r /sys/fs/cgroup/cpu.max ']' + read -r quota period + '[' 800000 '!=' max ']' + '[' -n 100000 ']' + '[' 100000 -gt 0 ']' + export SC_JOBS=8 + SC_JOBS=8 + echo 'INFO: Setting SC_JOBS=8 based on cgroups v2 max for run-shellcheck.sh' INFO: Setting SC_JOBS=8 based on cgroups v2 max for run-shellcheck.sh + /usr/share/csmock/scripts/run-shellcheck.sh /var/workdir/source Looking for shell scripts................ done + timeout 30 shellcheck --format=json1 --external-sources --source-path=/var/workdir/source /var/workdir/source/.git/hooks/applypatch-msg.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/var/workdir/source /var/workdir/source/.git/hooks/commit-msg.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/var/workdir/source /var/workdir/source/.git/hooks/post-update.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/var/workdir/source /var/workdir/source/.git/hooks/prepare-commit-msg.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/var/workdir/source /var/workdir/source/.git/hooks/pre-applypatch.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/var/workdir/source /var/workdir/source/.git/hooks/pre-commit.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/var/workdir/source /var/workdir/source/.git/hooks/pre-merge-commit.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/var/workdir/source /var/workdir/source/.git/hooks/pre-push.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/var/workdir/source /var/workdir/source/.git/hooks/pre-rebase.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/var/workdir/source /var/workdir/source/.git/hooks/pre-receive.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/var/workdir/source /var/workdir/source/.git/hooks/push-to-checkout.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/var/workdir/source /var/workdir/source/.git/hooks/sendemail-validate.sample + timeout 30 shellcheck --format=json1 --external-sources --source-path=/var/workdir/source /var/workdir/source/.git/hooks/update.sample + CSGREP_OPTS=(--mode=json --strip-path-prefix="$SOURCE_CODE_DIR"/ --remove-duplicates --embed-context=3 --set-scan-prop="ShellCheck:${PACKAGE_VERSION}") + [[ true == \t\r\u\e ]] + CSGREP_EVENT_FILTER='\[SC(1020|1035|1054|1066|1068|1073|1080|1083|1099|1113|1115|1127|1128|1143|2043|2050|' + CSGREP_EVENT_FILTER+='2055|2057|2066|2069|2071|2077|2078|2091|2092|2157|2171|2193|2194|2195|2215|2216|' + CSGREP_EVENT_FILTER+='2218|2224|2225|2242|2256|2258|2261)\]$' + CSGREP_OPTS+=(--event="$CSGREP_EVENT_FILTER") + csgrep --mode=json --strip-path-prefix=/var/workdir/source/ --remove-duplicates --embed-context=3 --set-scan-prop=ShellCheck:ShellCheck-0.10.0-3.el9 '--event=\[SC(1020|1035|1054|1066|1068|1073|1080|1083|1099|1113|1115|1127|1128|1143|2043|2050|2055|2057|2066|2069|2071|2077|2078|2091|2092|2157|2171|2193|2194|2195|2215|2216|2218|2224|2225|2242|2256|2258|2261)\]$' ./shellcheck-results/empty.json ./shellcheck-results/sc-104.json ./shellcheck-results/sc-117.json ./shellcheck-results/sc-118.json ./shellcheck-results/sc-120.json ./shellcheck-results/sc-71.json ./shellcheck-results/sc-74.json ./shellcheck-results/sc-75.json ./shellcheck-results/sc-76.json ./shellcheck-results/sc-79.json ./shellcheck-results/sc-83.json + [[ SITE_DEFAULT == \S\I\T\E\_\D\E\F\A\U\L\T ]] + KFP_GIT_URL=https://gitlab.cee.redhat.com/osh/known-false-positives.git + PROBE_URL=https://gitlab.cee.redhat.com/osh/known-false-positives + KFP_DIR=known-false-positives + KFP_CLONED=0 + mkdir known-false-positives + [[ -n https://gitlab.cee.redhat.com/osh/known-false-positives.git ]] + echo -n 'INFO: Probing https://gitlab.cee.redhat.com/osh/known-false-positives... ' INFO: Probing https://gitlab.cee.redhat.com/osh/known-false-positives... + curl --fail --head --max-time 60 --no-progress-meter https://gitlab.cee.redhat.com/osh/known-false-positives ++ head -1 curl: (6) Could not resolve host: gitlab.cee.redhat.com + [[ 0 -eq 0 ]] + echo 'WARN: Failed to clone known-false-positives at https://gitlab.cee.redhat.com/osh/known-false-positives.git, scan results will not be filtered' WARN: Failed to clone known-false-positives at https://gitlab.cee.redhat.com/osh/known-false-positives.git, scan results will not be filtered ShellCheck results have been saved to shellcheck-results.json + echo 'ShellCheck results have been saved to shellcheck-results.json' + csgrep --mode=evtstat shellcheck-results.json + csgrep --mode=sarif shellcheck-results.json + TEST_OUTPUT= + parse_test_output sast-shell-check-oci-ta sarif shellcheck-results.sarif + TEST_NAME=sast-shell-check-oci-ta + TEST_RESULT_FORMAT=sarif + TEST_RESULT_FILE=shellcheck-results.sarif + '[' -z sast-shell-check-oci-ta ']' + '[' -z sarif ']' + '[' -z shellcheck-results.sarif ']' + '[' '!' -f shellcheck-results.sarif ']' + '[' sarif = sarif ']' +++ jq -rce '(if (.runs[].results | length > 0) then "FAILURE" else "SUCCESS" end)' shellcheck-results.sarif +++ jq -rce '(.runs[].results | length)' shellcheck-results.sarif ++ make_result_json -r SUCCESS -f 0 ++ local RESULT= ++ local SUCCESSES=0 ++ local FAILURES=0 ++ local WARNINGS=0 ++ local 'NOTE=For details, check Tekton task log.' ++ local NAMESPACE=default ++ local OUTPUT ++ local OPTIND opt ++ getopts :r:s:f:w:t:n: opt ++ case "${opt}" in ++ RESULT=SUCCESS ++ getopts :r:s:f:w:t:n: opt ++ case "${opt}" in ++ FAILURES=0 ++ getopts :r:s:f:w:t:n: opt ++ shift 4 ++ '[' -z SUCCESS ']' ++ case "${RESULT}" in ++++ date -u --iso-8601=seconds +++ jq -rce --arg date 2026-04-19T13:56:55+00:00 --arg result SUCCESS --arg note 'For details, check Tekton task log.' --arg namespace default --arg successes 0 --arg failures 0 --arg warnings 0 --null-input '{ result: $result, timestamp: $date, note: $note, namespace: $namespace, successes: $successes|tonumber, failures: $failures|tonumber, warnings: $warnings|tonumber }' ++ OUTPUT='{"result":"SUCCESS","timestamp":"2026-04-19T13:56:55+00:00","note":"For details, check Tekton task log.","namespace":"default","successes":0,"failures":0,"warnings":0}' ++ echo '{"result":"SUCCESS","timestamp":"2026-04-19T13:56:55+00:00","note":"For details, check Tekton task log.","namespace":"default","successes":0,"failures":0,"warnings":0}' + TEST_OUTPUT='{"result":"SUCCESS","timestamp":"2026-04-19T13:56:55+00:00","note":"For details, check Tekton task log.","namespace":"default","successes":0,"failures":0,"warnings":0}' ++ echo '{"result":"SUCCESS","timestamp":"2026-04-19T13:56:55+00:00","note":"For details, check Tekton task log.","namespace":"default","successes":0,"failures":0,"warnings":0}' ++ jq .failures + '[' 0 -gt 0 ']' + echo '{"result":"SUCCESS","timestamp":"2026-04-19T13:56:55+00:00","note":"For details, check Tekton task log.","namespace":"default","successes":0,"failures":0,"warnings":0}' + tee /tekton/results/TEST_OUTPUT {"result":"SUCCESS","timestamp":"2026-04-19T13:56:55+00:00","note":"For details, check Tekton task log.","namespace":"default","successes":0,"failures":0,"warnings":0} + handle_error /tekton/results/TEST_OUTPUT + exit_code=0 + '[' 0 -ne 0 ']' + exit 0 pod: konflux-demo-component-kcal-on-push-f7qsx-sast-shell-check-pod | container step-upload: Selecting auth Using token for quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal Attaching to quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal:1dc6580ea2177581106ef7a7bc3a5373b5412958 Executing: oras attach --no-tty --registry-config /home/oras/auth.json --artifact-type application/sarif+json quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal:1dc6580ea2177581106ef7a7bc3a5373b5412958@sha256:f0ff358b512eda5911cbbf3fa9c6626dea34634679b8d5ff7e453e15dcb96625 shellcheck-results.sarif:application/sarif+json Preparing shellcheck-results.sarif Uploading 3b606a9dd3a1 shellcheck-results.sarif Exists 44136fa355b3 application/vnd.oci.empty.v1+json Uploaded 3b606a9dd3a1 shellcheck-results.sarif Uploading 34fe7f5c8073 application/vnd.oci.image.manifest.v1+json Uploaded 34fe7f5c8073 application/vnd.oci.image.manifest.v1+json Attached to [registry] quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal:1dc6580ea2177581106ef7a7bc3a5373b5412958@sha256:f0ff358b512eda5911cbbf3fa9c6626dea34634679b8d5ff7e453e15dcb96625 Digest: sha256:34fe7f5c807342e65750e0372b3850374d2a9670366ad467a911f4b0d38ced85 No excluded-findings.json exists. Skipping upload. pod: konflux-demo-component-kcal-on-push-f7qsx-sast-snyk-check-pod | init container: prepare 2026/04/19 13:56:45 Entrypoint initialization pod: konflux-demo-component-kcal-on-push-f7qsx-sast-snyk-check-pod | init container: place-scripts 2026/04/19 13:56:45 Decoded script /tekton/scripts/script-1-xgf2l 2026/04/19 13:56:45 Decoded script /tekton/scripts/script-2-gnthn pod: konflux-demo-component-kcal-on-push-f7qsx-sast-snyk-check-pod | container step-use-trusted-artifact: Using token for quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal Executing: oras blob fetch --registry-config /tmp/use-oci.sh.tRbeRc/auth-c1olm0.json quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal@sha256:58cf784270f165085355f1ecd4e20ed0afb5d041bef39f1f0fc356c010ea208d --output - Restored artifact quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal@sha256:58cf784270f165085355f1ecd4e20ed0afb5d041bef39f1f0fc356c010ea208d to /var/workdir/source WARN: artifact URI not provided, (given: =/var/workdir/cachi2) pod: konflux-demo-component-kcal-on-push-f7qsx-sast-snyk-check-pod | container step-sast-snyk-check: INFO: The PROJECT_NAME used is: konflux-demo-component-kcal INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' {"result":"SKIPPED","timestamp":"2026-04-19T13:56:54+00:00","note":"Task sast-snyk-check-oci-ta skipped: If you wish to use the Snyk code SAST task, please create a secret name snyk-secret with the key 'snyk_token' containing the Snyk token by following the steps given [here](https://konflux-ci.dev/docs/testing/build/snyk/)","namespace":"default","successes":0,"failures":0,"warnings":0} pod: konflux-demo-component-kcal-on-push-f7qsx-sast-snyk-check-pod | container step-upload: No sast_snyk_check_out.sarif exists. Skipping upload. No excluded-findings.json exists. Skipping upload. pod: konflux-demo-component-kcal1b00bcf9578e1067206035458a8966f7-pod | init container: prepare 2026/04/19 13:57:16 Entrypoint initialization pod: konflux-demo-component-kcal1b00bcf9578e1067206035458a8966f7-pod | init container: place-scripts 2026/04/19 13:57:17 Decoded script /tekton/scripts/script-1-q65v6 2026/04/19 13:57:17 Decoded script /tekton/scripts/script-2-5z5lt pod: konflux-demo-component-kcal1b00bcf9578e1067206035458a8966f7-pod | container step-use-trusted-artifact: Using token for quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal Executing: oras blob fetch --registry-config /tmp/use-oci.sh.ytdEDW/auth-NQy4rH.json quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal@sha256:58cf784270f165085355f1ecd4e20ed0afb5d041bef39f1f0fc356c010ea208d --output - Restored artifact quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal@sha256:58cf784270f165085355f1ecd4e20ed0afb5d041bef39f1f0fc356c010ea208d to /var/workdir/source WARN: artifact URI not provided, (given: =/var/workdir/cachi2) pod: konflux-demo-component-kcal1b00bcf9578e1067206035458a8966f7-pod | container step-sast-unicode-check: + . /utils.sh ++ OPM_RENDER_CACHE=/tmp/konflux-test-opm-cache ++ DEFAULT_INDEX_IMAGE=registry.redhat.io/redhat/redhat-operator-index + trap 'handle_error /tekton/results/TEST_OUTPUT' EXIT + [[ -z '' ]] + PROJECT_NAME=konflux-demo-component-kcal + echo 'INFO: The PROJECT_NAME used is: konflux-demo-component-kcal' INFO: The PROJECT_NAME used is: konflux-demo-component-kcal INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt + ca_bundle=/mnt/trusted-ca/ca-bundle.crt + '[' -f /mnt/trusted-ca/ca-bundle.crt ']' + echo 'INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt' + cp -vf /mnt/trusted-ca/ca-bundle.crt /etc/pki/ca-trust/source/anchors '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' + update-ca-trust + SCAN_PROP=https://github.com/siddhesh/find-unicode-control.git#c2accbfbba7553a8bc1ebd97089ae08ad8347e58 + FUC_EXIT_CODE=0 + LANG=en_US.utf8 + find_unicode_control.py -p bidi -v -d -t /var/workdir/source + [[ 0 -ne 0 ]] + sed -i raw_sast_unicode_check_out.txt -E -e 's|(.*:[0-9]+)(.