[FAILED] Timed out after 1200.001s. timed out when waiting for the PipelineRun to start for the Component build-e2e-eqjr/test-symlink-comp-pnms Expected success, but got an error: <*errors.errorString | 0xc000eb4370>: no pipelinerun found for component test-symlink-comp-pnms { s: "no pipelinerun found for component test-symlink-comp-pnms", } In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:200 @ 04/20/26 19:35:14.686 There were additional failures detected after the initial failure. These are visible in the timeline > Enter [BeforeAll] HACBS pipelines - /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:237 @ 04/20/26 19:14:00.456 "level"=0 "msg"="found credentials for image ref quay.io/redhat-appstudio-qe/test-images:pipeline-bundle-1776712446-azvu -> user: redhat-appstudio-qe+redhat_appstudio_quality" Created component for scenario sample-python-basic-oci: component: test-comp-jobv, repo: https://github.com/redhat-appstudio-qe/devfile-sample-python-basic, baseBranchName: base-nxcdon, pacBranchName: konflux-test-comp-jobv "level"=0 "msg"="found credentials for image ref quay.io/redhat-appstudio-qe/test-images:pipeline-bundle-1776712459-llbc -> user: redhat-appstudio-qe+redhat_appstudio_quality" Created component for scenario sample-python-basic-oci: component: test-comp-qvnh, repo: https://github.com/redhat-appstudio-qe/devfile-sample-python-basic, baseBranchName: base-jhlkmc, pacBranchName: konflux-test-comp-qvnh "level"=0 "msg"="found credentials for image ref quay.io/redhat-appstudio-qe/test-images:pipeline-bundle-1776712472-pinr -> user: redhat-appstudio-qe+redhat_appstudio_quality" Image repository for component test-comp-cknl in namespace build-e2e-eqjr do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Created component for scenario sample-python-basic-oci: component: test-comp-cknl, repo: https://github.com/redhat-appstudio-qe/devfile-sample-python-basic, baseBranchName: base-pzfsow, pacBranchName: konflux-test-comp-cknl Image repository for component test-symlink-comp-pnms in namespace build-e2e-eqjr do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Created component for scenario sample-python-basic-oci: component: test-symlink-comp-pnms, repo: https://github.com/redhat-appstudio-qe/devfile-sample-python-basic, baseBranchName: base-oguozi, pacBranchName: konflux-test-symlink-comp-pnms < Exit [BeforeAll] HACBS pipelines - /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:237 @ 04/20/26 19:15:14.684 (1m14.228s) > Enter [It] triggers PipelineRun for symlink component with source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic with component name test-symlink-comp-pnms - /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:325 @ 04/20/26 19:15:14.684 PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms [FAILED] Timed out after 1200.001s. timed out when waiting for the PipelineRun to start for the Component build-e2e-eqjr/test-symlink-comp-pnms Expected success, but got an error: <*errors.errorString | 0xc000eb4370>: no pipelinerun found for component test-symlink-comp-pnms { s: "no pipelinerun found for component test-symlink-comp-pnms", } In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:200 @ 04/20/26 19:35:14.686 < Exit [It] triggers PipelineRun for symlink component with source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic with component name test-symlink-comp-pnms - /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:325 @ 04/20/26 19:35:14.686 (20m0.002s) > Enter [AfterAll] HACBS pipelines - /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:271 @ 04/20/26 19:35:14.686 error while getting pipelineruns: no pipelinerun found for application test-app-nxdqerror while getting pipelineruns: no pipelinerun found for application test-app-nxdqerror while getting pipelineruns: no pipelinerun found for application test-app-nxdqerror while getting pipelineruns: no pipelinerun found for application test-app-nxdqerror while getting pipelineruns: no pipelinerun found for application test-app-nxdqerror while getting pipelineruns: no pipelinerun found for application test-app-nxdq [FAILED] Timed out after 60.000s. timed out when trying to remove the e2e-test finalizer from pipelineruns Expected success, but got an error: <*errors.errorString | 0xc001b86e90>: no pipelinerun found for application test-app-nxdq { s: "no pipelinerun found for application test-app-nxdq", } In [AfterAll] at: /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:289 @ 04/20/26 19:36:14.686 < Exit [AfterAll] HACBS pipelines - /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:271 @ 04/20/26 19:36:14.686 (1m0s) > Enter [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:207 @ 04/20/26 19:36:14.687 < Exit [AfterEach] [build-service-suite Build templates E2E test] - /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:207 @ 04/20/26 19:36:14.892 (205ms) [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:338 @ 04/20/26 19:36:14.893 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:338 @ 04/20/26 19:36:14.893 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:338 @ 04/20/26 19:36:14.893 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:356 @ 04/20/26 19:36:14.893 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:366 @ 04/20/26 19:36:14.894 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:378 @ 04/20/26 19:36:14.894 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:395 @ 04/20/26 19:36:14.894 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:420 @ 04/20/26 19:36:14.894 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:498 @ 04/20/26 19:36:14.894 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:540 @ 04/20/26 19:36:14.895 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:661 @ 04/20/26 19:36:14.895 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:356 @ 04/20/26 19:36:14.895 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:366 @ 04/20/26 19:36:14.896 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:378 @ 04/20/26 19:36:14.896 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:395 @ 04/20/26 19:36:14.896 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:420 @ 04/20/26 19:36:14.896 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:498 @ 04/20/26 19:36:14.896 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:540 @ 04/20/26 19:36:14.897 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:661 @ 04/20/26 19:36:14.897 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:356 @ 04/20/26 19:36:14.897 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:366 @ 04/20/26 19:36:14.897 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:378 @ 04/20/26 19:36:14.898 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:395 @ 04/20/26 19:36:14.898 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:420 @ 04/20/26 19:36:14.898 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:498 @ 04/20/26 19:36:14.898 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:540 @ 04/20/26 19:36:14.899 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:661 @ 04/20/26 19:36:14.899 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:816 @ 04/20/26 19:36:14.899 > Enter [BeforeAll] test build annotations - /tmp/tmp.VA2UVYReoU/tests/build/annotations.go:35 @ 04/20/26 19:14:00.459 < Exit [BeforeAll] test build annotations - /tmp/tmp.VA2UVYReoU/tests/build/annotations.go:35 @ 04/20/26 19:14:25.351 (24.892s) > Enter [BeforeAll] when component is created with invalid build request annotations - /tmp/tmp.VA2UVYReoU/tests/build/annotations.go:69 @ 04/20/26 19:14:25.351 Image repository for component test-annotations-appsdq in namespace build-e2e-atdo do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. < Exit [BeforeAll] when component is created with invalid build request annotations - /tmp/tmp.VA2UVYReoU/tests/build/annotations.go:69 @ 04/20/26 19:14:35.942 (10.591s) > Enter [It] handles invalid request annotation - /tmp/tmp.VA2UVYReoU/tests/build/annotations.go:89 @ 04/20/26 19:14:35.942 build status annotation value: {"message":"unexpected build request: foo"} < Exit [It] handles invalid request annotation - /tmp/tmp.VA2UVYReoU/tests/build/annotations.go:89 @ 04/20/26 19:15:35.953 (1m0.011s) > Enter [AfterAll] test build annotations - /tmp/tmp.VA2UVYReoU/tests/build/annotations.go:51 @ 04/20/26 19:15:35.953 < Exit [AfterAll] test build annotations - /tmp/tmp.VA2UVYReoU/tests/build/annotations.go:51 @ 04/20/26 19:15:38.004 (2.051s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/annotations.go:24 @ 04/20/26 19:15:38.004 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/annotations.go:24 @ 04/20/26 19:15:38.004 (0s) > Enter [BeforeAll] [release-service-suite [HACBS-2360] Release CR fails when missing ReleasePlan and ReleasePlanAdmission.] - /tmp/tmp.VA2UVYReoU/tests/release/service/missing_release_plan_and_admission.go:34 @ 04/20/26 19:14:00.659 < Exit [BeforeAll] [release-service-suite [HACBS-2360] Release CR fails when missing ReleasePlan and ReleasePlanAdmission.] - /tmp/tmp.VA2UVYReoU/tests/release/service/missing_release_plan_and_admission.go:34 @ 04/20/26 19:14:57.421 (56.762s) > Enter [It] missing ReleasePlan makes a Release CR set as failed in both IsReleased and IsValid with a proper message to user. - /tmp/tmp.VA2UVYReoU/tests/release/service/missing_release_plan_and_admission.go:66 @ 04/20/26 19:14:57.421 < Exit [It] missing ReleasePlan makes a Release CR set as failed in both IsReleased and IsValid with a proper message to user. - /tmp/tmp.VA2UVYReoU/tests/release/service/missing_release_plan_and_admission.go:66 @ 04/20/26 19:14:57.537 (116ms) > Enter [AfterEach] [release-service-suite [HACBS-2360] Release CR fails when missing ReleasePlan and ReleasePlanAdmission.] - /tmp/tmp.VA2UVYReoU/tests/release/service/missing_release_plan_and_admission.go:32 @ 04/20/26 19:14:57.537 < Exit [AfterEach] [release-service-suite [HACBS-2360] Release CR fails when missing ReleasePlan and ReleasePlanAdmission.] - /tmp/tmp.VA2UVYReoU/tests/release/service/missing_release_plan_and_admission.go:32 @ 04/20/26 19:14:57.537 (0s) > Enter [It] missing ReleasePlanAdmission makes a Release CR set as failed in both IsReleased and IsValid with a proper message to user. - /tmp/tmp.VA2UVYReoU/tests/release/service/missing_release_plan_and_admission.go:76 @ 04/20/26 19:14:57.538 < Exit [It] missing ReleasePlanAdmission makes a Release CR set as failed in both IsReleased and IsValid with a proper message to user. - /tmp/tmp.VA2UVYReoU/tests/release/service/missing_release_plan_and_admission.go:76 @ 04/20/26 19:14:57.558 (20ms) > Enter [AfterEach] [release-service-suite [HACBS-2360] Release CR fails when missing ReleasePlan and ReleasePlanAdmission.] - /tmp/tmp.VA2UVYReoU/tests/release/service/missing_release_plan_and_admission.go:32 @ 04/20/26 19:14:57.558 < Exit [AfterEach] [release-service-suite [HACBS-2360] Release CR fails when missing ReleasePlan and ReleasePlanAdmission.] - /tmp/tmp.VA2UVYReoU/tests/release/service/missing_release_plan_and_admission.go:32 @ 04/20/26 19:14:57.558 (0s) > Enter [AfterAll] [release-service-suite [HACBS-2360] Release CR fails when missing ReleasePlan and ReleasePlanAdmission.] - /tmp/tmp.VA2UVYReoU/tests/release/service/missing_release_plan_and_admission.go:58 @ 04/20/26 19:14:57.558 < Exit [AfterAll] [release-service-suite [HACBS-2360] Release CR fails when missing ReleasePlan and ReleasePlanAdmission.] - /tmp/tmp.VA2UVYReoU/tests/release/service/missing_release_plan_and_admission.go:58 @ 04/20/26 19:15:41.636 (44.077s) > Enter [BeforeAll] [release-service-suite [RELEASE-2136] Release CR fails when block-releases true in ReleasePlanAdmission.] - /tmp/tmp.VA2UVYReoU/tests/release/service/block_releases_release_plan_admission.go:34 @ 04/20/26 19:14:00.659 < Exit [BeforeAll] [release-service-suite [RELEASE-2136] Release CR fails when block-releases true in ReleasePlanAdmission.] - /tmp/tmp.VA2UVYReoU/tests/release/service/block_releases_release_plan_admission.go:34 @ 04/20/26 19:15:02.384 (1m1.725s) > Enter [It] block-releases true in ReleasePlanAdmission makes a Release CR set as failed in both IsReleased and IsValid with a proper message to user. - /tmp/tmp.VA2UVYReoU/tests/release/service/block_releases_release_plan_admission.go:69 @ 04/20/26 19:15:02.384 < Exit [It] block-releases true in ReleasePlanAdmission makes a Release CR set as failed in both IsReleased and IsValid with a proper message to user. - /tmp/tmp.VA2UVYReoU/tests/release/service/block_releases_release_plan_admission.go:69 @ 04/20/26 19:15:02.531 (147ms) > Enter [AfterEach] [release-service-suite [RELEASE-2136] Release CR fails when block-releases true in ReleasePlanAdmission.] - /tmp/tmp.VA2UVYReoU/tests/release/service/block_releases_release_plan_admission.go:32 @ 04/20/26 19:15:02.532 < Exit [AfterEach] [release-service-suite [RELEASE-2136] Release CR fails when block-releases true in ReleasePlanAdmission.] - /tmp/tmp.VA2UVYReoU/tests/release/service/block_releases_release_plan_admission.go:32 @ 04/20/26 19:15:02.532 (0s) > Enter [AfterAll] [release-service-suite [RELEASE-2136] Release CR fails when block-releases true in ReleasePlanAdmission.] - /tmp/tmp.VA2UVYReoU/tests/release/service/block_releases_release_plan_admission.go:61 @ 04/20/26 19:15:02.532 < Exit [AfterAll] [release-service-suite [RELEASE-2136] Release CR fails when block-releases true in ReleasePlanAdmission.] - /tmp/tmp.VA2UVYReoU/tests/release/service/block_releases_release_plan_admission.go:61 @ 04/20/26 19:15:43.674 (41.142s) > Enter [BeforeAll] [release-service-suite Release service tenant pipeline] - /tmp/tmp.VA2UVYReoU/tests/release/service/tenant_pipelines.go:41 @ 04/20/26 19:14:00.456 snapshotPush.Name: %s snapshot-sample-eahb < Exit [BeforeAll] [release-service-suite Release service tenant pipeline] - /tmp/tmp.VA2UVYReoU/tests/release/service/tenant_pipelines.go:41 @ 04/20/26 19:14:23.74 (23.284s) > Enter [It] verifies that a Release CR should have been created in the dev namespace - /tmp/tmp.VA2UVYReoU/tests/release/service/tenant_pipelines.go:110 @ 04/20/26 19:14:23.741 < Exit [It] verifies that a Release CR should have been created in the dev namespace - /tmp/tmp.VA2UVYReoU/tests/release/service/tenant_pipelines.go:110 @ 04/20/26 19:14:26.226 (2.486s) > Enter [AfterEach] [release-service-suite Release service tenant pipeline] - /tmp/tmp.VA2UVYReoU/tests/release/service/tenant_pipelines.go:28 @ 04/20/26 19:14:26.227 < Exit [AfterEach] [release-service-suite Release service tenant pipeline] - /tmp/tmp.VA2UVYReoU/tests/release/service/tenant_pipelines.go:28 @ 04/20/26 19:14:26.227 (0s) > Enter [It] verifies that Tenant PipelineRun is triggered - /tmp/tmp.VA2UVYReoU/tests/release/service/tenant_pipelines.go:117 @ 04/20/26 19:14:26.227 PipelineRun has not been created yet for release %s/%s tenant-dev-wgey snapshot-sample-eahb-vhlds PipelineRun tenant-2dn4t reason: Running PipelineRun tenant-2dn4t reason: Succeeded < Exit [It] verifies that Tenant PipelineRun is triggered - /tmp/tmp.VA2UVYReoU/tests/release/service/tenant_pipelines.go:117 @ 04/20/26 19:15:06.286 (40.059s) > Enter [AfterEach] [release-service-suite Release service tenant pipeline] - /tmp/tmp.VA2UVYReoU/tests/release/service/tenant_pipelines.go:28 @ 04/20/26 19:15:06.286 < Exit [AfterEach] [release-service-suite Release service tenant pipeline] - /tmp/tmp.VA2UVYReoU/tests/release/service/tenant_pipelines.go:28 @ 04/20/26 19:15:06.286 (0s) > Enter [It] verifies that a Release is marked as succeeded. - /tmp/tmp.VA2UVYReoU/tests/release/service/tenant_pipelines.go:121 @ 04/20/26 19:15:06.287 < Exit [It] verifies that a Release is marked as succeeded. - /tmp/tmp.VA2UVYReoU/tests/release/service/tenant_pipelines.go:121 @ 04/20/26 19:15:06.303 (16ms) > Enter [AfterEach] [release-service-suite Release service tenant pipeline] - /tmp/tmp.VA2UVYReoU/tests/release/service/tenant_pipelines.go:28 @ 04/20/26 19:15:06.303 < Exit [AfterEach] [release-service-suite Release service tenant pipeline] - /tmp/tmp.VA2UVYReoU/tests/release/service/tenant_pipelines.go:28 @ 04/20/26 19:15:06.303 (0s) > Enter [AfterAll] [release-service-suite Release service tenant pipeline] - /tmp/tmp.VA2UVYReoU/tests/release/service/tenant_pipelines.go:102 @ 04/20/26 19:15:06.304 < Exit [AfterAll] [release-service-suite Release service tenant pipeline] - /tmp/tmp.VA2UVYReoU/tests/release/service/tenant_pipelines.go:102 @ 04/20/26 19:16:03.375 (57.072s) > Enter [BeforeAll] [release-service-suite Release service happy path] - /tmp/tmp.VA2UVYReoU/tests/release/service/happy_path.go:42 @ 04/20/26 19:14:00.557 snapshotPush.Name: %s snapshot-sample-ttef < Exit [BeforeAll] [release-service-suite Release service happy path] - /tmp/tmp.VA2UVYReoU/tests/release/service/happy_path.go:42 @ 04/20/26 19:15:03.607 (1m3.05s) > Enter [It] verifies that a Release CR should have been created in the dev namespace - /tmp/tmp.VA2UVYReoU/tests/release/service/happy_path.go:151 @ 04/20/26 19:15:03.607 < Exit [It] verifies that a Release CR should have been created in the dev namespace - /tmp/tmp.VA2UVYReoU/tests/release/service/happy_path.go:151 @ 04/20/26 19:15:03.726 (119ms) > Enter [AfterEach] [release-service-suite Release service happy path] - /tmp/tmp.VA2UVYReoU/tests/release/service/happy_path.go:27 @ 04/20/26 19:15:03.726 < Exit [AfterEach] [release-service-suite Release service happy path] - /tmp/tmp.VA2UVYReoU/tests/release/service/happy_path.go:27 @ 04/20/26 19:15:03.726 (0s) > Enter [It] verifies that Release PipelineRun is triggered - /tmp/tmp.VA2UVYReoU/tests/release/service/happy_path.go:158 @ 04/20/26 19:15:03.726 PipelineRun has not been created yet for release %s/%s happy-path-thok snapshot-sample-ttef-qnsmw PipelineRun managed-qffj5 reason: Running PipelineRun managed-qffj5 reason: Running PipelineRun managed-qffj5 reason: Running PipelineRun managed-qffj5 reason: Succeeded < Exit [It] verifies that Release PipelineRun is triggered - /tmp/tmp.VA2UVYReoU/tests/release/service/happy_path.go:158 @ 04/20/26 19:16:23.739 (1m20.012s) > Enter [AfterEach] [release-service-suite Release service happy path] - /tmp/tmp.VA2UVYReoU/tests/release/service/happy_path.go:27 @ 04/20/26 19:16:23.739 < Exit [AfterEach] [release-service-suite Release service happy path] - /tmp/tmp.VA2UVYReoU/tests/release/service/happy_path.go:27 @ 04/20/26 19:16:23.739 (0s) > Enter [It] verifies that Enterprise Contract Task has succeeded in the Release PipelineRun - /tmp/tmp.VA2UVYReoU/tests/release/service/happy_path.go:162 @ 04/20/26 19:16:23.739 the status of the verify-conforma TaskRun on the release pipeline is: [{Succeeded True {2026-04-20 19:16:12 +0000 UTC} Succeeded All Steps have completed executing}] < Exit [It] verifies that Enterprise Contract Task has succeeded in the Release PipelineRun - /tmp/tmp.VA2UVYReoU/tests/release/service/happy_path.go:162 @ 04/20/26 19:16:23.848 (109ms) > Enter [AfterEach] [release-service-suite Release service happy path] - /tmp/tmp.VA2UVYReoU/tests/release/service/happy_path.go:27 @ 04/20/26 19:16:23.849 < Exit [AfterEach] [release-service-suite Release service happy path] - /tmp/tmp.VA2UVYReoU/tests/release/service/happy_path.go:27 @ 04/20/26 19:16:23.849 (0s) > Enter [It] verifies that a Release is marked as succeeded. - /tmp/tmp.VA2UVYReoU/tests/release/service/happy_path.go:174 @ 04/20/26 19:16:23.849 < Exit [It] verifies that a Release is marked as succeeded. - /tmp/tmp.VA2UVYReoU/tests/release/service/happy_path.go:174 @ 04/20/26 19:16:23.856 (7ms) > Enter [AfterEach] [release-service-suite Release service happy path] - /tmp/tmp.VA2UVYReoU/tests/release/service/happy_path.go:27 @ 04/20/26 19:16:23.856 < Exit [AfterEach] [release-service-suite Release service happy path] - /tmp/tmp.VA2UVYReoU/tests/release/service/happy_path.go:27 @ 04/20/26 19:16:23.856 (0s) > Enter [AfterAll] [release-service-suite Release service happy path] - /tmp/tmp.VA2UVYReoU/tests/release/service/happy_path.go:142 @ 04/20/26 19:16:23.856 < Exit [AfterAll] [release-service-suite Release service happy path] - /tmp/tmp.VA2UVYReoU/tests/release/service/happy_path.go:142 @ 04/20/26 19:17:42.984 (1m19.128s) > Enter [BeforeAll] [enterprise-contract-suite Conforma E2E tests] - /tmp/tmp.VA2UVYReoU/tests/enterprise-contract/contract.go:31 @ 04/20/26 19:14:00.565 < Exit [BeforeAll] [enterprise-contract-suite Conforma E2E tests] - /tmp/tmp.VA2UVYReoU/tests/enterprise-contract/contract.go:31 @ 04/20/26 19:14:40.672 (40.107s) > Enter [It] verifies if the chains controller is running - /tmp/tmp.VA2UVYReoU/tests/enterprise-contract/contract.go:43 @ 04/20/26 19:14:40.672 < Exit [It] verifies if the chains controller is running - /tmp/tmp.VA2UVYReoU/tests/enterprise-contract/contract.go:43 @ 04/20/26 19:14:40.721 (49ms) > Enter [AfterEach] [enterprise-contract-suite Conforma E2E tests] - /tmp/tmp.VA2UVYReoU/tests/enterprise-contract/contract.go:29 @ 04/20/26 19:14:40.721 < Exit [AfterEach] [enterprise-contract-suite Conforma E2E tests] - /tmp/tmp.VA2UVYReoU/tests/enterprise-contract/contract.go:29 @ 04/20/26 19:14:40.721 (0s) > Enter [It] verifies the signing secret is present - /tmp/tmp.VA2UVYReoU/tests/enterprise-contract/contract.go:48 @ 04/20/26 19:14:40.722 < Exit [It] verifies the signing secret is present - /tmp/tmp.VA2UVYReoU/tests/enterprise-contract/contract.go:48 @ 04/20/26 19:14:40.759 (37ms) > Enter [AfterEach] [enterprise-contract-suite Conforma E2E tests] - /tmp/tmp.VA2UVYReoU/tests/enterprise-contract/contract.go:29 @ 04/20/26 19:14:40.759 < Exit [AfterEach] [enterprise-contract-suite Conforma E2E tests] - /tmp/tmp.VA2UVYReoU/tests/enterprise-contract/contract.go:29 @ 04/20/26 19:14:40.759 (0s) > Enter [BeforeAll] test creating and signing an image and task - /tmp/tmp.VA2UVYReoU/tests/enterprise-contract/contract.go:73 @ 04/20/26 19:14:40.759 Creating Pipeline "buildah-demo-hfropftayf" Waiting for pipeline "buildah-demo-hfropftayf" to finish The pipeline named "buildah-demo-hfropftayf" in namespace "chains-e2e-mdkj" succeeded The image signed by Tekton Chains is quay.io/redhat-appstudio-qe/test-images:buildah-demo-hfropftayf@sha256:f7879ac0d584ab8a184e5d7f8bf7bdc39e48560c80bb0f2163e21be1c5f9227c < Exit [BeforeAll] test creating and signing an image and task - /tmp/tmp.VA2UVYReoU/tests/enterprise-contract/contract.go:73 @ 04/20/26 19:18:26.204 (3m45.445s) > Enter [It] creates signature and attestation - /tmp/tmp.VA2UVYReoU/tests/enterprise-contract/contract.go:115 @ 04/20/26 19:18:26.204 failed to get cosign result for image quay.io/redhat-appstudio-qe/test-images:buildah-demo-hfropftayf@sha256:f7879ac0d584ab8a184e5d7f8bf7bdc39e48560c80bb0f2163e21be1c5f9227c: failed to find cosign results for image quay.io/redhat-appstudio-qe/test-images:buildah-demo-hfropftayf@sha256:f7879ac0d584ab8a184e5d7f8bf7bdc39e48560c80bb0f2163e21be1c5f9227c: error when getting attestation tag: cannot get manifest digest from quay.io/redhat-appstudio-qe/test-images:sha256-f7879ac0d584ab8a184e5d7f8bf7bdc39e48560c80bb0f2163e21be1c5f9227c.att image. response body: {"tags": [], "page": 1, "has_additional": false} Cosign verify pass with .att and .sig ImageStreamTags found for quay.io/redhat-appstudio-qe/test-images:buildah-demo-hfropftayf@sha256:f7879ac0d584ab8a184e5d7f8bf7bdc39e48560c80bb0f2163e21be1c5f9227c < Exit [It] creates signature and attestation - /tmp/tmp.VA2UVYReoU/tests/enterprise-contract/contract.go:115 @ 04/20/26 19:18:27.68 (1.476s) > Enter [AfterEach] [enterprise-contract-suite Conforma E2E tests] - /tmp/tmp.VA2UVYReoU/tests/enterprise-contract/contract.go:29 @ 04/20/26 19:18:27.68 < Exit [AfterEach] [enterprise-contract-suite Conforma E2E tests] - /tmp/tmp.VA2UVYReoU/tests/enterprise-contract/contract.go:29 @ 04/20/26 19:18:27.68 (0s) [FAILED] Expected <bool>: false to be true In [It] at: /tmp/tmp.VA2UVYReoU/tests/enterprise-contract/contract.go:190 @ 04/20/26 19:19:10.973 > Enter [BeforeAll] verify-enterprise-contract task - /tmp/tmp.VA2UVYReoU/tests/enterprise-contract/contract.go:133 @ 04/20/26 19:18:27.681 Copy public key from openshift-pipelines/signing-secrets to a new secret Configured Rekor host: https://rekor.sigstore.dev Using verify EC task bundle: quay.io/conforma/tekton-task:kf-cdfd9188f9352d7269ae1fe8c273a9e67f60ab8a@sha256:3801e78906a70b6dcf850a063cd90b8f5a785b3b54e39ba04630268b08703048 < Exit [BeforeAll] verify-enterprise-contract task - /tmp/tmp.VA2UVYReoU/tests/enterprise-contract/contract.go:133 @ 04/20/26 19:18:27.719 (39ms) > Enter [BeforeEach] verify-enterprise-contract task - /tmp/tmp.VA2UVYReoU/tests/enterprise-contract/contract.go:154 @ 04/20/26 19:18:27.72 < Exit [BeforeEach] verify-enterprise-contract task - /tmp/tmp.VA2UVYReoU/tests/enterprise-contract/contract.go:154 @ 04/20/26 19:18:27.74 (20ms) > Enter [It] succeeds when policy is met - /tmp/tmp.VA2UVYReoU/tests/enterprise-contract/contract.go:177 @ 04/20/26 19:18:27.74 Creating Pipeline "verify-enterprise-contract-run-w2tln" Waiting for pipeline "verify-enterprise-contract-run-w2tln" to finish *** TaskRun status: artifacts: {} completionTime: "2026-04-20T19:19:10Z" conditions: - lastTransitionTime: "2026-04-20T19:19:10Z" message: '"step-show-config" exited with code 2: Error' reason: Failed status: "False" type: Succeeded podName: verify-enterprise-contract-ff10333682fc0172b279ea64b944c06b-pod provenance: featureFlags: awaitSidecarReadiness: true coschedule: workspaces enableAPIFields: alpha enableParamEnum: true enableProvenanceInStatus: true enforceNonfalsifiability: none maxResultSize: 4096 resultExtractionMethod: termination-message runningInEnvWithInjectedSidecars: true verificationNoMatchPolicy: ignore refSource: digest: sha256: 3801e78906a70b6dcf850a063cd90b8f5a785b3b54e39ba04630268b08703048 entryPoint: verify-enterprise-contract uri: quay.io/conforma/tekton-task spanContext: traceparent: 00-56648284d71d959fe24e226a1e3df9d0-752ed45df5394c41-01 startTime: "2026-04-20T19:18:28Z" steps: - container: step-initialize-tuf imageID: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: initialize-tuf provenance: {} terminated: containerID: cri-o://5e836c6659f2734a6de486d0524a2baae1dd769c81b45bec3a3604296910b916 exitCode: 0 finishedAt: "2026-04-20T19:19:03Z" reason: Completed startedAt: "2026-04-20T19:19:03Z" terminationReason: Skipped - container: step-reduce imageID: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: reduce provenance: {} terminated: containerID: cri-o://e5a273d834203f5de88f0a538f64271d153e734703a0085c39522d85ec893e3c exitCode: 0 finishedAt: "2026-04-20T19:19:03Z" reason: Completed startedAt: "2026-04-20T19:19:03Z" terminationReason: Completed - container: step-validate imageID: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: validate provenance: {} terminated: containerID: cri-o://62df43b7d40d2b2c10315af6914e7f45aea8e5318a9a934477862f2db0ff6489 exitCode: 1 finishedAt: "2026-04-20T19:19:08Z" reason: Completed startedAt: "2026-04-20T19:19:04Z" terminationReason: Continued - container: step-report-json imageID: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: report-json provenance: {} terminated: containerID: cri-o://84ad9c669f4d0254ca7d2b32e5d7c8821b93a1badb270909d67e0a698d7b7426 exitCode: 0 finishedAt: "2026-04-20T19:19:09Z" reason: Completed startedAt: "2026-04-20T19:19:09Z" terminationReason: Completed - container: step-summary imageID: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: summary provenance: {} terminated: containerID: cri-o://23c7226f71db1143c020675687a9cf61cf6dac886b5b32f1a02acf8a2cc0b248 exitCode: 2 finishedAt: "2026-04-20T19:19:09Z" reason: Completed startedAt: "2026-04-20T19:19:09Z" terminationReason: Continued - container: step-info imageID: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: info provenance: {} terminated: containerID: cri-o://514efe0ba3fd7ffb9ea2faab9503300a94599c68b663014884e8fc437d0e3445 exitCode: 0 finishedAt: "2026-04-20T19:19:09Z" reason: Completed startedAt: "2026-04-20T19:19:09Z" terminationReason: Completed - container: step-version imageID: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: version provenance: {} terminated: containerID: cri-o://7e255a68435e5825c1973c85c8a3553c90b5fea9504f3dead8b64f99cf06ba39 exitCode: 0 finishedAt: "2026-04-20T19:19:09Z" reason: Completed startedAt: "2026-04-20T19:19:09Z" terminationReason: Completed - container: step-show-config imageID: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: show-config provenance: {} terminated: containerID: cri-o://7806cf66728eb18729c319c10f587dec0b83c8d42bc01a83cd4cb6a54dc35139 exitCode: 2 finishedAt: "2026-04-20T19:19:09Z" reason: Error startedAt: "2026-04-20T19:19:09Z" terminationReason: Error - container: step-assert imageID: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: assert provenance: {} terminated: containerID: cri-o://01726e11d3293569b926c510a2cc546b4cf59180151374b1911053523215770f exitCode: 1 finishedAt: "2026-04-20T19:19:09Z" reason: Error startedAt: "2026-04-20T19:19:09Z" terminationReason: Skipped taskSpec: description: Verify the enterprise contract is met params: - description: | Spec section of an ApplicationSnapshot resource. Not all fields of the resource are required. A minimal example: ```json { "components": [ { "containerImage": "quay.io/example/repo:latest" } ] } ``` Each `containerImage` in the `components` array is validated. name: IMAGES type: string - default: enterprise-contract-service/default description: | Name of the policy configuration (EnterpriseContractPolicy resource) to use. `namespace/name` or `name` syntax supported. If namespace is omitted the namespace where the task runs is used. You can also specify a policy configuration using a git url, e.g. `github.com/conforma/config//slsa3`. name: POLICY_CONFIGURATION type: string - default: "" description: Public key used to verify signatures. Must be a valid k8s cosign reference, e.g. k8s://my-space/my-secret where my-secret contains the expected cosign.pub attribute. name: PUBLIC_KEY type: string - default: "" description: Rekor host for transparency log lookups name: REKOR_HOST type: string - default: "false" description: Skip Rekor transparency log checks during validation. name: IGNORE_REKOR type: string - default: "" description: TUF mirror URL. Provide a value when NOT using public sigstore deployment. name: TUF_MIRROR type: string - default: "" description: | Path to a directory containing SSL certs to be used when communicating with external services. This is useful when using the integrated registry and a local instance of Rekor on a development cluster which may use certificates issued by a not-commonly trusted root CA. In such cases, `/var/run/secrets/kubernetes.io/serviceaccount` is a good value. Multiple paths can be provided by using the `:` separator. name: SSL_CERT_DIR type: string - default: trusted-ca description: The name of the ConfigMap to read CA bundle data from. name: CA_TRUST_CONFIGMAP_NAME type: string - default: ca-bundle.crt description: The name of the key in the ConfigMap that contains the CA bundle data. name: CA_TRUST_CONFIG_MAP_KEY type: string - default: "true" description: Include rule titles and descriptions in the output. Set to `"false"` to disable it. name: INFO type: string - default: "true" description: Fail the task if policy fails. Set to `"false"` to disable it. name: STRICT type: string - default: /tekton/home description: Value for the HOME environment variable. name: HOMEDIR type: string - default: now description: Run policy checks with the provided time. name: EFFECTIVE_TIME type: string - default: "" description: Merge additional Rego variables into the policy data. Use syntax "key=value,key2=value2..." name: EXTRA_RULE_DATA type: string - default: "" description: | This param is deprecated and will be removed in future. Its value is ignored. EC will be run without a timeout. (If you do want to apply a timeout use the Tekton task timeout.) name: TIMEOUT type: string - default: "1" description: Number of parallel workers to use for policy evaluation. name: WORKERS type: string - default: "false" description: Reduce the Snapshot to only the component whose build caused the Snapshot to be created name: SINGLE_COMPONENT type: string - default: unknown description: | Name, including kind, of the Kubernetes resource to query for labels when single component mode is enabled, e.g. pr/somepipeline. name: SINGLE_COMPONENT_CUSTOM_RESOURCE type: string - default: "" description: | Kubernetes namespace where the SINGLE_COMPONENT_NAME is found. Only used when single component mode is enabled. name: SINGLE_COMPONENT_CUSTOM_RESOURCE_NS type: string results: - description: Short summary of the policy evaluation for each image name: TEST_OUTPUT type: string stepTemplate: computeResources: {} env: - name: HOME value: /tekton/home steps: - args: - sigstore - initialize - --mirror - "" - --root - /root.json command: - ec computeResources: limits: memory: 256Mi requests: cpu: 100m memory: 256Mi image: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: initialize-tuf when: - operator: notin values: - "" - command: - reduce-snapshot.sh computeResources: limits: memory: 256Mi requests: cpu: 100m memory: 256Mi env: - name: SNAPSHOT value: '{"application":"","components":[{"name":"","containerImage":"quay.io/redhat-appstudio-qe/test-images:buildah-demo-hfropftayf@sha256:f7879ac0d584ab8a184e5d7f8bf7bdc39e48560c80bb0f2163e21be1c5f9227c","source":{}}],"artifacts":{}}' - name: SINGLE_COMPONENT value: "false" - name: CUSTOM_RESOURCE value: unknown - name: CUSTOM_RESOURCE_NAMESPACE - name: SNAPSHOT_PATH value: /tekton/home/snapshot.json image: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: reduce onError: continue - args: - validate - image - --images - /tekton/home/snapshot.json - --policy - ec-policy - --public-key - k8s://chains-e2e-mdkj/cosign-public-key - --rekor-url - "" - --ignore-rekor=true - --workers - "1" - --info=true - --timeout=100h - --strict=false - --show-successes - --effective-time=now - --extra-rule-data= - --output - text?show-successes=false - --output - appstudio=/tekton/results/TEST_OUTPUT - --output - json=/tekton/home/report-json.json command: - ec computeResources: limits: memory: 2Gi requests: cpu: 1800m memory: 2Gi env: - name: SSL_CERT_DIR value: /tekton-custom-certs:/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/var/run/secrets/kubernetes.io/serviceaccount - name: EC_CACHE value: "false" image: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: validate onError: continue volumeMounts: - mountPath: /etc/pki/tls/certs/ca-custom-bundle.crt name: trusted-ca readOnly: true subPath: ca-bundle.crt - args: - jq . /tekton/home/report-json.json | awk '{gsub(/^ +/, ""); acc += length; if (acc >= 8000) { printf "\n"; acc=length } printf $0 }' command: - sh - -c computeResources: limits: memory: 256Mi requests: cpu: 100m memory: 256Mi image: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: report-json onError: continue - args: - . - /tekton/results/TEST_OUTPUT command: - jq computeResources: limits: memory: 256Mi requests: cpu: 100m memory: 256Mi image: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: summary onError: continue - args: - | ----- DEBUG OUTPUT ----- command: - printf computeResources: limits: memory: 256Mi requests: cpu: 100m memory: 256Mi image: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: info - args: - version command: - ec computeResources: limits: memory: 256Mi requests: cpu: 100m memory: 256Mi image: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: version - args: - '{policy: .policy, key: .key, "effective-time": .