*)|\1: warning:\2|' -e 's|^|Error: UNICONTROL_WARNING:\n|' + CSGERP_OPTS=(--mode=json --remove-duplicates --embed-context=3 --set-scan-prop="${SCAN_PROP}" --strip-path-prefix="${SOURCE_CODE_DIR}"/source/) + csgrep --mode=json --remove-duplicates --embed-context=3 --set-scan-prop=https://github.com/siddhesh/find-unicode-control.git#c2accbfbba7553a8bc1ebd97089ae08ad8347e58 --strip-path-prefix=/var/workdir/source/ raw_sast_unicode_check_out.txt + csgrep --mode=evtstat processed_sast_unicode_check_out.json + [[ SITE_DEFAULT == \S\I\T\E\_\D\E\F\A\U\L\T ]] + KFP_GIT_URL=https://gitlab.cee.redhat.com/osh/known-false-positives.git + PROBE_URL=https://gitlab.cee.redhat.com/osh/known-false-positives + KFP_DIR=known-false-positives + KFP_CLONED=0 + mkdir known-false-positives + [[ -n https://gitlab.cee.redhat.com/osh/known-false-positives.git ]] INFO: Probing https://gitlab.cee.redhat.com/osh/known-false-positives... + echo -n 'INFO: Probing https://gitlab.cee.redhat.com/osh/known-false-positives... ' + curl --fail --head --max-time 60 --no-progress-meter https://gitlab.cee.redhat.com/osh/known-false-positives ++ head -1 curl: (6) Could not resolve host: gitlab.cee.redhat.com + [[ 0 -eq 0 ]] WARN: Failed to clone known-false-positives at https://gitlab.cee.redhat.com/osh/known-false-positives.git, scan results will not be filtered + echo 'WARN: Failed to clone known-false-positives at https://gitlab.cee.redhat.com/osh/known-false-positives.git, scan results will not be filtered' + mv processed_sast_unicode_check_out.json sast_unicode_check_out.json + csgrep --mode=sarif sast_unicode_check_out.json + [[ 0 -eq 0 ]] + note='Task sast-unicode-check-oci-ta success: No finding was detected' ++ make_result_json -r SUCCESS -t 'Task sast-unicode-check-oci-ta success: No finding was detected' ++ local RESULT= ++ local SUCCESSES=0 ++ local FAILURES=0 ++ local WARNINGS=0 ++ local 'NOTE=For details, check Tekton task log.' ++ local NAMESPACE=default ++ local OUTPUT ++ local OPTIND opt ++ getopts :r:s:f:w:t:n: opt ++ case "${opt}" in ++ RESULT=SUCCESS ++ getopts :r:s:f:w:t:n: opt ++ case "${opt}" in ++ NOTE='Task sast-unicode-check-oci-ta success: No finding was detected' ++ getopts :r:s:f:w:t:n: opt ++ shift 4 ++ '[' -z SUCCESS ']' ++ case "${RESULT}" in ++++ date -u --iso-8601=seconds +++ jq -rce --arg date 2026-04-19T13:57:23+00:00 --arg result SUCCESS --arg note 'Task sast-unicode-check-oci-ta success: No finding was detected' --arg namespace default --arg successes 0 --arg failures 0 --arg warnings 0 --null-input '{ result: $result, timestamp: $date, note: $note, namespace: $namespace, successes: $successes|tonumber, failures: $failures|tonumber, warnings: $warnings|tonumber }' ++ OUTPUT='{"result":"SUCCESS","timestamp":"2026-04-19T13:57:23+00:00","note":"Task sast-unicode-check-oci-ta success: No finding was detected","namespace":"default","successes":0,"failures":0,"warnings":0}' ++ echo '{"result":"SUCCESS","timestamp":"2026-04-19T13:57:23+00:00","note":"Task sast-unicode-check-oci-ta success: No finding was detected","namespace":"default","successes":0,"failures":0,"warnings":0}' + ERROR_OUTPUT='{"result":"SUCCESS","timestamp":"2026-04-19T13:57:23+00:00","note":"Task sast-unicode-check-oci-ta success: No finding was detected","namespace":"default","successes":0,"failures":0,"warnings":0}' + echo '{"result":"SUCCESS","timestamp":"2026-04-19T13:57:23+00:00","note":"Task sast-unicode-check-oci-ta success: No finding was detected","namespace":"default","successes":0,"failures":0,"warnings":0}' + tee /tekton/results/TEST_OUTPUT {"result":"SUCCESS","timestamp":"2026-04-19T13:57:23+00:00","note":"Task sast-unicode-check-oci-ta success: No finding was detected","namespace":"default","successes":0,"failures":0,"warnings":0} + handle_error /tekton/results/TEST_OUTPUT + exit_code=0 + '[' 0 -ne 0 ']' + exit 0 pod: konflux-demo-component-kcal1b00bcf9578e1067206035458a8966f7-pod | container step-upload: Selecting auth Using token for quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal Attaching to quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal:1dc6580ea2177581106ef7a7bc3a5373b5412958 Executing: oras attach --no-tty --registry-config /home/oras/auth.json --artifact-type application/sarif+json quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal:1dc6580ea2177581106ef7a7bc3a5373b5412958@sha256:f0ff358b512eda5911cbbf3fa9c6626dea34634679b8d5ff7e453e15dcb96625 sast_unicode_check_out.sarif:application/sarif+json Preparing sast_unicode_check_out.sarif Exists 44136fa355b3 application/vnd.oci.empty.v1+json Uploading 1da9b99b8b41 sast_unicode_check_out.sarif Uploaded 1da9b99b8b41 sast_unicode_check_out.sarif Uploading 79fa3b03a7d3 application/vnd.oci.image.manifest.v1+json Uploaded 79fa3b03a7d3 application/vnd.oci.image.manifest.v1+json Attached to [registry] quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal:1dc6580ea2177581106ef7a7bc3a5373b5412958@sha256:f0ff358b512eda5911cbbf3fa9c6626dea34634679b8d5ff7e453e15dcb96625 Digest: sha256:79fa3b03a7d3345baa636e6d8b43a794638fa5a08e7c19f0de51120a1fd87f28 No excluded-findings.json exists. Skipping upload. pod: konflux-demo-component-kcal377d78a5d9da7aba1604b00a9a6f1d60-pod | init container: prepare 2026/04/19 13:53:33 Entrypoint initialization pod: konflux-demo-component-kcal377d78a5d9da7aba1604b00a9a6f1d60-pod | init container: place-scripts 2026/04/19 13:53:44 Decoded script /tekton/scripts/script-0-tvg4n 2026/04/19 13:53:44 Decoded script /tekton/scripts/script-2-bv68l pod: konflux-demo-component-kcal377d78a5d9da7aba1604b00a9a6f1d60-pod | container step-skip-ta: pod: konflux-demo-component-kcal377d78a5d9da7aba1604b00a9a6f1d60-pod | container step-use-trusted-artifact: WARN: found skip file in /var/workdir/source pod: konflux-demo-component-kcal377d78a5d9da7aba1604b00a9a6f1d60-pod | container step-prefetch-dependencies: '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' time="2026-04-19T13:53:51Z" level=debug msg="Starting prefetch-dependencies" time="2026-04-19T13:53:51Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-19T13:53:51Z" level=info msg="Not using package registry proxy because allow-package-registry-proxy is not set to `true` on the cluster level" logger=PrefetchDependencies time="2026-04-19T13:53:51Z" level=info msg="[param] source-dir: /var/workdir/source" time="2026-04-19T13:53:51Z" level=info msg="[param] output-dir: /var/workdir/cachi2/output" time="2026-04-19T13:53:51Z" level=info msg="[param] sbom-format: spdx" time="2026-04-19T13:53:51Z" level=info msg="[param] mode: strict" time="2026-04-19T13:53:51Z" level=info msg="[param] output-dir-mount-point: /cachi2/output" time="2026-04-19T13:53:51Z" level=info msg="[param] env-files: [/var/workdir/cachi2/cachi2.env]" time="2026-04-19T13:53:51Z" level=info msg="[param] git-auth-directory: /workspace/git-basic-auth" time="2026-04-19T13:53:52Z" level=info msg="hermeto [stdout] hermeto 0.50.1" logger=CliExecutor time="2026-04-19T13:53:52Z" level=warning msg="No input provided; skipping prefetch-dependencies" logger=PrefetchDependencies time="2026-04-19T13:53:52Z" level=debug msg="Finished prefetch-dependencies" pod: konflux-demo-component-kcal377d78a5d9da7aba1604b00a9a6f1d60-pod | container step-create-trusted-artifact: WARN: found skip file in /var/workdir/source WARN: found skip file in /var/workdir/cachi2 pod: konflux-demo-component-kcalce5425dbfd1c62f5d3c7529f63271d5f-pod | init container: prepare 2026/04/19 14:00:13 Entrypoint initialization pod: konflux-demo-component-kcalce5425dbfd1c62f5d3c7529f63271d5f-pod | init container: place-scripts 2026/04/19 14:00:13 Decoded script /tekton/scripts/script-0-cckbc 2026/04/19 14:00:13 Decoded script /tekton/scripts/script-1-lqbzx 2026/04/19 14:00:13 Decoded script /tekton/scripts/script-2-d9hfw 2026/04/19 14:00:13 Decoded script /tekton/scripts/script-3-s9chp 2026/04/19 14:00:13 Decoded script /tekton/scripts/script-4-4zzhv 2026/04/19 14:00:13 Decoded script /tekton/scripts/script-5-bnn76 pod: konflux-demo-component-kcalce5425dbfd1c62f5d3c7529f63271d5f-pod | container step-introspect: Artifact type will be determined by introspection. Checking the media type of the OCI artifact... [retry] executing: skopeo inspect --raw --retry-times 3 docker://quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal:1dc6580ea2177581106ef7a7bc3a5373b5412958 The media type of the OCI artifact is application/vnd.docker.distribution.manifest.v2+json. Looking for image labels that indicate this might be an operator bundle... [retry] executing: skopeo inspect --retry-times 3 docker://quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal:1dc6580ea2177581106ef7a7bc3a5373b5412958 Found 0 matching labels. Expecting 3 or more to identify this image as an operator bundle. Introspection concludes that this artifact is of type "application". pod: konflux-demo-component-kcalce5425dbfd1c62f5d3c7529f63271d5f-pod | container step-generate-container-auth: Selecting auth for quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal:1dc6580ea2177581106ef7a7bc3a5373b5412958 Using token for quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal Auth json written to "/auth/auth.json". pod: konflux-demo-component-kcalce5425dbfd1c62f5d3c7529f63271d5f-pod | container step-set-skip-for-bundles: 2026/04/19 14:00:17 INFO Step was skipped due to when expressions were evaluated to false. pod: konflux-demo-component-kcalce5425dbfd1c62f5d3c7529f63271d5f-pod | container step-app-check: time="2026-04-19T14:00:17Z" level=info msg="certification library version" version="1.17.1 <commit: f7de82ae1c76e6c10ea94967d6b6a66f96248cbe>" time="2026-04-19T14:00:18Z" level=info msg="running checks for quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal:1dc6580ea2177581106ef7a7bc3a5373b5412958 for platform amd64" time="2026-04-19T14:00:18Z" level=info msg="target image" image="quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal:1dc6580ea2177581106ef7a7bc3a5373b5412958" time="2026-04-19T14:00:25Z" level=info msg="warning: licenses directory does not exist or all of its children are empty directories: error when checking for /licenses: stat /tmp/preflight-850932707/fs/licenses: no such file or directory" check=HasLicense time="2026-04-19T14:00:25Z" level=info msg="check completed" check=HasLicense result=FAILED time="2026-04-19T14:00:25Z" level=info msg="check completed" check=HasUniqueTag result=PASSED time="2026-04-19T14:00:25Z" level=info msg="check completed" check=LayerCountAcceptable result=PASSED time="2026-04-19T14:00:26Z" level=info msg="check completed" check=HasNoProhibitedPackages result=PASSED time="2026-04-19T14:00:26Z" level=info msg="check completed" check=HasRequiredLabel result=PASSED time="2026-04-19T14:00:26Z" level=info msg="USER 185 specified that is non-root" check=RunAsNonRoot time="2026-04-19T14:00:26Z" level=info msg="check completed" check=RunAsNonRoot result=PASSED time="2026-04-19T14:00:35Z" level=info msg="check completed" check=HasModifiedFiles result=PASSED time="2026-04-19T14:00:35Z" level=info msg="check completed" check=BasedOnUbi result=PASSED time="2026-04-19T14:00:35Z" level=info msg="This image's tag 1dc6580ea2177581106ef7a7bc3a5373b5412958 will be paired with digest sha256:f0ff358b512eda5911cbbf3fa9c6626dea34634679b8d5ff7e453e15dcb96625 once this image has been published in accordance with Red Hat Certification policy. You may then add or remove any supplemental tags through your Red Hat Connect portal as you see fit." { "image": "quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal:1dc6580ea2177581106ef7a7bc3a5373b5412958", "passed": false, "test_library": { "name": "github.com/redhat-openshift-ecosystem/openshift-preflight", "version": "1.17.1", "commit": "f7de82ae1c76e6c10ea94967d6b6a66f96248cbe" }, "results": { "passed": [ { "name": "HasUniqueTag", "elapsed_time": 0, "description": "Checking if container has a tag other than 'latest', so that the image can be uniquely identified." }, { "name": "LayerCountAcceptable", "elapsed_time": 0, "description": "Checking if container has less than 40 layers. Too many layers within the container images can degrade container performance." }, { "name": "HasNoProhibitedPackages", "elapsed_time": 43, "description": "Checks to ensure that the image in use does not include prohibited packages, such as Red Hat Enterprise Linux (RHEL) kernel packages." }, { "name": "HasRequiredLabel", "elapsed_time": 