["effective-time"]}' - /tekton/home/report-json.json command: - jq computeResources: limits: memory: 256Mi requests: cpu: 100m memory: 256Mi image: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: show-config - args: - --argjson - strict - "true" - -e - | .result == "SUCCESS" or .result == "WARNING" or ($strict | not) - /tekton/results/TEST_OUTPUT command: - jq computeResources: limits: memory: 256Mi requests: cpu: 100m memory: 256Mi image: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: assert volumes: - configMap: items: - key: ca-bundle.crt path: ca-bundle.crt name: trusted-ca optional: true name: trusted-ca workspaces: - description: The workspace where the snapshot spec json file resides name: data optional: true *** Logs from pod 'verify-enterprise-contract-ff10333682fc0172b279ea64b944c06b-pod', container 'step-initialize-tuf': ----- START -----2026/04/20 19:19:03 INFO Step was skipped due to when expressions were evaluated to false. ----- END ----- *** Logs from pod 'verify-enterprise-contract-ff10333682fc0172b279ea64b944c06b-pod', container 'step-reduce': ----- START -----Single Component mode? false { "application": "", "components": [ { "name": "", "containerImage": "quay.io/redhat-appstudio-qe/test-images:buildah-demo-hfropftayf@sha256:f7879ac0d584ab8a184e5d7f8bf7bdc39e48560c80bb0f2163e21be1c5f9227c", "source": {} } ], "artifacts": {} } ----- END ----- *** Logs from pod 'verify-enterprise-contract-ff10333682fc0172b279ea64b944c06b-pod', container 'step-validate': ----- START -----Error: error validating image quay.io/redhat-appstudio-qe/test-images:buildah-demo-hfropftayf@sha256:f7879ac0d584ab8a184e5d7f8bf7bdc39e48560c80bb0f2163e21be1c5f9227c of component : load: loading policies: get compiler: 5 errors occurred: /tmp/ec-work-620744388/policy/ecc96998b/policy/lib/sbom/sbom.rego:88: rego_type_error: undefined function ec.oci.image_referrers /tmp/ec-work-620744388/policy/ecc96998b/policy/lib/sbom/sbom.rego:98: rego_type_error: undefined function ec.oci.image_tag_refs /tmp/ec-work-620744388/policy/ecc96998b/policy/release/slsa_build_scripted_build/slsa_build_scripted_build.rego:23: rego_type_error: undefined function ec.oci.image_manifests /tmp/ec-work-620744388/policy/ecc96998b/policy/release/tasks/tasks.rego:37: rego_type_error: undefined function ec.oci.image_manifests /tmp/ec-work-620744388/policy/ecc96998b/policy/release/trusted_task/trusted_task.rego:23: rego_type_error: undefined function ec.oci.image_manifests ----- END ----- *** Logs from pod 'verify-enterprise-contract-ff10333682fc0172b279ea64b944c06b-pod', container 'step-report-json': ----- START -----jq: error: Could not open file /tekton/home/report-json.json: No such file or directory ----- END ----- *** Logs from pod 'verify-enterprise-contract-ff10333682fc0172b279ea64b944c06b-pod', container 'step-summary': ----- START -----jq: error: Could not open file /tekton/results/TEST_OUTPUT: No such file or directory ----- END ----- *** Logs from pod 'verify-enterprise-contract-ff10333682fc0172b279ea64b944c06b-pod', container 'step-info': ----- START ---------- DEBUG OUTPUT ----- ----- END ----- *** Logs from pod 'verify-enterprise-contract-ff10333682fc0172b279ea64b944c06b-pod', container 'step-version': ----- START -----Version v0.7.111 Source ID cdfd9188f9352d7269ae1fe8c273a9e67f60ab8a Change date 2025-07-09 12:58:49 +0000 UTC (40 weeks ago) ECC v0.1.112 OPA v0.70.0 Conftest v0.55.0 Cosign v2.4.1 Sigstore v1.8.9 Rekor v1.3.6 Tekton Pipeline v0.63.0 Kubernetes Client v0.31.0 ----- END ----- *** Logs from pod 'verify-enterprise-contract-ff10333682fc0172b279ea64b944c06b-pod', container 'step-show-config': ----- START -----jq: error: Could not open file /tekton/home/report-json.json: No such file or directory ----- END ----- *** Logs from pod 'verify-enterprise-contract-ff10333682fc0172b279ea64b944c06b-pod', container 'step-assert': ----- START -----2026/04/20 19:19:09 Skipping step because a previous step failed ----- END ----- Make sure TaskRun verify-enterprise-contract of PipelineRun verify-enterprise-contract-run-w2tln succeeded [FAILED] Expected <bool>: false to be true In [It] at: /tmp/tmp.VA2UVYReoU/tests/enterprise-contract/contract.go:190 @ 04/20/26 19:19:10.973 < Exit [It] succeeds when policy is met - /tmp/tmp.VA2UVYReoU/tests/enterprise-contract/contract.go:177 @ 04/20/26 19:19:10.973 (43.233s) > Enter [AfterEach] [enterprise-contract-suite Conforma E2E tests] - /tmp/tmp.VA2UVYReoU/tests/enterprise-contract/contract.go:29 @ 04/20/26 19:19:10.974 < Exit [AfterEach] [enterprise-contract-suite Conforma E2E tests] - /tmp/tmp.VA2UVYReoU/tests/enterprise-contract/contract.go:29 @ 04/20/26 19:19:11.173 (200ms) [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/enterprise-contract/contract.go:197 @ 04/20/26 19:19:11.174 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/enterprise-contract/contract.go:225 @ 04/20/26 19:19:11.174 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/enterprise-contract/contract.go:251 @ 04/20/26 19:19:11.174 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/enterprise-contract/contract.go:279 @ 04/20/26 19:19:11.175 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/enterprise-contract/contract.go:301 @ 04/20/26 19:19:11.175 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/enterprise-contract/contract.go:345 @ 04/20/26 19:19:11.175 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/enterprise-contract/contract.go:382 @ 04/20/26 19:19:11.175 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/enterprise-contract/contract.go:422 @ 04/20/26 19:19:11.176 [FAILED] Unexpected error: <*errors.StatusError | 0xc0027df720>: admission webhook "dintegrationtestscenario.kb.io" denied the request: could not find application 'integ-app-pluz' in namespace 'gitlab-rep-hayq' { ErrStatus: { TypeMeta: {Kind: "", APIVersion: ""}, ListMeta: { SelfLink: "", ResourceVersion: "", Continue: "", RemainingItemCount: nil, }, Status: "Failure", Message: "admission webhook \"dintegrationtestscenario.kb.io\" denied the request: could not find application 'integ-app-pluz' in namespace 'gitlab-rep-hayq'", Reason: "Forbidden", Details: nil, Code: 403, }, } occurred In [BeforeAll] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/gitlab-integration-reporting.go:68 @ 04/20/26 19:14:23.365 There were additional failures detected after the initial failure. These are visible in the timeline > Enter [BeforeAll] Gitlab with status reporting of Integration tests in the assosiated merge request - /tmp/tmp.VA2UVYReoU/tests/integration-service/gitlab-integration-reporting.go:45 @ 04/20/26 19:14:00.563 [FAILED] Unexpected error: <*errors.StatusError | 0xc0027df720>: admission webhook "dintegrationtestscenario.kb.io" denied the request: could not find application 'integ-app-pluz' in namespace 'gitlab-rep-hayq' { ErrStatus: { TypeMeta: {Kind: "", APIVersion: ""}, ListMeta: { SelfLink: "", ResourceVersion: "", Continue: "", RemainingItemCount: nil, }, Status: "Failure", Message: "admission webhook \"dintegrationtestscenario.kb.io\" denied the request: could not find application 'integ-app-pluz' in namespace 'gitlab-rep-hayq'", Reason: "Forbidden", Details: nil, Code: 403, }, } occurred In [BeforeAll] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/gitlab-integration-reporting.go:68 @ 04/20/26 19:14:23.365 < Exit [BeforeAll] Gitlab with status reporting of Integration tests in the assosiated merge request - /tmp/tmp.VA2UVYReoU/tests/integration-service/gitlab-integration-reporting.go:45 @ 04/20/26 19:14:23.365 (22.802s) > Enter [AfterAll] Gitlab with status reporting of Integration tests in the assosiated merge request - /tmp/tmp.VA2UVYReoU/tests/integration-service/gitlab-integration-reporting.go:94 @ 04/20/26 19:14:23.366 [FAILED] Expected success, but got an error: <*errors.errorString | 0xc001e3cc30>: failed to get MR of IID 0 in projectID , 404 Not Found { s: "failed to get MR of IID 0 in projectID , 404 Not Found", } In [AfterAll] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/gitlab-integration-reporting.go:97 @ 04/20/26 19:14:23.622 < Exit [AfterAll] Gitlab with status reporting of Integration tests in the assosiated merge request - /tmp/tmp.VA2UVYReoU/tests/integration-service/gitlab-integration-reporting.go:94 @ 04/20/26 19:14:23.622 (257ms) > Enter [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.VA2UVYReoU/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/20/26 19:14:23.623 < Exit [AfterEach] [integration-service-suite Gitlab Status Reporting of Integration tests] - /tmp/tmp.VA2UVYReoU/tests/integration-service/gitlab-integration-reporting.go:42 @ 04/20/26 19:14:24.082 (460ms) [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/gitlab-integration-reporting.go:144 @ 04/20/26 19:14:24.083 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/gitlab-integration-reporting.go:148 @ 04/20/26 19:14:24.083 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/gitlab-integration-reporting.go:153 @ 04/20/26 19:14:24.083 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/gitlab-integration-reporting.go:172 @ 04/20/26 19:14:24.084 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/gitlab-integration-reporting.go:179 @ 04/20/26 19:14:24.084 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/gitlab-integration-reporting.go:183 @ 04/20/26 19:14:24.084 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/gitlab-integration-reporting.go:188 @ 04/20/26 19:14:24.084 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/gitlab-integration-reporting.go:194 @ 04/20/26 19:14:24.084 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/gitlab-integration-reporting.go:207 @ 04/20/26 19:14:24.085 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/gitlab-integration-reporting.go:212 @ 04/20/26 19:14:24.085 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/gitlab-integration-reporting.go:229 @ 04/20/26 19:14:24.085 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/gitlab-integration-reporting.go:233 @ 04/20/26 19:14:24.085 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/gitlab-integration-reporting.go:250 @ 04/20/26 19:14:24.086 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/gitlab-integration-reporting.go:254 @ 04/20/26 19:14:24.086 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/gitlab-integration-reporting.go:278 @ 04/20/26 19:14:24.086 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/gitlab-integration-reporting.go:288 @ 04/20/26 19:14:24.086 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/gitlab-integration-reporting.go:303 @ 04/20/26 19:14:24.086 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/gitlab-integration-reporting.go:308 @ 04/20/26 19:14:24.087 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/gitlab-integration-reporting.go:325 @ 04/20/26 19:14:24.087 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/gitlab-integration-reporting.go:329 @ 04/20/26 19:14:24.087 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/gitlab-integration-reporting.go:346 @ 04/20/26 19:14:24.087 > Enter [BeforeAll] test build secret lookup - /tmp/tmp.VA2UVYReoU/tests/build/secret_lookup.go:32 @ 04/20/26 19:14:24.088 < Exit [BeforeAll] test build secret lookup - /tmp/tmp.VA2UVYReoU/tests/build/secret_lookup.go:32 @ 04/20/26 19:14:56.893 (32.805s) > Enter [BeforeAll] when two secrets are created - /tmp/tmp.VA2UVYReoU/tests/build/secret_lookup.go:100 @ 04/20/26 19:14:56.893 < Exit [BeforeAll] when two secrets are created - /tmp/tmp.VA2UVYReoU/tests/build/secret_lookup.go:100 @ 04/20/26 19:14:56.922 (29ms) > Enter [It] creates first component - /tmp/tmp.VA2UVYReoU/tests/build/secret_lookup.go:123 @ 04/20/26 19:14:56.923 Image repository for component component-one-qsok in namespace build-e2e-ukgr do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. < Exit [It] creates first component - /tmp/tmp.VA2UVYReoU/tests/build/secret_lookup.go:123 @ 04/20/26 19:15:16.982 (20.059s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/secret_lookup.go:25 @ 04/20/26 19:15:16.982 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/secret_lookup.go:25 @ 04/20/26 19:15:16.982 (0s) > Enter [It] creates second component - /tmp/tmp.VA2UVYReoU/tests/build/secret_lookup.go:140 @ 04/20/26 19:15:16.983 Image repository for component component-two-dagh in namespace build-e2e-ukgr do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. < Exit [It] creates second component - /tmp/tmp.VA2UVYReoU/tests/build/secret_lookup.go:140 @ 04/20/26 19:15:37.057 (20.075s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/secret_lookup.go:25 @ 04/20/26 19:15:37.057 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/secret_lookup.go:25 @ 04/20/26 19:15:37.057 (0s) > Enter [It] check first component annotation has errors - /tmp/tmp.VA2UVYReoU/tests/build/secret_lookup.go:158 @ 04/20/26 19:15:37.058 build status annotation value: {"message":"waiting for spec.containerImage to be set by ImageRepository with annotation image-controller.appstudio.redhat.com/update-component-image"} build status annotation value: {"message":"waiting for spec.containerImage to be set by ImageRepository with annotation image-controller.appstudio.redhat.com/update-component-image"} build status annotation value: {"message":"waiting for spec.containerImage to be set by ImageRepository with annotation image-controller.appstudio.redhat.com/update-component-image"} build status annotation value: {"message":"waiting for spec.containerImage to be set by ImageRepository with annotation image-controller.appstudio.redhat.com/update-component-image"} build status annotation value: {"message":"waiting for spec.containerImage to be set by ImageRepository with annotation image-controller.appstudio.redhat.com/update-component-image"} build status annotation value: {"message":"waiting for spec.containerImage to be set by ImageRepository with annotation image-controller.appstudio.redhat.com/update-component-image"} build status annotation value: {"message":"waiting for spec.containerImage to be set by ImageRepository with annotation image-controller.appstudio.redhat.com/update-component-image"} build status annotation value: {"message":"waiting for spec.containerImage to be set by ImageRepository with annotation image-controller.appstudio.redhat.com/update-component-image"} build status annotation value: {"message":"waiting for spec.containerImage to be set by ImageRepository with annotation image-controller.appstudio.redhat.com/update-component-image"} build status annotation value: {"pac":{"state":"error","error-id":74,"error-message":"74: Access token is unrecognizable by GitHub"},"message":"done"} < Exit [It] check first component annotation has errors - /tmp/tmp.VA2UVYReoU/tests/build/secret_lookup.go:158 @ 04/20/26 19:16:22.239 (45.181s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/secret_lookup.go:25 @ 04/20/26 19:16:22.239 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/secret_lookup.go:25 @ 04/20/26 19:16:22.239 (0s) > Enter [It] triggered PipelineRun is for component - /tmp/tmp.VA2UVYReoU/tests/build/secret_lookup.go:178 @ 04/20/26 19:16:22.239 PipelineRun has not been created yet for the component build-e2e-ukgr/component-two-dagh PipelineRun has not been created yet for the component build-e2e-ukgr/component-two-dagh PipelineRun has not been created yet for the component build-e2e-ukgr/component-two-dagh < Exit [It] triggered PipelineRun is for component - /tmp/tmp.VA2UVYReoU/tests/build/secret_lookup.go:178 @ 04/20/26 19:17:22.331 (1m0.092s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/secret_lookup.go:25 @ 04/20/26 19:17:22.331 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/secret_lookup.go:25 @ 04/20/26 19:17:22.331 (0s) > Enter [It] check only one pipelinerun should be triggered - /tmp/tmp.VA2UVYReoU/tests/build/secret_lookup.go:193 @ 04/20/26 19:17:22.332 < Exit [It] check only one pipelinerun should be triggered - /tmp/tmp.VA2UVYReoU/tests/build/secret_lookup.go:193 @ 04/20/26 19:19:22.333 (2m0.001s) > Enter [AfterAll] test build secret lookup - /tmp/tmp.VA2UVYReoU/tests/build/secret_lookup.go:61 @ 04/20/26 19:19:22.333 < Exit [AfterAll] test build secret lookup - /tmp/tmp.VA2UVYReoU/tests/build/secret_lookup.go:61 @ 04/20/26 19:19:25.7 (3.367s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/secret_lookup.go:25 @ 04/20/26 19:19:25.701 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/secret_lookup.go:25 @ 04/20/26 19:19:25.701 (0s) > Enter [BeforeAll] Maven project - Default build - /tmp/tmp.VA2UVYReoU/tests/konflux-demo/konflux-demo.go:84 @ 04/20/26 19:14:00.26 "level"=0 "msg"="Konflux demo BeforeAll: initializing framework for appappMaven project - Default build" "level"=0 "msg"="Konflux demo BeforeAll: namespacesuserNamespacekonflux-mdypmanagedNamespacekonflux-mdyp-managed" "level"=0 "msg"="Konflux demo BeforeAll: component configcomponentNamekonflux-demo-component-cetnpacBranchNamekonflux-konflux-demo-component-cetncomponentRepositoryNamehacbs-test-project-konflux-demo" "level"=0 "msg"="Konflux demo BeforeAll: creating release configmanagedNamespacekonflux-mdyp-manageduserNamespacekonflux-mdyp" "level"=0 "msg"="Konflux demo createReleaseConfig: creating managed namespacemanagedNamespacekonflux-mdyp-managed" "level"=0 "msg"="Konflux demo createReleaseConfig: creating release-service-accountmanagedNamespacekonflux-mdyp-managed" "level"=0 "msg"="Konflux demo createReleaseConfig: finishedmanagedNamespacekonflux-mdyp-manageduserNamespacekonflux-mdyp" "level"=0 "msg"="Konflux demo BeforeAll: created and linked release-catalog-trusted-artifacts-quay-secretmanagedNamespacekonflux-mdyp-managed" created and linked release-catalog-trusted-artifacts-quay-secret in namespace "konflux-mdyp-managed" "level"=0 "msg"="Konflux demo BeforeAll: setup completeappMaven project - Default buildcomponentNamekonflux-demo-component-cetn" < Exit [BeforeAll] Maven project - Default build - /tmp/tmp.VA2UVYReoU/tests/konflux-demo/konflux-demo.go:84 @ 04/20/26 19:14:47.884 (47.624s) > Enter [It] creates an application - /tmp/tmp.VA2UVYReoU/tests/konflux-demo/konflux-demo.go:189 @ 04/20/26 19:14:47.884 "level"=0 "msg"="Konflux demo: creating applicationapplicationNamekonflux-demo-appnamespacekonflux-mdyp" "level"=0 "msg"="Konflux demo: application createdapplicationNamekonflux-demo-app" < Exit [It] creates an application - /tmp/tmp.VA2UVYReoU/tests/konflux-demo/konflux-demo.go:189 @ 04/20/26 19:14:47.908 (24ms) > Enter [It] creates an IntegrationTestScenario for the app - /tmp/tmp.VA2UVYReoU/tests/konflux-demo/konflux-demo.go:202 @ 04/20/26 19:14:47.909 "level"=0 "msg"="Konflux demo: creating IntegrationTestScenarioapplicationNamekonflux-demo-appnamespacekonflux-mdyp" "level"=0 "msg"="Konflux demo: IntegrationTestScenario createdscenariomy-integration-test-bvtu" < Exit [It] creates an IntegrationTestScenario for the app - /tmp/tmp.VA2UVYReoU/tests/konflux-demo/konflux-demo.go:202 @ 04/20/26 19:14:47.929 (21ms) > Enter [It] creates new branch for the build - /tmp/tmp.VA2UVYReoU/tests/konflux-demo/konflux-demo.go:218 @ 04/20/26 19:14:47.93 "level"=0 "msg"="Konflux demo: creating branch for buildrepohacbs-test-project-konflux-demobranchbase-impsrsfrommain" < Exit [It] creates new branch for the build - /tmp/tmp.VA2UVYReoU/tests/konflux-demo/konflux-demo.go:218 @ 04/20/26 19:14:48.625 (696ms) > Enter [It] creates component konflux-demo-component (private: false) from git source https://github.com/redhat-appstudio-qe/hacbs-test-project-konflux-demo - /tmp/tmp.VA2UVYReoU/tests/konflux-demo/konflux-demo.go:233 @ 04/20/26 19:14:48.626 "level"=0 "msg"="Konflux demo: creating componentcomponentNamekonflux-demo-component-cetnapplicationNamekonflux-demo-appnamespacekonflux-mdyprevisionbase-impsrs" Image repository for component konflux-demo-component-cetn in namespace konflux-mdyp do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. "level"=0 "msg"="Konflux demo: component createdcomponentNamekonflux-demo-component-cetn" < Exit [It] creates component konflux-demo-component (private: false) from git source https://github.com/redhat-appstudio-qe/hacbs-test-project-konflux-demo - /tmp/tmp.VA2UVYReoU/tests/konflux-demo/konflux-demo.go:233 @ 04/20/26 19:15:08.671 (20.045s) [FAILED] Timed out after 300.001s. timed out when waiting for `pull-request` event type PaC PipelineRun to be present in the user namespace "konflux-mdyp" for component "konflux-demo-component-cetn" with a label pointing to "konflux-demo-app" Expected success, but got an error: <*errors.errorString | 0xc001b98a60>: no pipelinerun found for component konflux-demo-component-cetn { s: "no pipelinerun found for component konflux-demo-component-cetn", } In [It] at: /tmp/tmp.VA2UVYReoU/tests/konflux-demo/konflux-demo.go:294 @ 04/20/26 19:21:03.747 > Enter [It] triggers creation of a PR in the sample repo - /tmp/tmp.VA2UVYReoU/tests/konflux-demo/konflux-demo.go:259 @ 04/20/26 19:15:08.672 "level"=0 "msg"="Konflux demo: waiting for PaC PRrepohacbs-test-project-konflux-demopacBranchNamekonflux-konflux-demo-component-cetn" "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "level"=0 "msg"="Konflux demo: PaC PR createdprNumber29098prSHAa53086642bd14d49e0aef569838a1c1525e9a348" "level"=0 "msg"="Konflux demo: waiting for pull-request PipelineRun to appear (will delete it)componentkonflux-demo-component-cetnprSHAa53086642bd14d49e0aef569838a1c1525e9a348" PipelineRun not found yet for component konflux-mdyp/konflux-demo-component-cetn prSHA a53086642bd14d49e0aef569838a1c1525e9a348: no pipelinerun found for component konflux-demo-component-cetn PipelineRun not found yet for component konflux-mdyp/konflux-demo-component-cetn prSHA a53086642bd14d49e0aef569838a1c1525e9a348: no pipelinerun found for component konflux-demo-component-cetn PipelineRun not found yet for component konflux-mdyp/konflux-demo-component-cetn prSHA a53086642bd14d49e0aef569838a1c1525e9a348: no pipelinerun found for component konflux-demo-component-cetn PipelineRun not found yet for component konflux-mdyp/konflux-demo-component-cetn prSHA a53086642bd14d49e0aef569838a1c1525e9a348: no pipelinerun found for component konflux-demo-component-cetn PipelineRun not found yet for component konflux-mdyp/konflux-demo-component-cetn prSHA a53086642bd14d49e0aef569838a1c1525e9a348: no pipelinerun found for component konflux-demo-component-cetn PipelineRun not found yet for component konflux-mdyp/konflux-demo-component-cetn prSHA a53086642bd14d49e0aef569838a1c1525e9a348: no pipelinerun found for component konflux-demo-component-cetn PipelineRun not found yet for component konflux-mdyp/konflux-demo-component-cetn prSHA a53086642bd14d49e0aef569838a1c1525e9a348: no pipelinerun found for component konflux-demo-component-cetn PipelineRun not found yet for component konflux-mdyp/konflux-demo-component-cetn prSHA a53086642bd14d49e0aef569838a1c1525e9a348: no pipelinerun found for component konflux-demo-component-cetn PipelineRun not found yet for component konflux-mdyp/konflux-demo-component-cetn prSHA a53086642bd14d49e0aef569838a1c1525e9a348: no pipelinerun found for component konflux-demo-component-cetn PipelineRun not found yet for component konflux-mdyp/konflux-demo-component-cetn prSHA a53086642bd14d49e0aef569838a1c1525e9a348: no pipelinerun found for component konflux-demo-component-cetn PipelineRun not found yet for component konflux-mdyp/konflux-demo-component-cetn prSHA a53086642bd14d49e0aef569838a1c1525e9a348: no pipelinerun found for component konflux-demo-component-cetn PipelineRun not found yet for component konflux-mdyp/konflux-demo-component-cetn prSHA a53086642bd14d49e0aef569838a1c1525e9a348: no pipelinerun found for component konflux-demo-component-cetn PipelineRun not found yet for component konflux-mdyp/konflux-demo-component-cetn prSHA a53086642bd14d49e0aef569838a1c1525e9a348: no pipelinerun found for component konflux-demo-component-cetn PipelineRun not found yet for component konflux-mdyp/konflux-demo-component-cetn prSHA a53086642bd14d49e0aef569838a1c1525e9a348: no pipelinerun found for component konflux-demo-component-cetn PipelineRun not found yet for component konflux-mdyp/konflux-demo-component-cetn prSHA a53086642bd14d49e0aef569838a1c1525e9a348: no pipelinerun found for component konflux-demo-component-cetn [FAILED] Timed out after 300.001s. timed out when waiting for `pull-request` event type PaC PipelineRun to be present in the user namespace "konflux-mdyp" for component "konflux-demo-component-cetn" with a label pointing to "konflux-demo-app" Expected success, but got an error: <*errors.errorString | 0xc001b98a60>: no pipelinerun found for component konflux-demo-component-cetn { s: "no pipelinerun found for component konflux-demo-component-cetn", } In [It] at: /tmp/tmp.VA2UVYReoU/tests/konflux-demo/konflux-demo.go:294 @ 04/20/26 19:21:03.747 < Exit [It] triggers creation of a PR in the sample repo - /tmp/tmp.VA2UVYReoU/tests/konflux-demo/konflux-demo.go:259 @ 04/20/26 19:21:03.747 (5m55.075s) > Enter [AfterAll] Maven project - Default build - /tmp/tmp.VA2UVYReoU/tests/konflux-demo/konflux-demo.go:154 @ 04/20/26 19:21:03.747 < Exit [AfterAll] Maven project - Default build - /tmp/tmp.VA2UVYReoU/tests/konflux-demo/konflux-demo.go:154 @ 04/20/26 19:21:03.748 (0s) [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/konflux-demo/konflux-demo.go:297 @ 04/20/26 19:21:03.748 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/konflux-demo/konflux-demo.go:335 @ 04/20/26 19:21:03.748 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/konflux-demo/konflux-demo.go:369 @ 04/20/26 19:21:03.749 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/konflux-demo/konflux-demo.go:373 @ 04/20/26 19:21:03.749 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/konflux-demo/konflux-demo.go:389 @ 04/20/26 19:21:03.749 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/konflux-demo/konflux-demo.go:403 @ 04/20/26 19:21:03.749 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/konflux-demo/konflux-demo.go:419 @ 04/20/26 19:21:03.749 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/konflux-demo/konflux-demo.go:432 @ 04/20/26 19:21:03.75 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/konflux-demo/konflux-demo.go:441 @ 04/20/26 19:21:03.75 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/konflux-demo/konflux-demo.go:462 @ 04/20/26 19:21:03.75 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/konflux-demo/konflux-demo.go:493 @ 04/20/26 19:21:03.75 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/konflux-demo/konflux-demo.go:505 @ 04/20/26 19:21:03.75 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/konflux-demo/konflux-demo.go:518 @ 04/20/26 19:21:03.751 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/konflux-demo/konflux-demo.go:533 @ 04/20/26 19:21:03.751 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/konflux-demo/konflux-demo.go:552 @ 04/20/26 19:21:03.751 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/konflux-demo/konflux-demo.go:578 @ 04/20/26 19:21:03.751 > Enter [BeforeAll] with status reporting of Integration tests in CheckRuns - /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:60 @ 04/20/26 19:14:00.661 Successfully acquired repository lock for namespace group-rtpt < Exit [BeforeAll] with status reporting of Integration tests in CheckRuns - /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:60 @ 04/20/26 19:14:19.305 (18.645s) > Enter [It] creates the Component A successfully - /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:205 @ 04/20/26 19:14:19.306 < Exit [It] creates the Component A successfully - /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:205 @ 04/20/26 19:14:29.345 (10.039s) > Enter [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:50 @ 04/20/26 19:14:29.345 < Exit [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:50 @ 04/20/26 19:14:29.345 (0s) [FAILED] Timed out after 900.001s. timed out when waiting for the build PipelineRun to start for the componentA group-rtpt/go-component-ceunjn Expected success, but got an error: <*errors.errorString | 0xc00174c530>: no pipelinerun found for component go-component-ceunjn { s: "no pipelinerun found for component go-component-ceunjn", } In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:224 @ 04/20/26 19:29:29.347 > Enter [It] triggers a Build PipelineRun for componentA go-component - /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:213 @ 04/20/26 19:14:29.346 Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn [FAILED] Timed out after 900.001s. timed out when waiting for the build PipelineRun to start for the componentA group-rtpt/go-component-ceunjn Expected success, but got an error: <*errors.errorString | 0xc00174c530>: no pipelinerun found for component go-component-ceunjn { s: "no pipelinerun found for component go-component-ceunjn", } In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:224 @ 04/20/26 19:29:29.347 < Exit [It] triggers a Build PipelineRun for componentA go-component - /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:213 @ 04/20/26 19:29:29.347 (15m0.001s) > Enter [AfterAll] with status reporting of Integration tests in CheckRuns - /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:149 @ 04/20/26 19:29:29.348 < Exit [AfterAll] with status reporting of Integration tests in CheckRuns - /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:149 @ 04/20/26 19:29:30.884 (1.537s) > Enter [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:50 @ 04/20/26 19:29:30.885 < Exit [AfterEach] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] - /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:50 @ 04/20/26 19:29:31.091 (206ms) [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:227 @ 04/20/26 19:29:31.091 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:231 @ 04/20/26 19:29:31.091 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:236 @ 04/20/26 19:29:31.092 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:258 @ 04/20/26 19:29:31.092 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:263 @ 04/20/26 19:29:31.092 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:270 @ 04/20/26 19:29:31.092 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:277 @ 04/20/26 19:29:31.093 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:296 @ 04/20/26 19:29:31.093 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:304 @ 04/20/26 19:29:31.093 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:318 @ 04/20/26 19:29:31.093 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:322 @ 04/20/26 19:29:31.094 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:327 @ 04/20/26 19:29:31.094 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:349 @ 04/20/26 19:29:31.094 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:354 @ 04/20/26 19:29:31.094 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:361 @ 04/20/26 19:29:31.094 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:368 @ 04/20/26 19:29:31.095 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:387 @ 04/20/26 19:29:31.095 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:395 @ 04/20/26 19:29:31.095 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:409 @ 04/20/26 19:29:31.095 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:413 @ 04/20/26 19:29:31.095 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:418 @ 04/20/26 19:29:31.096 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:440 @ 04/20/26 19:29:31.096 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:445 @ 04/20/26 19:29:31.096 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:452 @ 04/20/26 19:29:31.096 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:459 @ 04/20/26 19:29:31.096 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:479 @ 04/20/26 19:29:31.097 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:497 @ 04/20/26 19:29:31.097 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:513 @ 04/20/26 19:29:31.097 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:521 @ 04/20/26 19:29:31.097 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:556 @ 04/20/26 19:29:31.098 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:635 @ 04/20/26 19:29:31.098 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:648 @ 04/20/26 19:29:31.098 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:654 @ 04/20/26 19:29:31.098 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:663 @ 04/20/26 19:29:31.098 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:690 @ 04/20/26 19:29:31.099 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:720 @ 04/20/26 19:29:31.099 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:740 @ 04/20/26 19:29:31.099 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:780 @ 04/20/26 19:29:31.099 [FAILED] Timed out after 900.001s. timed out when waiting for the build PipelineRun to start for the component stat-rep-qmrx/test-component-pac-tupjqc Expected success, but got an error: <*errors.errorString | 0xc00170c910>: no pipelinerun found for component test-component-pac-tupjqc { s: "no pipelinerun found for component test-component-pac-tupjqc", } In [BeforeAll] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/status-reporting-to-pullrequest.go:86 @ 04/20/26 19:29:53.03 > Enter [BeforeAll] with status reporting of Integration tests in CheckRuns - /tmp/tmp.VA2UVYReoU/tests/integration-service/status-reporting-to-pullrequest.go:45 @ 04/20/26 19:14:00.559 Image repository for component test-component-pac-tupjqc in namespace stat-rep-qmrx do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Image repository for component test-component-pac-tupjqc in namespace stat-rep-qmrx do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc [FAILED] Timed out after 900.001s. timed out when waiting for the build PipelineRun to start for the component stat-rep-qmrx/test-component-pac-tupjqc Expected success, but got an error: <*errors.errorString | 0xc00170c910>: no pipelinerun found for component test-component-pac-tupjqc { s: "no pipelinerun found for component test-component-pac-tupjqc", } In [BeforeAll] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/status-reporting-to-pullrequest.go:86 @ 04/20/26 19:29:53.03 < Exit [BeforeAll] with status reporting of Integration tests in CheckRuns - /tmp/tmp.VA2UVYReoU/tests/integration-service/status-reporting-to-pullrequest.go:45 @ 04/20/26 19:29:53.03 (15m52.471s) > Enter [AfterAll] with status reporting of Integration tests in CheckRuns - /tmp/tmp.VA2UVYReoU/tests/integration-service/status-reporting-to-pullrequest.go:92 @ 04/20/26 19:29:53.03 < Exit [AfterAll] with status reporting of Integration tests in CheckRuns - /tmp/tmp.VA2UVYReoU/tests/integration-service/status-reporting-to-pullrequest.go:92 @ 04/20/26 19:29:53.794 (764ms) > Enter [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.VA2UVYReoU/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/20/26 19:29:53.794 < Exit [AfterEach] [integration-service-suite Status Reporting of Integration tests] - /tmp/tmp.VA2UVYReoU/tests/integration-service/status-reporting-to-pullrequest.go:42 @ 04/20/26 19:29:53.996 (202ms) [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/status-reporting-to-pullrequest.go:113 @ 04/20/26 19:29:53.997 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/status-reporting-to-pullrequest.go:132 @ 04/20/26 19:29:53.998 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/status-reporting-to-pullrequest.go:142 @ 04/20/26 19:29:53.998 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/status-reporting-to-pullrequest.go:149 @ 04/20/26 19:29:53.998 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/status-reporting-to-pullrequest.go:153 @ 04/20/26 19:29:53.998 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/status-reporting-to-pullrequest.go:158 @ 04/20/26 19:29:53.999 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/status-reporting-to-pullrequest.go:164 @ 04/20/26 19:29:53.999 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/status-reporting-to-pullrequest.go:183 @ 04/20/26 19:29:53.999 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/status-reporting-to-pullrequest.go:191 @ 04/20/26 19:29:53.999 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/status-reporting-to-pullrequest.go:205 @ 04/20/26 19:29:54 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/status-reporting-to-pullrequest.go:209 @ 04/20/26 19:29:54 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/status-reporting-to-pullrequest.go:213 @ 04/20/26 19:29:54 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/status-reporting-to-pullrequest.go:217 @ 04/20/26 19:29:54 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/status-reporting-to-pullrequest.go:232 @ 04/20/26 19:29:54.001 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/status-reporting-to-pullrequest.go:236 @ 04/20/26 19:29:54.001 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/status-reporting-to-pullrequest.go:245 @ 04/20/26 19:29:54.001 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/status-reporting-to-pullrequest.go:260 @ 04/20/26 19:29:54.001 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/status-reporting-to-pullrequest.go:265 @ 04/20/26 19:29:54.001 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/status-reporting-to-pullrequest.go:270 @ 04/20/26 19:29:54.002 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/status-reporting-to-pullrequest.go:276 @ 04/20/26 19:29:54.002 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/status-reporting-to-pullrequest.go:323 @ 04/20/26 19:29:54.002 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/status-reporting-to-pullrequest.go:368 @ 04/20/26 19:29:54.002 > Enter [BeforeAll] Forgejo with status reporting of Integration tests in the associated merge request - /tmp/tmp.VA2UVYReoU/tests/integration-service/forgejo-integration-reporting.go:44 @ 04/20/26 19:14:00.357 < Exit [BeforeAll] Forgejo with status reporting of Integration tests in the associated merge request - /tmp/tmp.VA2UVYReoU/tests/integration-service/forgejo-integration-reporting.go:44 @ 04/20/26 19:14:09.897 (9.54s) > Enter [BeforeAll] when a new Component with specified custom branch is created - /tmp/tmp.VA2UVYReoU/tests/integration-service/forgejo-integration-reporting.go:128 @ 04/20/26 19:14:09.897 Image repository for component test-comp-pac-forgejo-utvouv in namespace forgejo-rep-ccja do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. < Exit [BeforeAll] when a new Component with specified custom branch is created - /tmp/tmp.VA2UVYReoU/tests/integration-service/forgejo-integration-reporting.go:128 @ 04/20/26 19:14:52.61 (42.713s) > Enter [It] triggers a Build PipelineRun - /tmp/tmp.VA2UVYReoU/tests/integration-service/forgejo-integration-reporting.go:211 @ 04/20/26 19:14:52.61 < Exit [It] triggers a Build PipelineRun - /tmp/tmp.VA2UVYReoU/tests/integration-service/forgejo-integration-reporting.go:211 @ 04/20/26 19:14:52.636 (26ms) > Enter [AfterEach] [integration-service-suite Forgejo Status Reporting of Integration tests] - /tmp/tmp.VA2UVYReoU/tests/integration-service/forgejo-integration-reporting.go:41 @ 04/20/26 19:14:52.637 < Exit [AfterEach] [integration-service-suite Forgejo Status Reporting of Integration tests] - /tmp/tmp.VA2UVYReoU/tests/integration-service/forgejo-integration-reporting.go:41 @ 04/20/26 19:14:52.637 (0s) > Enter [It] does not contain an annotation with a Snapshot Name - /tmp/tmp.VA2UVYReoU/tests/integration-service/forgejo-integration-reporting.go:225 @ 04/20/26 19:14:52.637 < Exit [It] does not contain an annotation with a Snapshot Name - /tmp/tmp.VA2UVYReoU/tests/integration-service/forgejo-integration-reporting.go:225 @ 04/20/26 19:14:52.637 (0s) > Enter [AfterEach] [integration-service-suite Forgejo Status Reporting of Integration tests] - /tmp/tmp.VA2UVYReoU/tests/integration-service/forgejo-integration-reporting.go:41 @ 04/20/26 19:14:52.637 < Exit [AfterEach] [integration-service-suite Forgejo Status Reporting of Integration tests] - /tmp/tmp.VA2UVYReoU/tests/integration-service/forgejo-integration-reporting.go:41 @ 04/20/26 19:14:52.637 (0s) [FAILED] Expected success, but got an error: <*errors.errorString | 0xc0003bf9a0>: unable to retrigger pipelinerun for component forgejo-rep-ccja:test-comp-pac-forgejo-utvouv: timed out waiting for new PipelineRun to appear after retriggering it for component forgejo-rep-ccja:test-comp-pac-forgejo-utvouv { s: "unable to retrigger pipelinerun for component forgejo-rep-ccja:test-comp-pac-forgejo-utvouv: timed out waiting for new PipelineRun to appear after retriggering it for component forgejo-rep-ccja:test-comp-pac-forgejo-utvouv", } In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/forgejo-integration-reporting.go:231 @ 04/20/26 19:31:33.646 > Enter [It] should lead to build PipelineRun finishing successfully - /tmp/tmp.VA2UVYReoU/tests/integration-service/forgejo-integration-reporting.go:229 @ 04/20/26 19:14:52.638 PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-zb4tg found for Component forgejo-rep-ccja/test-comp-pac-forgejo-utvouv PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-zb4tg reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-zb4tg reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun my-integration-test-cckl-v9cr8 reason: Running PipelineRun my-integration-test-cckl-v9cr8 reason: Running PipelineRun my-integration-test-cckl-v9cr8 reason: Running PipelineRun my-integration-test-cckl-v9cr8 reason: Failed attempt 1/3: PipelineRun "my-integration-test-cckl-v9cr8" failed: pod: test-comp-pac-forgejo-utvouv-on-pull-request-48gpr-init-pod | init container: prepare 2026/04/20 19:15:18 Entrypoint initialization pod: test-comp-pac-forgejo-utvouv-on-pull-request-48gpr-init-pod | container step-init: time="2026-04-20T19:15:20Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-20T19:15:20Z" level=info msg="[param] enable: false" time="2026-04-20T19:15:20Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-20T19:15:20Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-20T19:15:20Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-20T19:15:20Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-20T19:15:20Z" level=info msg="Cache proxy is disabled in param or in backend" time="2026-04-20T19:15:20Z" level=info msg="[result] HTTP PROXY: " time="2026-04-20T19:15:20Z" level=info msg="[result] NO PROXY: " pod: test-comp-pac-forgejo-utvouv-on-pull-request-48gpr-tpa-scan-pod | init container: prepare 2026/04/20 19:22:04 Entrypoint initialization pod: test-comp-pac-forgejo-utvouv-on-pull-request-48gpr-tpa-scan-pod | init container: place-scripts 2026/04/20 19:22:05 Decoded script /tekton/scripts/script-0-b5sgb 2026/04/20 19:22:05 Decoded script /tekton/scripts/script-1-r4t5h 2026/04/20 19:22:05 Decoded script /tekton/scripts/script-2-25kkm pod: test-comp-pac-forgejo-utvouv-on-pull-request-48gpr-tpa-scan-pod | container step-get-vulnerabilities: Inspecting raw image manifest quay.io/redhat-appstudio-qe/forgejo-rep-ccja/test-comp-pac-forgejo-utvouv@sha256:1f9c2afcd1335d6e969ddc78b60565f7f5207d8b2e581461d596e85cda2840a1. Selecting auth Using token for quay.io/redhat-appstudio-qe/forgejo-rep-ccja/test-comp-pac-forgejo-utvouv Selecting auth Using token for quay.io/redhat-appstudio-qe/forgejo-rep-ccja/test-comp-pac-forgejo-utvouv WARNING: SBOM attachments are deprecated and support will be removed in a Cosign release soon after 2024-02-22 (see https://github.com/sigstore/cosign/issues/2755). Instead, please use SBOM attestations. WARNING: Downloading SBOMs this way does not ensure its authenticity. If you want to ensure a tamper-proof SBOM, download it using 'cosign download attestation <image uri>'. Found SBOM of media type: text/spdx+json Running TPA scan on amd64 image manifest... % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0{ "scanned" : { "total" : 152, "direct" : 25, "transitive" : 127 }, "providers" : { "rhtpa" : { "status" : { "ok" : true, "name" : "rhtpa", "code" : 200, "message" : "OK", "warnings" : { "pkg:maven/io.github.stuartwdouglas.hacbstest.Main/hacbs-test" : [ "Unable to process: missing version component" ] } }, "sources" : { "osv-github" : { "summary" : { "direct" : 2, "transitive" : 0, "total" : 2, "dependencies" : 1, "critical" : 0, "high" : 2, "medium" : 0, "low" : 0, "remediations" : 0, "recommendations" : 0, "unscanned" : 0 }, "dependencies" : [ { "ref" : "pkg:pypi/setuptools@39.2.0", "issues" : [ { "id" : "CVE-2024-6345", "source" : "osv-github", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-6345" ], "unique" : false }, { "id" : "CVE-2022-40897", "source" : "osv-github", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-40897" ], "unique" : false } ], "transitive" : [ ], "highestVulnerability" : { "id" : "CVE-2024-6345", "source" : "osv-github", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-6345" ], "unique" : false } } ] }, "redhat-csaf" : { "summary" : { "direct" : 50, "transitive" : 338, "total" : 388, "dependencies" : 57, "critical" : 7, "high" : 134, "medium" : 228, "low" : 19, "remediations" : 0, "recommendations" : 0, "unscanned" : 0 }, "dependencies" : [ { "ref" : "pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64&distro=rhel-8.10&upstream=python3-3.6.8-75.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2023-40217", "source" : "redhat-csaf", "cvssScore" : 8.6, "severity" : "HIGH", "cves" : [ "CVE-2023-40217" ], "unique" : false }, { "id" : "CVE-2022-42919", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2022-42919" ], "unique" : false }, { "id" : "CVE-2023-6597", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-6597" ], "unique" : false }, { "id" : "CVE-2015-20107", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2015-20107" ], "unique" : false }, { "id" : "CVE-2024-12718", "title" : "Bypass extraction filter to modify file metadata outside extraction directory", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-12718" ], "unique" : false }, { "id" : "CVE-2025-4517", "title" : "Arbitrary writes via tarfile realpath overflow", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2025-4517" ], "unique" : false }, { "id" : "CVE-2020-10735", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2020-10735" ], "unique" : false }, { "id" : "CVE-2022-45061", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-45061" ], "unique" : false }, { "id" : "CVE-2023-24329", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-24329" ], "unique" : false }, { "id" : "CVE-2024-6232", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-6232" ], "unique" : false }, { "id" : "CVE-2025-12084", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-12084" ], "unique" : false }, { "id" : "CVE-2025-4138", "title" : "Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-4138" ], "unique" : false }, { "id" : "CVE-2025-4435", "title" : "Tarfile extracts filtered members when errorlevel=0", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-4435" ], "unique" : false }, { "id" : "CVE-2025-8194", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-8194" ], "unique" : false }, { "id" : "CVE-2021-28861", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2021-28861" ], "unique" : false }, { "id" : "CVE-2025-4330", "title" : "Extraction filter bypass for linking outside extraction directory", "source" : "redhat-csaf", "cvssScore" : 7.3, "severity" : "HIGH", "cves" : [ "CVE-2025-4330" ], "unique" : false }, { "id" : "CVE-2025-15366", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2025-15366" ], "unique" : false }, { "id" : "CVE-2025-15367", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2025-15367" ], "unique" : false }, { "id" : "CVE-2026-1299", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2026-1299" ], "unique" : false }, { "id" : "CVE-2026-4519", "title" : "webbrowser.open() allows leading dashes in URLs", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2026-4519" ], "unique" : false }, { "id" : "CVE-2024-6923", "source" : "redhat-csaf", "cvssScore" : 6.8, "severity" : "MEDIUM", "cves" : [ "CVE-2024-6923" ], "unique" : false }, { "id" : "CVE-2025-0938", "source" : "redhat-csaf", "cvssScore" : 6.8, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0938" ], "unique" : false }, { "id" : "CVE-2025-13836", "source" : "redhat-csaf", "cvssScore" : 6.8, "severity" : "MEDIUM", "cves" : [ "CVE-2025-13836" ], "unique" : false }, { "id" : "CVE-2024-9287", "source" : "redhat-csaf", "cvssScore" : 6.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-9287" ], "unique" : false }, { "id" : "CVE-2024-0450", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2024-0450" ], "unique" : false }, { "id" : "CVE-2007-4559", "title" : "Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2007-4559" ], "unique" : false }, { "id" : "CVE-2023-27043", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-27043" ], "unique" : false }, { "id" : "CVE-2024-8088", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-8088" ], "unique" : false }, { "id" : "CVE-2024-0397", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-0397" ], "unique" : false }, { "id" : "CVE-2024-7592", "source" : "redhat-csaf", "cvssScore" : 4.8, "severity" : "MEDIUM", "cves" : [ "CVE-2024-7592" ], "unique" : false }, { "id" : "CVE-2026-0865", "source" : "redhat-csaf", "cvssScore" : 4.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0865" ], "unique" : false }, { "id" : "CVE-2025-6069", "title" : "HTMLParser quadratic complexity when processing malformed inputs", "source" : "redhat-csaf", "cvssScore" : 4.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-6069" ], "unique" : false }, { "id" : "CVE-2025-8291", "source" : "redhat-csaf", "cvssScore" : 4.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8291" ], "unique" : false }, { "id" : "CVE-2025-6075", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2025-6075" ], "unique" : false }, { "id" : "CVE-2024-11168", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2024-11168" ], "unique" : false }, { "id" : "CVE-2024-4032", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2024-4032" ], "unique" : false }, { "id" : "CVE-2024-5642", "title" : "Buffer overread when using an empty list with SSLContext.set_npn_protocols()", "source" : "redhat-csaf", "cvssScore" : 2.7, "severity" : "LOW", "cves" : [ "CVE-2024-5642" ], "unique" : false } ], "transitive" : [ { "ref" : "pkg:rpm/redhat/openssl-libs@1.1.1k-15.el8_6?arch=x86_64&distro=rhel-8.10&epoch=1&upstream=openssl-1.1.1k-15.el8_6.src.rpm", "issues" : [ { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false }, { "id" : "CVE-2022-1473", "title" : "Resource leakage when decoding certificates and keys", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1473" ], "unique" : false }, { "id" : "CVE-2022-3358", "title" : "Using a Custom Cipher with NID_undef may lead to NULL encryption", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-3358" ], "unique" : false }, { "id" : "CVE-2022-3602", "title" : "X.509 Email Address 4-byte Buffer Overflow", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-3602" ], "unique" : false }, { "id" : "CVE-2022-3786", "title" : "X.509 Email Address Variable Length Buffer Overflow", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-3786" ], "unique" : false }, { "id" : "CVE-2022-4450", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-4450" ], "unique" : false }, { "id" : "CVE-2023-0215", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-0215" ], "unique" : false }, { "id" : "CVE-2023-0216", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-0216" ], "unique" : false }, { "id" : "CVE-2023-0217", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-0217" ], "unique" : false }, { "id" : "CVE-2023-0401", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-0401" ], "unique" : false }, { "id" : "CVE-2023-5363", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-5363" ], "unique" : false }, { "id" : "CVE-2023-0286", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2023-0286" ], "unique" : false }, { "id" : "CVE-2024-12797", "title" : "RFC7250 handshakes with unauthenticated servers don't abort as expected", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2024-12797" ], "unique" : false }, { "id" : "CVE-2025-69419", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2025-69419" ], "unique" : false }, { "id" : "CVE-2022-1292", "source" : "redhat-csaf", "cvssScore" : 6.7, "severity" : "MEDIUM", "cves" : [ "CVE-2022-1292" ], "unique" : false }, { "id" : "CVE-2022-2068", "source" : "redhat-csaf", "cvssScore" : 6.7, "severity" : "MEDIUM", "cves" : [ "CVE-2022-2068" ], "unique" : false }, { "id" : "CVE-2023-2650", "title" : "Possible DoS translating ASN.1 object identifiers", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-2650" ], "unique" : false }, { "id" : "CVE-2023-6129", "title" : "POLY1305 MAC implementation corrupts vector registers on PowerPC", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-6129" ], "unique" : false }, { "id" : "CVE-2025-69421", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69421" ], "unique" : false }, { "id" : "CVE-2025-11187", "title" : "Improper validation of PBMAC1 parameters in PKCS#12 MAC verification", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-11187" ], "unique" : false }, { "id" : "CVE-2020-1971", "title" : "EDIPARTYNAME NULL pointer dereference", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2020-1971" ], "unique" : false }, { "id" : "CVE-2022-4304", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2022-4304" ], "unique" : false }, { "id" : "CVE-2023-0464", "title" : "Excessive Resource Usage Verifying X.509 Policy Constraints", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-0464" ], "unique" : false }, { "id" : "CVE-2023-6237", "title" : "Excessive time spent checking invalid RSA public keys", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-6237" ], "unique" : false }, { "id" : "CVE-2024-5535", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-5535" ], "unique" : false }, { "id" : "CVE-2024-6119", "title" : "Possible denial of service in X.509 name checks", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-6119" ], "unique" : false }, { "id" : "CVE-2025-15468", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15468" ], "unique" : false }, { "id" : "CVE-2025-66199", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-66199" ], "unique" : false }, { "id" : "CVE-2025-69420", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69420" ], "unique" : false }, { "id" : "CVE-2026-22796", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-22796" ], "unique" : false }, { "id" : "CVE-2024-4741", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2024-4741" ], "unique" : false }, { "id" : "CVE-2025-9230", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-9230" ], "unique" : false }, { "id" : "CVE-2024-0727", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2024-0727" ], "unique" : false }, { "id" : "CVE-2025-15469", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15469" ], "unique" : false }, { "id" : "CVE-2026-22795", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-22795" ], "unique" : false }, { "id" : "CVE-2022-1343", "title" : "OCSP_basic_verify may incorrectly verify the response signing certificate", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2022-1343" ], "unique" : false }, { "id" : "CVE-2022-2097", "title" : "AES OCB fails to encrypt some bytes", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2022-2097" ], "unique" : false }, { "id" : "CVE-2023-0465", "title" : "Invalid certificate policies in leaf certificates are silently ignored", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-0465" ], "unique" : false }, { "id" : "CVE-2023-0466", "title" : "Certificate policy check not enabled", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-0466" ], "unique" : false }, { "id" : "CVE-2023-2975", "title" : "AES-SIV implementation ignores empty associated data entries", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-2975" ], "unique" : false }, { "id" : "CVE-2023-3446", "title" : "Excessive time spent checking DH keys and parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-3446" ], "unique" : false }, { "id" : "CVE-2023-3817", "title" : "Excessive time spent checking DH q parameter value", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-3817" ], "unique" : false }, { "id" : "CVE-2023-5678", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-5678" ], "unique" : false }, { "id" : "CVE-2024-4603", "title" : "Excessive time spent checking DSA keys and parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-4603" ], "unique" : false }, { "id" : "CVE-2023-1255", "title" : "Input buffer over-read in AES-XTS implementation on 64 bit ARM", "source" : "redhat-csaf", "cvssScore" : 5.1, "severity" : "MEDIUM", "cves" : [ "CVE-2023-1255" ], "unique" : false }, { "id" : "CVE-2022-4203", "source" : "redhat-csaf", "cvssScore" : 4.9, "severity" : "MEDIUM", "cves" : [ "CVE-2022-4203" ], "unique" : false }, { "id" : "CVE-2025-68160", "source" : "redhat-csaf", "cvssScore" : 4.7, "severity" : "MEDIUM", "cves" : [ "CVE-2025-68160" ], "unique" : false }, { "id" : "CVE-2025-69418", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69418" ], "unique" : false }, { "id" : "CVE-2024-2511", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2024-2511" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/krb5-libs@1.18.2-32.el8_10?arch=x86_64&distro=rhel-8.10&upstream=krb5-1.18.2-32.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2024-3596", "source" : "redhat-csaf", "cvssScore" : 9.0, "severity" : "CRITICAL", "cves" : [ "CVE-2024-3596" ], "unique" : false }, { "id" : "CVE-2022-42898", "title" : "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has \"a similar bug.\"", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2022-42898" ], "unique" : false }, { "id" : "CVE-2023-39975", "title" : "kdc/do_tgs_req.c in MIT Kerberos 5 (aka krb5) 1.21 before 1.21.2 has a double free that is reachable if an authenticated user can trigger an authorization-data handling failure. Incorrect data is copied from one ticket to another.", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2023-39975" ], "unique" : false }, { "id" : "CVE-2024-26462", "title" : "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/kdc/ndr.c.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-26462" ], "unique" : false }, { "id" : "CVE-2024-37370", "title" : "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-37370" ], "unique" : false }, { "id" : "CVE-2020-17049", "title" : "Kerberos KDC Security Feature Bypass Vulnerability", "source" : "redhat-csaf", "cvssScore" : 7.2, "severity" : "HIGH", "cves" : [ "CVE-2020-17049" ], "unique" : false }, { "id" : "CVE-2023-36054", "title" : "lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-36054" ], "unique" : false }, { "id" : "CVE-2024-37371", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2024-37371" ], "unique" : false }, { "id" : "CVE-2025-24528", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-24528" ], "unique" : false }, { "id" : "CVE-2024-26458", "title" : "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-26458" ], "unique" : false }, { "id" : "CVE-2024-26461", "title" : "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-26461" ], "unique" : false }, { "id" : "CVE-2025-3576", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-3576" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-3596", "source" : "redhat-csaf", "cvssScore" : 9.0, "severity" : "CRITICAL", "cves" : [ "CVE-2024-3596" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/python3-setuptools-wheel@39.2.0-9.el8_10?arch=noarch&distro=rhel-8.10&upstream=python-setuptools-39.2.0-9.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2024-6345", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-6345" ], "unique" : false }, { "id" : "CVE-2025-47273", "title" : "setuptools has a path traversal vulnerability in PackageIndex.download that leads to Arbitrary File Write", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2025-47273" ], "unique" : false }, { "id" : "CVE-2022-40897", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2022-40897" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-6345", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-6345" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-minimal-langpack@2.28-251.el8_10.31?arch=x86_64&distro=rhel-8.10&upstream=glibc-2.28-251.el8_10.31.src.rpm", "issues" : [ { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false }, { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2023-4911", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-4911" ], "unique" : false }, { "id" : "CVE-2024-33599", "title" : "nscd: Stack-based buffer overflow in netgroup cache", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-33599" ], "unique" : false }, { "id" : "CVE-2025-4802", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2025-4802" ], "unique" : false }, { "id" : "CVE-2023-4527", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4527" ], "unique" : false }, { "id" : "CVE-2023-4806", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4806" ], "unique" : false }, { "id" : "CVE-2023-4813", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4813" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2025-0395", "title" : "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0395" ], "unique" : false }, { "id" : "CVE-2024-33600", "title" : "nscd: Null pointer crashes after notfound response", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33600" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2024-33601", "title" : "nscd: netgroup cache may terminate daemon on memory allocation failure", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33601" ], "unique" : false }, { "id" : "CVE-2024-33602", "title" : "nscd: netgroup cache assumes NSS callback uses in-buffer strings", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc@2.28-251.el8_10.31?arch=x86_64&distro=rhel-8.10&upstream=glibc-2.28-251.el8_10.31.src.rpm", "issues" : [ { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false }, { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2023-4911", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-4911" ], "unique" : false }, { "id" : "CVE-2024-33599", "title" : "nscd: Stack-based buffer overflow in netgroup cache", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-33599" ], "unique" : false }, { "id" : "CVE-2025-4802", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2025-4802" ], "unique" : false }, { "id" : "CVE-2023-4527", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4527" ], "unique" : false }, { "id" : "CVE-2023-4806", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4806" ], "unique" : false }, { "id" : "CVE-2023-4813", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4813" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2025-0395", "title" : "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0395" ], "unique" : false }, { "id" : "CVE-2024-33600", "title" : "nscd: Null pointer crashes after notfound response", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33600" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2024-33601", "title" : "nscd: netgroup cache may terminate daemon on memory allocation failure", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33601" ], "unique" : false }, { "id" : "CVE-2024-33602", "title" : "nscd: netgroup cache assumes NSS callback uses in-buffer strings", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-common@2.28-251.el8_10.31?arch=x86_64&distro=rhel-8.10&upstream=glibc-2.28-251.el8_10.31.src.rpm", "issues" : [ { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false }, { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2023-4911", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-4911" ], "unique" : false }, { "id" : "CVE-2024-33599", "title" : "nscd: Stack-based buffer overflow in netgroup cache", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-33599" ], "unique" : false }, { "id" : "CVE-2025-4802", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2025-4802" ], "unique" : false }, { "id" : "CVE-2023-4527", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4527" ], "unique" : false }, { "id" : "CVE-2023-4806", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4806" ], "unique" : false }, { "id" : "CVE-2023-4813", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4813" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2025-0395", "title" : "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0395" ], "unique" : false }, { "id" : "CVE-2024-33600", "title" : "nscd: Null pointer crashes after notfound response", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33600" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2024-33601", "title" : "nscd: netgroup cache may terminate daemon on memory allocation failure", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33601" ], "unique" : false }, { "id" : "CVE-2024-33602", "title" : "nscd: netgroup cache assumes NSS callback uses in-buffer strings", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/xz-libs@5.2.4-4.el8_6?arch=x86_64&distro=rhel-8.10&upstream=xz-5.2.4-4.el8_6.src.rpm", "issues" : [ { "id" : "CVE-2022-1271", "title" : "An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2022-1271" ], "unique" : false }, { "id" : "CVE-2025-31115", "title" : "XZ has a heap-use-after-free bug in threaded .xz decoder", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-31115" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-1271", "title" : "An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2022-1271" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64&distro=rhel-8.10&upstream=python3-3.6.8-75.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2023-40217", "source" : "redhat-csaf", "cvssScore" : 8.6, "severity" : "HIGH", "cves" : [ "CVE-2023-40217" ], "unique" : false }, { "id" : "CVE-2022-42919", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2022-42919" ], "unique" : false }, { "id" : "CVE-2023-6597", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-6597" ], "unique" : false }, { "id" : "CVE-2015-20107", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2015-20107" ], "unique" : false }, { "id" : "CVE-2024-12718", "title" : "Bypass extraction filter to modify file metadata outside extraction directory", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-12718" ], "unique" : false }, { "id" : "CVE-2025-4517", "title" : "Arbitrary writes via tarfile realpath overflow", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2025-4517" ], "unique" : false }, { "id" : "CVE-2020-10735", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2020-10735" ], "unique" : false }, { "id" : "CVE-2022-45061", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-45061" ], "unique" : false }, { "id" : "CVE-2023-24329", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-24329" ], "unique" : false }, { "id" : "CVE-2024-6232", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-6232" ], "unique" : false }, { "id" : "CVE-2025-12084", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-12084" ], "unique" : false }, { "id" : "CVE-2025-4138", "title" : "Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-4138" ], "unique" : false }, { "id" : "CVE-2025-4435", "title" : "Tarfile extracts filtered members when errorlevel=0", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-4435" ], "unique" : false }, { "id" : "CVE-2025-8194", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-8194" ], "unique" : false }, { "id" : "CVE-2021-28861", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2021-28861" ], "unique" : false }, { "id" : "CVE-2025-4330", "title" : "Extraction filter bypass for linking outside extraction directory", "source" : "redhat-csaf", "cvssScore" : 7.3, "severity" : "HIGH", "cves" : [ "CVE-2025-4330" ], "unique" : false }, { "id" : "CVE-2025-15366", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2025-15366" ], "unique" : false }, { "id" : "CVE-2025-15367", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2025-15367" ], "unique" : false }, { "id" : "CVE-2026-1299", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2026-1299" ], "unique" : false }, { "id" : "CVE-2026-4519", "title" : "webbrowser.open() allows leading dashes in URLs", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2026-4519" ], "unique" : false }, { "id" : "CVE-2024-6923", "source" : "redhat-csaf", "cvssScore" : 6.8, "severity" : "MEDIUM", "cves" : [ "CVE-2024-6923" ], "unique" : false }, { "id" : "CVE-2025-0938", "source" : "redhat-csaf", "cvssScore" : 6.8, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0938" ], "unique" : false }, { "id" : "CVE-2025-13836", "source" : "redhat-csaf", "cvssScore" : 6.8, "severity" : "MEDIUM", "cves" : [ "CVE-2025-13836" ], "unique" : false }, { "id" : "CVE-2024-9287", "source" : "redhat-csaf", "cvssScore" : 6.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-9287" ], "unique" : false }, { "id" : "CVE-2024-0450", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2024-0450" ], "unique" : false }, { "id" : "CVE-2007-4559", "title" : "Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2007-4559" ], "unique" : false }, { "id" : "CVE-2023-27043", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-27043" ], "unique" : false }, { "id" : "CVE-2024-8088", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-8088" ], "unique" : false }, { "id" : "CVE-2024-0397", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-0397" ], "unique" : false }, { "id" : "CVE-2024-7592", "source" : "redhat-csaf", "cvssScore" : 4.8, "severity" : "MEDIUM", "cves" : [ "CVE-2024-7592" ], "unique" : false }, { "id" : "CVE-2026-0865", "source" : "redhat-csaf", "cvssScore" : 4.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0865" ], "unique" : false }, { "id" : "CVE-2025-6069", "title" : "HTMLParser quadratic complexity when processing malformed inputs", "source" : "redhat-csaf", "cvssScore" : 4.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-6069" ], "unique" : false }, { "id" : "CVE-2025-8291", "source" : "redhat-csaf", "cvssScore" : 4.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8291" ], "unique" : false }, { "id" : "CVE-2025-6075", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2025-6075" ], "unique" : false }, { "id" : "CVE-2024-11168", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2024-11168" ], "unique" : false }, { "id" : "CVE-2024-4032", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2024-4032" ], "unique" : false }, { "id" : "CVE-2024-5642", "title" : "Buffer overread when using an empty list with SSLContext.set_npn_protocols()", "source" : "redhat-csaf", "cvssScore" : 2.7, "severity" : "LOW", "cves" : [ "CVE-2024-5642" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-40217", "source" : "redhat-csaf", "cvssScore" : 8.6, "severity" : "HIGH", "cves" : [ "CVE-2023-40217" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/zlib@1.2.11-25.el8?arch=x86_64&distro=rhel-8.10&upstream=zlib-1.2.11-25.el8.src.rpm", "issues" : [ { "id" : "CVE-2018-25032", "title" : "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", "source" : "redhat-csaf", "cvssScore" : 8.2, "severity" : "HIGH", "cves" : [ "CVE-2018-25032" ], "unique" : false }, { "id" : "CVE-2022-37434", "title" : "zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2022-37434" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2018-25032", "title" : "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", "source" : "redhat-csaf", "cvssScore" : 8.2, "severity" : "HIGH", "cves" : [ "CVE-2018-25032" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libcap@2.48-6.el8_9?arch=x86_64&distro=rhel-8.10&upstream=libcap-2.48-6.el8_9.src.rpm", "issues" : [ { "id" : "CVE-2023-2603", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-2603" ], "unique" : false }, { "id" : "CVE-2023-2602", "title" : "A vulnerability was found in the pthread_create() function in libcap. This issue may allow a malicious actor to use cause __real_pthread_create() to return an error, which can exhaust the process memory.", "source" : "redhat-csaf", "cvssScore" : 3.3, "severity" : "LOW", "cves" : [ "CVE-2023-2602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-2603", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-2603" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-base@6.1-10.20180224.el8?arch=noarch&distro=rhel-8.10&upstream=ncurses-6.1-10.20180224.el8.src.rpm", "issues" : [ { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false }, { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false }, { "id" : "CVE-2022-29458", "title" : "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2022-29458" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-libs@6.1-10.20180224.el8?arch=x86_64&distro=rhel-8.10&upstream=ncurses-6.1-10.20180224.el8.src.rpm", "issues" : [ { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false }, { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false }, { "id" : "CVE-2022-29458", "title" : "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2022-29458" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/sqlite-libs@3.26.0-20.el8_10?arch=x86_64&distro=rhel-8.10&upstream=sqlite-3.26.0-20.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2025-6965", "title" : "Integer Truncation on SQLite", "source" : "redhat-csaf", "cvssScore" : 7.7, "severity" : "HIGH", "cves" : [ "CVE-2025-6965" ], "unique" : false }, { "id" : "CVE-2023-7104", "source" : "redhat-csaf", "cvssScore" : 7.3, "severity" : "HIGH", "cves" : [ "CVE-2023-7104" ], "unique" : false }, { "id" : "CVE-2025-3277", "title" : "An integer overflow can be triggered in SQLite’s `concat_ws()` function. The resulting, truncated integer is then used to allocate a buffer. When SQLite then writes the resulting string to the buffer, it uses the original, untruncated size and thus a wild Heap Buffer overflow of size ~4GB can be triggered. This can result in arbitrary code execution.", "source" : "redhat-csaf", "cvssScore" : 7.3, "severity" : "HIGH", "cves" : [ "CVE-2025-3277" ], "unique" : false }, { "id" : "CVE-2022-35737", "title" : "SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2022-35737" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-6965", "title" : "Integer Truncation on SQLite", "source" : "redhat-csaf", "cvssScore" : 7.7, "severity" : "HIGH", "cves" : [ "CVE-2025-6965" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/expat@2.5.0-1.el8_10?arch=x86_64&distro=rhel-8.10&upstream=expat-2.5.0-1.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2023-52425", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-52425" ], "unique" : false }, { "id" : "CVE-2024-28757", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-28757" ], "unique" : false }, { "id" : "CVE-2024-45490", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-45490" ], "unique" : false }, { "id" : "CVE-2024-45491", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-45491" ], "unique" : false }, { "id" : "CVE-2024-8176", "title" : "Libexpat: expat: improper restriction of xml entity expansion depth in libexpat", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-8176" ], "unique" : false }, { "id" : "CVE-2024-45492", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2024-45492" ], "unique" : false }, { "id" : "CVE-2024-50602", "title" : "An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-50602" ], "unique" : false }, { "id" : "CVE-2025-59375", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-59375" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-52425", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-52425" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libtirpc@1.1.4-12.el8_10?arch=x86_64&distro=rhel-8.10&upstream=libtirpc-1.1.4-12.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2021-46828", "title" : "In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2021-46828" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2021-46828", "title" : "In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2021-46828" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/pcre2@10.32-3.el8_6?arch=x86_64&distro=rhel-8.10&upstream=pcre2-10.32-3.el8_6.src.rpm", "issues" : [ { "id" : "CVE-2022-1586", "title" : "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1586" ], "unique" : false }, { "id" : "CVE-2022-1587", "title" : "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1587" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-1586", "title" : "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1586" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/bash@4.4.20-6.el8_10?arch=x86_64&distro=rhel-8.10&upstream=bash-4.4.20-6.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2022-3715", "source" : "redhat-csaf", "cvssScore" : 6.6, "severity" : "MEDIUM", "cves" : [ "CVE-2022-3715" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-3715", "source" : "redhat-csaf", "cvssScore" : 6.6, "severity" : "MEDIUM", "cves" : [ "CVE-2022-3715" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/gmp@6.1.2-11.el8?arch=x86_64&distro=rhel-8.10&epoch=1&upstream=gmp-6.1.2-11.el8.src.rpm", "issues" : [ { "id" : "CVE-2021-43618", "title" : "GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms.", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2021-43618" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2021-43618", "title" : "GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms.", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2021-43618" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libgcc@8.5.0-28.el8_10?arch=x86_64&distro=rhel-8.10&upstream=gcc-8.5.0-28.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2020-11023", "title" : "Potential XSS vulnerability in jQuery", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2020-11023" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2020-11023", "title" : "Potential XSS vulnerability in jQuery", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2020-11023" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libtasn1@4.13-5.el8_10?arch=x86_64&distro=rhel-8.10&upstream=libtasn1-4.13-5.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2021-46848", "title" : "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2021-46848" ], "unique" : false }, { "id" : "CVE-2024-12133", "title" : "Libtasn1: inefficient der decoding in libtasn1 leading to potential remote dos", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-12133" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2021-46848", "title" : "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2021-46848" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libcom_err@1.45.6-7.el8_10?arch=x86_64&distro=rhel-8.10&upstream=e2fsprogs-1.45.6-7.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2022-1304", "title" : "An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.", "source" : "redhat-csaf", "cvssScore" : 5.8, "severity" : "MEDIUM", "cves" : [ "CVE-2022-1304" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-1304", "title" : "An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.", "source" : "redhat-csaf", "cvssScore" : 5.8, "severity" : "MEDIUM", "cves" : [ "CVE-2022-1304" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/python3-pip-wheel@9.0.3-24.el8?arch=noarch&distro=rhel-8.10&upstream=python-pip-9.0.3-24.el8.src.rpm", "issues" : [ { "id" : "CVE-2007-4559", "title" : "Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2007-4559" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2007-4559", "title" : "Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2007-4559" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/bzip2-libs@1.0.6-28.el8_10?arch=x86_64&distro=rhel-8.10&upstream=bzip2-1.0.6-28.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2019-12900", "title" : "BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.", "source" : "redhat-csaf", "cvssScore" : 4.4, "severity" : "MEDIUM", "cves" : [ "CVE-2019-12900" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2019-12900", "title" : "BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.", "source" : "redhat-csaf", "cvssScore" : 4.4, "severity" : "MEDIUM", "cves" : [ "CVE-2019-12900" ], "unique" : false } } ], "highestVulnerability" : { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/openldap@2.4.46-21.el8_10?arch=x86_64&distro=rhel-8.10&upstream=openldap-2.4.46-21.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2023-2953", "title" : "A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2023-2953" ], "unique" : false } ], "transitive" : [ { "ref" : "pkg:rpm/redhat/openssl-libs@1.1.1k-15.el8_6?arch=x86_64&distro=rhel-8.10&epoch=1&upstream=openssl-1.1.1k-15.el8_6.src.rpm", "issues" : [ { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false }, { "id" : "CVE-2022-1473", "title" : "Resource leakage when decoding certificates and keys", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1473" ], "unique" : false }, { "id" : "CVE-2022-3358", "title" : "Using a Custom Cipher with NID_undef may lead to NULL encryption", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-3358" ], "unique" : false }, { "id" : "CVE-2022-3602", "title" : "X.509 Email Address 4-byte Buffer Overflow", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-3602" ], "unique" : false }, { "id" : "CVE-2022-3786", "title" : "X.509 Email Address Variable Length Buffer Overflow", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-3786" ], "unique" : false }, { "id" : "CVE-2022-4450", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-4450" ], "unique" : false }, { "id" : "CVE-2023-0215", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-0215" ], "unique" : false }, { "id" : "CVE-2023-0216", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-0216" ], "unique" : false }, { "id" : "CVE-2023-0217", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-0217" ], "unique" : false }, { "id" : "CVE-2023-0401", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-0401" ], "unique" : false }, { "id" : "CVE-2023-5363", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-5363" ], "unique" : false }, { "id" : "CVE-2023-0286", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2023-0286" ], "unique" : false }, { "id" : "CVE-2024-12797", "title" : "RFC7250 handshakes with unauthenticated servers don't abort as expected", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2024-12797" ], "unique" : false }, { "id" : "CVE-2025-69419", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2025-69419" ], "unique" : false }, { "id" : "CVE-2022-1292", "source" : "redhat-csaf", "cvssScore" : 6.7, "severity" : "MEDIUM", "cves" : [ "CVE-2022-1292" ], "unique" : false }, { "id" : "CVE-2022-2068", "source" : "redhat-csaf", "cvssScore" : 6.7, "severity" : "MEDIUM", "cves" : [ "CVE-2022-2068" ], "unique" : false }, { "id" : "CVE-2023-2650", "title" : "Possible DoS translating ASN.1 object identifiers", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-2650" ], "unique" : false }, { "id" : "CVE-2023-6129", "title" : "POLY1305 MAC implementation corrupts vector registers on PowerPC", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-6129" ], "unique" : false }, { "id" : "CVE-2025-69421", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69421" ], "unique" : false }, { "id" : "CVE-2025-11187", "title" : "Improper validation of PBMAC1 parameters in PKCS#12 MAC verification", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-11187" ], "unique" : false }, { "id" : "CVE-2020-1971", "title" : "EDIPARTYNAME NULL pointer dereference", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2020-1971" ], "unique" : false }, { "id" : "CVE-2022-4304", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2022-4304" ], "unique" : false }, { "id" : "CVE-2023-0464", "title" : "Excessive Resource Usage Verifying X.509 Policy Constraints", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-0464" ], "unique" : false }, { "id" : "CVE-2023-6237", "title" : "Excessive time spent checking invalid RSA public keys", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-6237" ], "unique" : false }, { "id" : "CVE-2024-5535", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-5535" ], "unique" : false }, { "id" : "CVE-2024-6119", "title" : "Possible denial of service in X.509 name checks", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-6119" ], "unique" : false }, { "id" : "CVE-2025-15468", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15468" ], "unique" : false }, { "id" : "CVE-2025-66199", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-66199" ], "unique" : false }, { "id" : "CVE-2025-69420", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69420" ], "unique" : false }, { "id" : "CVE-2026-22796", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-22796" ], "unique" : false }, { "id" : "CVE-2024-4741", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2024-4741" ], "unique" : false }, { "id" : "CVE-2025-9230", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-9230" ], "unique" : false }, { "id" : "CVE-2024-0727", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2024-0727" ], "unique" : false }, { "id" : "CVE-2025-15469", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15469" ], "unique" : false }, { "id" : "CVE-2026-22795", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-22795" ], "unique" : false }, { "id" : "CVE-2022-1343", "title" : "OCSP_basic_verify may incorrectly verify the response signing certificate", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2022-1343" ], "unique" : false }, { "id" : "CVE-2022-2097", "title" : "AES OCB fails to encrypt some bytes", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2022-2097" ], "unique" : false }, { "id" : "CVE-2023-0465", "title" : "Invalid certificate policies in leaf certificates are silently ignored", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-0465" ], "unique" : false }, { "id" : "CVE-2023-0466", "title" : "Certificate policy check not enabled", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-0466" ], "unique" : false }, { "id" : "CVE-2023-2975", "title" : "AES-SIV implementation ignores empty associated data entries", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-2975" ], "unique" : false }, { "id" : "CVE-2023-3446", "title" : "Excessive time spent checking DH keys and parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-3446" ], "unique" : false }, { "id" : "CVE-2023-3817", "title" : "Excessive time spent checking DH q parameter value", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-3817" ], "unique" : false }, { "id" : "CVE-2023-5678", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-5678" ], "unique" : false }, { "id" : "CVE-2024-4603", "title" : "Excessive time spent checking DSA keys and parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-4603" ], "unique" : false }, { "id" : "CVE-2023-1255", "title" : "Input buffer over-read in AES-XTS implementation on 64 bit ARM", "source" : "redhat-csaf", "cvssScore" : 5.1, "severity" : "MEDIUM", "cves" : [ "CVE-2023-1255" ], "unique" : false }, { "id" : "CVE-2022-4203", "source" : "redhat-csaf", "cvssScore" : 4.9, "severity" : "MEDIUM", "cves" : [ "CVE-2022-4203" ], "unique" : false }, { "id" : "CVE-2025-68160", "source" : "redhat-csaf", "cvssScore" : 4.7, "severity" : "MEDIUM", "cves" : [ "CVE-2025-68160" ], "unique" : false }, { "id" : "CVE-2025-69418", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69418" ], "unique" : false }, { "id" : "CVE-2024-2511", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2024-2511" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/krb5-libs@1.18.2-32.el8_10?arch=x86_64&distro=rhel-8.10&upstream=krb5-1.18.2-32.