0, "description": "Checking if the required labels (name, vendor, version, release, summary, description, maintainer) are present in the container metadata" }, { "name": "RunAsNonRoot", "elapsed_time": 0, "description": "Checking if container runs as the root user because a container that does not specify a non-root user will fail the automatic certification, and will be subject to a manual review before the container can be approved for publication" }, { "name": "HasModifiedFiles", "elapsed_time": 9144, "description": "Checks that no files installed via RPM in the base Red Hat layer have been modified" }, { "name": "BasedOnUbi", "elapsed_time": 156, "description": "Checking if the container's base image is based upon the Red Hat Universal Base Image (UBI)" } ], "failed": [ { "name": "HasLicense", "elapsed_time": 0, "description": "Checking if terms and conditions applicable to the software including open source licensing information are present. The license must be at /licenses", "help": "Check HasLicense encountered an error. Please review the preflight.log file for more information.", "suggestion": "Create a directory named /licenses and include all relevant licensing and/or terms and conditions as text file(s) in that directory.", "knowledgebase_url": "https://access.redhat.com/documentation/en-us/red_hat_software_certification/2024/html-single/red_hat_openshift_software_certification_policy_guide/index#assembly-requirements-for-container-images_openshift-sw-cert-policy-introduction", "check_url": "https://access.redhat.com/documentation/en-us/red_hat_software_certification/2024/html-single/red_hat_openshift_software_certification_policy_guide/index#assembly-requirements-for-container-images_openshift-sw-cert-policy-introduction" } ], "errors": [] } } time="2026-04-19T14:00:35Z" level=info msg="Preflight result: FAILED" pod: konflux-demo-component-kcalce5425dbfd1c62f5d3c7529f63271d5f-pod | container step-app-set-outcome: {"result":"FAILURE","timestamp":"1776607235","note":"Task preflight is a FAILURE: Refer to Tekton task logs for more information","successes":7,"failures":1,"warnings":0}[retry] executing: skopeo inspect --raw --retry-times 3 docker://quay.io/redhat-appstudio-qe/konflux-kowk/konflux-demo-component-kcal:1dc6580ea2177581106ef7a7bc3a5373b5412958 pod: konflux-demo-component-kcalce5425dbfd1c62f5d3c7529f63271d5f-pod | container step-final-outcome: + [[ ! -f /mount/konflux.results.json ]] + tee /tekton/steps/step-final-outcome/results/test-output {"result":"FAILURE","timestamp":"1776607235","note":"Task preflight is a FAILURE: Refer to Tekton task logs for more information","successes":7,"failures":1,"warnings":0}New PipelineRun konflux-demo-component-kcal-on-push-zt9t7 found after retrigger for component konflux-kowk/konflux-demo-component-kcal PipelineRun konflux-demo-component-kcal-on-push-zt9t7 found for Component konflux-kowk/konflux-demo-component-kcal PipelineRun konflux-demo-component-kcal-on-push-zt9t7 reason: ResolvingTaskRef PipelineRun konflux-demo-component-kcal-on-push-zt9t7 reason: Running PipelineRun konflux-demo-component-kcal-on-push-zt9t7 reason: Running PipelineRun konflux-demo-component-kcal-on-push-zt9t7 reason: Running PipelineRun konflux-demo-component-kcal-on-push-zt9t7 reason: Running PipelineRun konflux-demo-component-kcal-on-push-zt9t7 reason: Running PipelineRun konflux-demo-component-kcal-on-push-zt9t7 reason: Running PipelineRun konflux-demo-component-kcal-on-push-zt9t7 reason: Running PipelineRun konflux-demo-component-kcal-on-push-zt9t7 reason: Running PipelineRun konflux-demo-component-kcal-on-push-zt9t7 reason: Running PipelineRun konflux-demo-component-kcal-on-push-zt9t7 reason: Running PipelineRun konflux-demo-component-kcal-on-push-zt9t7 reason: Completed "level"=0 "msg"="Konflux demo: build PipelineRun finishedpipelineRunkonflux-demo-component-kcal-on-push-zt9t7headSHA1b30aef93d649ad133a86b6c9a2c0397a38a5a23" < Exit [It] should eventually complete successfully - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:373 @ 04/19/26 14:05:30.994 (12m35.717s) > Enter [It] should validate Tekton TaskRun test results successfully - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:389 @ 04/19/26 14:05:30.996 "level"=0 "msg"="Konflux demo: validating build PipelineRun TaskRun test resultscomponentkonflux-demo-component-kcalheadSHA1b30aef93d649ad133a86b6c9a2c0397a38a5a23" < Exit [It] should validate Tekton TaskRun test results successfully - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:389 @ 04/19/26 14:05:31.375 (379ms) > Enter [It] should validate that the build pipelineRun is signed - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:403 @ 04/19/26 14:05:31.376 "level"=0 "msg"="Konflux demo: validating build PipelineRun is signedcomponentkonflux-demo-component-kcal" "level"=0 "msg"="Konflux demo: build PipelineRun is signedpipelineRunkonflux-demo-component-kcal-on-push-zt9t7" < Exit [It] should validate that the build pipelineRun is signed - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:403 @ 04/19/26 14:05:31.413 (37ms) > Enter [It] should find the related Snapshot CR - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:419 @ 04/19/26 14:05:31.413 "level"=0 "msg"="Konflux demo: waiting for Snapshot CRpipelineRunkonflux-demo-component-kcal-on-push-zt9t7namespacekonflux-kowk" "level"=0 "msg"="Konflux demo: Snapshot foundsnapshotkonflux-demo-app-20260419-140144-000" < Exit [It] should find the related Snapshot CR - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:419 @ 04/19/26 14:05:31.42 (7ms) > Enter [It] should validate that the build pipelineRun is annotated with the name of the Snapshot - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:432 @ 04/19/26 14:05:31.421 < Exit [It] should validate that the build pipelineRun is annotated with the name of the Snapshot - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:432 @ 04/19/26 14:05:31.512 (91ms) > Enter [It] should find the related Integration Test PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:441 @ 04/19/26 14:05:31.512 "level"=0 "msg"="Konflux demo: waiting for Integration Test PipelineRunscenariomy-integration-test-siacsnapshotkonflux-demo-app-20260419-140144-000" "level"=0 "msg"="Konflux demo: Integration Test PipelineRun foundpipelineRunmy-integration-test-siac-9ztcc" < Exit [It] should find the related Integration Test PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:441 @ 04/19/26 14:05:31.519 (7ms) > Enter [It] should eventually succeed - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:462 @ 04/19/26 14:05:31.52 "level"=0 "msg"="Konflux demo: triggering PaC build retriggercomponentkonflux-demo-component-kcal" "level"=0 "msg"="Konflux demo: waiting for retriggered PipelineRun to appearcomponentkonflux-demo-component-kcal" PipelineRun is not been retriggered yet for the component konflux-kowk/konflux-demo-component-kcal "msg"="Konflux demo: GetComponentPipelineRunWithType (incoming) failed: no pipelinerun found for component konflux-demo-component-kcal" "error"=null "level"=0 "msg"="Konflux demo: waiting for retriggered build PipelineRun to finishpipelineRunkonflux-demo-component-kcal-on-push-hqc95" PipelineRun konflux-demo-component-kcal-on-push-hqc95 found for Component konflux-kowk/konflux-demo-component-kcal PipelineRun konflux-demo-component-kcal-on-push-hqc95 reason: Running PipelineRun konflux-demo-component-kcal-on-push-hqc95 reason: Running PipelineRun konflux-demo-component-kcal-on-push-hqc95 reason: Running PipelineRun konflux-demo-component-kcal-on-push-hqc95 reason: Running PipelineRun konflux-demo-component-kcal-on-push-hqc95 reason: Running PipelineRun konflux-demo-component-kcal-on-push-hqc95 reason: Running PipelineRun konflux-demo-component-kcal-on-push-hqc95 reason: Running PipelineRun konflux-demo-component-kcal-on-push-hqc95 reason: Running PipelineRun konflux-demo-component-kcal-on-push-hqc95 reason: Running PipelineRun konflux-demo-component-kcal-on-push-hqc95 reason: Running PipelineRun konflux-demo-component-kcal-on-push-hqc95 reason: Completed "level"=0 "msg"="Konflux demo: retriggered build PipelineRun finishedpipelineRunkonflux-demo-component-kcal-on-push-hqc95" < Exit [It] should eventually succeed - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:462 @ 04/19/26 14:09:11.641 (3m40.122s) > Enter [It] should eventually complete successfully - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:493 @ 04/19/26 14:09:11.642 "level"=0 "msg"="Konflux demo: waiting for Integration pipeline to finishscenariomy-integration-test-siacsnapshotkonflux-demo-app-20260419-140144-000" PipelineRun my-integration-test-siac-9ztcc reason: Succeeded "level"=0 "msg"="Konflux demo: Integration pipeline finishedsnapshotkonflux-demo-app-20260419-140144-000" < Exit [It] should eventually complete successfully - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:493 @ 04/19/26 14:09:11.649 (7ms) > Enter [It] should lead to Snapshot CR being marked as passed - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:505 @ 04/19/26 14:09:11.649 "level"=0 "msg"="Konflux demo: waiting for Snapshot to be marked as passedpipelineRunkonflux-demo-component-kcal-on-push-zt9t7" "level"=0 "msg"="Konflux demo: Snapshot marked as passedsnapshotkonflux-demo-app-20260419-140144-000" < Exit [It] should lead to Snapshot CR being marked as passed - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:505 @ 04/19/26 14:09:11.66 (11ms) > Enter [It] should trigger creation of Release CR - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:518 @ 04/19/26 14:09:11.66 "level"=0 "msg"="Konflux demo: waiting for Release CRsnapshotkonflux-demo-app-20260419-140144-000namespacekonflux-kowk" "level"=0 "msg"="Konflux demo: Release CR createdreleasekonflux-demo-app-20260419-140144-000-1b30aef-lgsqv" < Exit [It] should trigger creation of Release CR - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:518 @ 04/19/26 14:09:11.668 (8ms) > Enter [It] triggers creation of Release PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:533 @ 04/19/26 14:09:11.668 "level"=0 "msg"="Konflux demo: waiting for Release PipelineRun to startreleasekonflux-demo-app-20260419-140144-000-1b30aef-lgsqvmanagedNamespacekonflux-kowk-managed" "level"=0 "msg"="Konflux demo: Release PipelineRun startedpipelineRunmanaged-n9cms" < Exit [It] triggers creation of Release PipelineRun - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:533 @ 04/19/26 14:09:11.735 (67ms) > Enter [It] should eventually succeed - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:552 @ 04/19/26 14:09:11.736 "level"=0 "msg"="Konflux demo: waiting for Release PipelineRun to completereleasekonflux-demo-app-20260419-140144-000-1b30aef-lgsqvmanagedNamespacekonflux-kowk-managed" "level"=0 "msg"="Konflux demo: Release PipelineRun succeededreleasekonflux-demo-app-20260419-140144-000-1b30aef-lgsqv" < Exit [It] should eventually succeed - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:552 @ 04/19/26 14:09:11.743 (7ms) > Enter [It] should lead to Release CR being marked as succeeded - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:578 @ 04/19/26 14:09:11.743 "level"=0 "msg"="Konflux demo: waiting for Release CR to be marked as releasedreleasekonflux-demo-app-20260419-140144-000-1b30aef-lgsqvnamespacekonflux-kowk" "level"=0 "msg"="Konflux demo: Release CR marked as succeededreleasekonflux-demo-app-20260419-140144-000-1b30aef-lgsqv" < Exit [It] should lead to Release CR being marked as succeeded - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:578 @ 04/19/26 14:09:11.75 (7ms) > Enter [AfterAll] Maven project - Default build - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:154 @ 04/19/26 14:09:11.75 "level"=0 "msg"="Konflux demo AfterAll: cleaning up namespacesuserNamespacekonflux-kowkmanagedNamespacekonflux-kowk-managed" "msg"="Konflux demo AfterAll: failed to delete GitHub ref konflux-konflux-demo-component-kcal in repo hacbs-test-project-konflux-demo: DELETE https://api.github.com/repos/redhat-appstudio-qe/hacbs-test-project-konflux-demo/git/refs/heads/konflux-konflux-demo-component-kcal: 422 Reference does not exist []" "error"=null "level"=0 "msg"="Konflux demo AfterAll: cleanup finishedcomponentRepositoryNamehacbs-test-project-konflux-demo" < Exit [AfterAll] Maven project - Default