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2024-3596", "source" : "redhat-csaf", "cvssScore" : 9.0, "severity" : "CRITICAL", "cves" : [ "CVE-2024-3596" ], "unique" : false }, { "id" : "CVE-2022-42898", "title" : "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has \"a similar bug.\"", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2022-42898" ], "unique" : false }, { "id" : "CVE-2023-39975", "title" : "kdc/do_tgs_req.c in MIT Kerberos 5 (aka krb5) 1.21 before 1.21.2 has a double free that is reachable if an authenticated user can trigger an authorization-data handling failure. Incorrect data is copied from one ticket to another.", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2023-39975" ], "unique" : false }, { "id" : "CVE-2024-26462", "title" : "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/kdc/ndr.c.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-26462" ], "unique" : false }, { "id" : "CVE-2024-37370", "title" : "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-37370" ], "unique" : false }, { "id" : "CVE-2020-17049", "title" : "Kerberos KDC Security Feature Bypass Vulnerability", "source" : "redhat-csaf", "cvssScore" : 7.2, "severity" : "HIGH", "cves" : [ "CVE-2020-17049" ], "unique" : false }, { "id" : "CVE-2023-36054", "title" : "lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-36054" ], "unique" : false }, { "id" : "CVE-2024-37371", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2024-37371" ], "unique" : false }, { "id" : "CVE-2025-24528", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-24528" ], "unique" : false }, { "id" : "CVE-2024-26458", "title" : "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-26458" ], "unique" : false }, { "id" : "CVE-2024-26461", "title" : "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-26461" ], "unique" : false }, { "id" : "CVE-2025-3576", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-3576" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-3596", "source" : "redhat-csaf", "cvssScore" : 9.0, "severity" : "CRITICAL", "cves" : [ "CVE-2024-3596" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-minimal-langpack@2.28-251.el8_10.31?arch=x86_64&distro=rhel-8.10&upstream=glibc-2.28-251.el8_10.31.src.rpm", "issues" : [ { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false }, { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2023-4911", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-4911" ], "unique" : false }, { "id" : "CVE-2024-33599", "title" : "nscd: Stack-based buffer overflow in netgroup cache", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-33599" ], "unique" : false }, { "id" : "CVE-2025-4802", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2025-4802" ], "unique" : false }, { "id" : "CVE-2023-4527", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4527" ], "unique" : false }, { "id" : "CVE-2023-4806", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4806" ], "unique" : false }, { "id" : "CVE-2023-4813", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4813" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2025-0395", "title" : "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0395" ], "unique" : false }, { "id" : "CVE-2024-33600", "title" : "nscd: Null pointer crashes after notfound response", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33600" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2024-33601", "title" : "nscd: netgroup cache may terminate daemon on memory allocation failure", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33601" ], "unique" : false }, { "id" : "CVE-2024-33602", "title" : "nscd: netgroup cache assumes NSS callback uses in-buffer strings", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc@2.28-251.el8_10.31?arch=x86_64&distro=rhel-8.10&upstream=glibc-2.28-251.el8_10.31.src.rpm", "issues" : [ { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false }, { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2023-4911", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-4911" ], "unique" : false }, { "id" : "CVE-2024-33599", "title" : "nscd: Stack-based buffer overflow in netgroup cache", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-33599" ], "unique" : false }, { "id" : "CVE-2025-4802", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2025-4802" ], "unique" : false }, { "id" : "CVE-2023-4527", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4527" ], "unique" : false }, { "id" : "CVE-2023-4806", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4806" ], "unique" : false }, { "id" : "CVE-2023-4813", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4813" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2025-0395", "title" : "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0395" ], "unique" : false }, { "id" : "CVE-2024-33600", "title" : "nscd: Null pointer crashes after notfound response", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33600" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2024-33601", "title" : "nscd: netgroup cache may terminate daemon on memory allocation failure", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33601" ], "unique" : false }, { "id" : "CVE-2024-33602", "title" : "nscd: netgroup cache assumes NSS callback uses in-buffer strings", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-common@2.28-251.el8_10.31?arch=x86_64&distro=rhel-8.10&upstream=glibc-2.28-251.el8_10.31.src.rpm", "issues" : [ { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false }, { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2023-4911", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-4911" ], "unique" : false }, { "id" : "CVE-2024-33599", "title" : "nscd: Stack-based buffer overflow in netgroup cache", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-33599" ], "unique" : false }, { "id" : "CVE-2025-4802", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2025-4802" ], "unique" : false }, { "id" : "CVE-2023-4527", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4527" ], "unique" : false }, { "id" : "CVE-2023-4806", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4806" ], "unique" : false }, { "id" : "CVE-2023-4813", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4813" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2025-0395", "title" : "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0395" ], "unique" : false }, { "id" : "CVE-2024-33600", "title" : "nscd: Null pointer crashes after notfound response", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33600" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2024-33601", "title" : "nscd: netgroup cache may terminate daemon on memory allocation failure", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33601" ], "unique" : false }, { "id" : "CVE-2024-33602", "title" : "nscd: netgroup cache assumes NSS callback uses in-buffer strings", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/zlib@1.2.11-25.el8?arch=x86_64&distro=rhel-8.10&upstream=zlib-1.2.11-25.el8.src.rpm", "issues" : [ { "id" : "CVE-2018-25032", "title" : "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", "source" : "redhat-csaf", "cvssScore" : 8.2, "severity" : "HIGH", "cves" : [ "CVE-2018-25032" ], "unique" : false }, { "id" : "CVE-2022-37434", "title" : "zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2022-37434" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2018-25032", "title" : "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", "source" : "redhat-csaf", "cvssScore" : 8.2, "severity" : "HIGH", "cves" : [ "CVE-2018-25032" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libcap@2.48-6.el8_9?arch=x86_64&distro=rhel-8.10&upstream=libcap-2.48-6.el8_9.src.rpm", "issues" : [ { "id" : "CVE-2023-2603", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-2603" ], "unique" : false }, { "id" : "CVE-2023-2602", "title" : "A vulnerability was found in the pthread_create() function in libcap. This issue may allow a malicious actor to use cause __real_pthread_create() to return an error, which can exhaust the process memory.", "source" : "redhat-csaf", "cvssScore" : 3.3, "severity" : "LOW", "cves" : [ "CVE-2023-2602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-2603", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-2603" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-base@6.1-10.20180224.el8?arch=noarch&distro=rhel-8.10&upstream=ncurses-6.1-10.20180224.el8.src.rpm", "issues" : [ { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false }, { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false }, { "id" : "CVE-2022-29458", "title" : "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2022-29458" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-libs@6.1-10.20180224.el8?arch=x86_64&distro=rhel-8.10&upstream=ncurses-6.1-10.20180224.el8.src.rpm", "issues" : [ { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false }, { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false }, { "id" : "CVE-2022-29458", "title" : "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2022-29458" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/pcre2@10.32-3.el8_6?arch=x86_64&distro=rhel-8.10&upstream=pcre2-10.32-3.el8_6.src.rpm", "issues" : [ { "id" : "CVE-2022-1586", "title" : "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1586" ], "unique" : false }, { "id" : "CVE-2022-1587", "title" : "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1587" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-1586", "title" : "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1586" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/bash@4.4.20-6.el8_10?arch=x86_64&distro=rhel-8.10&upstream=bash-4.4.20-6.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2022-3715", "source" : "redhat-csaf", "cvssScore" : 6.6, "severity" : "MEDIUM", "cves" : [ "CVE-2022-3715" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-3715", "source" : "redhat-csaf", "cvssScore" : 6.6, "severity" : "MEDIUM", "cves" : [ "CVE-2022-3715" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/gmp@6.1.2-11.el8?arch=x86_64&distro=rhel-8.10&epoch=1&upstream=gmp-6.1.2-11.el8.src.rpm", "issues" : [ { "id" : "CVE-2021-43618", "title" : "GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms.", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2021-43618" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2021-43618", "title" : "GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms.", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2021-43618" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libgcc@8.5.0-28.el8_10?arch=x86_64&distro=rhel-8.10&upstream=gcc-8.5.0-28.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2020-11023", "title" : "Potential XSS vulnerability in jQuery", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2020-11023" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2020-11023", "title" : "Potential XSS vulnerability in jQuery", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2020-11023" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libtasn1@4.13-5.el8_10?arch=x86_64&distro=rhel-8.10&upstream=libtasn1-4.13-5.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2021-46848", "title" : "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2021-46848" ], "unique" : false }, { "id" : "CVE-2024-12133", "title" : "Libtasn1: inefficient der decoding in libtasn1 leading to potential remote dos", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-12133" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2021-46848", "title" : "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2021-46848" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libcom_err@1.45.6-7.el8_10?arch=x86_64&distro=rhel-8.10&upstream=e2fsprogs-1.45.6-7.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2022-1304", "title" : "An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.", "source" : "redhat-csaf", "cvssScore" : 5.8, "severity" : "MEDIUM", "cves" : [ "CVE-2022-1304" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-1304", "title" : "An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.", "source" : "redhat-csaf", "cvssScore" : 5.8, "severity" : "MEDIUM", "cves" : [ "CVE-2022-1304" ], "unique" : false } } ], "highestVulnerability" : { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64&distro=rhel-8.10&epoch=1&upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm", "issues" : [ { "id" : "CVE-2026-21945", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-21945" ], "unique" : false }, { "id" : "CVE-2025-64720", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2025-64720" ], "unique" : false }, { "id" : "CVE-2025-65018", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2025-65018" ], "unique" : false }, { "id" : "CVE-2026-21933", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2026-21933" ], "unique" : false }, { "id" : "CVE-2026-21925", "source" : "redhat-csaf", "cvssScore" : 4.8, "severity" : "MEDIUM", "cves" : [ "CVE-2026-21925" ], "unique" : false } ], "transitive" : [ { "ref" : "pkg:rpm/redhat/openssl-libs@1.1.1k-15.el8_6?arch=x86_64&distro=rhel-8.10&epoch=1&upstream=openssl-1.1.1k-15.el8_6.src.rpm", "issues" : [ { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false }, { "id" : "CVE-2022-1473", "title" : "Resource leakage when decoding certificates and keys", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1473" ], "unique" : false }, { "id" : "CVE-2022-3358", "title" : "Using a Custom Cipher with NID_undef may lead to NULL encryption", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-3358" ], "unique" : false }, { "id" : "CVE-2022-3602", "title" : "X.509 Email Address 4-byte Buffer Overflow", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-3602" ], "unique" : false }, { "id" : "CVE-2022-3786", "title" : "X.509 Email Address Variable Length Buffer Overflow", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-3786" ], "unique" : false }, { "id" : "CVE-2022-4450", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-4450" ], "unique" : false }, { "id" : "CVE-2023-0215", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-0215" ], "unique" : false }, { "id" : "CVE-2023-0216", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-0216" ], "unique" : false }, { "id" : "CVE-2023-0217", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-0217" ], "unique" : false }, { "id" : "CVE-2023-0401", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-0401" ], "unique" : false }, { "id" : "CVE-2023-5363", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-5363" ], "unique" : false }, { "id" : "CVE-2023-0286", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2023-0286" ], "unique" : false }, { "id" : "CVE-2024-12797", "title" : "RFC7250 handshakes with unauthenticated servers don't abort as expected", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2024-12797" ], "unique" : false }, { "id" : "CVE-2025-69419", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2025-69419" ], "unique" : false }, { "id" : "CVE-2022-1292", "source" : "redhat-csaf", "cvssScore" : 6.7, "severity" : "MEDIUM", "cves" : [ "CVE-2022-1292" ], "unique" : false }, { "id" : "CVE-2022-2068", "source" : "redhat-csaf", "cvssScore" : 6.7, "severity" : "MEDIUM", "cves" : [ "CVE-2022-2068" ], "unique" : false }, { "id" : "CVE-2023-2650", "title" : "Possible DoS translating ASN.1 object identifiers", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-2650" ], "unique" : false }, { "id" : "CVE-2023-6129", "title" : "POLY1305 MAC implementation corrupts vector registers on PowerPC", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-6129" ], "unique" : false }, { "id" : "CVE-2025-69421", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69421" ], "unique" : false }, { "id" : "CVE-2025-11187", "title" : "Improper validation of PBMAC1 parameters in PKCS#12 MAC verification", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-11187" ], "unique" : false }, { "id" : "CVE-2020-1971", "title" : "EDIPARTYNAME NULL pointer dereference", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2020-1971" ], "unique" : false }, { "id" : "CVE-2022-4304", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2022-4304" ], "unique" : false }, { "id" : "CVE-2023-0464", "title" : "Excessive Resource Usage Verifying X.509 Policy Constraints", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-0464" ], "unique" : false }, { "id" : "CVE-2023-6237", "title" : "Excessive time spent checking invalid RSA public keys", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-6237" ], "unique" : false }, { "id" : "CVE-2024-5535", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-5535" ], "unique" : false }, { "id" : "CVE-2024-6119", "title" : "Possible denial of service in X.509 name checks", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-6119" ], "unique" : false }, { "id" : "CVE-2025-15468", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15468" ], "unique" : false }, { "id" : "CVE-2025-66199", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-66199" ], "unique" : false }, { "id" : "CVE-2025-69420", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69420" ], "unique" : false }, { "id" : "CVE-2026-22796", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-22796" ], "unique" : false }, { "id" : "CVE-2024-4741", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2024-4741" ], "unique" : false }, { "id" : "CVE-2025-9230", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-9230" ], "unique" : false }, { "id" : "CVE-2024-0727", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2024-0727" ], "unique" : false }, { "id" : "CVE-2025-15469", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15469" ], "unique" : false }, { "id" : "CVE-2026-22795", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-22795" ], "unique" : false }, { "id" : "CVE-2022-1343", "title" : "OCSP_basic_verify may incorrectly verify the response signing certificate", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2022-1343" ], "unique" : false }, { "id" : "CVE-2022-2097", "title" : "AES OCB fails to encrypt some bytes", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2022-2097" ], "unique" : false }, { "id" : "CVE-2023-0465", "title" : "Invalid certificate policies in leaf certificates are silently ignored", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-0465" ], "unique" : false }, { "id" : "CVE-2023-0466", "title" : "Certificate policy check not enabled", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-0466" ], "unique" : false }, { "id" : "CVE-2023-2975", "title" : "AES-SIV implementation ignores empty associated data entries", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-2975" ], "unique" : false }, { "id" : "CVE-2023-3446", "title" : "Excessive time spent checking DH keys and parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-3446" ], "unique" : false }, { "id" : "CVE-2023-3817", "title" : "Excessive time spent checking DH q parameter value", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-3817" ], "unique" : false }, { "id" : "CVE-2023-5678", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-5678" ], "unique" : false }, { "id" : "CVE-2024-4603", "title" : "Excessive time spent checking DSA keys and parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-4603" ], "unique" : false }, { "id" : "CVE-2023-1255", "title" : "Input buffer over-read in AES-XTS implementation on 64 bit ARM", "source" : "redhat-csaf", "cvssScore" : 5.1, "severity" : "MEDIUM", "cves" : [ "CVE-2023-1255" ], "unique" : false }, { "id" : "CVE-2022-4203", "source" : "redhat-csaf", "cvssScore" : 4.9, "severity" : "MEDIUM", "cves" : [ "CVE-2022-4203" ], "unique" : false }, { "id" : "CVE-2025-68160", "source" : "redhat-csaf", "cvssScore" : 4.7, "severity" : "MEDIUM", "cves" : [ "CVE-2025-68160" ], "unique" : false }, { "id" : "CVE-2025-69418", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69418" ], "unique" : false }, { "id" : "CVE-2024-2511", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2024-2511" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/krb5-libs@1.18.2-32.el8_10?arch=x86_64&distro=rhel-8.10&upstream=krb5-1.18.2-32.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2024-3596", "source" : "redhat-csaf", "cvssScore" : 9.0, "severity" : "CRITICAL", "cves" : [ "CVE-2024-3596" ], "unique" : false }, { "id" : "CVE-2022-42898", "title" : "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has \"a similar bug.\"", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2022-42898" ], "unique" : false }, { "id" : "CVE-2023-39975", "title" : "kdc/do_tgs_req.c in MIT Kerberos 5 (aka krb5) 1.21 before 1.21.2 has a double free that is reachable if an authenticated user can trigger an authorization-data handling failure. Incorrect data is copied from one ticket to another.", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2023-39975" ], "unique" : false }, { "id" : "CVE-2024-26462", "title" : "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/kdc/ndr.c.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-26462" ], "unique" : false }, { "id" : "CVE-2024-37370", "title" : "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-37370" ], "unique" : false }, { "id" : "CVE-2020-17049", "title" : "Kerberos KDC Security Feature Bypass Vulnerability", "source" : "redhat-csaf", "cvssScore" : 7.2, "severity" : "HIGH", "cves" : [ "CVE-2020-17049" ], "unique" : false }, { "id" : "CVE-2023-36054", "title" : "lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-36054" ], "unique" : false }, { "id" : "CVE-2024-37371", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2024-37371" ], "unique" : false }, { "id" : "CVE-2025-24528", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-24528" ], "unique" : false }, { "id" : "CVE-2024-26458", "title" : "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-26458" ], "unique" : false }, { "id" : "CVE-2024-26461", "title" : "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-26461" ], "unique" : false }, { "id" : "CVE-2025-3576", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-3576" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-3596", "source" : "redhat-csaf", "cvssScore" : 9.0, "severity" : "CRITICAL", "cves" : [ "CVE-2024-3596" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/python3-setuptools-wheel@39.2.0-9.el8_10?arch=noarch&distro=rhel-8.10&upstream=python-setuptools-39.2.0-9.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2024-6345", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-6345" ], "unique" : false }, { "id" : "CVE-2025-47273", "title" : "setuptools has a path traversal vulnerability in PackageIndex.download that leads to Arbitrary File Write", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2025-47273" ], "unique" : false }, { "id" : "CVE-2022-40897", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2022-40897" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-6345", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-6345" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-minimal-langpack@2.28-251.el8_10.31?arch=x86_64&distro=rhel-8.10&upstream=glibc-2.28-251.el8_10.31.src.rpm", "issues" : [ { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false }, { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2023-4911", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-4911" ], "unique" : false }, { "id" : "CVE-2024-33599", "title" : "nscd: Stack-based buffer overflow in netgroup cache", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-33599" ], "unique" : false }, { "id" : "CVE-2025-4802", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2025-4802" ], "unique" : false }, { "id" : "CVE-2023-4527", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4527" ], "unique" : false }, { "id" : "CVE-2023-4806", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4806" ], "unique" : false }, { "id" : "CVE-2023-4813", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4813" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2025-0395", "title" : "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0395" ], "unique" : false }, { "id" : "CVE-2024-33600", "title" : "nscd: Null pointer crashes after notfound response", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33600" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2024-33601", "title" : "nscd: netgroup cache may terminate daemon on memory allocation failure", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33601" ], "unique" : false }, { "id" : "CVE-2024-33602", "title" : "nscd: netgroup cache assumes NSS callback uses in-buffer strings", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc@2.28-251.el8_10.31?arch=x86_64&distro=rhel-8.10&upstream=glibc-2.28-251.el8_10.31.src.rpm", "issues" : [ { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false }, { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2023-4911", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-4911" ], "unique" : false }, { "id" : "CVE-2024-33599", "title" : "nscd: Stack-based buffer overflow in netgroup cache", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-33599" ], "unique" : false }, { "id" : "CVE-2025-4802", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2025-4802" ], "unique" : false }, { "id" : "CVE-2023-4527", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4527" ], "unique" : false }, { "id" : "CVE-2023-4806", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4806" ], "unique" : false }, { "id" : "CVE-2023-4813", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4813" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2025-0395", "title" : "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0395" ], "unique" : false }, { "id" : "CVE-2024-33600", "title" : "nscd: Null pointer crashes after notfound response", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33600" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2024-33601", "title" : "nscd: netgroup cache may terminate daemon on memory allocation failure", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33601" ], "unique" : false }, { "id" : "CVE-2024-33602", "title" : "nscd: netgroup cache assumes NSS callback uses in-buffer strings", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-common@2.28-251.el8_10.31?arch=x86_64&distro=rhel-8.10&upstream=glibc-2.28-251.el8_10.31.src.rpm", "issues" : [ { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false }, { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2023-4911", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-4911" ], "unique" : false }, { "id" : "CVE-2024-33599", "title" : "nscd: Stack-based buffer overflow in netgroup cache", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-33599" ], "unique" : false }, { "id" : "CVE-2025-4802", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2025-4802" ], "unique" : false }, { "id" : "CVE-2023-4527", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4527" ], "unique" : false }, { "id" : "CVE-2023-4806", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4806" ], "unique" : false }, { "id" : "CVE-2023-4813", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4813" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2025-0395", "title" : "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0395" ], "unique" : false }, { "id" : "CVE-2024-33600", "title" : "nscd: Null pointer crashes after notfound response", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33600" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2024-33601", "title" : "nscd: netgroup cache may terminate daemon on memory allocation failure", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33601" ], "unique" : false }, { "id" : "CVE-2024-33602", "title" : "nscd: netgroup cache assumes NSS callback uses in-buffer strings", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/javapackages-filesystem@5.3.0-1.module%2Bel8%2B2447%2B6f56d9a6?arch=noarch&distro=rhel-8.10&upstream=javapackages-tools-5.3.0-1.module%2Bel8%2B2447%2B6f56d9a6.src.rpm", "issues" : [ { "id" : "CVE-2025-48734", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2025-48734" ], "unique" : false }, { "id" : "CVE-2019-10086", "title" : "In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean.", "source" : "redhat-csaf", "cvssScore" : 7.3, "severity" : "HIGH", "cves" : [ "CVE-2019-10086" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-48734", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2025-48734" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/xz-libs@5.2.4-4.el8_6?arch=x86_64&distro=rhel-8.10&upstream=xz-5.2.4-4.el8_6.src.rpm", "issues" : [ { "id" : "CVE-2022-1271", "title" : "An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2022-1271" ], "unique" : false }, { "id" : "CVE-2025-31115", "title" : "XZ has a heap-use-after-free bug in threaded .xz decoder", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-31115" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-1271", "title" : "An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2022-1271" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64&distro=rhel-8.10&upstream=python3-3.6.8-75.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2023-40217", "source" : "redhat-csaf", "cvssScore" : 8.6, "severity" : "HIGH", "cves" : [ "CVE-2023-40217" ], "unique" : false }, { "id" : "CVE-2022-42919", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2022-42919" ], "unique" : false }, { "id" : "CVE-2023-6597", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-6597" ], "unique" : false }, { "id" : "CVE-2015-20107", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2015-20107" ], "unique" : false }, { "id" : "CVE-2024-12718", "title" : "Bypass extraction filter to modify file metadata outside extraction directory", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-12718" ], "unique" : false }, { "id" : "CVE-2025-4517", "title" : "Arbitrary writes via tarfile realpath overflow", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2025-4517" ], "unique" : false }, { "id" : "CVE-2020-10735", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2020-10735" ], "unique" : false }, { "id" : "CVE-2022-45061", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-45061" ], "unique" : false }, { "id" : "CVE-2023-24329", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-24329" ], "unique" : false }, { "id" : "CVE-2024-6232", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-6232" ], "unique" : false }, { "id" : "CVE-2025-12084", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-12084" ], "unique" : false }, { "id" : "CVE-2025-4138", "title" : "Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-4138" ], "unique" : false }, { "id" : "CVE-2025-4435", "title" : "Tarfile extracts filtered members when errorlevel=0", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-4435" ], "unique" : false }, { "id" : "CVE-2025-8194", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-8194" ], "unique" : false }, { "id" : "CVE-2021-28861", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2021-28861" ], "unique" : false }, { "id" : "CVE-2025-4330", "title" : "Extraction filter bypass for linking outside extraction directory", "source" : "redhat-csaf", "cvssScore" : 7.3, "severity" : "HIGH", "cves" : [ "CVE-2025-4330" ], "unique" : false }, { "id" : "CVE-2025-15366", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2025-15366" ], "unique" : false }, { "id" : "CVE-2025-15367", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2025-15367" ], "unique" : false }, { "id" : "CVE-2026-1299", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2026-1299" ], "unique" : false }, { "id" : "CVE-2026-4519", "title" : "webbrowser.open() allows leading dashes in URLs", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2026-4519" ], "unique" : false }, { "id" : "CVE-2024-6923", "source" : "redhat-csaf", "cvssScore" : 6.8, "severity" : "MEDIUM", "cves" : [ "CVE-2024-6923" ], "unique" : false }, { "id" : "CVE-2025-0938", "source" : "redhat-csaf", "cvssScore" : 6.8, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0938" ], "unique" : false }, { "id" : "CVE-2025-13836", "source" : "redhat-csaf", "cvssScore" : 6.8, "severity" : "MEDIUM", "cves" : [ "CVE-2025-13836" ], "unique" : false }, { "id" : "CVE-2024-9287", "source" : "redhat-csaf", "cvssScore" : 6.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-9287" ], "unique" : false }, { "id" : "CVE-2024-0450", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2024-0450" ], "unique" : false }, { "id" : "CVE-2007-4559", "title" : "Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2007-4559" ], "unique" : false }, { "id" : "CVE-2023-27043", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-27043" ], "unique" : false }, { "id" : "CVE-2024-8088", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-8088" ], "unique" : false }, { "id" : "CVE-2024-0397", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-0397" ], "unique" : false }, { "id" : "CVE-2024-7592", "source" : "redhat-csaf", "cvssScore" : 4.8, "severity" : "MEDIUM", "cves" : [ "CVE-2024-7592" ], "unique" : false }, { "id" : "CVE-2026-0865", "source" : "redhat-csaf", "cvssScore" : 4.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0865" ], "unique" : false }, { "id" : "CVE-2025-6069", "title" : "HTMLParser quadratic complexity when processing malformed inputs", "source" : "redhat-csaf", "cvssScore" : 4.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-6069" ], "unique" : false }, { "id" : "CVE-2025-8291", "source" : "redhat-csaf", "cvssScore" : 4.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8291" ], "unique" : false }, { "id" : "CVE-2025-6075", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2025-6075" ], "unique" : false }, { "id" : "CVE-2024-11168", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2024-11168" ], "unique" : false }, { "id" : "CVE-2024-4032", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2024-4032" ], "unique" : false }, { "id" : "CVE-2024-5642", "title" : "Buffer overread when using an empty list with SSLContext.set_npn_protocols()", "source" : "redhat-csaf", "cvssScore" : 2.7, "severity" : "LOW", "cves" : [ "CVE-2024-5642" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-40217", "source" : "redhat-csaf", "cvssScore" : 8.6, "severity" : "HIGH", "cves" : [ "CVE-2023-40217" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/zlib@1.2.11-25.el8?arch=x86_64&distro=rhel-8.10&upstream=zlib-1.2.11-25.el8.src.rpm", "issues" : [ { "id" : "CVE-2018-25032", "title" : "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", "source" : "redhat-csaf", "cvssScore" : 8.2, "severity" : "HIGH", "cves" : [ "CVE-2018-25032" ], "unique" : false }, { "id" : "CVE-2022-37434", "title" : "zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2022-37434" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2018-25032", "title" : "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", "source" : "redhat-csaf", "cvssScore" : 8.2, "severity" : "HIGH", "cves" : [ "CVE-2018-25032" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/cups-libs@2.2.6-67.el8_10?arch=x86_64&distro=rhel-8.10&epoch=1&upstream=cups-2.2.6-67.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2025-58060", "source" : "redhat-csaf", "cvssScore" : 8.0, "severity" : "HIGH", "cves" : [ "CVE-2025-58060" ], "unique" : false }, { "id" : "CVE-2024-47175", "source" : "redhat-csaf", "cvssScore" : 7.7, "severity" : "HIGH", "cves" : [ "CVE-2024-47175" ], "unique" : false }, { "id" : "CVE-2023-34241", "title" : "CUPS vulnerable to use-after-free in cupsdAcceptClient()", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2023-34241" ], "unique" : false }, { "id" : "CVE-2022-26691", "title" : "A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to gain elevated privileges.", "source" : "redhat-csaf", "cvssScore" : 6.7, "severity" : "MEDIUM", "cves" : [ "CVE-2022-26691" ], "unique" : false }, { "id" : "CVE-2023-32360", "title" : "An authentication issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An unauthenticated user may be able to access recently printed documents.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-32360" ], "unique" : false }, { "id" : "CVE-2025-58364", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-58364" ], "unique" : false }, { "id" : "CVE-2023-32324", "title" : "OpenPrinting CUPS vulnerable to heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-32324" ], "unique" : false }, { "id" : "CVE-2025-58436", "source" : "redhat-csaf", "cvssScore" : 5.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-58436" ], "unique" : false }, { "id" : "CVE-2024-35235", "title" : "Cupsd Listen arbitrary chmod 0140777", "source" : "redhat-csaf", "cvssScore" : 4.4, "severity" : "MEDIUM", "cves" : [ "CVE-2024-35235" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-58060", "source" : "redhat-csaf", "cvssScore" : 8.0, "severity" : "HIGH", "cves" : [ "CVE-2025-58060" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libcap@2.48-6.el8_9?arch=x86_64&distro=rhel-8.10&upstream=libcap-2.48-6.el8_9.src.rpm", "issues" : [ { "id" : "CVE-2023-2603", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-2603" ], "unique" : false }, { "id" : "CVE-2023-2602", "title" : "A vulnerability was found in the pthread_create() function in libcap. This issue may allow a malicious actor to use cause __real_pthread_create() to return an error, which can exhaust the process memory.", "source" : "redhat-csaf", "cvssScore" : 3.3, "severity" : "LOW", "cves" : [ "CVE-2023-2602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-2603", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-2603" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-base@6.1-10.20180224.el8?arch=noarch&distro=rhel-8.10&upstream=ncurses-6.1-10.20180224.el8.src.rpm", "issues" : [ { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false }, { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false }, { "id" : "CVE-2022-29458", "title" : "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2022-29458" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-libs@6.1-10.20180224.el8?arch=x86_64&distro=rhel-8.10&upstream=ncurses-6.1-10.20180224.el8.src.rpm", "issues" : [ { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false }, { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false }, { "id" : "CVE-2022-29458", "title" : "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2022-29458" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/sqlite-libs@3.26.0-20.el8_10?arch=x86_64&distro=rhel-8.10&upstream=sqlite-3.26.0-20.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2025-6965", "title" : "Integer Truncation on SQLite", "source" : "redhat-csaf", "cvssScore" : 7.7, "severity" : "HIGH", "cves" : [ "CVE-2025-6965" ], "unique" : false }, { "id" : "CVE-2023-7104", "source" : "redhat-csaf", "cvssScore" : 7.3, "severity" : "HIGH", "cves" : [ "CVE-2023-7104" ], "unique" : false }, { "id" : "CVE-2025-3277", "title" : "An integer overflow can be triggered in SQLite’s `concat_ws()` function. The resulting, truncated integer is then used to allocate a buffer. When SQLite then writes the resulting string to the buffer, it uses the original, untruncated size and thus a wild Heap Buffer overflow of size ~4GB can be triggered. This can result in arbitrary code execution.", "source" : "redhat-csaf", "cvssScore" : 7.3, "severity" : "HIGH", "cves" : [ "CVE-2025-3277" ], "unique" : false }, { "id" : "CVE-2022-35737", "title" : "SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2022-35737" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-6965", "title" : "Integer Truncation on SQLite", "source" : "redhat-csaf", "cvssScore" : 7.7, "severity" : "HIGH", "cves" : [ "CVE-2025-6965" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/expat@2.5.0-1.el8_10?arch=x86_64&distro=rhel-8.10&upstream=expat-2.5.0-1.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2023-52425", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-52425" ], "unique" : false }, { "id" : "CVE-2024-28757", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-28757" ], "unique" : false }, { "id" : "CVE-2024-45490", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-45490" ], "unique" : false }, { "id" : "CVE-2024-45491", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-45491" ], "unique" : false }, { "id" : "CVE-2024-8176", "title" : "Libexpat: expat: improper restriction of xml entity expansion depth in libexpat", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-8176" ], "unique" : false }, { "id" : "CVE-2024-45492", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2024-45492" ], "unique" : false }, { "id" : "CVE-2024-50602", "title" : "An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-50602" ], "unique" : false }, { "id" : "CVE-2025-59375", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-59375" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-52425", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-52425" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/gnutls@3.6.16-8.el8_10.5?arch=x86_64&distro=rhel-8.10&upstream=gnutls-3.6.16-8.el8_10.5.src.rpm", "issues" : [ { "id" : "CVE-2022-2509", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-2509" ], "unique" : false }, { "id" : "CVE-2024-0553", "title" : "Gnutls: incomplete fix for cve-2023-5981", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-0553" ], "unique" : false }, { "id" : "CVE-2024-0567", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-0567" ], "unique" : false }, { "id" : "CVE-2023-0361", "title" : "A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2023-0361" ], "unique" : false }, { "id" : "CVE-2025-32988", "title" : "Gnutls: vulnerability in gnutls othername san export", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-32988" ], "unique" : false }, { "id" : "CVE-2025-32990", "title" : "Gnutls: vulnerability in gnutls certtool template parsing", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-32990" ], "unique" : false }, { "id" : "CVE-2025-6395", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-6395" ], "unique" : false }, { "id" : "CVE-2023-5981", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-5981" ], "unique" : false }, { "id" : "CVE-2024-12243", "title" : "Gnutls: gnutls impacted by inefficient der decoding in libtasn1 leading to remote dos", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-12243" ], "unique" : false }, { "id" : "CVE-2024-28834", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-28834" ], "unique" : false }, { "id" : "CVE-2025-14831", "title" : "Gnutls: gnutls: denial of service via excessive resource consumption during certificate verification", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14831" ], "unique" : false }, { "id" : "CVE-2025-32989", "title" : "Gnutls: vulnerability in gnutls sct extension parsing", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-32989" ], "unique" : false }, { "id" : "CVE-2024-28835", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-28835" ], "unique" : false }, { "id" : "CVE-2025-9820", "title" : "Gnutls: stack-based buffer overflow in gnutls_pkcs11_token_init() function", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2025-9820" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-2509", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-2509" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libtirpc@1.1.4-12.el8_10?arch=x86_64&distro=rhel-8.10&upstream=libtirpc-1.1.4-12.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2021-46828", "title" : "In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2021-46828" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2021-46828", "title" : "In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2021-46828" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/pcre2@10.32-3.el8_6?arch=x86_64&distro=rhel-8.10&upstream=pcre2-10.32-3.el8_6.src.rpm", "issues" : [ { "id" : "CVE-2022-1586", "title" : "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1586" ], "unique" : false }, { "id" : "CVE-2022-1587", "title" : "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1587" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-1586", "title" : "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1586" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/lua@5.3.4-12.el8?arch=x86_64&distro=rhel-8.10&upstream=lua-5.3.4-12.el8.src.rpm", "issues" : [ { "id" : "CVE-2021-44964", "title" : "Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.0~5.4.3 allows attackers to perform Sandbox Escape via a crafted script file.", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2021-44964" ], "unique" : false }, { "id" : "CVE-2022-33099", "title" : "An issue in the component luaG_runerror of Lua v5.4.4 and below leads to a heap-buffer overflow when a recursive error occurs.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2022-33099" ], "unique" : false }, { "id" : "CVE-2022-28805", "title" : "singlevar in lparser.c in Lua from (including) 5.4.0 up to (excluding) 5.4.4 lacks a certain luaK_exp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code.", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2022-28805" ], "unique" : false }, { "id" : "CVE-2021-43519", "title" : "Stack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4 allows attackers to perform a Denial of Service via a crafted script file.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2021-43519" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2021-44964", "title" : "Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.0~5.4.3 allows attackers to perform Sandbox Escape via a crafted script file.", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2021-44964" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/lua-libs@5.3.4-12.el8?arch=x86_64&distro=rhel-8.10&upstream=lua-5.3.4-12.el8.src.rpm", "issues" : [ { "id" : "CVE-2021-44964", "title" : "Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.0~5.4.3 allows attackers to perform Sandbox Escape via a crafted script file.", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2021-44964" ], "unique" : false }, { "id" : "CVE-2022-33099", "title" : "An issue in the component luaG_runerror of Lua v5.4.4 and below leads to a heap-buffer overflow when a recursive error occurs.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2022-33099" ], "unique" : false }, { "id" : "CVE-2022-28805", "title" : "singlevar in lparser.c in Lua from (including) 5.4.0 up to (excluding) 5.4.4 lacks a certain luaK_exp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code.", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2022-28805" ], "unique" : false }, { "id" : "CVE-2021-43519", "title" : "Stack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4 allows attackers to perform a Denial of Service via a crafted script file.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2021-43519" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2021-44964", "title" : "Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.0~5.4.3 allows attackers to perform Sandbox Escape via a crafted script file.", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2021-44964" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/bash@4.4.20-6.el8_10?arch=x86_64&distro=rhel-8.10&upstream=bash-4.4.20-6.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2022-3715", "source" : "redhat-csaf", "cvssScore" : 6.6, "severity" : "MEDIUM", "cves" : [ "CVE-2022-3715" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-3715", "source" : "redhat-csaf", "cvssScore" : 6.6, "severity" : "MEDIUM", "cves" : [ "CVE-2022-3715" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/dbus-libs@1.12.8-27.el8_10?arch=x86_64&distro=rhel-8.10&epoch=1&upstream=dbus-1.12.8-27.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2022-42010", "title" : "An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2022-42010" ], "unique" : false }, { "id" : "CVE-2022-42011", "title" : "An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2022-42011" ], "unique" : false }, { "id" : "CVE-2022-42012", "title" : "An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2022-42012" ], "unique" : false }, { "id" : "CVE-2023-34969", "title" : "D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the org.freedesktop.DBus.Monitoring interface to monitor message bus traffic, then an unprivileged user with the ability to connect to the same dbus-daemon can cause a dbus-daemon crash under some circumstances via an unreplyable message. When done on the well-known system bus, this is a denial-of-service vulnerability. The fixed versions are 1.12.28, 1.14.8, and 1.15.6.", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2023-34969" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-42010", "title" : "An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2022-42010" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/gmp@6.1.2-11.el8?arch=x86_64&distro=rhel-8.10&epoch=1&upstream=gmp-6.1.2-11.el8.src.rpm", "issues" : [ { "id" : "CVE-2021-43618", "title" : "GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms.", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2021-43618" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2021-43618", "title" : "GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms.", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2021-43618" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/avahi-libs@0.7-27.el8_10.1?arch=x86_64&distro=rhel-8.10&upstream=avahi-0.7-27.el8_10.1.src.rpm", "issues" : [ { "id" : "CVE-2021-3468", "title" : "A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the availability of the avahi service, which becomes unresponsive after this flaw is triggered.", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2021-3468" ], "unique" : false }, { "id" : "CVE-2023-1981", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2023-1981" ], "unique" : false }, { "id" : "CVE-2023-38469", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2023-38469" ], "unique" : false }, { "id" : "CVE-2023-38470", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2023-38470" ], "unique" : false }, { "id" : "CVE-2023-38471", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2023-38471" ], "unique" : false }, { "id" : "CVE-2023-38472", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2023-38472" ], "unique" : false }, { "id" : "CVE-2023-38473", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2023-38473" ], "unique" : false }, { "id" : "CVE-2021-3502", "title" : "A flaw was found in avahi 0.8-5. A reachable assertion is present in avahi_s_host_name_resolver_start function allowing a local attacker to crash the avahi service by requesting hostname resolutions through the avahi socket or dbus methods for invalid hostnames. The highest threat from this vulnerability is to the service availability.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2021-3502" ], "unique" : false }, { "id" : "CVE-2024-52615", "title" : "Avahi: avahi wide-area dns uses constant source port", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-52615" ], "unique" : false }, { "id" : "CVE-2024-52616", "title" : "Avahi: avahi wide-area dns predictable transaction ids", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-52616" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2021-3468", "title" : "A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the availability of the avahi service, which becomes unresponsive after this flaw is triggered.", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2021-3468" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libuuid@2.32.1-48.el8_10?arch=x86_64&distro=rhel-8.10&upstream=util-linux-2.32.1-48.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libgcc@8.5.0-28.el8_10?arch=x86_64&distro=rhel-8.10&upstream=gcc-8.5.0-28.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2020-11023", "title" : "Potential XSS vulnerability in jQuery", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2020-11023" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2020-11023", "title" : "Potential XSS vulnerability in jQuery", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2020-11023" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libblkid@2.32.1-48.el8_10?arch=x86_64&distro=rhel-8.10&upstream=util-linux-2.32.1-48.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false }, { "id" : "CVE-2026-27456", "title" : "util-linux: TOCTOU Race Condition in util-linux mount(8) - Loop Device Setup", "source" : "redhat-csaf", "cvssScore" : 4.7, "severity" : "MEDIUM", "cves" : [ "CVE-2026-27456" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libstdc%2B%2B@8.5.0-28.el8_10?arch=x86_64&distro=rhel-8.10&upstream=gcc-8.5.0-28.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2020-11023", "title" : "Potential XSS vulnerability in jQuery", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2020-11023" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2020-11023", "title" : "Potential XSS vulnerability in jQuery", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2020-11023" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libmount@2.32.1-48.el8_10?arch=x86_64&distro=rhel-8.10&upstream=util-linux-2.32.1-48.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/systemd-libs@239-82.el8_10.15?arch=x86_64&distro=rhel-8.10&upstream=systemd-239-82.el8_10.15.src.rpm", "issues" : [ { "id" : "CVE-2023-7008", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-7008" ], "unique" : false }, { "id" : "CVE-2022-3821", "title" : "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2022-3821" ], "unique" : false }, { "id" : "CVE-2022-4415", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2022-4415" ], "unique" : false }, { "id" : "CVE-2022-45873", "title" : "systemd 250 and 251 allows local users to achieve a systemd-coredump deadlock by triggering a crash that has a long backtrace. This occurs in parse_elf_object in shared/elf-util.c. The exploitation methodology is to crash a binary calling the same function recursively, and put it in a deeply nested directory to make its backtrace large enough to cause the deadlock. This must be done 16 times when MaxConnections=16 is set for the systemd/units/systemd-coredump.socket file.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2022-45873" ], "unique" : false }, { "id" : "CVE-2025-4598", "source" : "redhat-csaf", "cvssScore" : 4.7, "severity" : "MEDIUM", "cves" : [ "CVE-2025-4598" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-7008", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-7008" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libtasn1@4.13-5.el8_10?arch=x86_64&distro=rhel-8.10&upstream=libtasn1-4.13-5.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2021-46848", "title" : "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2021-46848" ], "unique" : false }, { "id" : "CVE-2024-12133", "title" : "Libtasn1: inefficient der decoding in libtasn1 leading to potential remote dos", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-12133" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2021-46848", "title" : "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2021-46848" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libgcrypt@1.8.5-7.el8_6?arch=x86_64&distro=rhel-8.10&upstream=libgcrypt-1.8.5-7.el8_6.src.rpm", "issues" : [ { "id" : "CVE-2024-2236", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-2236" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-2236", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-2236" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libcom_err@1.45.6-7.el8_10?arch=x86_64&distro=rhel-8.10&upstream=e2fsprogs-1.45.6-7.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2022-1304", "title" : "An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.", "source" : "redhat-csaf", "cvssScore" : 5.8, "severity" : "MEDIUM", "cves" : [ "CVE-2022-1304" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-1304", "title" : "An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.", "source" : "redhat-csaf", "cvssScore" : 5.8, "severity" : "MEDIUM", "cves" : [ "CVE-2022-1304" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/python3-pip-wheel@9.0.3-24.el8?arch=noarch&distro=rhel-8.10&upstream=python-pip-9.0.3-24.el8.src.rpm", "issues" : [ { "id" : "CVE-2007-4559", "title" : "Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2007-4559" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2007-4559", "title" : "Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2007-4559" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/bzip2-libs@1.0.6-28.el8_10?arch=x86_64&distro=rhel-8.10&upstream=bzip2-1.0.6-28.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2019-12900", "title" : "BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.", "source" : "redhat-csaf", "cvssScore" : 4.4, "severity" : "MEDIUM", "cves" : [ "CVE-2019-12900" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2019-12900", "title" : "BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.", "source" : "redhat-csaf", "cvssScore" : 4.4, "severity" : "MEDIUM", "cves" : [ "CVE-2019-12900" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/alsa-lib@1.2.10-2.el8?arch=x86_64&distro=rhel-8.10&upstream=alsa-lib-1.2.10-2.el8.src.rpm", "issues" : [ { "id" : "CVE-2026-25068", "source" : "redhat-csaf", "cvssScore" : 4.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-25068" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-25068", "source" : "redhat-csaf", "cvssScore" : 4.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-25068" ], "unique" : false } } ], "highestVulnerability" : { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64&distro=rhel-8.10&upstream=rpm-4.14.3-32.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2021-35938", "title" : "A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2021-35938" ], "unique" : false }, { "id" : "CVE-2021-35939", "title" : "It was found that the fix for CVE-2017-7500 and CVE-2017-7501 was incomplete: the check was only implemented for the parent directory of the file to be created. A local unprivileged user who owns another ancestor directory could potentially use this flaw to gain root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2021-35939" ], "unique" : false }, { "id" : "CVE-2021-35937", "title" : "A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "source" : "redhat-csaf", "cvssScore" : 6.3, "severity" : "MEDIUM", "cves" : [ "CVE-2021-35937" ], "unique" : false } ], "transitive" : [ { "ref" : "pkg:rpm/redhat/openssl-libs@1.1.1k-15.el8_6?arch=x86_64&distro=rhel-8.10&epoch=1&upstream=openssl-1.1.1k-15.el8_6.src.rpm", "issues" : [ { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false }, { "id" : "CVE-2022-1473", "title" : "Resource leakage when decoding certificates and keys", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1473" ], "unique" : false }, { "id" : "CVE-2022-3358", "title" : "Using a Custom Cipher with NID_undef may lead to NULL encryption", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-3358" ], "unique" : false }, { "id" : "CVE-2022-3602", "title" : "X.509 Email Address 4-byte Buffer Overflow", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-3602" ], "unique" : false }, { "id" : "CVE-2022-3786", "title" : "X.509 Email Address Variable Length Buffer Overflow", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-3786" ], "unique" : false }, { "id" : "CVE-2022-4450", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-4450" ], "unique" : false }, { "id" : "CVE-2023-0215", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-0215" ], "unique" : false }, { "id" : "CVE-2023-0216", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-0216" ], "unique" : false }, { "id" : "CVE-2023-0217", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-0217" ], "unique" : false }, { "id" : "CVE-2023-0401", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-0401" ], "unique" : false }, { "id" : "CVE-2023-5363", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-5363" ], "unique" : false }, { "id" : "CVE-2023-0286", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2023-0286" ], "unique" : false }, { "id" : "CVE-2024-12797", "title" : "RFC7250 handshakes with unauthenticated servers don't abort as expected", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2024-12797" ], "unique" : false }, { "id" : "CVE-2025-69419", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2025-69419" ], "unique" : false }, { "id" : "CVE-2022-1292", "source" : "redhat-csaf", "cvssScore" : 6.7, "severity" : "MEDIUM", "cves" : [ "CVE-2022-1292" ], "unique" : false }, { "id" : "CVE-2022-2068", "source" : "redhat-csaf", "cvssScore" : 6.7, "severity" : "MEDIUM", "cves" : [ "CVE-2022-2068" ], "unique" : false }, { "id" : "CVE-2023-2650", "title" : "Possible DoS translating ASN.1 object identifiers", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-2650" ], "unique" : false }, { "id" : "CVE-2023-6129", "title" : "POLY1305 MAC implementation corrupts vector registers on PowerPC", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-6129" ], "unique" : false }, { "id" : "CVE-2025-69421", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69421" ], "unique" : false }, { "id" : "CVE-2025-11187", "title" : "Improper validation of PBMAC1 parameters in PKCS#12 MAC verification", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-11187" ], "unique" : false }, { "id" : "CVE-2020-1971", "title" : "EDIPARTYNAME NULL pointer dereference", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2020-1971" ], "unique" : false }, { "id" : "CVE-2022-4304", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2022-4304" ], "unique" : false }, { "id" : "CVE-2023-0464", "title" : "Excessive Resource Usage Verifying X.509 Policy Constraints", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-0464" ], "unique" : false }, { "id" : "CVE-2023-6237", "title" : "Excessive time spent checking invalid RSA public keys", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-6237" ], "unique" : false }, { "id" : "CVE-2024-5535", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-5535" ], "unique" : false }, { "id" : "CVE-2024-6119", "title" : "Possible denial of service in X.509 name checks", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-6119" ], "unique" : false }, { "id" : "CVE-2025-15468", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15468" ], "unique" : false }, { "id" : "CVE-2025-66199", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-66199" ], "unique" : false }, { "id" : "CVE-2025-69420", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69420" ], "unique" : false }, { "id" : "CVE-2026-22796", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-22796" ], "unique" : false }, { "id" : "CVE-2024-4741", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2024-4741" ], "unique" : false }, { "id" : "CVE-2025-9230", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-9230" ], "unique" : false }, { "id" : "CVE-2024-0727", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2024-0727" ], "unique" : false }, { "id" : "CVE-2025-15469", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15469" ], "unique" : false }, { "id" : "CVE-2026-22795", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-22795" ], "unique" : false }, { "id" : "CVE-2022-1343", "title" : "OCSP_basic_verify may incorrectly verify the response signing certificate", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2022-1343" ], "unique" : false }, { "id" : "CVE-2022-2097", "title" : "AES OCB fails to encrypt some bytes", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2022-2097" ], "unique" : false }, { "id" : "CVE-2023-0465", "title" : "Invalid certificate policies in leaf certificates are silently ignored", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-0465" ], "unique" : false }, { "id" : "CVE-2023-0466", "title" : "Certificate policy check not enabled", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-0466" ], "unique" : false }, { "id" : "CVE-2023-2975", "title" : "AES-SIV implementation ignores empty associated data entries", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-2975" ], "unique" : false }, { "id" : "CVE-2023-3446", "title" : "Excessive time spent checking DH keys and parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-3446" ], "unique" : false }, { "id" : "CVE-2023-3817", "title" : "Excessive time spent checking DH q parameter value", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-3817" ], "unique" : false }, { "id" : "CVE-2023-5678", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-5678" ], "unique" : false }, { "id" : "CVE-2024-4603", "title" : "Excessive time spent checking DSA keys and parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-4603" ], "unique" : false }, { "id" : "CVE-2023-1255", "title" : "Input buffer over-read in AES-XTS implementation on 64 bit ARM", "source" : "redhat-csaf", "cvssScore" : 5.1, "severity" : "MEDIUM", "cves" : [ "CVE-2023-1255" ], "unique" : false }, { "id" : "CVE-2022-4203", "source" : "redhat-csaf", "cvssScore" : 4.9, "severity" : "MEDIUM", "cves" : [ "CVE-2022-4203" ], "unique" : false }, { "id" : "CVE-2025-68160", "source" : "redhat-csaf", "cvssScore" : 4.7, "severity" : "MEDIUM", "cves" : [ "CVE-2025-68160" ], "unique" : false }, { "id" : "CVE-2025-69418", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69418" ], "unique" : false }, { "id" : "CVE-2024-2511", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2024-2511" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libcurl@7.61.1-34.el8_10.11?arch=x86_64&distro=rhel-8.10&upstream=curl-7.61.1-34.el8_10.11.src.rpm", "issues" : [ { "id" : "CVE-2022-32207", "title" : "When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the target file, leaving the updated file accessible to more users than intended.", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2022-32207" ], "unique" : false }, { "id" : "CVE-2022-22576", "title" : "An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL-enabled protocols: SMPTP(S), IMAP(S), POP3(S) and LDAP(S) (openldap only).", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2022-22576" ], "unique" : false }, { "id" : "CVE-2023-38545", "title" : "This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy\nhandshake.\n\nWhen curl is asked to pass along the host name to the SOCKS5 proxy to allow\nthat to resolve the address instead of it getting done by curl itself, the\nmaximum length that host name can be is 255 bytes.\n\nIf the host name is detected to be longer, curl switches to local name\nresolving and instead passes on the resolved address only. Due to this bug,\nthe local variable that means \"let the host resolve the name\" could get the\nwrong value during a slow SOCKS5 handshake, and contrary to the intention,\ncopy the too long host name to the target buffer instead of copying just the\nresolved address there.\n\nThe target buffer being a heap based buffer, and the host name coming from the\nURL that curl has been told to operate with.", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2023-38545" ], "unique" : false }, { "id" : "CVE-2022-27775", "title" : "An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-27775" ], "unique" : false }, { "id" : "CVE-2022-27782", "title" : "libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-27782" ], "unique" : false }, { "id" : "CVE-2024-2398", "title" : "HTTP/2 push headers memory-leak", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-2398" ], "unique" : false }, { "id" : "CVE-2022-32206", "title" : "curl < 7.84.0 supports \"chained\" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable \"links\" in this \"decompression chain\" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a \"malloc bomb\", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2022-32206" ], "unique" : false }, { "id" : "CVE-2023-23916", "title" : "An allocation of resources without limits or throttling vulnerability exists in curl <v7.88.0 based on the \"chained\" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable \"links\" in this \"decompression chain\" wascapped, but the cap was implemented on a per-header basis allowing a maliciousserver to insert a virtually unlimited number of compression steps simply byusing many headers. The use of such a decompression chain could result in a \"malloc bomb\", making curl end up spending enormous amounts of allocated heap memory, or trying to and returning out of memory errors.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-23916" ], "unique" : false }, { "id" : "CVE-2022-43552", "title" : "A use after free vulnerability exists in curl <7.87.0. Curl can be asked to *tunnel* virtually all protocols it supports through an HTTP proxy. HTTP proxies can (and often do) deny such tunnel operations. When getting denied to tunnel the specific protocols SMB or TELNET, curl would use a heap-allocated struct after it had been freed, in its transfer shutdown code path.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2022-43552" ], "unique" : false }, { "id" : "CVE-2023-27535", "title" : "An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain FTP settings such as CURLOPT_FTP_ACCOUNT, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_FTP_SSL_CCC, and CURLOPT_USE_SSL were not included in the configuration match checks, causing them to match too easily. This could lead to libcurl using the wrong credentials when performing a transfer, potentially allowing unauthorized access to sensitive information.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-27535" ], "unique" : false }, { "id" : "CVE-2023-27536", "title" : "An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-27536" ], "unique" : false }, { "id" : "CVE-2023-28321", "title" : "An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports matching of wildcard patterns when listed as \"Subject Alternative Name\" in TLS server certificates. curl can be built to use its own name matching function for TLS rather than one provided by a TLS library. This private wildcard matching function would match IDN (International Domain Name) hosts incorrectly and could as a result accept patterns that otherwise should mismatch. IDN hostnames are converted to puny code before used for certificate checks. Puny coded names always start with `xn--` and should not be allowed to pattern match, but the wildcard check in curl could still check for `x*`, which would match even though the IDN name most likely contained nothing even resembling an `x`.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-28321" ], "unique" : false }, { "id" : "CVE-2023-27538", "title" : "An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequent transfers if the configurations match. However, two SSH settings were omitted from the configuration check, allowing them to match easily, potentially leading to the reuse of an inappropriate connection.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-27538" ], "unique" : false }, { "id" : "CVE-2022-32208", "title" : "When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client.", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2022-32208" ], "unique" : false }, { "id" : "CVE-2023-46218", "title" : "This flaw allows a malicious HTTP server to set \"super cookies\" in curl that\nare then passed back to more origins than what is otherwise allowed or\npossible. This allows a site to set cookies that then would get sent to\ndifferent and unrelated sites and domains.\n\nIt could do this by exploiting a mixed case flaw in curl's function that\nverifies a given cookie domain against the Public Suffix List (PSL). For\nexample a cookie could be set with `domain=co.UK` when the URL used a lower\ncase hostname `curl.co.uk`, even though `co.uk` is listed as a PSL domain.", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-46218" ], "unique" : false }, { "id" : "CVE-2025-9086", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-9086" ], "unique" : false }, { "id" : "CVE-2022-27774", "title" : "An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers.", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2022-27774" ], "unique" : false }, { "id" : "CVE-2022-32221", "title" : "When doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously was used to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the subsequent `POST` request. The problem exists in the logic for a reused handle when it is changed from a PUT to a POST.", "source" : "redhat-csaf", "cvssScore" : 4.8, "severity" : "MEDIUM", "cves" : [ "CVE-2022-32221" ], "unique" : false }, { "id" : "CVE-2022-27776", "title" : "A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number.", "source" : "redhat-csaf", "cvssScore" : 4.3, "severity" : "MEDIUM", "cves" : [ "CVE-2022-27776" ], "unique" : false }, { "id" : "CVE-2023-27533", "title" : "A vulnerability in input validation exists in curl <8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and \"telnet options\" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform option negotiation without the application's intent. This vulnerability could be exploited if an application allows user input, thereby enabling attackers to execute arbitrary code on the system.", "source" : "redhat-csaf", "cvssScore" : 4.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-27533" ], "unique" : false }, { "id" : "CVE-2023-27534", "title" : "A path traversal vulnerability exists in curl <8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's home directory. Attackers can exploit this flaw to bypass filtering or execute arbitrary code by crafting a path like /~2/foo while accessing a server with a specific user.", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2023-27534" ], "unique" : false }, { "id" : "CVE-2023-28322", "title" : "An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST.", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2023-28322" ], "unique" : false }, { "id" : "CVE-2023-38546", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2023-38546" ], "unique" : false }, { "id" : "CVE-2022-35252", "title" : "When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a\"sister site\" to deny service to all siblings.", "source" : "redhat-csaf", "cvssScore" : 3.1, "severity" : "LOW", "cves" : [ "CVE-2022-35252" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-32207", "title" : "When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the target file, leaving the updated file accessible to more users than intended.", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2022-32207" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/curl@7.61.1-34.el8_10.11?arch=x86_64&distro=rhel-8.10&upstream=curl-7.61.1-34.el8_10.11.src.rpm", "issues" : [ { "id" : "CVE-2022-32207", "title" : "When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the target file, leaving the updated file accessible to more users than intended.", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2022-32207" ], "unique" : false }, { "id" : "CVE-2022-22576", "title" : "An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL-enabled protocols: SMPTP(S), IMAP(S), POP3(S) and LDAP(S) (openldap only).", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2022-22576" ], "unique" : false }, { "id" : "CVE-2023-38545", "title" : "This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy\nhandshake.\n\nWhen curl is asked to pass along the host name to the SOCKS5 proxy to allow\nthat to resolve the address instead of it getting done by curl itself, the\nmaximum length that host name can be is 255 bytes.\n\nIf the host name is detected to be longer, curl switches to local name\nresolving and instead passes on the resolved address only. Due to this bug,\nthe local variable that means \"let the host resolve the name\" could get the\nwrong value during a slow SOCKS5 handshake, and contrary to the intention,\ncopy the too long host name to the target buffer instead of copying just the\nresolved address there.\n\nThe target buffer being a heap based buffer, and the host name coming from the\nURL that curl has been told to operate with.", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2023-38545" ], "unique" : false }, { "id" : "CVE-2025-15079", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2025-15079" ], "unique" : false }, { "id" : "CVE-2022-27775", "title" : "An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-27775" ], "unique" : false }, { "id" : "CVE-2022-27782", "title" : "libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-27782" ], "unique" : false }, { "id" : "CVE-2024-2398", "title" : "HTTP/2 push headers memory-leak", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-2398" ], "unique" : false }, { "id" : "CVE-2025-13034", "source" : "redhat-csaf", "cvssScore" : 6.8, "severity" : "MEDIUM", "cves" : [ "CVE-2025-13034" ], "unique" : false }, { "id" : "CVE-2025-14819", "source" : "redhat-csaf", "cvssScore" : 6.8, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14819" ], "unique" : false }, { "id" : "CVE-2026-1965", "source" : "redhat-csaf", "cvssScore" : 6.8, "severity" : "MEDIUM", "cves" : [ "CVE-2026-1965" ], "unique" : false }, { "id" : "CVE-2022-32206", "title" : "curl < 7.84.0 supports \"chained\" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable \"links\" in this \"decompression chain\" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a \"malloc bomb\", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2022-32206" ], "unique" : false }, { "id" : "CVE-2023-23916", "title" : "An allocation of resources without limits or throttling vulnerability exists in curl <v7.88.0 based on the \"chained\" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable \"links\" in this \"decompression chain\" wascapped, but the cap was implemented on a per-header basis allowing a maliciousserver to insert a virtually unlimited number of compression steps simply byusing many headers. The use of such a decompression chain could result in a \"malloc bomb\", making curl end up spending enormous amounts of allocated heap memory, or trying to and returning out of memory errors.