build - /tmp/tmp.Z3cR7n2baf/tests/konflux-demo/konflux-demo.go:154 @ 04/19/26 14:10:42.42 (1m30.67s) > Enter [BeforeAll] with status reporting of Integration tests in CheckRuns - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:60 @ 04/19/26 13:50:24.469 Successfully acquired repository lock for namespace group-tmhy < Exit [BeforeAll] with status reporting of Integration tests in CheckRuns - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:60 @ 04/19/26 13:50:37.73 (13.261s) > Enter [It] creates the Component A successfully - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:205 @ 04/19/26 13:50:37.73 Image repository for component go-component-vygkmq in namespace group-tmhy do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Image repository for component go-component-vygkmq in namespace group-tmhy do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Image repository for component go-component-vygkmq in namespace group-tmhy do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Image repository for component go-component-vygkmq in namespace group-tmhy do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. < Exit [It] creates the Component A successfully - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:205 @ 04/19/26 13:51:27.791 (50.061s) > Enter [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 13:51:27.791 < Exit [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 13:51:27.791 (0s) > Enter [It] triggers a Build PipelineRun for componentA go-component - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:213 @ 04/19/26 13:51:27.792 Build PipelineRun has not been created yet for the componentA group-tmhy/go-component-vygkmq Build PipelineRun has not been created yet for the componentA group-tmhy/go-component-vygkmq < Exit [It] triggers a Build PipelineRun for componentA go-component - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:213 @ 04/19/26 13:52:07.829 (40.037s) > Enter [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 13:52:07.829 < Exit [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 13:52:07.829 (0s) > Enter [It] does not contain an annotation with a Snapshot Name - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:227 @ 04/19/26 13:52:07.829 < Exit [It] does not contain an annotation with a Snapshot Name - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:227 @ 04/19/26 13:52:07.829 (0s) > Enter [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 13:52:07.829 < Exit [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 13:52:07.829 (0s) > Enter [It] should lead to build PipelineRunA finishing successfully - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:231 @ 04/19/26 13:52:07.83 PipelineRun go-component-vygkmq-on-pull-request-qvlkp found for Component group-tmhy/go-component-vygkmq PipelineRun go-component-vygkmq-on-pull-request-qvlkp reason: Running PipelineRun go-component-vygkmq-on-pull-request-qvlkp reason: Running PipelineRun go-component-vygkmq-on-pull-request-qvlkp reason: Running PipelineRun go-component-vygkmq-on-pull-request-qvlkp reason: Running PipelineRun go-component-vygkmq-on-pull-request-qvlkp reason: Running PipelineRun go-component-vygkmq-on-pull-request-qvlkp reason: Running PipelineRun go-component-vygkmq-on-pull-request-qvlkp reason: Running PipelineRun go-component-vygkmq-on-pull-request-qvlkp reason: Running PipelineRun go-component-vygkmq-on-pull-request-qvlkp reason: Running PipelineRun go-component-vygkmq-on-pull-request-qvlkp reason: Running PipelineRun go-component-vygkmq-on-pull-request-qvlkp reason: Running PipelineRun go-component-vygkmq-on-pull-request-qvlkp reason: Running PipelineRun go-component-vygkmq-on-pull-request-qvlkp reason: Running PipelineRun go-component-vygkmq-on-pull-request-qvlkp reason: Running PipelineRun go-component-vygkmq-on-pull-request-qvlkp reason: Running PipelineRun go-component-vygkmq-on-pull-request-qvlkp reason: Running PipelineRun go-component-vygkmq-on-pull-request-qvlkp reason: Running PipelineRun go-component-vygkmq-on-pull-request-qvlkp reason: Running PipelineRun go-component-vygkmq-on-pull-request-qvlkp reason: Running PipelineRun go-component-vygkmq-on-pull-request-qvlkp reason: Running PipelineRun go-component-vygkmq-on-pull-request-qvlkp reason: Running PipelineRun go-component-vygkmq-on-pull-request-qvlkp reason: Running PipelineRun go-component-vygkmq-on-pull-request-qvlkp reason: Running PipelineRun go-component-vygkmq-on-pull-request-qvlkp reason: Running PipelineRun go-component-vygkmq-on-pull-request-qvlkp reason: Running PipelineRun go-component-vygkmq-on-pull-request-qvlkp reason: Running PipelineRun go-component-vygkmq-on-pull-request-qvlkp reason: Running PipelineRun go-component-vygkmq-on-pull-request-qvlkp reason: Running PipelineRun go-component-vygkmq-on-pull-request-qvlkp reason: Running PipelineRun go-component-vygkmq-on-pull-request-qvlkp reason: Completed < Exit [It] should lead to build PipelineRunA finishing successfully - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:231 @ 04/19/26 14:01:47.846 (9m40.017s) > Enter [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:01:47.846 < Exit [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:01:47.846 (0s) > Enter [It] should lead to a PaC PR creation for componentA go-component - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:236 @ 04/19/26 14:01:47.847 < Exit [It] should lead to a PaC PR creation for componentA go-component - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:236 @ 04/19/26 14:01:48.171 (324ms) > Enter [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:01:48.171 < Exit [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:01:48.171 (0s) > Enter [It] checks if the Snapshot is created - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:258 @ 04/19/26 14:01:48.171 unable to get the Snapshot within the namespace group-tmhy. Error: no snapshot found for component 'go-component-vygkmq', pipelineRun 'go-component-vygkmq-on-pull-request-qvlkp' in 'group-tmhy' namespace < Exit [It] checks if the Snapshot is created - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:258 @ 04/19/26 14:02:08.188 (20.017s) > Enter [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:02:08.188 < Exit [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:02:08.188 (0s) > Enter [It] should find the related Integration PipelineRuns - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:263 @ 04/19/26 14:02:08.189 < Exit [It] should find the related Integration PipelineRuns - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:263 @ 04/19/26 14:02:08.224 (35ms) > Enter [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:02:08.224 < Exit [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:02:08.224 (0s) > Enter [It] integration pipeline should end up with success - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:270 @ 04/19/26 14:02:08.224 PipelineRun integration-resolver-pipelinerun-75dd4 reason: Succeeded < Exit [It] integration pipeline should end up with success - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:270 @ 04/19/26 14:02:08.256 (31ms) > Enter [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:02:08.256 < Exit [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:02:08.256 (0s) > Enter [It] should merge the init PaC PR successfully - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:277 @ 04/19/26 14:02:08.256 merged result sha: 797729c4dc08f74e00de98db849dae954965bc36 for PR #21081 < Exit [It] should merge the init PaC PR successfully - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:277 @ 04/19/26 14:02:09.818 (1.562s) > Enter [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:02:09.818 < Exit [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:02:09.818 (0s) > Enter [It] creates the Component B successfully - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:296 @ 04/19/26 14:02:09.819 < Exit [It] creates the Component B successfully - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:296 @ 04/19/26 14:02:19.876 (10.056s) > Enter [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:02:19.876 < Exit [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:02:19.876 (0s) > Enter [It] triggers a Build PipelineRun for component python-component - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:304 @ 04/19/26 14:02:19.876 Build PipelineRun has not been created yet for the componentB group-tmhy/python-component-ltwxkn < Exit [It] triggers a Build PipelineRun for component python-component - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:304 @ 04/19/26 14:02:39.915 (20.038s) > Enter [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:02:39.915 < Exit [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:02:39.915 (0s) > Enter [It] does not contain an annotation with a Snapshot Name - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:318 @ 04/19/26 14:02:39.915 < Exit [It] does not contain an annotation with a Snapshot Name - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:318 @ 04/19/26 14:02:39.915 (0s) > Enter [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:02:39.916 < Exit [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:02:39.916 (0s) > Enter [It] should lead to build PipelineRun finishing successfully - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:322 @ 04/19/26 14:02:39.916 PipelineRun python-component-ltwxkn-on-pull-request-985h4 found for Component group-tmhy/python-component-ltwxkn PipelineRun python-component-ltwxkn-on-pull-request-985h4 reason: Running PipelineRun python-component-ltwxkn-on-pull-request-985h4 reason: Running PipelineRun python-component-ltwxkn-on-pull-request-985h4 reason: Running PipelineRun python-component-ltwxkn-on-pull-request-985h4 reason: Running PipelineRun python-component-ltwxkn-on-pull-request-985h4 reason: Running PipelineRun python-component-ltwxkn-on-pull-request-985h4 reason: Running PipelineRun python-component-ltwxkn-on-pull-request-985h4 reason: Running PipelineRun python-component-ltwxkn-on-pull-request-985h4 reason: Running PipelineRun python-component-ltwxkn-on-pull-request-985h4 reason: Running PipelineRun python-component-ltwxkn-on-pull-request-985h4 reason: Running PipelineRun python-component-ltwxkn-on-pull-request-985h4 reason: Running PipelineRun python-component-ltwxkn-on-pull-request-985h4 reason: Running PipelineRun python-component-ltwxkn-on-pull-request-985h4 reason: Running PipelineRun python-component-ltwxkn-on-pull-request-985h4 reason: Running PipelineRun python-component-ltwxkn-on-pull-request-985h4 reason: Running PipelineRun python-component-ltwxkn-on-pull-request-985h4 reason: Running PipelineRun python-component-ltwxkn-on-pull-request-985h4 reason: Running PipelineRun python-component-ltwxkn-on-pull-request-985h4 reason: Running PipelineRun python-component-ltwxkn-on-pull-request-985h4 reason: Running PipelineRun integration-resolver-pipelinerun-58sdg reason: Succeeded < Exit [It] should lead to build PipelineRun finishing successfully - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:322 @ 04/19/26 14:08:59.936 (6m20.02s) > Enter [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:08:59.936 < Exit [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:08:59.936 (0s) > Enter [It] should lead to a PaC PR creation for component python-component - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:327 @ 04/19/26 14:08:59.937 < Exit [It] should lead to a PaC PR creation for component python-component - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:327 @ 04/19/26 14:09:00.333 (397ms) > Enter [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:09:00.334 < Exit [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:09:00.334 (0s) > Enter [It] checks if the Snapshot is created - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:349 @ 04/19/26 14:09:00.334 < Exit [It] checks if the Snapshot is created - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:349 @ 04/19/26 14:09:00.343 (9ms) > Enter [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:09:00.343 < Exit [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:09:00.343 (0s) > Enter [It] should find the related Integration PipelineRuns - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:354 @ 04/19/26 14:09:00.344 < Exit [It] should find the related Integration PipelineRuns - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:354 @ 04/19/26 14:09:00.428 (84ms) > Enter [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:09:00.428 < Exit [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:09:00.428 (0s) > Enter [It] integration pipeline should end up with success - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:361 @ 04/19/26 14:09:00.428 PipelineRun integration-resolver-pipelinerun-58sdg reason: Succeeded < Exit [It] integration pipeline should end up with success - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:361 @ 04/19/26 14:09:00.435 (6ms) > Enter [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:09:00.435 < Exit [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:09:00.435 (0s) > Enter [It] should merge the init PaC PR successfully - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:368 @ 04/19/26 14:09:00.435 merged result sha: ca5e910f8aaa7126218d66c68d766629b8b98494 for PR #21082 < Exit [It] should merge the init PaC PR successfully - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:368 @ 04/19/26 14:09:01.97 (1.535s) > Enter [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:09:01.97 < Exit [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:09:01.97 (0s) > Enter [It] creates the Component C successfully - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:387 @ 04/19/26 14:09:01.971 < Exit [It] creates the Component C successfully - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:387 @ 04/19/26 14:09:12 (10.029s) > Enter [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:09:12 < Exit [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:09:12 (0s) > Enter [It] triggers a Build PipelineRun for componentC konflux-test-integration-clone - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:395 @ 04/19/26 14:09:12.001 Build PipelineRun has not been created yet for the componentC group-tmhy/konflux-test-integration-clone-nzptub < Exit [It] triggers a Build PipelineRun for componentC konflux-test-integration-clone - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:395 @ 04/19/26 14:09:32.028 (20.027s) > Enter [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:09:32.029 < Exit [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:09:32.029 (0s) > Enter [It] does not contain an annotation with a Snapshot Name - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:409 @ 04/19/26 14:09:32.029 < Exit [It] does not contain an annotation with a Snapshot Name - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:409 @ 04/19/26 14:09:32.029 (0s) > Enter [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:09:32.029 < Exit [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:09:32.029 (0s) > Enter [It] should lead to build PipelineRun finishing successfully - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:413 @ 04/19/26 14:09:32.03 PipelineRun konflux-test-integration-clone-nzptub-on-pull-request-j669r found for Component group-tmhy/konflux-test-integration-clone-nzptub PipelineRun konflux-test-integration-clone-nzptub-on-pull-request-j669r reason: Running PipelineRun konflux-test-integration-clone-nzptub-on-pull-request-j669r reason: Running PipelineRun konflux-test-integration-clone-nzptub-on-pull-request-j669r reason: Running PipelineRun konflux-test-integration-clone-nzptub-on-pull-request-j669r reason: Running PipelineRun konflux-test-integration-clone-nzptub-on-pull-request-j669r reason: Running PipelineRun konflux-test-integration-clone-nzptub-on-pull-request-j669r reason: Running PipelineRun konflux-test-integration-clone-nzptub-on-pull-request-j669r reason: Running PipelineRun konflux-test-integration-clone-nzptub-on-pull-request-j669r reason: Running PipelineRun konflux-test-integration-clone-nzptub-on-pull-request-j669r reason: Running PipelineRun integration-resolver-pipelinerun-7lkf9 reason: Running PipelineRun integration-resolver-pipelinerun-7lkf9 reason: Succeeded < Exit [It] should lead to build PipelineRun finishing successfully - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:413 @ 04/19/26 14:12:52.05 (3m20.02s) > Enter [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:12:52.05 < Exit [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:12:52.05 (0s) > Enter [It] should lead to a PaC PR creation for componentC konflux-test-integration-clone - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:418 @ 04/19/26 14:12:52.051 < Exit [It] should lead to a PaC PR creation for componentC konflux-test-integration-clone - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:418 @ 04/19/26 14:12:52.461 (410ms) > Enter [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:12:52.461 < Exit [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:12:52.461 (0s) > Enter [It] checks if the Snapshot is created - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:440 @ 04/19/26 14:12:52.462 < Exit [It] checks if the Snapshot is created - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:440 @ 04/19/26 14:12:52.47 (9ms) > Enter [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:12:52.47 < Exit [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:12:52.47 (0s) > Enter [It] should find the related Integration PipelineRuns - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:445 @ 04/19/26 14:12:52.471 < Exit [It] should find the related Integration PipelineRuns - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:445 @ 04/19/26 14:12:52.557 (87ms) > Enter [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:12:52.558 < Exit [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:12:52.558 (0s) > Enter [It] integration pipeline should end up with success - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:452 @ 04/19/26 14:12:52.558 PipelineRun integration-resolver-pipelinerun-7lkf9 reason: Succeeded < Exit [It] integration pipeline should end up with success - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:452 @ 04/19/26 14:12:52.658 (100ms) > Enter [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:12:52.658 < Exit [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:12:52.658 (0s) > Enter [It] should merge the init PaC PR successfully - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:459 @ 04/19/26 14:12:52.659 merged result sha: 79f6fda071c6dae6544bcb2247bedd00f84a5252 for PR #8804 < Exit [It] should merge the init PaC PR successfully - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:459 @ 04/19/26 14:12:54.281 (1.623s) > Enter [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:12:54.281 < Exit [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:12:54.281 (0s) > Enter [It] should make change to the root folder - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:479 @ 04/19/26 14:12:54.282 PR #21083 got created with sha e5b75e952d2793b52fb80ca131c4ee70b96cefc9 < Exit [It] should make change to the root folder - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:479 @ 04/19/26 14:12:56.654 (2.372s) > Enter [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:12:56.654 < Exit [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:12:56.655 (0s) > Enter [It] should make change to the multiple-repo - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:497 @ 04/19/26 14:12:56.655 PR #8805 got created with sha 5a682e7f86a99e66eba38a4372fd950ce4dd86da < Exit [It] should make change to the multiple-repo - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:497 @ 04/19/26 14:12:58.432 (1.777s) > Enter [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:12:58.432 < Exit [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:12:58.432 (0s) > Enter [It] wait for the last components build to finish - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:513 @ 04/19/26 14:12:58.433 PipelineRun go-component-vygkmq-on-pull-request-qvlkp found for Component group-tmhy/go-component-vygkmq PipelineRun go-component-vygkmq-on-pull-request-qvlkp reason: Completed PipelineRun integration-resolver-pipelinerun-58sdg found for Component group-tmhy/python-component-ltwxkn PipelineRun integration-resolver-pipelinerun-58sdg reason: Succeeded PipelineRun integration-resolver-pipelinerun-7lkf9 found for Component group-tmhy/konflux-test-integration-clone-nzptub PipelineRun integration-resolver-pipelinerun-7lkf9 reason: Succeeded < Exit [It] wait for the last components build to finish - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:513 @ 04/19/26 14:12:58.475 (42ms) > Enter [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:12:58.475 < Exit [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:12:58.475 (0s) > Enter [It] wait for all component snapshots to be created with proper PR group annotations - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:521 @ 04/19/26 14:12:58.476 Component snapshot integ-app-hmxi-20260419-135154-000 has PR group annotation: konflux-go-component-vygkmq Component snapshot integ-app-hmxi-20260419-140221-000 is missing PR group annotation Component snapshot integ-app-hmxi-20260419-140225-000 has PR group annotation: konflux-python-component-ltwxkn Component snapshot integ-app-hmxi-20260419-140916-000 has PR group annotation: konflux-konflux-test-integration-clone-nzptub All component snapshots are ready with PR group annotations < Exit [It] wait for all component snapshots to be created with proper PR group annotations - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:521 @ 04/19/26 14:12:58.484 (8ms) > Enter [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:12:58.484 < Exit [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:12:58.484 (0s) > Enter [It] get all group snapshots and check if pr-group annotation contains all components - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:556 @ 04/19/26 14:12:58.485 Attempting to find group snapshots for application integ-app-hmxi in namespace group-tmhy Found 4 component snapshots: PR Groups found: map[konflux-go-component-vygkmq:1 konflux-konflux-test-integration-clone-nzptub:1 konflux-python-component-ltwxkn:1] No group snapshots found yet. Component snapshots may not have been processed by integration service controller yet. Attempting to find group snapshots for application integ-app-hmxi in namespace group-tmhy Found 4 component snapshots: PR Groups found: map[konflux-go-component-vygkmq:1 konflux-konflux-test-integration-clone-nzptub:1 konflux-python-component-ltwxkn:1] No group snapshots found yet. Component snapshots may not have been processed by integration service controller yet. Attempting to find group snapshots for application integ-app-hmxi in namespace group-tmhy Found 4 component snapshots: PR Groups found: map[konflux-go-component-vygkmq:1 konflux-konflux-test-integration-clone-nzptub:1 konflux-python-component-ltwxkn:1] No group snapshots found yet. Component snapshots may not have been processed by integration service controller yet. Attempting to find group snapshots for application integ-app-hmxi in namespace group-tmhy Found 5 component snapshots: PR Groups found: map[konflux-go-component-vygkmq:1 konflux-konflux-test-integration-clone-nzptub:1 konflux-python-component-ltwxkn:1] No group snapshots found yet. Component snapshots may not have been processed by integration service controller yet. Attempting to find group snapshots for application integ-app-hmxi in namespace group-tmhy Found 5 component snapshots: PR Groups found: map[konflux-go-component-vygkmq:1 konflux-konflux-test-integration-clone-nzptub:1 konflux-python-component-ltwxkn:1] No group snapshots found yet. Component snapshots may not have been processed by integration service controller yet. Attempting to find group snapshots for application integ-app-hmxi in namespace group-tmhy Found 5 component snapshots: PR Groups found: map[konflux-go-component-vygkmq:1 konflux-konflux-test-integration-clone-nzptub:1 konflux-python-component-ltwxkn:1] No group snapshots found yet. Component snapshots may not have been processed by integration service controller yet. Attempting to find group snapshots for application integ-app-hmxi in namespace group-tmhy Found 6 component snapshots: PR Groups found: map[konflux-go-component-vygkmq:1 konflux-konflux-test-integration-clone-nzptub:1 konflux-python-component-ltwxkn:1 pr-branch-nifekg:1] No