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-23916" ], "unique" : false }, { "id" : "CVE-2025-14524", "title" : "bearer token leak on cross-protocol redirect", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14524" ], "unique" : false }, { "id" : "CVE-2026-3784", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-3784" ], "unique" : false }, { "id" : "CVE-2026-3805", "source" : "redhat-csaf", "cvssScore" : 6.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-3805" ], "unique" : false }, { "id" : "CVE-2022-43552", "title" : "A use after free vulnerability exists in curl <7.87.0. Curl can be asked to *tunnel* virtually all protocols it supports through an HTTP proxy. HTTP proxies can (and often do) deny such tunnel operations. When getting denied to tunnel the specific protocols SMB or TELNET, curl would use a heap-allocated struct after it had been freed, in its transfer shutdown code path.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2022-43552" ], "unique" : false }, { "id" : "CVE-2023-27535", "title" : "An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain FTP settings such as CURLOPT_FTP_ACCOUNT, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_FTP_SSL_CCC, and CURLOPT_USE_SSL were not included in the configuration match checks, causing them to match too easily. This could lead to libcurl using the wrong credentials when performing a transfer, potentially allowing unauthorized access to sensitive information.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-27535" ], "unique" : false }, { "id" : "CVE-2023-27536", "title" : "An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-27536" ], "unique" : false }, { "id" : "CVE-2023-28321", "title" : "An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports matching of wildcard patterns when listed as \"Subject Alternative Name\" in TLS server certificates. curl can be built to use its own name matching function for TLS rather than one provided by a TLS library. This private wildcard matching function would match IDN (International Domain Name) hosts incorrectly and could as a result accept patterns that otherwise should mismatch. IDN hostnames are converted to puny code before used for certificate checks. Puny coded names always start with `xn--` and should not be allowed to pattern match, but the wildcard check in curl could still check for `x*`, which would match even though the IDN name most likely contained nothing even resembling an `x`.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-28321" ], "unique" : false }, { "id" : "CVE-2025-10966", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-10966" ], "unique" : false }, { "id" : "CVE-2026-3783", "source" : "redhat-csaf", "cvssScore" : 5.7, "severity" : "MEDIUM", "cves" : [ "CVE-2026-3783" ], "unique" : false }, { "id" : "CVE-2023-27538", "title" : "An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequent transfers if the configurations match. However, two SSH settings were omitted from the configuration check, allowing them to match easily, potentially leading to the reuse of an inappropriate connection.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-27538" ], "unique" : false }, { "id" : "CVE-2022-32208", "title" : "When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client.", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2022-32208" ], "unique" : false }, { "id" : "CVE-2023-46218", "title" : "This flaw allows a malicious HTTP server to set \"super cookies\" in curl that\nare then passed back to more origins than what is otherwise allowed or\npossible. This allows a site to set cookies that then would get sent to\ndifferent and unrelated sites and domains.\n\nIt could do this by exploiting a mixed case flaw in curl's function that\nverifies a given cookie domain against the Public Suffix List (PSL). For\nexample a cookie could be set with `domain=co.UK` when the URL used a lower\ncase hostname `curl.co.uk`, even though `co.uk` is listed as a PSL domain.", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-46218" ], "unique" : false }, { "id" : "CVE-2025-9086", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-9086" ], "unique" : false }, { "id" : "CVE-2022-27774", "title" : "An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers.", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2022-27774" ], "unique" : false }, { "id" : "CVE-2022-32221", "title" : "When doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously was used to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the subsequent `POST` request. The problem exists in the logic for a reused handle when it is changed from a PUT to a POST.", "source" : "redhat-csaf", "cvssScore" : 4.8, "severity" : "MEDIUM", "cves" : [ "CVE-2022-32221" ], "unique" : false }, { "id" : "CVE-2025-10148", "source" : "redhat-csaf", "cvssScore" : 4.8, "severity" : "MEDIUM", "cves" : [ "CVE-2025-10148" ], "unique" : false }, { "id" : "CVE-2025-14017", "source" : "redhat-csaf", "cvssScore" : 4.8, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14017" ], "unique" : false }, { "id" : "CVE-2025-15224", "source" : "redhat-csaf", "cvssScore" : 4.7, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15224" ], "unique" : false }, { "id" : "CVE-2022-27776", "title" : "A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number.", "source" : "redhat-csaf", "cvssScore" : 4.3, "severity" : "MEDIUM", "cves" : [ "CVE-2022-27776" ], "unique" : false }, { "id" : "CVE-2023-27533", "title" : "A vulnerability in input validation exists in curl <8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and \"telnet options\" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform option negotiation without the application's intent. This vulnerability could be exploited if an application allows user input, thereby enabling attackers to execute arbitrary code on the system.", "source" : "redhat-csaf", "cvssScore" : 4.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-27533" ], "unique" : false }, { "id" : "CVE-2023-27534", "title" : "A path traversal vulnerability exists in curl <8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's home directory. Attackers can exploit this flaw to bypass filtering or execute arbitrary code by crafting a path like /~2/foo while accessing a server with a specific user.", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2023-27534" ], "unique" : false }, { "id" : "CVE-2023-28322", "title" : "An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST.", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2023-28322" ], "unique" : false }, { "id" : "CVE-2023-38546", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2023-38546" ], "unique" : false }, { "id" : "CVE-2022-35252", "title" : "When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a\"sister site\" to deny service to all siblings.", "source" : "redhat-csaf", "cvssScore" : 3.1, "severity" : "LOW", "cves" : [ "CVE-2022-35252" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-32207", "title" : "When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the target file, leaving the updated file accessible to more users than intended.", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2022-32207" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libxml2@2.9.7-21.el8_10.3?arch=x86_64&distro=rhel-8.10&upstream=libxml2-2.9.7-21.el8_10.3.src.rpm", "issues" : [ { "id" : "CVE-2024-40896", "title" : "In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content (by setting \"checked\"). This makes classic XXE attacks possible.", "source" : "redhat-csaf", "cvssScore" : 9.1, "severity" : "CRITICAL", "cves" : [ "CVE-2024-40896" ], "unique" : false }, { "id" : "CVE-2025-49794", "title" : "Libxml: heap use after free (uaf) leads to denial of service (dos)", "source" : "redhat-csaf", "cvssScore" : 9.1, "severity" : "CRITICAL", "cves" : [ "CVE-2025-49794" ], "unique" : false }, { "id" : "CVE-2025-49796", "title" : "Libxml: type confusion leads to denial of service (dos)", "source" : "redhat-csaf", "cvssScore" : 9.1, "severity" : "CRITICAL", "cves" : [ "CVE-2025-49796" ], "unique" : false }, { "id" : "CVE-2024-56171", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2024-56171" ], "unique" : false }, { "id" : "CVE-2022-40304", "title" : "An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2022-40304" ], "unique" : false }, { "id" : "CVE-2025-24928", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-24928" ], "unique" : false }, { "id" : "CVE-2025-7425", "title" : "Libxslt: heap use-after-free in libxslt caused by atype corruption in xmlattrptr", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-7425" ], "unique" : false }, { "id" : "CVE-2022-40303", "title" : "An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-40303" ], "unique" : false }, { "id" : "CVE-2024-25062", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-25062" ], "unique" : false }, { "id" : "CVE-2025-32415", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-32415" ], "unique" : false }, { "id" : "CVE-2025-49795", "title" : "Libxml: null pointer dereference leads to denial of service (dos)", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-49795" ], "unique" : false }, { "id" : "CVE-2025-6021", "title" : "Libxml2: integer overflow in xmlbuildqname() leads to stack buffer overflow in libxml2", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-6021" ], "unique" : false }, { "id" : "CVE-2025-7424", "title" : "Libxslt: type confusion in xmlnode.psvi between stylesheet and source nodes", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-7424" ], "unique" : false }, { "id" : "CVE-2022-29824", "title" : "In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well.", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2022-29824" ], "unique" : false }, { "id" : "CVE-2023-39615", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-39615" ], "unique" : false }, { "id" : "CVE-2025-9714", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-9714" ], "unique" : false }, { "id" : "CVE-2022-49043", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2022-49043" ], "unique" : false }, { "id" : "CVE-2023-28484", "title" : "In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in xmlSchemaFixupComplexType in xmlschemas.c.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-28484" ], "unique" : false }, { "id" : "CVE-2023-29469", "title" : "An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to use the first byte of an empty string, and any value is possible (not solely the '\\0' value).", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-29469" ], "unique" : false }, { "id" : "CVE-2025-32414", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-32414" ], "unique" : false }, { "id" : "CVE-2025-6170", "title" : "Libxml2: stack buffer overflow in xmllint interactive shell command handling", "source" : "redhat-csaf", "cvssScore" : 2.5, "severity" : "LOW", "cves" : [ "CVE-2025-6170" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-40896", "title" : "In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content (by setting \"checked\"). This makes classic XXE attacks possible.", "source" : "redhat-csaf", "cvssScore" : 9.1, "severity" : "CRITICAL", "cves" : [ "CVE-2024-40896" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/krb5-libs@1.18.2-32.el8_10?arch=x86_64&distro=rhel-8.10&upstream=krb5-1.18.2-32.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2024-3596", "source" : "redhat-csaf", "cvssScore" : 9.0, "severity" : "CRITICAL", "cves" : [ "CVE-2024-3596" ], "unique" : false }, { "id" : "CVE-2022-42898", "title" : "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has \"a similar bug.\"", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2022-42898" ], "unique" : false }, { "id" : "CVE-2023-39975", "title" : "kdc/do_tgs_req.c in MIT Kerberos 5 (aka krb5) 1.21 before 1.21.2 has a double free that is reachable if an authenticated user can trigger an authorization-data handling failure. Incorrect data is copied from one ticket to another.", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2023-39975" ], "unique" : false }, { "id" : "CVE-2024-26462", "title" : "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/kdc/ndr.c.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-26462" ], "unique" : false }, { "id" : "CVE-2024-37370", "title" : "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-37370" ], "unique" : false }, { "id" : "CVE-2020-17049", "title" : "Kerberos KDC Security Feature Bypass Vulnerability", "source" : "redhat-csaf", "cvssScore" : 7.2, "severity" : "HIGH", "cves" : [ "CVE-2020-17049" ], "unique" : false }, { "id" : "CVE-2023-36054", "title" : "lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-36054" ], "unique" : false }, { "id" : "CVE-2024-37371", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2024-37371" ], "unique" : false }, { "id" : "CVE-2025-24528", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-24528" ], "unique" : false }, { "id" : "CVE-2024-26458", "title" : "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-26458" ], "unique" : false }, { "id" : "CVE-2024-26461", "title" : "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-26461" ], "unique" : false }, { "id" : "CVE-2025-3576", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-3576" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-3596", "source" : "redhat-csaf", "cvssScore" : 9.0, "severity" : "CRITICAL", "cves" : [ "CVE-2024-3596" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-minimal-langpack@2.28-251.el8_10.31?arch=x86_64&distro=rhel-8.10&upstream=glibc-2.28-251.el8_10.31.src.rpm", "issues" : [ { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false }, { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2023-4911", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-4911" ], "unique" : false }, { "id" : "CVE-2024-33599", "title" : "nscd: Stack-based buffer overflow in netgroup cache", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-33599" ], "unique" : false }, { "id" : "CVE-2025-4802", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2025-4802" ], "unique" : false }, { "id" : "CVE-2023-4527", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4527" ], "unique" : false }, { "id" : "CVE-2023-4806", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4806" ], "unique" : false }, { "id" : "CVE-2023-4813", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4813" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2025-0395", "title" : "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0395" ], "unique" : false }, { "id" : "CVE-2024-33600", "title" : "nscd: Null pointer crashes after notfound response", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33600" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2024-33601", "title" : "nscd: netgroup cache may terminate daemon on memory allocation failure", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33601" ], "unique" : false }, { "id" : "CVE-2024-33602", "title" : "nscd: netgroup cache assumes NSS callback uses in-buffer strings", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc@2.28-251.el8_10.31?arch=x86_64&distro=rhel-8.10&upstream=glibc-2.28-251.el8_10.31.src.rpm", "issues" : [ { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false }, { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2023-4911", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-4911" ], "unique" : false }, { "id" : "CVE-2024-33599", "title" : "nscd: Stack-based buffer overflow in netgroup cache", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-33599" ], "unique" : false }, { "id" : "CVE-2025-4802", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2025-4802" ], "unique" : false }, { "id" : "CVE-2023-4527", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4527" ], "unique" : false }, { "id" : "CVE-2023-4806", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4806" ], "unique" : false }, { "id" : "CVE-2023-4813", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4813" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2025-0395", "title" : "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0395" ], "unique" : false }, { "id" : "CVE-2024-33600", "title" : "nscd: Null pointer crashes after notfound response", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33600" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2024-33601", "title" : "nscd: netgroup cache may terminate daemon on memory allocation failure", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33601" ], "unique" : false }, { "id" : "CVE-2024-33602", "title" : "nscd: netgroup cache assumes NSS callback uses in-buffer strings", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-common@2.28-251.el8_10.31?arch=x86_64&distro=rhel-8.10&upstream=glibc-2.28-251.el8_10.31.src.rpm", "issues" : [ { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false }, { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2023-4911", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-4911" ], "unique" : false }, { "id" : "CVE-2024-33599", "title" : "nscd: Stack-based buffer overflow in netgroup cache", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-33599" ], "unique" : false }, { "id" : "CVE-2025-4802", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2025-4802" ], "unique" : false }, { "id" : "CVE-2023-4527", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4527" ], "unique" : false }, { "id" : "CVE-2023-4806", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4806" ], "unique" : false }, { "id" : "CVE-2023-4813", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4813" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2025-0395", "title" : "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0395" ], "unique" : false }, { "id" : "CVE-2024-33600", "title" : "nscd: Null pointer crashes after notfound response", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33600" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2024-33601", "title" : "nscd: netgroup cache may terminate daemon on memory allocation failure", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33601" ], "unique" : false }, { "id" : "CVE-2024-33602", "title" : "nscd: netgroup cache assumes NSS callback uses in-buffer strings", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/xz-libs@5.2.4-4.el8_6?arch=x86_64&distro=rhel-8.10&upstream=xz-5.2.4-4.el8_6.src.rpm", "issues" : [ { "id" : "CVE-2022-1271", "title" : "An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2022-1271" ], "unique" : false }, { "id" : "CVE-2025-31115", "title" : "XZ has a heap-use-after-free bug in threaded .xz decoder", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-31115" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-1271", "title" : "An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2022-1271" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/zlib@1.2.11-25.el8?arch=x86_64&distro=rhel-8.10&upstream=zlib-1.2.11-25.el8.src.rpm", "issues" : [ { "id" : "CVE-2018-25032", "title" : "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", "source" : "redhat-csaf", "cvssScore" : 8.2, "severity" : "HIGH", "cves" : [ "CVE-2018-25032" ], "unique" : false }, { "id" : "CVE-2022-37434", "title" : "zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2022-37434" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2018-25032", "title" : "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", "source" : "redhat-csaf", "cvssScore" : 8.2, "severity" : "HIGH", "cves" : [ "CVE-2018-25032" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libssh-config@0.9.6-16.el8_10?arch=noarch&distro=rhel-8.10&upstream=libssh-0.9.6-16.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2025-5318", "title" : "Libssh: out-of-bounds read in sftp_handle()", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2025-5318" ], "unique" : false }, { "id" : "CVE-2025-5987", "title" : "Libssh: invalid return code for chacha20 poly1305 with openssl backend", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2025-5987" ], "unique" : false }, { "id" : "CVE-2023-48795", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-48795" ], "unique" : false }, { "id" : "CVE-2023-2283", "source" : "redhat-csaf", "cvssScore" : 4.8, "severity" : "MEDIUM", "cves" : [ "CVE-2023-2283" ], "unique" : false }, { "id" : "CVE-2023-6004", "source" : "redhat-csaf", "cvssScore" : 4.8, "severity" : "MEDIUM", "cves" : [ "CVE-2023-6004" ], "unique" : false }, { "id" : "CVE-2023-1667", "title" : "A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of service.", "source" : "redhat-csaf", "cvssScore" : 4.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-1667" ], "unique" : false }, { "id" : "CVE-2023-6918", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2023-6918" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-5318", "title" : "Libssh: out-of-bounds read in sftp_handle()", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2025-5318" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libssh@0.9.6-16.el8_10?arch=x86_64&distro=rhel-8.10&upstream=libssh-0.9.6-16.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2025-5318", "title" : "Libssh: out-of-bounds read in sftp_handle()", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2025-5318" ], "unique" : false }, { "id" : "CVE-2025-5987", "title" : "Libssh: invalid return code for chacha20 poly1305 with openssl backend", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2025-5987" ], "unique" : false }, { "id" : "CVE-2023-48795", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-48795" ], "unique" : false }, { "id" : "CVE-2023-2283", "source" : "redhat-csaf", "cvssScore" : 4.8, "severity" : "MEDIUM", "cves" : [ "CVE-2023-2283" ], "unique" : false }, { "id" : "CVE-2023-6004", "source" : "redhat-csaf", "cvssScore" : 4.8, "severity" : "MEDIUM", "cves" : [ "CVE-2023-6004" ], "unique" : false }, { "id" : "CVE-2023-1667", "title" : "A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of service.", "source" : "redhat-csaf", "cvssScore" : 4.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-1667" ], "unique" : false }, { "id" : "CVE-2023-6918", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2023-6918" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-5318", "title" : "Libssh: out-of-bounds read in sftp_handle()", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2025-5318" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libarchive@3.3.3-7.el8_10?arch=x86_64&distro=rhel-8.10&upstream=libarchive-3.3.3-7.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2025-5914", "title" : "Libarchive: double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-5914" ], "unique" : false }, { "id" : "CVE-2026-4111", "title" : "Libarchive: infinite loop denial of service in rar5 decompression via archive_read_data() in libarchive", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-4111" ], "unique" : false }, { "id" : "CVE-2026-4424", "title" : "Libarchive: libarchive: information disclosure via heap out-of-bounds read in rar archive processing", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-4424" ], "unique" : false }, { "id" : "CVE-2026-5121", "title" : "Libarchive: libarchive: arbitrary code execution via integer overflow in iso9660 image processing", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-5121" ], "unique" : false }, { "id" : "CVE-2022-26280", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2022-26280" ], "unique" : false }, { "id" : "CVE-2022-36227", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2022-36227" ], "unique" : false }, { "id" : "CVE-2024-57970", "title" : "libarchive through 3.7.7 has a heap-based buffer over-read in header_gnu_longlink in archive_read_support_format_tar.c via a TAR archive because it mishandles truncation in the middle of a GNU long linkname.", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-57970" ], "unique" : false }, { "id" : "CVE-2025-25724", "title" : "list_item_verbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which can lead to a denial of service or unspecified other impact via a crafted TAR archive that is read with a verbose value of 2. For example, the 100-byte buffer may not be sufficient for a custom locale.", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2025-25724" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-5914", "title" : "Libarchive: double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-5914" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libcap@2.48-6.el8_9?arch=x86_64&distro=rhel-8.10&upstream=libcap-2.48-6.el8_9.src.rpm", "issues" : [ { "id" : "CVE-2023-2603", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-2603" ], "unique" : false }, { "id" : "CVE-2023-2602", "title" : "A vulnerability was found in the pthread_create() function in libcap. This issue may allow a malicious actor to use cause __real_pthread_create() to return an error, which can exhaust the process memory.", "source" : "redhat-csaf", "cvssScore" : 3.3, "severity" : "LOW", "cves" : [ "CVE-2023-2602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-2603", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-2603" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-base@6.1-10.20180224.el8?arch=noarch&distro=rhel-8.10&upstream=ncurses-6.1-10.20180224.el8.src.rpm", "issues" : [ { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false }, { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false }, { "id" : "CVE-2022-29458", "title" : "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2022-29458" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-libs@6.1-10.20180224.el8?arch=x86_64&distro=rhel-8.10&upstream=ncurses-6.1-10.20180224.el8.src.rpm", "issues" : [ { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false }, { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false }, { "id" : "CVE-2022-29458", "title" : "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2022-29458" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/sqlite-libs@3.26.0-20.el8_10?arch=x86_64&distro=rhel-8.10&upstream=sqlite-3.26.0-20.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2025-6965", "title" : "Integer Truncation on SQLite", "source" : "redhat-csaf", "cvssScore" : 7.7, "severity" : "HIGH", "cves" : [ "CVE-2025-6965" ], "unique" : false }, { "id" : "CVE-2023-7104", "source" : "redhat-csaf", "cvssScore" : 7.3, "severity" : "HIGH", "cves" : [ "CVE-2023-7104" ], "unique" : false }, { "id" : "CVE-2025-3277", "title" : "An integer overflow can be triggered in SQLite’s `concat_ws()` function. The resulting, truncated integer is then used to allocate a buffer. When SQLite then writes the resulting string to the buffer, it uses the original, untruncated size and thus a wild Heap Buffer overflow of size ~4GB can be triggered. This can result in arbitrary code execution.", "source" : "redhat-csaf", "cvssScore" : 7.3, "severity" : "HIGH", "cves" : [ "CVE-2025-3277" ], "unique" : false }, { "id" : "CVE-2022-35737", "title" : "SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2022-35737" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-6965", "title" : "Integer Truncation on SQLite", "source" : "redhat-csaf", "cvssScore" : 7.7, "severity" : "HIGH", "cves" : [ "CVE-2025-6965" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libnghttp2@1.33.0-6.el8_10.2?arch=x86_64&distro=rhel-8.10&upstream=nghttp2-1.33.0-6.el8_10.2.src.rpm", "issues" : [ { "id" : "CVE-2023-44487", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-44487" ], "unique" : false }, { "id" : "CVE-2026-27135", "title" : "nghttp2 Denial of service: Assertion failure due to the missing state validation", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-27135" ], "unique" : false }, { "id" : "CVE-2024-28182", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-28182" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-44487", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-44487" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/brotli@1.0.6-4.el8_10?arch=x86_64&distro=rhel-8.10&upstream=brotli-1.0.6-4.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2025-6176", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-6176" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-6176", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-6176" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/pcre2@10.32-3.el8_6?arch=x86_64&distro=rhel-8.10&upstream=pcre2-10.32-3.el8_6.src.rpm", "issues" : [ { "id" : "CVE-2022-1586", "title" : "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1586" ], "unique" : false }, { "id" : "CVE-2022-1587", "title" : "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1587" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-1586", "title" : "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1586" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/openldap@2.4.46-21.el8_10?arch=x86_64&distro=rhel-8.10&upstream=openldap-2.4.46-21.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2023-2953", "title" : "A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2023-2953" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-2953", "title" : "A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2023-2953" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/lua-libs@5.3.4-12.el8?arch=x86_64&distro=rhel-8.10&upstream=lua-5.3.4-12.el8.src.rpm", "issues" : [ { "id" : "CVE-2021-44964", "title" : "Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.0~5.4.3 allows attackers to perform Sandbox Escape via a crafted script file.", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2021-44964" ], "unique" : false }, { "id" : "CVE-2022-33099", "title" : "An issue in the component luaG_runerror of Lua v5.4.4 and below leads to a heap-buffer overflow when a recursive error occurs.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2022-33099" ], "unique" : false }, { "id" : "CVE-2022-28805", "title" : "singlevar in lparser.c in Lua from (including) 5.4.0 up to (excluding) 5.4.4 lacks a certain luaK_exp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code.", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2022-28805" ], "unique" : false }, { "id" : "CVE-2021-43519", "title" : "Stack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4 allows attackers to perform a Denial of Service via a crafted script file.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2021-43519" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2021-44964", "title" : "Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.0~5.4.3 allows attackers to perform Sandbox Escape via a crafted script file.", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2021-44964" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/bash@4.4.20-6.el8_10?arch=x86_64&distro=rhel-8.10&upstream=bash-4.4.20-6.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2022-3715", "source" : "redhat-csaf", "cvssScore" : 6.6, "severity" : "MEDIUM", "cves" : [ "CVE-2022-3715" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-3715", "source" : "redhat-csaf", "cvssScore" : 6.6, "severity" : "MEDIUM", "cves" : [ "CVE-2022-3715" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64&distro=rhel-8.10&upstream=rpm-4.14.3-32.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2021-35938", "title" : "A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2021-35938" ], "unique" : false }, { "id" : "CVE-2021-35939", "title" : "It was found that the fix for CVE-2017-7500 and CVE-2017-7501 was incomplete: the check was only implemented for the parent directory of the file to be created. A local unprivileged user who owns another ancestor directory could potentially use this flaw to gain root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2021-35939" ], "unique" : false }, { "id" : "CVE-2021-35937", "title" : "A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "source" : "redhat-csaf", "cvssScore" : 6.3, "severity" : "MEDIUM", "cves" : [ "CVE-2021-35937" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2021-35938", "title" : "A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2021-35938" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/rpm@4.14.3-32.el8_10?arch=x86_64&distro=rhel-8.10&upstream=rpm-4.14.3-32.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2021-35938", "title" : "A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2021-35938" ], "unique" : false }, { "id" : "CVE-2021-35939", "title" : "It was found that the fix for CVE-2017-7500 and CVE-2017-7501 was incomplete: the check was only implemented for the parent directory of the file to be created. A local unprivileged user who owns another ancestor directory could potentially use this flaw to gain root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2021-35939" ], "unique" : false }, { "id" : "CVE-2021-35937", "title" : "A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "source" : "redhat-csaf", "cvssScore" : 6.3, "severity" : "MEDIUM", "cves" : [ "CVE-2021-35937" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2021-35938", "title" : "A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2021-35938" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/gmp@6.1.2-11.el8?arch=x86_64&distro=rhel-8.10&epoch=1&upstream=gmp-6.1.2-11.el8.src.rpm", "issues" : [ { "id" : "CVE-2021-43618", "title" : "GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms.", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2021-43618" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2021-43618", "title" : "GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms.", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2021-43618" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libgcc@8.5.0-28.el8_10?arch=x86_64&distro=rhel-8.10&upstream=gcc-8.5.0-28.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2020-11023", "title" : "Potential XSS vulnerability in jQuery", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2020-11023" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2020-11023", "title" : "Potential XSS vulnerability in jQuery", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2020-11023" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libtasn1@4.13-5.el8_10?arch=x86_64&distro=rhel-8.10&upstream=libtasn1-4.13-5.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2021-46848", "title" : "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2021-46848" ], "unique" : false }, { "id" : "CVE-2024-12133", "title" : "Libtasn1: inefficient der decoding in libtasn1 leading to potential remote dos", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-12133" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2021-46848", "title" : "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2021-46848" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libcom_err@1.45.6-7.el8_10?arch=x86_64&distro=rhel-8.10&upstream=e2fsprogs-1.45.6-7.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2022-1304", "title" : "An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.", "source" : "redhat-csaf", "cvssScore" : 5.8, "severity" : "MEDIUM", "cves" : [ "CVE-2022-1304" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-1304", "title" : "An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.", "source" : "redhat-csaf", "cvssScore" : 5.8, "severity" : "MEDIUM", "cves" : [ "CVE-2022-1304" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/bzip2-libs@1.0.6-28.el8_10?arch=x86_64&distro=rhel-8.10&upstream=bzip2-1.0.6-28.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2019-12900", "title" : "BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.", "source" : "redhat-csaf", "cvssScore" : 4.4, "severity" : "MEDIUM", "cves" : [ "CVE-2019-12900" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2019-12900", "title" : "BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.", "source" : "redhat-csaf", "cvssScore" : 4.4, "severity" : "MEDIUM", "cves" : [ "CVE-2019-12900" ], "unique" : false } } ], "highestVulnerability" : { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64&distro=rhel-8.10&upstream=microdnf-3.8.0-2.el8.src.rpm", "transitive" : [ { "ref" : "pkg:rpm/redhat/openssl-libs@1.1.1k-15.el8_6?arch=x86_64&distro=rhel-8.10&epoch=1&upstream=openssl-1.1.1k-15.el8_6.src.rpm", "issues" : [ { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false }, { "id" : "CVE-2022-1473", "title" : "Resource leakage when decoding certificates and keys", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1473" ], "unique" : false }, { "id" : "CVE-2022-3358", "title" : "Using a Custom Cipher with NID_undef may lead to NULL encryption", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-3358" ], "unique" : false }, { "id" : "CVE-2022-3602", "title" : "X.509 Email Address 4-byte Buffer Overflow", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-3602" ], "unique" : false }, { "id" : "CVE-2022-3786", "title" : "X.509 Email Address Variable Length Buffer Overflow", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-3786" ], "unique" : false }, { "id" : "CVE-2022-4450", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-4450" ], "unique" : false }, { "id" : "CVE-2023-0215", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-0215" ], "unique" : false }, { "id" : "CVE-2023-0216", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-0216" ], "unique" : false }, { "id" : "CVE-2023-0217", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-0217" ], "unique" : false }, { "id" : "CVE-2023-0401", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-0401" ], "unique" : false }, { "id" : "CVE-2023-5363", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-5363" ], "unique" : false }, { "id" : "CVE-2023-0286", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2023-0286" ], "unique" : false }, { "id" : "CVE-2024-12797", "title" : "RFC7250 handshakes with unauthenticated servers don't abort as expected", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2024-12797" ], "unique" : false }, { "id" : "CVE-2025-69419", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2025-69419" ], "unique" : false }, { "id" : "CVE-2022-1292", "source" : "redhat-csaf", "cvssScore" : 6.7, "severity" : "MEDIUM", "cves" : [ "CVE-2022-1292" ], "unique" : false }, { "id" : "CVE-2022-2068", "source" : "redhat-csaf", "cvssScore" : 6.7, "severity" : "MEDIUM", "cves" : [ "CVE-2022-2068" ], "unique" : false }, { "id" : "CVE-2023-2650", "title" : "Possible DoS translating ASN.1 object identifiers", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-2650" ], "unique" : false }, { "id" : "CVE-2023-6129", "title" : "POLY1305 MAC implementation corrupts vector registers on PowerPC", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-6129" ], "unique" : false }, { "id" : "CVE-2025-69421", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69421" ], "unique" : false }, { "id" : "CVE-2025-11187", "title" : "Improper validation of PBMAC1 parameters in PKCS#12 MAC verification", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-11187" ], "unique" : false }, { "id" : "CVE-2020-1971", "title" : "EDIPARTYNAME NULL pointer dereference", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2020-1971" ], "unique" : false }, { "id" : "CVE-2022-4304", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2022-4304" ], "unique" : false }, { "id" : "CVE-2023-0464", "title" : "Excessive Resource Usage Verifying X.509 Policy Constraints", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-0464" ], "unique" : false }, { "id" : "CVE-2023-6237", "title" : "Excessive time spent checking invalid RSA public keys", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-6237" ], "unique" : false }, { "id" : "CVE-2024-5535", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-5535" ], "unique" : false }, { "id" : "CVE-2024-6119", "title" : "Possible denial of service in X.509 name checks", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-6119" ], "unique" : false }, { "id" : "CVE-2025-15468", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15468" ], "unique" : false }, { "id" : "CVE-2025-66199", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-66199" ], "unique" : false }, { "id" : "CVE-2025-69420", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69420" ], "unique" : false }, { "id" : "CVE-2026-22796", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-22796" ], "unique" : false }, { "id" : "CVE-2024-4741", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2024-4741" ], "unique" : false }, { "id" : "CVE-2025-9230", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-9230" ], "unique" : false }, { "id" : "CVE-2024-0727", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2024-0727" ], "unique" : false }, { "id" : "CVE-2025-15469", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15469" ], "unique" : false }, { "id" : "CVE-2026-22795", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-22795" ], "unique" : false }, { "id" : "CVE-2022-1343", "title" : "OCSP_basic_verify may incorrectly verify the response signing certificate", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2022-1343" ], "unique" : false }, { "id" : "CVE-2022-2097", "title" : "AES OCB fails to encrypt some bytes", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2022-2097" ], "unique" : false }, { "id" : "CVE-2023-0465", "title" : "Invalid certificate policies in leaf certificates are silently ignored", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-0465" ], "unique" : false }, { "id" : "CVE-2023-0466", "title" : "Certificate policy check not enabled", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-0466" ], "unique" : false }, { "id" : "CVE-2023-2975", "title" : "AES-SIV implementation ignores empty associated data entries", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-2975" ], "unique" : false }, { "id" : "CVE-2023-3446", "title" : "Excessive time spent checking DH keys and parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-3446" ], "unique" : false }, { "id" : "CVE-2023-3817", "title" : "Excessive time spent checking DH q parameter value", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-3817" ], "unique" : false }, { "id" : "CVE-2023-5678", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-5678" ], "unique" : false }, { "id" : "CVE-2024-4603", "title" : "Excessive time spent checking DSA keys and parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-4603" ], "unique" : false }, { "id" : "CVE-2023-1255", "title" : "Input buffer over-read in AES-XTS implementation on 64 bit ARM", "source" : "redhat-csaf", "cvssScore" : 5.1, "severity" : "MEDIUM", "cves" : [ "CVE-2023-1255" ], "unique" : false }, { "id" : "CVE-2022-4203", "source" : "redhat-csaf", "cvssScore" : 4.9, "severity" : "MEDIUM", "cves" : [ "CVE-2022-4203" ], "unique" : false }, { "id" : "CVE-2025-68160", "source" : "redhat-csaf", "cvssScore" : 4.7, "severity" : "MEDIUM", "cves" : [ "CVE-2025-68160" ], "unique" : false }, { "id" : "CVE-2025-69418", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69418" ], "unique" : false }, { "id" : "CVE-2024-2511", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2024-2511" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libcurl@7.61.1-34.el8_10.11?arch=x86_64&distro=rhel-8.10&upstream=curl-7.61.1-34.el8_10.11.src.rpm", "issues" : [ { "id" : "CVE-2022-32207", "title" : "When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the target file, leaving the updated file accessible to more users than intended.", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2022-32207" ], "unique" : false }, { "id" : "CVE-2022-22576", "title" : "An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL-enabled protocols: SMPTP(S), IMAP(S), POP3(S) and LDAP(S) (openldap only).", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2022-22576" ], "unique" : false }, { "id" : "CVE-2023-38545", "title" : "This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy\nhandshake.\n\nWhen curl is asked to pass along the host name to the SOCKS5 proxy to allow\nthat to resolve the address instead of it getting done by curl itself, the\nmaximum length that host name can be is 255 bytes.\n\nIf the host name is detected to be longer, curl switches to local name\nresolving and instead passes on the resolved address only. Due to this bug,\nthe local variable that means \"let the host resolve the name\" could get the\nwrong value during a slow SOCKS5 handshake, and contrary to the intention,\ncopy the too long host name to the target buffer instead of copying just the\nresolved address there.\n\nThe target buffer being a heap based buffer, and the host name coming from the\nURL that curl has been told to operate with.", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2023-38545" ], "unique" : false }, { "id" : "CVE-2022-27775", "title" : "An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-27775" ], "unique" : false }, { "id" : "CVE-2022-27782", "title" : "libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-27782" ], "unique" : false }, { "id" : "CVE-2024-2398", "title" : "HTTP/2 push headers memory-leak", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-2398" ], "unique" : false }, { "id" : "CVE-2022-32206", "title" : "curl < 7.84.0 supports \"chained\" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable \"links\" in this \"decompression chain\" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a \"malloc bomb\", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2022-32206" ], "unique" : false }, { "id" : "CVE-2023-23916", "title" : "An allocation of resources without limits or throttling vulnerability exists in curl <v7.88.0 based on the \"chained\" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable \"links\" in this \"decompression chain\" wascapped, but the cap was implemented on a per-header basis allowing a maliciousserver to insert a virtually unlimited number of compression steps simply byusing many headers. The use of such a decompression chain could result in a \"malloc bomb\", making curl end up spending enormous amounts of allocated heap memory, or trying to and returning out of memory errors.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-23916" ], "unique" : false }, { "id" : "CVE-2022-43552", "title" : "A use after free vulnerability exists in curl <7.87.0. Curl can be asked to *tunnel* virtually all protocols it supports through an HTTP proxy. HTTP proxies can (and often do) deny such tunnel operations. When getting denied to tunnel the specific protocols SMB or TELNET, curl would use a heap-allocated struct after it had been freed, in its transfer shutdown code path.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2022-43552" ], "unique" : false }, { "id" : "CVE-2023-27535", "title" : "An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain FTP settings such as CURLOPT_FTP_ACCOUNT, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_FTP_SSL_CCC, and CURLOPT_USE_SSL were not included in the configuration match checks, causing them to match too easily. This could lead to libcurl using the wrong credentials when performing a transfer, potentially allowing unauthorized access to sensitive information.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-27535" ], "unique" : false }, { "id" : "CVE-2023-27536", "title" : "An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-27536" ], "unique" : false }, { "id" : "CVE-2023-28321", "title" : "An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports matching of wildcard patterns when listed as \"Subject Alternative Name\" in TLS server certificates. curl can be built to use its own name matching function for TLS rather than one provided by a TLS library. This private wildcard matching function would match IDN (International Domain Name) hosts incorrectly and could as a result accept patterns that otherwise should mismatch. IDN hostnames are converted to puny code before used for certificate checks. Puny coded names always start with `xn--` and should not be allowed to pattern match, but the wildcard check in curl could still check for `x*`, which would match even though the IDN name most likely contained nothing even resembling an `x`.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-28321" ], "unique" : false }, { "id" : "CVE-2023-27538", "title" : "An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequent transfers if the configurations match. However, two SSH settings were omitted from the configuration check, allowing them to match easily, potentially leading to the reuse of an inappropriate connection.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-27538" ], "unique" : false }, { "id" : "CVE-2022-32208", "title" : "When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client.", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2022-32208" ], "unique" : false }, { "id" : "CVE-2023-46218", "title" : "This flaw allows a malicious HTTP server to set \"super cookies\" in curl that\nare then passed back to more origins than what is otherwise allowed or\npossible. This allows a site to set cookies that then would get sent to\ndifferent and unrelated sites and domains.\n\nIt could do this by exploiting a mixed case flaw in curl's function that\nverifies a given cookie domain against the Public Suffix List (PSL). For\nexample a cookie could be set with `domain=co.UK` when the URL used a lower\ncase hostname `curl.co.uk`, even though `co.uk` is listed as a PSL domain.", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-46218" ], "unique" : false }, { "id" : "CVE-2025-9086", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-9086" ], "unique" : false }, { "id" : "CVE-2022-27774", "title" : "An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers.", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2022-27774" ], "unique" : false }, { "id" : "CVE-2022-32221", "title" : "When doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously was used to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the subsequent `POST` request. The problem exists in the logic for a reused handle when it is changed from a PUT to a POST.", "source" : "redhat-csaf", "cvssScore" : 4.8, "severity" : "MEDIUM", "cves" : [ "CVE-2022-32221" ], "unique" : false }, { "id" : "CVE-2022-27776", "title" : "A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number.", "source" : "redhat-csaf", "cvssScore" : 4.3, "severity" : "MEDIUM", "cves" : [ "CVE-2022-27776" ], "unique" : false }, { "id" : "CVE-2023-27533", "title" : "A vulnerability in input validation exists in curl <8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and \"telnet options\" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform option negotiation without the application's intent. This vulnerability could be exploited if an application allows user input, thereby enabling attackers to execute arbitrary code on the system.", "source" : "redhat-csaf", "cvssScore" : 4.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-27533" ], "unique" : false }, { "id" : "CVE-2023-27534", "title" : "A path traversal vulnerability exists in curl <8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's home directory. Attackers can exploit this flaw to bypass filtering or execute arbitrary code by crafting a path like /~2/foo while accessing a server with a specific user.", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2023-27534" ], "unique" : false }, { "id" : "CVE-2023-28322", "title" : "An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST.", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2023-28322" ], "unique" : false }, { "id" : "CVE-2023-38546", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2023-38546" ], "unique" : false }, { "id" : "CVE-2022-35252", "title" : "When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a\"sister site\" to deny service to all siblings.", "source" : "redhat-csaf", "cvssScore" : 3.1, "severity" : "LOW", "cves" : [ "CVE-2022-35252" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-32207", "title" : "When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the target file, leaving the updated file accessible to more users than intended.", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2022-32207" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/curl@7.61.1-34.el8_10.11?arch=x86_64&distro=rhel-8.10&upstream=curl-7.61.1-34.el8_10.11.src.rpm", "issues" : [ { "id" : "CVE-2022-32207", "title" : "When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the target file, leaving the updated file accessible to more users than intended.", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2022-32207" ], "unique" : false }, { "id" : "CVE-2022-22576", "title" : "An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL-enabled protocols: SMPTP(S), IMAP(S), POP3(S) and LDAP(S) (openldap only).", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2022-22576" ], "unique" : false }, { "id" : "CVE-2023-38545", "title" : "This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy\nhandshake.\n\nWhen curl is asked to pass along the host name to the SOCKS5 proxy to allow\nthat to resolve the address instead of it getting done by curl itself, the\nmaximum length that host name can be is 255 bytes.\n\nIf the host name is detected to be longer, curl switches to local name\nresolving and instead passes on the resolved address only. Due to this bug,\nthe local variable that means \"let the host resolve the name\" could get the\nwrong value during a slow SOCKS5 handshake, and contrary to the intention,\ncopy the too long host name to the target buffer instead of copying just the\nresolved address there.\n\nThe target buffer being a heap based buffer, and the host name coming from the\nURL that curl has been told to operate with.", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2023-38545" ], "unique" : false }, { "id" : "CVE-2025-15079", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2025-15079" ], "unique" : false }, { "id" : "CVE-2022-27775", "title" : "An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-27775" ], "unique" : false }, { "id" : "CVE-2022-27782", "title" : "libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-27782" ], "unique" : false }, { "id" : "CVE-2024-2398", "title" : "HTTP/2 push headers memory-leak", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-2398" ], "unique" : false }, { "id" : "CVE-2025-13034", "source" : "redhat-csaf", "cvssScore" : 6.8, "severity" : "MEDIUM", "cves" : [ "CVE-2025-13034" ], "unique" : false }, { "id" : "CVE-2025-14819", "source" : "redhat-csaf", "cvssScore" : 6.8, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14819" ], "unique" : false }, { "id" : "CVE-2026-1965", "source" : "redhat-csaf", "cvssScore" : 6.8, "severity" : "MEDIUM", "cves" : [ "CVE-2026-1965" ], "unique" : false }, { "id" : "CVE-2022-32206", "title" : "curl < 7.84.0 supports \"chained\" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable \"links\" in this \"decompression chain\" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a \"malloc bomb\", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2022-32206" ], "unique" : false }, { "id" : "CVE-2023-23916", "title" : "An allocation of resources without limits or throttling vulnerability exists in curl <v7.88.0 based on the \"chained\" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable \"links\" in this \"decompression chain\" wascapped, but the cap was implemented on a per-header basis allowing a maliciousserver to insert a virtually unlimited number of compression steps simply byusing many headers. The use of such a decompression chain could result in a \"malloc bomb\", making curl end up spending enormous amounts of allocated heap memory, or trying to and returning out of memory errors.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-23916" ], "unique" : false }, { "id" : "CVE-2025-14524", "title" : "bearer token leak on cross-protocol redirect", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14524" ], "unique" : false }, { "id" : "CVE-2026-3784", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-3784" ], "unique" : false }, { "id" : "CVE-2026-3805", "source" : "redhat-csaf", "cvssScore" : 6.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-3805" ], "unique" : false }, { "id" : "CVE-2022-43552", "title" : "A use after free vulnerability exists in curl <7.87.0. Curl can be asked to *tunnel* virtually all protocols it supports through an HTTP proxy. HTTP proxies can (and often do) deny such tunnel operations. When getting denied to tunnel the specific protocols SMB or TELNET, curl would use a heap-allocated struct after it had been freed, in its transfer shutdown code path.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2022-43552" ], "unique" : false }, { "id" : "CVE-2023-27535", "title" : "An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain FTP settings such as CURLOPT_FTP_ACCOUNT, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_FTP_SSL_CCC, and CURLOPT_USE_SSL were not included in the configuration match checks, causing them to match too easily. This could lead to libcurl using the wrong credentials when performing a transfer, potentially allowing unauthorized access to sensitive information.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-27535" ], "unique" : false }, { "id" : "CVE-2023-27536", "title" : "An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-27536" ], "unique" : false }, { "id" : "CVE-2023-28321", "title" : "An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports matching of wildcard patterns when listed as \"Subject Alternative Name\" in TLS server certificates. curl can be built to use its own name matching function for TLS rather than one provided by a TLS library. This private wildcard matching function would match IDN (International Domain Name) hosts incorrectly and could as a result accept patterns that otherwise should mismatch. IDN hostnames are converted to puny code before used for certificate checks. Puny coded names always start with `xn--` and should not be allowed to pattern match, but the wildcard check in curl could still check for `x*`, which would match even though the IDN name most likely contained nothing even resembling an `x`.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-28321" ], "unique" : false }, { "id" : "CVE-2025-10966", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-10966" ], "unique" : false }, { "id" : "CVE-2026-3783", "source" : "redhat-csaf", "cvssScore" : 5.7, "severity" : "MEDIUM", "cves" : [ "CVE-2026-3783" ], "unique" : false }, { "id" : "CVE-2023-27538", "title" : "An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequent transfers if the configurations match. However, two SSH settings were omitted from the configuration check, allowing them to match easily, potentially leading to the reuse of an inappropriate connection.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-27538" ], "unique" : false }, { "id" : "CVE-2022-32208", "title" : "When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client.", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2022-32208" ], "unique" : false }, { "id" : "CVE-2023-46218", "title" : "This flaw allows a malicious HTTP server to set \"super cookies\" in curl that\nare then passed back to more origins than what is otherwise allowed or\npossible. This allows a site to set cookies that then would get sent to\ndifferent and unrelated sites and domains.\n\nIt could do this by exploiting a mixed case flaw in curl's function that\nverifies a given cookie domain against the Public Suffix List (PSL). For\nexample a cookie could be set with `domain=co.UK` when the URL used a lower\ncase hostname `curl.co.uk`, even though `co.uk` is listed as a PSL domain.", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-46218" ], "unique" : false }, { "id" : "CVE-2025-9086", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-9086" ], "unique" : false }, { "id" : "CVE-2022-27774", "title" : "An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers.", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2022-27774" ], "unique" : false }, { "id" : "CVE-2022-32221", "title" : "When doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously was used to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the subsequent `POST` request. The problem exists in the logic for a reused handle when it is changed from a PUT to a POST.", "source" : "redhat-csaf", "cvssScore" : 4.8, "severity" : "MEDIUM", "cves" : [ "CVE-2022-32221" ], "unique" : false }, { "id" : "CVE-2025-10148", "source" : "redhat-csaf", "cvssScore" : 4.8, "severity" : "MEDIUM", "cves" : [ "CVE-2025-10148" ], "unique" : false }, { "id" : "CVE-2025-14017", "source" : "redhat-csaf", "cvssScore" : 4.8, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14017" ], "unique" : false }, { "id" : "CVE-2025-15224", "source" : "redhat-csaf", "cvssScore" : 4.7, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15224" ], "unique" : false }, { "id" : "CVE-2022-27776", "title" : "A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number.", "source" : "redhat-csaf", "cvssScore" : 4.3, "severity" : "MEDIUM", "cves" : [ "CVE-2022-27776" ], "unique" : false }, { "id" : "CVE-2023-27533", "title" : "A vulnerability in input validation exists in curl <8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and \"telnet options\" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform option negotiation without the application's intent. This vulnerability could be exploited if an application allows user input, thereby enabling attackers to execute arbitrary code on the system.", "source" : "redhat-csaf", "cvssScore" : 4.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-27533" ], "unique" : false }, { "id" : "CVE-2023-27534", "title" : "A path traversal vulnerability exists in curl <8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's home directory. Attackers can exploit this flaw to bypass filtering or execute arbitrary code by crafting a path like /~2/foo while accessing a server with a specific user.", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2023-27534" ], "unique" : false }, { "id" : "CVE-2023-28322", "title" : "An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST.", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2023-28322" ], "unique" : false }, { "id" : "CVE-2023-38546", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2023-38546" ], "unique" : false }, { "id" : "CVE-2022-35252", "title" : "When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a\"sister site\" to deny service to all siblings.", "source" : "redhat-csaf", "cvssScore" : 3.1, "severity" : "LOW", "cves" : [ "CVE-2022-35252" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-32207", "title" : "When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the target file, leaving the updated file accessible to more users than intended.", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2022-32207" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libxml2@2.9.7-21.el8_10.3?arch=x86_64&distro=rhel-8.10&upstream=libxml2-2.9.7-21.el8_10.3.src.rpm", "issues" : [ { "id" : "CVE-2024-40896", "title" : "In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content (by setting \"checked\"). This makes classic XXE attacks possible.", "source" : "redhat-csaf", "cvssScore" : 9.1, "severity" : "CRITICAL", "cves" : [ "CVE-2024-40896" ], "unique" : false }, { "id" : "CVE-2025-49794", "title" : "Libxml: heap use after free (uaf) leads to denial of service (dos)", "source" : "redhat-csaf", "cvssScore" : 9.1, "severity" : "CRITICAL", "cves" : [ "CVE-2025-49794" ], "unique" : false }, { "id" : "CVE-2025-49796", "title" : "Libxml: type confusion leads to denial of service (dos)", "source" : "redhat-csaf", "cvssScore" : 9.1, "severity" : "CRITICAL", "cves" : [ "CVE-2025-49796" ], "unique" : false }, { "id" : "CVE-2024-56171", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2024-56171" ], "unique" : false }, { "id" : "CVE-2022-40304", "title" : "An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2022-40304" ], "unique" : false }, { "id" : "CVE-2025-24928", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-24928" ], "unique" : false }, { "id" : "CVE-2025-7425", "title" : "Libxslt: heap use-after-free in libxslt caused by atype corruption in xmlattrptr", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-7425" ], "unique" : false }, { "id" : "CVE-2022-40303", "title" : "An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-40303" ], "unique" : false }, { "id" : "CVE-2024-25062", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-25062" ], "unique" : false }, { "id" : "CVE-2025-32415", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-32415" ], "unique" : false }, { "id" : "CVE-2025-49795", "title" : "Libxml: null pointer dereference leads to denial of service (dos)", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-49795" ], "unique" : false }, { "id" : "CVE-2025-6021", "title" : "Libxml2: integer overflow in xmlbuildqname() leads to stack buffer overflow in libxml2", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-6021" ], "unique" : false }, { "id" : "CVE-2025-7424", "title" : "Libxslt: type confusion in xmlnode.psvi between stylesheet and source nodes", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-7424" ], "unique" : false }, { "id" : "CVE-2022-29824", "title" : "In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well.", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2022-29824" ], "unique" : false }, { "id" : "CVE-2023-39615", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-39615" ], "unique" : false }, { "id" : "CVE-2025-9714", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-9714" ], "unique" : false }, { "id" : "CVE-2022-49043", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2022-49043" ], "unique" : false }, { "id" : "CVE-2023-28484", "title" : "In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in xmlSchemaFixupComplexType in xmlschemas.c.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-28484" ], "unique" : false }, { "id" : "CVE-2023-29469", "title" : "An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to use the first byte of an empty string, and any value is possible (not solely the '\\0' value).", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-29469" ], "unique" : false }, { "id" : "CVE-2025-32414", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-32414" ], "unique" : false }, { "id" : "CVE-2025-6170", "title" : "Libxml2: stack buffer overflow in xmllint interactive shell command handling", "source" : "redhat-csaf", "cvssScore" : 2.5, "severity" : "LOW", "cves" : [ "CVE-2025-6170" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-40896", "title" : "In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content (by setting \"checked\"). This makes classic XXE attacks possible.", "source" : "redhat-csaf", "cvssScore" : 9.1, "severity" : "CRITICAL", "cves" : [ "CVE-2024-40896" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/krb5-libs@1.18.2-32.el8_10?arch=x86_64&distro=rhel-8.10&upstream=krb5-1.18.2-32.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2024-3596", "source" : "redhat-csaf", "cvssScore" : 9.0, "severity" : "CRITICAL", "cves" : [ "CVE-2024-3596" ], "unique" : false }, { "id" : "CVE-2022-42898", "title" : "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has \"a similar bug.\"", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2022-42898" ], "unique" : false }, { "id" : "CVE-2023-39975", "title" : "kdc/do_tgs_req.c in MIT Kerberos 5 (aka krb5) 1.21 before 1.21.2 has a double free that is reachable if an authenticated user can trigger an authorization-data handling failure. Incorrect data is copied from one ticket to another.", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2023-39975" ], "unique" : false }, { "id" : "CVE-2024-26462", "title" : "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/kdc/ndr.c.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-26462" ], "unique" : false }, { "id" : "CVE-2024-37370", "title" : "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-37370" ], "unique" : false }, { "id" : "CVE-2020-17049", "title" : "Kerberos KDC Security Feature Bypass Vulnerability", "source" : "redhat-csaf", "cvssScore" : 7.2, "severity" : "HIGH", "cves" : [ "CVE-2020-17049" ], "unique" : false }, { "id" : "CVE-2023-36054", "title" : "lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-36054" ], "unique" : false }, { "id" : "CVE-2024-37371", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2024-37371" ], "unique" : false }, { "id" : "CVE-2025-24528", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-24528" ], "unique" : false }, { "id" : "CVE-2024-26458", "title" : "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-26458" ], "unique" : false }, { "id" : "CVE-2024-26461", "title" : "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-26461" ], "unique" : false }, { "id" : "CVE-2025-3576", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-3576" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-3596", "source" : "redhat-csaf", "cvssScore" : 9.0, "severity" : "CRITICAL", "cves" : [ "CVE-2024-3596" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-minimal-langpack@2.28-251.el8_10.31?arch=x86_64&distro=rhel-8.10&upstream=glibc-2.28-251.el8_10.31.src.rpm", "issues" : [ { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false }, { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2023-4911", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-4911" ], "unique" : false }, { "id" : "CVE-2024-33599", "title" : "nscd: Stack-based buffer overflow in netgroup cache", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-33599" ], "unique" : false }, { "id" : "CVE-2025-4802", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2025-4802" ], "unique" : false }, { "id" : "CVE-2023-4527", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4527" ], "unique" : false }, { "id" : "CVE-2023-4806", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4806" ], "unique" : false }, { "id" : "CVE-2023-4813", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4813" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2025-0395", "title" : "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0395" ], "unique" : false }, { "id" : "CVE-2024-33600", "title" : "nscd: Null pointer crashes after notfound response", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33600" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2024-33601", "title" : "nscd: netgroup cache may terminate daemon on memory allocation failure", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33601" ], "unique" : false }, { "id" : "CVE-2024-33602", "title" : "nscd: netgroup cache assumes NSS callback uses in-buffer strings", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc@2.28-251.el8_10.31?arch=x86_64&distro=rhel-8.10&upstream=glibc-2.28-251.el8_10.31.src.rpm", "issues" : [ { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false }, { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2023-4911", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-4911" ], "unique" : false }, { "id" : "CVE-2024-33599", "title" : "nscd: Stack-based buffer overflow in netgroup cache", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-33599" ], "unique" : false }, { "id" : "CVE-2025-4802", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2025-4802" ], "unique" : false }, { "id" : "CVE-2023-4527", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4527" ], "unique" : false }, { "id" : "CVE-2023-4806", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4806" ], "unique" : false }, { "id" : "CVE-2023-4813", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4813" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2025-0395", "title" : "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0395" ], "unique" : false }, { "id" : "CVE-2024-33600", "title" : "nscd: Null pointer crashes after notfound response", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33600" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2024-33601", "title" : "nscd: netgroup cache may terminate daemon on memory allocation failure", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33601" ], "unique" : false }, { "id" : "CVE-2024-33602", "title" : "nscd: netgroup cache assumes NSS callback uses in-buffer strings", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-common@2.28-251.el8_10.31?arch=x86_64&distro=rhel-8.10&upstream=glibc-2.28-251.el8_10.31.src.rpm", "issues" : [ { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false }, { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2023-4911", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-4911" ], "unique" : false }, { "id" : "CVE-2024-33599", "title" : "nscd: Stack-based buffer overflow in netgroup cache", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-33599" ], "unique" : false }, { "id" : "CVE-2025-4802", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2025-4802" ], "unique" : false }, { "id" : "CVE-2023-4527", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4527" ], "unique" : false }, { "id" : "CVE-2023-4806", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4806" ], "unique" : false }, { "id" : "CVE-2023-4813", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4813" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2025-0395", "title" : "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0395" ], "unique" : false }, { "id" : "CVE-2024-33600", "title" : "nscd: Null pointer crashes after notfound response", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33600" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2024-33601", "title" : "nscd: netgroup cache may terminate daemon on memory allocation failure", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33601" ], "unique" : false }, { "id" : "CVE-2024-33602", "title" : "nscd: netgroup cache assumes NSS callback uses in-buffer strings", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/xz-libs@5.2.4-4.el8_6?arch=x86_64&distro=rhel-8.10&upstream=xz-5.2.4-4.el8_6.src.rpm", "issues" : [ { "id" : "CVE-2022-1271", "title" : "An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2022-1271" ], "unique" : false }, { "id" : "CVE-2025-31115", "title" : "XZ has a heap-use-after-free bug in threaded .xz decoder", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-31115" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-1271", "title" : "An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2022-1271" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libksba@1.3.5-9.el8_7?arch=x86_64&distro=rhel-8.10&upstream=libksba-1.3.5-9.el8_7.src.rpm", "issues" : [ { "id" : "CVE-2022-3515", "title" : "A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser. The vulnerability can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.", "source" : "redhat-csaf", "cvssScore" : 8.6, "severity" : "HIGH", "cves" : [ "CVE-2022-3515" ], "unique" : false }, { "id" : "CVE-2022-47629", "title" : "Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser.", "source" : "redhat-csaf", "cvssScore" : 8.6, "severity" : "HIGH", "cves" : [ "CVE-2022-47629" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-3515", "title" : "A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser. The vulnerability can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.", "source" : "redhat-csaf", "cvssScore" : 8.6, "severity" : "HIGH", "cves" : [ "CVE-2022-3515" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/gnupg2@2.2.20-4.el8_10?arch=x86_64&distro=rhel-8.10&upstream=gnupg2-2.2.20-4.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2026-24882", "source" : "redhat-csaf", "cvssScore" : 8.4, "severity" : "HIGH", "cves" : [ "CVE-2026-24882" ], "unique" : false }, { "id" : "CVE-2025-68973", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-68973" ], "unique" : false }, { "id" : "CVE-2022-34903", "title" : "GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2022-34903" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-24882", "source" : "redhat-csaf", "cvssScore" : 8.4, "severity" : "HIGH", "cves" : [ "CVE-2026-24882" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/zlib@1.2.11-25.el8?arch=x86_64&distro=rhel-8.10&upstream=zlib-1.2.11-25.el8.src.rpm", "issues" : [ { "id" : "CVE-2018-25032", "title" : "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", "source" : "redhat-csaf", "cvssScore" : 8.2, "severity" : "HIGH", "cves" : [ "CVE-2018-25032" ], "unique" : false }, { "id" : "CVE-2022-37434", "title" : "zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2022-37434" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2018-25032", "title" : "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", "source" : "redhat-csaf", "cvssScore" : 8.2, "severity" : "HIGH", "cves" : [ "CVE-2018-25032" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libssh-config@0.9.6-16.el8_10?arch=noarch&distro=rhel-8.10&upstream=libssh-0.9.6-16.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2025-5318", "title" : "Libssh: out-of-bounds read in sftp_handle()", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2025-5318" ], "unique" : false }, { "id" : "CVE-2025-5987", "title" : "Libssh: invalid return code for chacha20 poly1305 with openssl backend", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2025-5987" ], "unique" : false }, { "id" : "CVE-2023-48795", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-48795" ], "unique" : false }, { "id" : "CVE-2023-2283", "source" : "redhat-csaf", "cvssScore" : 4.8, "severity" : "MEDIUM", "cves" : [ "CVE-2023-2283" ], "unique" : false }, { "id" : "CVE-2023-6004", "source" : "redhat-csaf", "cvssScore" : 4.8, "severity" : "MEDIUM", "cves" : [ "CVE-2023-6004" ], "unique" : false }, { "id" : "CVE-2023-1667", "title" : "A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of service.", "source" : "redhat-csaf", "cvssScore" : 4.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-1667" ], "unique" : false }, { "id" : "CVE-2023-6918", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2023-6918" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-5318", "title" : "Libssh: out-of-bounds read in sftp_handle()", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2025-5318" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libssh@0.9.6-16.el8_10?arch=x86_64&distro=rhel-8.10&upstream=libssh-0.9.6-16.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2025-5318", "title" : "Libssh: out-of-bounds read in sftp_handle()", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2025-5318" ], "unique" : false }, { "id" : "CVE-2025-5987", "title" : "Libssh: invalid return code for chacha20 poly1305 with openssl backend", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2025-5987" ], "unique" : false }, { "id" : "CVE-2023-48795", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-48795" ], "unique" : false }, { "id" : "CVE-2023-2283", "source" : "redhat-csaf", "cvssScore" : 4.8, "severity" : "MEDIUM", "cves" : [ "CVE-2023-2283" ], "unique" : false }, { "id" : "CVE-2023-6004", "source" : "redhat-csaf", "cvssScore" : 4.8, "severity" : "MEDIUM", "cves" : [ "CVE-2023-6004" ], "unique" : false }, { "id" : "CVE-2023-1667", "title" : "A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of service.", "source" : "redhat-csaf", "cvssScore" : 4.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-1667" ], "unique" : false }, { "id" : "CVE-2023-6918", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2023-6918" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-5318", "title" : "Libssh: out-of-bounds read in sftp_handle()", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2025-5318" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libcap@2.48-6.el8_9?arch=x86_64&distro=rhel-8.10&upstream=libcap-2.48-6.el8_9.src.rpm", "issues" : [ { "id" : "CVE-2023-2603", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-2603" ], "unique" : false }, { "id" : "CVE-2023-2602", "title" : "A vulnerability was found in the pthread_create() function in libcap. This issue may allow a malicious actor to use cause __real_pthread_create() to return an error, which can exhaust the process memory.", "source" : "redhat-csaf", "cvssScore" : 3.3, "severity" : "LOW", "cves" : [ "CVE-2023-2602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-2603", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-2603" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-base@6.1-10.20180224.el8?arch=noarch&distro=rhel-8.10&upstream=ncurses-6.1-10.20180224.el8.src.rpm", "issues" : [ { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false }, { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false }, { "id" : "CVE-2022-29458", "title" : "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2022-29458" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-libs@6.1-10.20180224.el8?arch=x86_64&distro=rhel-8.10&upstream=ncurses-6.1-10.20180224.el8.src.rpm", "issues" : [ { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false }, { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false }, { "id" : "CVE-2022-29458", "title" : "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2022-29458" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libarchive@3.3.3-7.el8_10?arch=x86_64&distro=rhel-8.10&upstream=libarchive-3.3.3-7.