group snapshots found yet. Component snapshots may not have been processed by integration service controller yet. Attempting to find group snapshots for application integ-app-hmxi in namespace group-tmhy Found 6 component snapshots: PR Groups found: map[konflux-go-component-vygkmq:1 konflux-konflux-test-integration-clone-nzptub:1 konflux-python-component-ltwxkn:1 pr-branch-nifekg:1] No group snapshots found yet. Component snapshots may not have been processed by integration service controller yet. Attempting to find group snapshots for application integ-app-hmxi in namespace group-tmhy Found 6 component snapshots: PR Groups found: map[konflux-go-component-vygkmq:1 konflux-konflux-test-integration-clone-nzptub:1 konflux-python-component-ltwxkn:1 pr-branch-nifekg:1] No group snapshots found yet. Component snapshots may not have been processed by integration service controller yet. Attempting to find group snapshots for application integ-app-hmxi in namespace group-tmhy Found 6 component snapshots: PR Groups found: map[konflux-go-component-vygkmq:1 konflux-konflux-test-integration-clone-nzptub:1 konflux-python-component-ltwxkn:1 pr-branch-nifekg:1] No group snapshots found yet. Component snapshots may not have been processed by integration service controller yet. Attempting to find group snapshots for application integ-app-hmxi in namespace group-tmhy Found 7 component snapshots: PR Groups found: map[konflux-go-component-vygkmq:1 konflux-konflux-test-integration-clone-nzptub:1 konflux-python-component-ltwxkn:1 pr-branch-nifekg:2] No group snapshots found yet. Component snapshots may not have been processed by integration service controller yet. Attempting to find group snapshots for application integ-app-hmxi in namespace group-tmhy Found 8 component snapshots: PR Groups found: map[konflux-go-component-vygkmq:1 konflux-konflux-test-integration-clone-nzptub:1 konflux-python-component-ltwxkn:1 pr-branch-nifekg:3] Found 1 group snapshots! Group Snapshot 0: integ-app-hmxi-20260419-141825-976 (type: group) Group Test Info: [{"namespace":"group-tmhy","component":"konflux-test-integration-clone-nzptub","buildPipelineRun":"konflux-test-integration-clone-nzptub-on-pull-request-5zdqc","snapshot":"integ-app-hmxi-20260419-141302-000","repoUrl":"https://github.com/redhat-appstudio-qe/konflux-test-integration-clone","pullRequestNumber":"8805"},{"namespace":"group-tmhy","component":"go-component-vygkmq","buildPipelineRun":"go-component-vygkmq-on-pull-request-w48sb","snapshot":"integ-app-hmxi-20260419-141301-000-e4","repoUrl":"https://github.com/redhat-appstudio-qe/group-snapshot-multi-component","pullRequestNumber":"21083"},{"namespace":"group-tmhy","component":"python-component-ltwxkn","buildPipelineRun":"python-component-ltwxkn-on-pull-request-b97xj","snapshot":"integ-app-hmxi-20260419-141301-000","repoUrl":"https://github.com/redhat-appstudio-qe/group-snapshot-multi-component","pullRequestNumber":"21083"}] Validating group test info annotation: [{"namespace":"group-tmhy","component":"konflux-test-integration-clone-nzptub","buildPipelineRun":"konflux-test-integration-clone-nzptub-on-pull-request-5zdqc","snapshot":"integ-app-hmxi-20260419-141302-000","repoUrl":"https://github.com/redhat-appstudio-qe/konflux-test-integration-clone","pullRequestNumber":"8805"},{"namespace":"group-tmhy","component":"go-component-vygkmq","buildPipelineRun":"go-component-vygkmq-on-pull-request-w48sb","snapshot":"integ-app-hmxi-20260419-141301-000-e4","repoUrl":"https://github.com/redhat-appstudio-qe/group-snapshot-multi-component","pullRequestNumber":"21083"},{"namespace":"group-tmhy","component":"python-component-ltwxkn","buildPipelineRun":"python-component-ltwxkn-on-pull-request-b97xj","snapshot":"integ-app-hmxi-20260419-141301-000","repoUrl":"https://github.com/redhat-appstudio-qe/group-snapshot-multi-component","pullRequestNumber":"21083"}] Group snapshot validation completed successfully < Exit [It] get all group snapshots and check if pr-group annotation contains all components - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:556 @ 04/19/26 14:18:28.986 (5m30.501s) > Enter [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:18:28.986 < Exit [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:18:28.986 (0s) > Enter [It] make sure that group snapshot contains last build pipelinerun for each component - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:635 @ 04/19/26 14:18:28.987 < Exit [It] make sure that group snapshot contains last build pipelinerun for each component - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:635 @ 04/19/26 14:18:29.201 (214ms) > Enter [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:18:29.202 < Exit [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:18:29.202 (0s) > Enter [It] make change to the multiple-repo to trigger a new cycle of testing - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:648 @ 04/19/26 14:18:29.202 < Exit [It] make change to the multiple-repo to trigger a new cycle of testing - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:648 @ 04/19/26 14:18:29.773 (570ms) > Enter [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:18:29.773 < Exit [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:18:29.773 (0s) > Enter [It] wait for the components A and B build to finish - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:654 @ 04/19/26 14:18:29.774 Waiting for build pipelineRun to be created for app group-tmhy/integ-app-hmxi, sha: 71f866ab63bc53b52ad83f74c52078bfeef319c7 PipelineRun go-component-vygkmq-on-pull-request-qvlkp found for Component group-tmhy/go-component-vygkmq PipelineRun go-component-vygkmq-on-pull-request-qvlkp reason: Completed PipelineRun integration-resolver-pipelinerun-58sdg found for Component group-tmhy/python-component-ltwxkn PipelineRun integration-resolver-pipelinerun-58sdg reason: Succeeded < Exit [It] wait for the components A and B build to finish - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:654 @ 04/19/26 14:18:29.812 (39ms) > Enter [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:18:29.813 < Exit [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:18:29.813 (0s) > Enter [It] get all component snapshots for component A and check if older snapshot has been cancelled - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:663 @ 04/19/26 14:18:29.814 < Exit [It] get all component snapshots for component A and check if older snapshot has been cancelled - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:663 @ 04/19/26 14:24:10.621 (5m40.807s) > Enter [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:24:10.621 < Exit [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:24:10.621 (0s) > Enter [It] get all group snapshots and check if older group snapshot is cancelled - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:690 @ 04/19/26 14:24:10.621 < Exit [It] get all group snapshots and check if older group snapshot is cancelled - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:690 @ 04/19/26 14:24:30.713 (20.092s) > Enter [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:24:30.713 < Exit [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:24:30.713 (0s) > Enter [It] verifies that ResolutionRequest is deleted after pipeline resolution - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:720 @ 04/19/26 14:24:30.714 < Exit [It] verifies that ResolutionRequest is deleted after pipeline resolution - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:720 @ 04/19/26 14:24:30.939 (225ms) > Enter [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:24:30.94 < Exit [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:24:30.94 (0s) > Enter [It] verifies that no orphaned ResolutionRequests remain in namespace after test completion - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:740 @ 04/19/26 14:24:30.94 < Exit [It] verifies that no orphaned ResolutionRequests remain in namespace after test completion - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:740 @ 04/19/26 14:24:31.157 (216ms) > Enter [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:24:31.157 < Exit [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:24:31.157 (0s) > Enter [BeforeAll] when IntegrationTestScenario reference to task as pipelinerun resolution - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:775 @ 04/19/26 14:24:31.157 < Exit [BeforeAll] when IntegrationTestScenario reference to task as pipelinerun resolution - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:775 @ 04/19/26 14:24:31.204 (46ms) > Enter [It] trigger pipelinerun for invalid integrationTestScenario by annotating snapshot and verify failing to create integration pipelinerun - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:780 @ 04/19/26 14:24:31.204 < Exit [It] trigger pipelinerun for invalid integrationTestScenario by annotating snapshot and verify failing to create integration pipelinerun - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:780 @ 04/19/26 14:24:51.27 (20.066s) > Enter [AfterAll] with status reporting of Integration tests in CheckRuns - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:149 @ 04/19/26 14:24:51.27 < Exit [AfterAll] with status reporting of Integration tests in CheckRuns - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:149 @ 04/19/26 14:24:56.97 (5.7s) > Enter [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:24:56.97 < Exit [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.Z3cR7n2baf/tests/integration-service/group-snapshots-tests.go:50 @ 04/19/26 14:24:56.97 (0s) > Enter [BeforeAll] component update with renovate - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:72 @ 04/19/26 13:50:24.269 ReleaseAdmissionPlan data: {"Mapping":{"Components":[{"Name":"gl-multi-component-parent-jxmg","Repository":"quay.io/redhat-appstudio-qe/release-repository"}]}} < Exit [BeforeAll] component update with renovate - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:72 @ 04/19/26 13:51:03.899 (39.63s) > Enter [It] creates component with nudges - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:235 @ 04/19/26 13:51:03.899 Image repository for component gl-multi-component-child-jxmg in namespace build-e2e-eqzd do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Image repository for component gl-multi-component-child-jxmg in namespace build-e2e-eqzd do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Image repository for component gl-multi-component-child-jxmg in namespace build-e2e-eqzd do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Image repository for component gl-multi-component-parent-jxmg in namespace build-e2e-eqzd do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. < Exit [It] creates component with nudges - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:235 @ 04/19/26 13:52:04.424 (1m0.525s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 13:52:04.424 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 13:52:04.424 (0s) > Enter [It] triggers a PipelineRun for parent component - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:259 @ 04/19/26 13:52:04.424 PipelineRun has not been created yet for the component build-e2e-eqzd/gl-multi-component-parent-jxmg PipelineRun has not been created yet for the component build-e2e-eqzd/gl-multi-component-parent-jxmg PipelineRun has not been created yet for the component build-e2e-eqzd/gl-multi-component-parent-jxmg < Exit [It] triggers a PipelineRun for parent component - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:259 @ 04/19/26 13:53:04.487 (1m0.063s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 13:53:04.487 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 13:53:04.487 (0s) > Enter [It] the PipelineRun should eventually finish successfully for parent component - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:274 @ 04/19/26 13:53:04.488 PipelineRun gl-multi-component-parent-jxmg-on-pull-request-jjrmg found for Component build-e2e-eqzd/gl-multi-component-parent-jxmg PipelineRun gl-multi-component-parent-jxmg-on-pull-request-jjrmg reason: Running PipelineRun gl-multi-component-parent-jxmg-on-pull-request-jjrmg reason: Running PipelineRun gl-multi-component-parent-jxmg-on-pull-request-jjrmg reason: Running PipelineRun gl-multi-component-parent-jxmg-on-pull-request-jjrmg reason: Running PipelineRun gl-multi-component-parent-jxmg-on-pull-request-jjrmg reason: Running PipelineRun gl-multi-component-parent-jxmg-on-pull-request-jjrmg reason: Running PipelineRun gl-multi-component-parent-jxmg-on-pull-request-jjrmg reason: Running PipelineRun gl-multi-component-parent-jxmg-on-pull-request-jjrmg reason: Running PipelineRun gl-multi-component-parent-jxmg-on-pull-request-jjrmg reason: Running PipelineRun gl-multi-component-parent-jxmg-on-pull-request-jjrmg reason: Running PipelineRun gl-multi-component-parent-jxmg-on-pull-request-jjrmg reason: Running PipelineRun gl-multi-component-parent-jxmg-on-pull-request-jjrmg reason: Running PipelineRun gl-multi-component-parent-jxmg-on-pull-request-jjrmg reason: Running PipelineRun gl-multi-component-parent-jxmg-on-pull-request-jjrmg reason: Running PipelineRun gl-multi-component-parent-jxmg-on-pull-request-jjrmg reason: Running PipelineRun gl-multi-component-parent-jxmg-on-pull-request-jjrmg reason: Running PipelineRun gl-multi-component-parent-jxmg-on-pull-request-jjrmg reason: Running PipelineRun gl-multi-component-parent-jxmg-on-pull-request-jjrmg reason: Running PipelineRun gl-multi-component-parent-jxmg-on-pull-request-jjrmg reason: Running PipelineRun gl-multi-component-parent-jxmg-on-pull-request-jjrmg reason: Running PipelineRun gl-multi-component-parent-jxmg-on-pull-request-jjrmg reason: Running PipelineRun gl-multi-component-parent-jxmg-on-pull-request-jjrmg reason: Running PipelineRun gl-multi-component-parent-jxmg-on-pull-request-jjrmg reason: Running PipelineRun gl-multi-component-parent-jxmg-on-pull-request-jjrmg reason: Completed < Exit [It] the PipelineRun should eventually finish successfully for parent component - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:274 @ 04/19/26 14:00:44.51 (7m40.022s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 14:00:44.51 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 14:00:44.51 (0s) > Enter [It] the PipelineRun should eventually finish successfully for child component - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:285 @ 04/19/26 14:00:44.51 PipelineRun gl-multi-component-child-jxmg-on-pull-request-7779h found for Component build-e2e-eqzd/gl-multi-component-child-jxmg PipelineRun gl-multi-component-child-jxmg-on-pull-request-7779h reason: Failed attempt 1/3: PipelineRun "gl-multi-component-child-jxmg-on-pull-request-7779h" failed: pod: gl-multi-component-child-jxmg-on-pull-request-7779h-init-pod | init container: prepare 2026/04/19 13:52:53 Entrypoint initialization pod: gl-multi-component-child-jxmg-on-pull-request-7779h-init-pod | container step-init: time="2026-04-19T13:52:56Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-19T13:52:56Z" level=info msg="[param] enable: false" time="2026-04-19T13:52:56Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-19T13:52:56Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-19T13:52:56Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-19T13:52:56Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-19T13:52:56Z" level=info msg="Cache proxy is disabled in param or in backend" time="2026-04-19T13:52:56Z" level=info msg="[result] HTTP PROXY: " time="2026-04-19T13:52:56Z" level=info msg="[result] NO PROXY: " New PipelineRun gl-multi-component-child-jxmg-on-pull-request-rbt7p found after retrigger for component build-e2e-eqzd/gl-multi-component-child-jxmg PipelineRun gl-multi-component-child-jxmg-on-pull-request-rbt7p found for Component build-e2e-eqzd/gl-multi-component-child-jxmg PipelineRun gl-multi-component-child-jxmg-on-pull-request-rbt7p reason: ResolvingTaskRef PipelineRun gl-multi-component-child-jxmg-on-pull-request-rbt7p reason: Running PipelineRun gl-multi-component-child-jxmg-on-pull-request-rbt7p reason: Running PipelineRun gl-multi-component-child-jxmg-on-pull-request-rbt7p reason: Running PipelineRun gl-multi-component-child-jxmg-on-pull-request-rbt7p reason: Running PipelineRun gl-multi-component-child-jxmg-on-pull-request-rbt7p reason: Running PipelineRun gl-multi-component-child-jxmg-on-pull-request-rbt7p reason: Completed < Exit [It] the PipelineRun should eventually finish successfully for child component - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:285 @ 04/19/26 14:02:57.293 (2m12.783s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 14:02:57.293 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 14:02:57.293 (0s) > Enter [It] should lead to a PaC PR creation for child component - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:289 @ 04/19/26 14:02:57.294 < Exit [It] should lead to a PaC PR creation for child component - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:289 @ 04/19/26 14:02:57.55 (256ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 14:02:57.55 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 14:02:57.55 (0s) > Enter [It] Merging the PaC PR should be successful for child component - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:307 @ 04/19/26 14:02:57.551 merged result sha: 2994c14d75c981fbaf122fd89612ac520f863c73 for PR #1 < Exit [It] Merging the PaC PR should be successful for child component - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:307 @ 04/19/26 14:02:58.973 (1.423s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 14:02:58.974 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 14:02:58.974 (0s) > Enter [It] create dockerfile and yaml manifest that references build and distribution repositories - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:318 @ 04/19/26 14:02:58.974 < Exit [It] create dockerfile and yaml manifest that references build and distribution repositories - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:318 @ 04/19/26 14:04:06.423 (1m7.449s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 14:04:06.424 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 14:04:06.424 (0s) > Enter [It] should lead to a PaC PR creation for parent component - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:358 @ 04/19/26 14:04:06.424 < Exit [It] should lead to a PaC PR creation for parent component - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:358 @ 04/19/26 14:04:06.645 (221ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 14:04:06.645 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 14:04:06.645 (0s) > Enter [It] Merging the PaC PR should be successful for parent component - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:375 @ 04/19/26 14:04:06.646 merged result sha: 8c9fe5180ccd55cd83e8717abf6e08237424c496 for PR #1 < Exit [It] Merging the PaC PR should be successful for parent component - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:375 @ 04/19/26 14:04:08.203 (1.557s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 14:04:08.203 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 14:04:08.203 (0s) > Enter [It] PR merge triggers PAC PipelineRun for parent component - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:385 @ 04/19/26 14:04:08.204 Push PipelineRun has not been created yet for the component build-e2e-eqzd/gl-multi-component-parent-jxmg < Exit [It] PR merge triggers PAC PipelineRun for parent component - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:385 @ 04/19/26 14:04:28.232 (20.028s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 14:04:28.232 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 14:04:28.232 (0s) > Enter [It] PAC PipelineRun for parent component is successful - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:401 @ 04/19/26 14:04:28.232 PipelineRun gl-multi-component-parent-jxmg-on-push-l9vz9 found for Component build-e2e-eqzd/gl-multi-component-parent-jxmg PipelineRun gl-multi-component-parent-jxmg-on-push-l9vz9 reason: Running PipelineRun gl-multi-component-parent-jxmg-on-push-l9vz9 reason: Running PipelineRun gl-multi-component-parent-jxmg-on-push-l9vz9 reason: Running PipelineRun gl-multi-component-parent-jxmg-on-push-l9vz9 reason: Running PipelineRun gl-multi-component-parent-jxmg-on-push-l9vz9 reason: Running PipelineRun gl-multi-component-parent-jxmg-on-push-l9vz9 reason: Running PipelineRun gl-multi-component-parent-jxmg-on-push-l9vz9 reason: Running PipelineRun gl-multi-component-parent-jxmg-on-push-l9vz9 reason: Running PipelineRun gl-multi-component-parent-jxmg-on-push-l9vz9 reason: Completed < Exit [It] PAC PipelineRun for parent component is successful - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:401 @ 04/19/26 14:07:08.25 (2m40.018s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 14:07:08.25 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 14:07:08.25 (0s) [FAILED] Timed out after 1200.001s. timed out when waiting for component nudge PR to be created in build-nudge-child-ntuagw repository Expected <bool>: false to be true In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:427 @ 04/19/26 14:27:08.252 > Enter [It] should lead to a nudge PR creation for child component - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:412 @ 04/19/26 14:07:08.251 [FAILED] Timed out after 1200.001s. timed out when waiting for component nudge PR to be created in build-nudge-child-ntuagw repository Expected <bool>: false to be true In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:427 @ 04/19/26 14:27:08.252 < Exit [It] should lead to a nudge PR creation for child component - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:412 @ 04/19/26 14:27:08.252 (20m0.001s) > Enter [AfterAll] component update with renovate - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:214 @ 04/19/26 14:27:08.252 < Exit [AfterAll] component update with renovate - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:214 @ 04/19/26 14:27:24.321 (16.069s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 14:27:24.321 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 14:27:24.593 (272ms) [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:429 @ 04/19/26 14:27:24.594 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:440 @ 04/19/26 14:27:24.594 > Enter [BeforeAll] component update with renovate - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:72 @ 04/19/26 13:50:24.269 ReleaseAdmissionPlan data: {"Mapping":{"Components":[{"Name":"gh-multi-component-parent-slac","Repository":"quay.io/redhat-appstudio-qe/release-repository"}]}} < Exit [BeforeAll] component update with renovate - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:72 @ 04/19/26 13:51:03.634 (39.365s) > Enter [It] creates component with nudges - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:235 @ 04/19/26 13:51:03.634 Image repository for component gh-multi-component-child-slac in namespace build-e2e-fyrv do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Image repository for component gh-multi-component-child-slac in namespace build-e2e-fyrv do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Image repository for component gh-multi-component-parent-slac in namespace build-e2e-fyrv do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Image repository for component gh-multi-component-parent-slac in namespace build-e2e-fyrv do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. < Exit [It] creates component with nudges - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:235 @ 04/19/26 13:51:53.738 (50.104s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 13:51:53.738 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 13:51:53.739 (0s) > Enter [It] triggers a PipelineRun for parent component - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:259 @ 04/19/26 13:51:53.74 PipelineRun has not been created yet for the component build-e2e-fyrv/gh-multi-component-parent-slac PipelineRun has not been created yet for the component build-e2e-fyrv/gh-multi-component-parent-slac < Exit [It] triggers a PipelineRun for parent component - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:259 @ 04/19/26 13:52:53.811 (1m0.071s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 13:52:53.811 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 13:52:53.811 (0s) > Enter [It] the PipelineRun should eventually finish successfully for parent component - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:274 @ 04/19/26 13:52:53.812 PipelineRun gh-multi-component-parent-slac-on-pull-request-vr85v found for Component build-e2e-fyrv/gh-multi-component-parent-slac PipelineRun gh-multi-component-parent-slac-on-pull-request-vr85v reason: Running PipelineRun gh-multi-component-parent-slac-on-pull-request-vr85v reason: Running PipelineRun gh-multi-component-parent-slac-on-pull-request-vr85v reason: Running PipelineRun gh-multi-component-parent-slac-on-pull-request-vr85v reason: Running PipelineRun gh-multi-component-parent-slac-on-pull-request-vr85v reason: Running PipelineRun gh-multi-component-parent-slac-on-pull-request-vr85v reason: Running PipelineRun gh-multi-component-parent-slac-on-pull-request-vr85v reason: Running PipelineRun gh-multi-component-parent-slac-on-pull-request-vr85v reason: Running PipelineRun gh-multi-component-parent-slac-on-pull-request-vr85v reason: Running PipelineRun gh-multi-component-parent-slac-on-pull-request-vr85v reason: Running PipelineRun gh-multi-component-parent-slac-on-pull-request-vr85v reason: Running PipelineRun gh-multi-component-parent-slac-on-pull-request-vr85v reason: Running PipelineRun gh-multi-component-parent-slac-on-pull-request-vr85v reason: Running PipelineRun gh-multi-component-parent-slac-on-pull-request-vr85v reason: Running PipelineRun gh-multi-component-parent-slac-on-pull-request-vr85v reason: PipelineRunStopping PipelineRun gh-multi-component-parent-slac-on-pull-request-vr85v reason: PipelineRunStopping PipelineRun gh-multi-component-parent-slac-on-pull-request-vr85v reason: PipelineRunStopping PipelineRun gh-multi-component-parent-slac-on-pull-request-vr85v reason: PipelineRunStopping PipelineRun gh-multi-component-parent-slac-on-pull-request-vr85v reason: PipelineRunStopping PipelineRun gh-multi-component-parent-slac-on-pull-request-vr85v reason: PipelineRunStopping PipelineRun gh-multi-component-parent-slac-on-pull-request-vr85v reason: PipelineRunStopping PipelineRun gh-multi-component-parent-slac-on-pull-request-vr85v reason: PipelineRunStopping PipelineRun gh-multi-component-parent-slac-on-pull-request-vr85v reason: PipelineRunStopping PipelineRun gh-multi-component-parent-slac-on-pull-request-vr85v reason: Failed attempt 1/3: PipelineRun "gh-multi-component-parent-slac-on-pull-request-vr85v" failed: pod: gh-multi-component-parent-slac-on-pull-request-vr85v-init-pod | init container: prepare 2026/04/19 13:52:47 Entrypoint initialization pod: gh-multi-component-parent-slac-on-pull-request-vr85v-init-pod | container step-init: time="2026-04-19T13:52:50Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-19T13:52:50Z" level=info msg="[param] enable: false" time="2026-04-19T13:52:50Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-19T13:52:50Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-19T13:52:50Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-19T13:52:50Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-19T13:52:50Z" level=info msg="Cache proxy is disabled in param or in backend" time="2026-04-19T13:52:50Z" level=info msg="[result] HTTP PROXY: " time="2026-04-19T13:52:50Z" level=info msg="[result] NO PROXY: " New PipelineRun gh-multi-component-parent-slac-on-pull-request-h8sxt found after retrigger for component build-e2e-fyrv/gh-multi-component-parent-slac PipelineRun gh-multi-component-parent-slac-on-pull-request-h8sxt found for Component build-e2e-fyrv/gh-multi-component-parent-slac PipelineRun gh-multi-component-parent-slac-on-pull-request-h8sxt reason: Running PipelineRun gh-multi-component-parent-slac-on-pull-request-h8sxt reason: Running PipelineRun gh-multi-component-parent-slac-on-pull-request-h8sxt reason: Running PipelineRun gh-multi-component-parent-slac-on-pull-request-h8sxt reason: Running PipelineRun gh-multi-component-parent-slac-on-pull-request-h8sxt reason: Running PipelineRun gh-multi-component-parent-slac-on-pull-request-h8sxt reason: Running PipelineRun gh-multi-component-parent-slac-on-pull-request-h8sxt reason: Completed < Exit [It] the PipelineRun should eventually finish successfully for parent component - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:274 @ 04/19/26 14:02:44.623 (9m50.811s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 14:02:44.623 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 14:02:44.624 (0s) > Enter [It] the PipelineRun should eventually finish successfully for child component - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:285 @ 04/19/26 14:02:44.624 PipelineRun gh-multi-component-child-slac-on-pull-request-qqff7 found for Component build-e2e-fyrv/gh-multi-component-child-slac PipelineRun gh-multi-component-child-slac-on-pull-request-qqff7 reason: Failed attempt 1/3: PipelineRun "gh-multi-component-child-slac-on-pull-request-qqff7" failed: pod: gh-multi-component-child-slac-on-pull-request-qqff7-init-pod | init container: prepare 2026/04/19 13:52:19 Entrypoint initialization pod: gh-multi-component-child-slac-on-pull-request-qqff7-init-pod | container step-init: time="2026-04-19T13:52:21Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-19T13:52:21Z" level=info msg="[param] enable: false" time="2026-04-19T13:52:21Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-19T13:52:21Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-19T13:52:21Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-19T13:52:21Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-19T13:52:21Z" level=info msg="Cache proxy is disabled in param or in backend" time="2026-04-19T13:52:21Z" level=info msg="[result] HTTP PROXY: " time="2026-04-19T13:52:21Z" level=info msg="[result] NO PROXY: " New PipelineRun gh-multi-component-child-slac-on-pull-request-m2sx9 found after retrigger for component build-e2e-fyrv/gh-multi-component-child-slac PipelineRun gh-multi-component-child-slac-on-pull-request-m2sx9 found for Component build-e2e-fyrv/gh-multi-component-child-slac PipelineRun gh-multi-component-child-slac-on-pull-request-m2sx9 reason: ResolvingTaskRef PipelineRun gh-multi-component-child-slac-on-pull-request-m2sx9 reason: Running PipelineRun gh-multi-component-child-slac-on-pull-request-m2sx9 reason: Running PipelineRun gh-multi-component-child-slac-on-pull-request-m2sx9 reason: Running PipelineRun gh-multi-component-child-slac-on-pull-request-m2sx9 reason: Running PipelineRun gh-multi-component-child-slac-on-pull-request-m2sx9 reason: Running PipelineRun gh-multi-component-child-slac-on-pull-request-m2sx9 reason: Running PipelineRun gh-multi-component-child-slac-on-pull-request-m2sx9 reason: Completed < Exit [It] the PipelineRun should eventually finish successfully for child component - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:285 @ 04/19/26 14:05:15.633 (2m31.009s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 14:05:15.633 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 14:05:15.633 (0s) > Enter [It] should lead to a PaC PR creation for child component - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:289 @ 04/19/26 14:05:15.634 < Exit [It] should lead to a PaC PR creation for child component - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:289 @ 04/19/26 14:05:15.841 (208ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 14:05:15.841 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 14:05:15.841 (0s) > Enter [It] Merging the PaC PR should be successful for child component - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:307 @ 04/19/26 14:05:15.842 merged result sha: 83ed1fd685a4fdc18907b56dc5ef238726062a46 for PR #1 < Exit [It] Merging the PaC PR should be successful for child component - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:307 @ 04/19/26 14:05:17.33 (1.488s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 14:05:17.331 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 14:05:17.331 (0s) > Enter [It] create dockerfile and yaml manifest that references build and distribution repositories - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:318 @ 04/19/26 14:05:17.332 < Exit [It] create dockerfile and yaml manifest that references build and distribution repositories - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:318 @ 04/19/26 14:05:21.948 (4.617s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 14:05:21.948 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 14:05:21.948 (0s) > Enter [It] should lead to a PaC PR creation for parent component - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:358 @ 04/19/26 14:05:21.949 < Exit [It] should lead to a PaC PR creation for parent component - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:358 @ 04/19/26 14:05:22.102 (153ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 14:05:22.102 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 14:05:22.102 (0s) > Enter [It] Merging the PaC PR should be successful for parent component - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:375 @ 04/19/26 14:05:22.103 merged result sha: d22ac246d67329717e25989a910df24172f98baa for PR #1 < Exit [It] Merging the PaC PR should be successful for parent component - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:375 @ 04/19/26 14:05:23.643 (1.541s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 14:05:23.644 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 14:05:23.644 (0s) > Enter [It] PR merge triggers PAC PipelineRun for parent component - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:385 @ 04/19/26 14:05:23.644 Push PipelineRun has not been created yet for the component build-e2e-fyrv/gh-multi-component-parent-slac < Exit [It] PR merge triggers PAC PipelineRun for parent component - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:385 @ 04/19/26 14:05:43.686 (20.042s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 14:05:43.686 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 14:05:43.686 (0s) > Enter [It] PAC PipelineRun for parent component is successful - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:401 @ 04/19/26 14:05:43.686 PipelineRun gh-multi-component-parent-slac-on-push-jsvcq found for Component build-e2e-fyrv/gh-multi-component-parent-slac PipelineRun gh-multi-component-parent-slac-on-push-jsvcq reason: ResolvingTaskRef PipelineRun gh-multi-component-parent-slac-on-push-jsvcq reason: Running PipelineRun gh-multi-component-parent-slac-on-push-jsvcq reason: Running PipelineRun gh-multi-component-parent-slac-on-push-jsvcq reason: Running PipelineRun gh-multi-component-parent-slac-on-push-jsvcq reason: Running PipelineRun gh-multi-component-parent-slac-on-push-jsvcq reason: Running PipelineRun gh-multi-component-parent-slac-on-push-jsvcq reason: Completed < Exit [It] PAC PipelineRun for parent component is successful - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:401 @ 04/19/26 14:07:43.701 (2m0.014s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 14:07:43.701 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 14:07:43.701 (0s) [FAILED] Timed out after 1200.001s. timed out when waiting for component nudge PR to be created in build-nudge-child-eyrrdk repository Expected <bool>: false to be true In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:427 @ 04/19/26 14:27:43.703 > Enter [It] should lead to a nudge PR creation for child component - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:412 @ 04/19/26 14:07:43.702 [FAILED] Timed out after 1200.001s. timed out when waiting for component nudge PR to be created in build-nudge-child-eyrrdk repository Expected <bool>: false to be true In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:427 @ 04/19/26 14:27:43.703 < Exit [It] should lead to a nudge PR creation for child component - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:412 @ 04/19/26 14:27:43.703 (20m0.001s) > Enter [AfterAll] component update with renovate - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:214 @ 04/19/26 14:27:43.703 < Exit [AfterAll] component update with renovate - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:214 @ 04/19/26 14:27:59.755 (16.052s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 14:27:59.755 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:28 @ 04/19/26 14:28:00.021 (266ms) [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:429 @ 04/19/26 14:28:00.022 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.Z3cR7n2baf/tests/build/renovate.go:440 @ 04/19/26 14:28:00.022