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2025-5914", "title" : "Libarchive: double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-5914" ], "unique" : false }, { "id" : "CVE-2026-4111", "title" : "Libarchive: infinite loop denial of service in rar5 decompression via archive_read_data() in libarchive", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-4111" ], "unique" : false }, { "id" : "CVE-2026-4424", "title" : "Libarchive: libarchive: information disclosure via heap out-of-bounds read in rar archive processing", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-4424" ], "unique" : false }, { "id" : "CVE-2026-5121", "title" : "Libarchive: libarchive: arbitrary code execution via integer overflow in iso9660 image processing", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-5121" ], "unique" : false }, { "id" : "CVE-2022-26280", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2022-26280" ], "unique" : false }, { "id" : "CVE-2022-36227", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2022-36227" ], "unique" : false }, { "id" : "CVE-2024-57970", "title" : "libarchive through 3.7.7 has a heap-based buffer over-read in header_gnu_longlink in archive_read_support_format_tar.c via a TAR archive because it mishandles truncation in the middle of a GNU long linkname.", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-57970" ], "unique" : false }, { "id" : "CVE-2025-25724", "title" : "list_item_verbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which can lead to a denial of service or unspecified other impact via a crafted TAR archive that is read with a verbose value of 2. For example, the 100-byte buffer may not be sufficient for a custom locale.", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2025-25724" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-5914", "title" : "Libarchive: double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-5914" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glib2@2.56.4-168.el8_10?arch=x86_64&distro=rhel-8.10&upstream=glib2-2.56.4-168.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2025-13601", "title" : "Glib: integer overflow in in g_escape_uri_string()", "source" : "redhat-csaf", "cvssScore" : 7.7, "severity" : "HIGH", "cves" : [ "CVE-2025-13601" ], "unique" : false }, { "id" : "CVE-2024-52533", "title" : "gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing '\\0' character.", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2024-52533" ], "unique" : false }, { "id" : "CVE-2023-32611", "title" : "G_variant_byteswap() can take a long time with some non-normal inputs", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-32611" ], "unique" : false }, { "id" : "CVE-2023-32665", "title" : "Gvariant deserialisation does not match spec for non-normal data", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-32665" ], "unique" : false }, { "id" : "CVE-2025-14512", "title" : "Glib: integer overflow in glib gio attribute escaping causes heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14512" ], "unique" : false }, { "id" : "CVE-2023-29499", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2023-29499" ], "unique" : false }, { "id" : "CVE-2025-14087", "title" : "Glib: glib: buffer underflow in gvariant parser leads to heap corruption", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14087" ], "unique" : false }, { "id" : "CVE-2025-4373", "source" : "redhat-csaf", "cvssScore" : 4.8, "severity" : "MEDIUM", "cves" : [ "CVE-2025-4373" ], "unique" : false }, { "id" : "CVE-2024-34397", "source" : "redhat-csaf", "cvssScore" : 3.8, "severity" : "LOW", "cves" : [ "CVE-2024-34397" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-13601", "title" : "Glib: integer overflow in in g_escape_uri_string()", "source" : "redhat-csaf", "cvssScore" : 7.7, "severity" : "HIGH", "cves" : [ "CVE-2025-13601" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/sqlite-libs@3.26.0-20.el8_10?arch=x86_64&distro=rhel-8.10&upstream=sqlite-3.26.0-20.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2025-6965", "title" : "Integer Truncation on SQLite", "source" : "redhat-csaf", "cvssScore" : 7.7, "severity" : "HIGH", "cves" : [ "CVE-2025-6965" ], "unique" : false }, { "id" : "CVE-2023-7104", "source" : "redhat-csaf", "cvssScore" : 7.3, "severity" : "HIGH", "cves" : [ "CVE-2023-7104" ], "unique" : false }, { "id" : "CVE-2025-3277", "title" : "An integer overflow can be triggered in SQLite’s `concat_ws()` function. The resulting, truncated integer is then used to allocate a buffer. When SQLite then writes the resulting string to the buffer, it uses the original, untruncated size and thus a wild Heap Buffer overflow of size ~4GB can be triggered. This can result in arbitrary code execution.", "source" : "redhat-csaf", "cvssScore" : 7.3, "severity" : "HIGH", "cves" : [ "CVE-2025-3277" ], "unique" : false }, { "id" : "CVE-2022-35737", "title" : "SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2022-35737" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-6965", "title" : "Integer Truncation on SQLite", "source" : "redhat-csaf", "cvssScore" : 7.7, "severity" : "HIGH", "cves" : [ "CVE-2025-6965" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libsolv@0.7.20-6.el8?arch=x86_64&distro=rhel-8.10&upstream=libsolv-0.7.20-6.el8.src.rpm", "issues" : [ { "id" : "CVE-2021-33928", "title" : "Buffer overflow vulnerability in function pool_installable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2021-33928" ], "unique" : false }, { "id" : "CVE-2021-33929", "title" : "Buffer overflow vulnerability in function pool_disabled_solvable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2021-33929" ], "unique" : false }, { "id" : "CVE-2021-33930", "title" : "Buffer overflow vulnerability in function pool_installable_whatprovides in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2021-33930" ], "unique" : false }, { "id" : "CVE-2021-33938", "title" : "Buffer overflow vulnerability in function prune_to_recommended in src/policy.c in libsolv before 0.7.17 allows attackers to cause a Denial of Service.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2021-33938" ], "unique" : false }, { "id" : "CVE-2021-46877", "title" : "jackson-databind 2.10.x through 2.12.x before 2.12.6 and 2.13.x before 2.13.1 allows attackers to cause a denial of service (2 GB transient heap usage per read) in uncommon situations involving JsonNode JDK serialization.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2021-46877" ], "unique" : false }, { "id" : "CVE-2024-28863", "title" : "node-tar vulnerable to denial of service while parsing a tar file due to lack of folders count validation", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2024-28863" ], "unique" : false }, { "id" : "CVE-2021-44568", "title" : "Two heap-overflow vulnerabilities exist in openSUSE/libsolv libsolv through 13 Dec 2020 in the decisionmap variable via the resolve_dependencies function at src/solver.c (line 1940 & line 1995), which could cause a remote Denial of Service.", "source" : "redhat-csaf", "cvssScore" : 6.3, "severity" : "MEDIUM", "cves" : [ "CVE-2021-44568" ], "unique" : false }, { "id" : "CVE-2021-3200", "title" : "Buffer overflow vulnerability in libsolv 2020-12-13 via the Solver * testcase_read(Pool *pool, FILE *fp, const char *testcase, Queue *job, char **resultp, int *resultflagsp function at src/testcase.c: line 2334, which could cause a denial of service", "source" : "redhat-csaf", "cvssScore" : 3.3, "severity" : "LOW", "cves" : [ "CVE-2021-3200" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2021-33928", "title" : "Buffer overflow vulnerability in function pool_installable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2021-33928" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/brotli@1.0.6-4.el8_10?arch=x86_64&distro=rhel-8.10&upstream=brotli-1.0.6-4.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2025-6176", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-6176" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-6176", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-6176" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/gnutls@3.6.16-8.el8_10.5?arch=x86_64&distro=rhel-8.10&upstream=gnutls-3.6.16-8.el8_10.5.src.rpm", "issues" : [ { "id" : "CVE-2022-2509", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-2509" ], "unique" : false }, { "id" : "CVE-2024-0553", "title" : "Gnutls: incomplete fix for cve-2023-5981", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-0553" ], "unique" : false }, { "id" : "CVE-2024-0567", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-0567" ], "unique" : false }, { "id" : "CVE-2023-0361", "title" : "A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2023-0361" ], "unique" : false }, { "id" : "CVE-2025-32988", "title" : "Gnutls: vulnerability in gnutls othername san export", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-32988" ], "unique" : false }, { "id" : "CVE-2025-32990", "title" : "Gnutls: vulnerability in gnutls certtool template parsing", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-32990" ], "unique" : false }, { "id" : "CVE-2025-6395", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-6395" ], "unique" : false }, { "id" : "CVE-2023-5981", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-5981" ], "unique" : false }, { "id" : "CVE-2024-12243", "title" : "Gnutls: gnutls impacted by inefficient der decoding in libtasn1 leading to remote dos", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-12243" ], "unique" : false }, { "id" : "CVE-2024-28834", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-28834" ], "unique" : false }, { "id" : "CVE-2025-14831", "title" : "Gnutls: gnutls: denial of service via excessive resource consumption during certificate verification", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14831" ], "unique" : false }, { "id" : "CVE-2025-32989", "title" : "Gnutls: vulnerability in gnutls sct extension parsing", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-32989" ], "unique" : false }, { "id" : "CVE-2024-28835", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-28835" ], "unique" : false }, { "id" : "CVE-2025-9820", "title" : "Gnutls: stack-based buffer overflow in gnutls_pkcs11_token_init() function", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2025-9820" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-2509", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-2509" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libnghttp2@1.33.0-6.el8_10.2?arch=x86_64&distro=rhel-8.10&upstream=nghttp2-1.33.0-6.el8_10.2.src.rpm", "issues" : [ { "id" : "CVE-2023-44487", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-44487" ], "unique" : false }, { "id" : "CVE-2026-27135", "title" : "nghttp2 Denial of service: Assertion failure due to the missing state validation", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-27135" ], "unique" : false }, { "id" : "CVE-2024-28182", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-28182" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-44487", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-44487" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/pcre2@10.32-3.el8_6?arch=x86_64&distro=rhel-8.10&upstream=pcre2-10.32-3.el8_6.src.rpm", "issues" : [ { "id" : "CVE-2022-1586", "title" : "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1586" ], "unique" : false }, { "id" : "CVE-2022-1587", "title" : "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1587" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-1586", "title" : "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1586" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/openldap@2.4.46-21.el8_10?arch=x86_64&distro=rhel-8.10&upstream=openldap-2.4.46-21.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2023-2953", "title" : "A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2023-2953" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-2953", "title" : "A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2023-2953" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/lua-libs@5.3.4-12.el8?arch=x86_64&distro=rhel-8.10&upstream=lua-5.3.4-12.el8.src.rpm", "issues" : [ { "id" : "CVE-2021-44964", "title" : "Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.0~5.4.3 allows attackers to perform Sandbox Escape via a crafted script file.", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2021-44964" ], "unique" : false }, { "id" : "CVE-2022-33099", "title" : "An issue in the component luaG_runerror of Lua v5.4.4 and below leads to a heap-buffer overflow when a recursive error occurs.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2022-33099" ], "unique" : false }, { "id" : "CVE-2022-28805", "title" : "singlevar in lparser.c in Lua from (including) 5.4.0 up to (excluding) 5.4.4 lacks a certain luaK_exp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code.", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2022-28805" ], "unique" : false }, { "id" : "CVE-2021-43519", "title" : "Stack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4 allows attackers to perform a Denial of Service via a crafted script file.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2021-43519" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2021-44964", "title" : "Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.0~5.4.3 allows attackers to perform Sandbox Escape via a crafted script file.", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2021-44964" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/bash@4.4.20-6.el8_10?arch=x86_64&distro=rhel-8.10&upstream=bash-4.4.20-6.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2022-3715", "source" : "redhat-csaf", "cvssScore" : 6.6, "severity" : "MEDIUM", "cves" : [ "CVE-2022-3715" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-3715", "source" : "redhat-csaf", "cvssScore" : 6.6, "severity" : "MEDIUM", "cves" : [ "CVE-2022-3715" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64&distro=rhel-8.10&upstream=rpm-4.14.3-32.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2021-35938", "title" : "A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2021-35938" ], "unique" : false }, { "id" : "CVE-2021-35939", "title" : "It was found that the fix for CVE-2017-7500 and CVE-2017-7501 was incomplete: the check was only implemented for the parent directory of the file to be created. A local unprivileged user who owns another ancestor directory could potentially use this flaw to gain root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2021-35939" ], "unique" : false }, { "id" : "CVE-2021-35937", "title" : "A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "source" : "redhat-csaf", "cvssScore" : 6.3, "severity" : "MEDIUM", "cves" : [ "CVE-2021-35937" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2021-35938", "title" : "A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2021-35938" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/rpm@4.14.3-32.el8_10?arch=x86_64&distro=rhel-8.10&upstream=rpm-4.14.3-32.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2021-35938", "title" : "A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2021-35938" ], "unique" : false }, { "id" : "CVE-2021-35939", "title" : "It was found that the fix for CVE-2017-7500 and CVE-2017-7501 was incomplete: the check was only implemented for the parent directory of the file to be created. A local unprivileged user who owns another ancestor directory could potentially use this flaw to gain root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2021-35939" ], "unique" : false }, { "id" : "CVE-2021-35937", "title" : "A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "source" : "redhat-csaf", "cvssScore" : 6.3, "severity" : "MEDIUM", "cves" : [ "CVE-2021-35937" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2021-35938", "title" : "A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2021-35938" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/gmp@6.1.2-11.el8?arch=x86_64&distro=rhel-8.10&epoch=1&upstream=gmp-6.1.2-11.el8.src.rpm", "issues" : [ { "id" : "CVE-2021-43618", "title" : "GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms.", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2021-43618" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2021-43618", "title" : "GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms.", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2021-43618" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libsmartcols@2.32.1-48.el8_10?arch=x86_64&distro=rhel-8.10&upstream=util-linux-2.32.1-48.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libgcc@8.5.0-28.el8_10?arch=x86_64&distro=rhel-8.10&upstream=gcc-8.5.0-28.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2020-11023", "title" : "Potential XSS vulnerability in jQuery", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2020-11023" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2020-11023", "title" : "Potential XSS vulnerability in jQuery", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2020-11023" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libmount@2.32.1-48.el8_10?arch=x86_64&distro=rhel-8.10&upstream=util-linux-2.32.1-48.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libuuid@2.32.1-48.el8_10?arch=x86_64&distro=rhel-8.10&upstream=util-linux-2.32.1-48.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libblkid@2.32.1-48.el8_10?arch=x86_64&distro=rhel-8.10&upstream=util-linux-2.32.1-48.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false }, { "id" : "CVE-2026-27456", "title" : "util-linux: TOCTOU Race Condition in util-linux mount(8) - Loop Device Setup", "source" : "redhat-csaf", "cvssScore" : 4.7, "severity" : "MEDIUM", "cves" : [ "CVE-2026-27456" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libstdc%2B%2B@8.5.0-28.el8_10?arch=x86_64&distro=rhel-8.10&upstream=gcc-8.5.0-28.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2020-11023", "title" : "Potential XSS vulnerability in jQuery", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2020-11023" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2020-11023", "title" : "Potential XSS vulnerability in jQuery", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2020-11023" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libtasn1@4.13-5.el8_10?arch=x86_64&distro=rhel-8.10&upstream=libtasn1-4.13-5.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2021-46848", "title" : "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2021-46848" ], "unique" : false }, { "id" : "CVE-2024-12133", "title" : "Libtasn1: inefficient der decoding in libtasn1 leading to potential remote dos", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-12133" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2021-46848", "title" : "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2021-46848" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libgcrypt@1.8.5-7.el8_6?arch=x86_64&distro=rhel-8.10&upstream=libgcrypt-1.8.5-7.el8_6.src.rpm", "issues" : [ { "id" : "CVE-2024-2236", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-2236" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-2236", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-2236" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/systemd-libs@239-82.el8_10.15?arch=x86_64&distro=rhel-8.10&upstream=systemd-239-82.el8_10.15.src.rpm", "issues" : [ { "id" : "CVE-2023-7008", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-7008" ], "unique" : false }, { "id" : "CVE-2022-3821", "title" : "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2022-3821" ], "unique" : false }, { "id" : "CVE-2022-4415", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2022-4415" ], "unique" : false }, { "id" : "CVE-2022-45873", "title" : "systemd 250 and 251 allows local users to achieve a systemd-coredump deadlock by triggering a crash that has a long backtrace. This occurs in parse_elf_object in shared/elf-util.c. The exploitation methodology is to crash a binary calling the same function recursively, and put it in a deeply nested directory to make its backtrace large enough to cause the deadlock. This must be done 16 times when MaxConnections=16 is set for the systemd/units/systemd-coredump.socket file.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2022-45873" ], "unique" : false }, { "id" : "CVE-2025-4598", "source" : "redhat-csaf", "cvssScore" : 4.7, "severity" : "MEDIUM", "cves" : [ "CVE-2025-4598" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-7008", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-7008" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libcom_err@1.45.6-7.el8_10?arch=x86_64&distro=rhel-8.10&upstream=e2fsprogs-1.45.6-7.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2022-1304", "title" : "An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.", "source" : "redhat-csaf", "cvssScore" : 5.8, "severity" : "MEDIUM", "cves" : [ "CVE-2022-1304" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-1304", "title" : "An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.", "source" : "redhat-csaf", "cvssScore" : 5.8, "severity" : "MEDIUM", "cves" : [ "CVE-2022-1304" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/file-libs@5.33-27.el8_10?arch=x86_64&distro=rhel-8.10&upstream=file-5.33-27.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2022-48554", "title" : "File before 5.43 has an stack-based buffer over-read in file_copystr in funcs.c. NOTE: \"File\" is the name of an Open Source project.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2022-48554" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-48554", "title" : "File before 5.43 has an stack-based buffer over-read in file_copystr in funcs.c. NOTE: \"File\" is the name of an Open Source project.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2022-48554" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/bzip2-libs@1.0.6-28.el8_10?arch=x86_64&distro=rhel-8.10&upstream=bzip2-1.0.6-28.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2019-12900", "title" : "BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.", "source" : "redhat-csaf", "cvssScore" : 4.4, "severity" : "MEDIUM", "cves" : [ "CVE-2019-12900" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2019-12900", "title" : "BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.", "source" : "redhat-csaf", "cvssScore" : 4.4, "severity" : "MEDIUM", "cves" : [ "CVE-2019-12900" ], "unique" : false } } ], "highestVulnerability" : { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/tar@1.30-11.el8_10?arch=x86_64&distro=rhel-8.10&epoch=2&upstream=tar-1.30-11.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2025-45582", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-45582" ], "unique" : false }, { "id" : "CVE-2022-48303", "title" : "GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2022-48303" ], "unique" : false } ], "transitive" : [ { "ref" : "pkg:rpm/redhat/glibc-minimal-langpack@2.28-251.el8_10.31?arch=x86_64&distro=rhel-8.10&upstream=glibc-2.28-251.el8_10.31.src.rpm", "issues" : [ { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false }, { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2023-4911", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-4911" ], "unique" : false }, { "id" : "CVE-2024-33599", "title" : "nscd: Stack-based buffer overflow in netgroup cache", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-33599" ], "unique" : false }, { "id" : "CVE-2025-4802", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2025-4802" ], "unique" : false }, { "id" : "CVE-2023-4527", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4527" ], "unique" : false }, { "id" : "CVE-2023-4806", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4806" ], "unique" : false }, { "id" : "CVE-2023-4813", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4813" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2025-0395", "title" : "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0395" ], "unique" : false }, { "id" : "CVE-2024-33600", "title" : "nscd: Null pointer crashes after notfound response", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33600" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2024-33601", "title" : "nscd: netgroup cache may terminate daemon on memory allocation failure", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33601" ], "unique" : false }, { "id" : "CVE-2024-33602", "title" : "nscd: netgroup cache assumes NSS callback uses in-buffer strings", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc@2.28-251.el8_10.31?arch=x86_64&distro=rhel-8.10&upstream=glibc-2.28-251.el8_10.31.src.rpm", "issues" : [ { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false }, { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2023-4911", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-4911" ], "unique" : false }, { "id" : "CVE-2024-33599", "title" : "nscd: Stack-based buffer overflow in netgroup cache", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-33599" ], "unique" : false }, { "id" : "CVE-2025-4802", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2025-4802" ], "unique" : false }, { "id" : "CVE-2023-4527", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4527" ], "unique" : false }, { "id" : "CVE-2023-4806", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4806" ], "unique" : false }, { "id" : "CVE-2023-4813", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4813" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2025-0395", "title" : "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0395" ], "unique" : false }, { "id" : "CVE-2024-33600", "title" : "nscd: Null pointer crashes after notfound response", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33600" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2024-33601", "title" : "nscd: netgroup cache may terminate daemon on memory allocation failure", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33601" ], "unique" : false }, { "id" : "CVE-2024-33602", "title" : "nscd: netgroup cache assumes NSS callback uses in-buffer strings", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-common@2.28-251.el8_10.31?arch=x86_64&distro=rhel-8.10&upstream=glibc-2.28-251.el8_10.31.src.rpm", "issues" : [ { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false }, { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2023-4911", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-4911" ], "unique" : false }, { "id" : "CVE-2024-33599", "title" : "nscd: Stack-based buffer overflow in netgroup cache", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-33599" ], "unique" : false }, { "id" : "CVE-2025-4802", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2025-4802" ], "unique" : false }, { "id" : "CVE-2023-4527", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4527" ], "unique" : false }, { "id" : "CVE-2023-4806", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4806" ], "unique" : false }, { "id" : "CVE-2023-4813", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4813" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2025-0395", "title" : "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0395" ], "unique" : false }, { "id" : "CVE-2024-33600", "title" : "nscd: Null pointer crashes after notfound response", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33600" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2024-33601", "title" : "nscd: netgroup cache may terminate daemon on memory allocation failure", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33601" ], "unique" : false }, { "id" : "CVE-2024-33602", "title" : "nscd: netgroup cache assumes NSS callback uses in-buffer strings", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/zlib@1.2.11-25.el8?arch=x86_64&distro=rhel-8.10&upstream=zlib-1.2.11-25.el8.src.rpm", "issues" : [ { "id" : "CVE-2018-25032", "title" : "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", "source" : "redhat-csaf", "cvssScore" : 8.2, "severity" : "HIGH", "cves" : [ "CVE-2018-25032" ], "unique" : false }, { "id" : "CVE-2022-37434", "title" : "zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2022-37434" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2018-25032", "title" : "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", "source" : "redhat-csaf", "cvssScore" : 8.2, "severity" : "HIGH", "cves" : [ "CVE-2018-25032" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-base@6.1-10.20180224.el8?arch=noarch&distro=rhel-8.10&upstream=ncurses-6.1-10.20180224.el8.src.rpm", "issues" : [ { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false }, { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false }, { "id" : "CVE-2022-29458", "title" : "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2022-29458" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-libs@6.1-10.20180224.el8?arch=x86_64&distro=rhel-8.10&upstream=ncurses-6.1-10.20180224.el8.src.rpm", "issues" : [ { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false }, { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false }, { "id" : "CVE-2022-29458", "title" : "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2022-29458" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/pcre2@10.32-3.el8_6?arch=x86_64&distro=rhel-8.10&upstream=pcre2-10.32-3.el8_6.src.rpm", "issues" : [ { "id" : "CVE-2022-1586", "title" : "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1586" ], "unique" : false }, { "id" : "CVE-2022-1587", "title" : "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1587" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-1586", "title" : "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1586" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/bash@4.4.20-6.el8_10?arch=x86_64&distro=rhel-8.10&upstream=bash-4.4.20-6.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2022-3715", "source" : "redhat-csaf", "cvssScore" : 6.6, "severity" : "MEDIUM", "cves" : [ "CVE-2022-3715" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-3715", "source" : "redhat-csaf", "cvssScore" : 6.6, "severity" : "MEDIUM", "cves" : [ "CVE-2022-3715" ], "unique" : false } } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/lz4-libs@1.8.3-5.el8_10?arch=x86_64&distro=rhel-8.10&upstream=lz4-1.8.3-5.el8_10.src.rpm", "transitive" : [ { "ref" : "pkg:rpm/redhat/glibc-minimal-langpack@2.28-251.el8_10.31?arch=x86_64&distro=rhel-8.10&upstream=glibc-2.28-251.el8_10.31.src.rpm", "issues" : [ { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false }, { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2023-4911", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-4911" ], "unique" : false }, { "id" : "CVE-2024-33599", "title" : "nscd: Stack-based buffer overflow in netgroup cache", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-33599" ], "unique" : false }, { "id" : "CVE-2025-4802", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2025-4802" ], "unique" : false }, { "id" : "CVE-2023-4527", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4527" ], "unique" : false }, { "id" : "CVE-2023-4806", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4806" ], "unique" : false }, { "id" : "CVE-2023-4813", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4813" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2025-0395", "title" : "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0395" ], "unique" : false }, { "id" : "CVE-2024-33600", "title" : "nscd: Null pointer crashes after notfound response", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33600" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2024-33601", "title" : "nscd: netgroup cache may terminate daemon on memory allocation failure", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33601" ], "unique" : false }, { "id" : "CVE-2024-33602", "title" : "nscd: netgroup cache assumes NSS callback uses in-buffer strings", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc@2.28-251.el8_10.31?arch=x86_64&distro=rhel-8.10&upstream=glibc-2.28-251.el8_10.31.src.rpm", "issues" : [ { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false }, { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2023-4911", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-4911" ], "unique" : false }, { "id" : "CVE-2024-33599", "title" : "nscd: Stack-based buffer overflow in netgroup cache", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-33599" ], "unique" : false }, { "id" : "CVE-2025-4802", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2025-4802" ], "unique" : false }, { "id" : "CVE-2023-4527", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4527" ], "unique" : false }, { "id" : "CVE-2023-4806", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4806" ], "unique" : false }, { "id" : "CVE-2023-4813", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4813" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2025-0395", "title" : "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0395" ], "unique" : false }, { "id" : "CVE-2024-33600", "title" : "nscd: Null pointer crashes after notfound response", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33600" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2024-33601", "title" : "nscd: netgroup cache may terminate daemon on memory allocation failure", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33601" ], "unique" : false }, { "id" : "CVE-2024-33602", "title" : "nscd: netgroup cache assumes NSS callback uses in-buffer strings", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-common@2.28-251.el8_10.31?arch=x86_64&distro=rhel-8.10&upstream=glibc-2.28-251.el8_10.31.src.rpm", "issues" : [ { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false }, { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2023-4911", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-4911" ], "unique" : false }, { "id" : "CVE-2024-33599", "title" : "nscd: Stack-based buffer overflow in netgroup cache", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-33599" ], "unique" : false }, { "id" : "CVE-2025-4802", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2025-4802" ], "unique" : false }, { "id" : "CVE-2023-4527", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4527" ], "unique" : false }, { "id" : "CVE-2023-4806", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4806" ], "unique" : false }, { "id" : "CVE-2023-4813", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4813" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2025-0395", "title" : "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0395" ], "unique" : false }, { "id" : "CVE-2024-33600", "title" : "nscd: Null pointer crashes after notfound response", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33600" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2024-33601", "title" : "nscd: netgroup cache may terminate daemon on memory allocation failure", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33601" ], "unique" : false }, { "id" : "CVE-2024-33602", "title" : "nscd: netgroup cache assumes NSS callback uses in-buffer strings", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-base@6.1-10.20180224.el8?arch=noarch&distro=rhel-8.10&upstream=ncurses-6.1-10.20180224.el8.src.rpm", "issues" : [ { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false }, { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false }, { "id" : "CVE-2022-29458", "title" : "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2022-29458" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-libs@6.1-10.20180224.el8?arch=x86_64&distro=rhel-8.10&upstream=ncurses-6.1-10.20180224.el8.src.rpm", "issues" : [ { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false }, { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false }, { "id" : "CVE-2022-29458", "title" : "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2022-29458" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/pcre2@10.32-3.el8_6?arch=x86_64&distro=rhel-8.10&upstream=pcre2-10.32-3.el8_6.src.rpm", "issues" : [ { "id" : "CVE-2022-1586", "title" : "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1586" ], "unique" : false }, { "id" : "CVE-2022-1587", "title" : "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1587" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-1586", "title" : "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1586" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/bash@4.4.20-6.el8_10?arch=x86_64&distro=rhel-8.10&upstream=bash-4.4.20-6.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2022-3715", "source" : "redhat-csaf", "cvssScore" : 6.6, "severity" : "MEDIUM", "cves" : [ "CVE-2022-3715" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-3715", "source" : "redhat-csaf", "cvssScore" : 6.6, "severity" : "MEDIUM", "cves" : [ "CVE-2022-3715" ], "unique" : false } } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/rootfiles@8.1-22.el8?arch=noarch&distro=rhel-8.10&upstream=rootfiles-8.1-22.el8.src.rpm", "transitive" : [ { "ref" : "pkg:rpm/redhat/glibc-minimal-langpack@2.28-251.el8_10.31?arch=x86_64&distro=rhel-8.10&upstream=glibc-2.28-251.el8_10.31.src.rpm", "issues" : [ { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false }, { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2023-4911", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-4911" ], "unique" : false }, { "id" : "CVE-2024-33599", "title" : "nscd: Stack-based buffer overflow in netgroup cache", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-33599" ], "unique" : false }, { "id" : "CVE-2025-4802", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2025-4802" ], "unique" : false }, { "id" : "CVE-2023-4527", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4527" ], "unique" : false }, { "id" : "CVE-2023-4806", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4806" ], "unique" : false }, { "id" : "CVE-2023-4813", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4813" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2025-0395", "title" : "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0395" ], "unique" : false }, { "id" : "CVE-2024-33600", "title" : "nscd: Null pointer crashes after notfound response", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33600" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2024-33601", "title" : "nscd: netgroup cache may terminate daemon on memory allocation failure", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33601" ], "unique" : false }, { "id" : "CVE-2024-33602", "title" : "nscd: netgroup cache assumes NSS callback uses in-buffer strings", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc@2.28-251.el8_10.31?arch=x86_64&distro=rhel-8.10&upstream=glibc-2.28-251.el8_10.31.src.rpm", "issues" : [ { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false }, { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2023-4911", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-4911" ], "unique" : false }, { "id" : "CVE-2024-33599", "title" : "nscd: Stack-based buffer overflow in netgroup cache", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-33599" ], "unique" : false }, { "id" : "CVE-2025-4802", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2025-4802" ], "unique" : false }, { "id" : "CVE-2023-4527", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4527" ], "unique" : false }, { "id" : "CVE-2023-4806", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4806" ], "unique" : false }, { "id" : "CVE-2023-4813", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4813" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2025-0395", "title" : "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0395" ], "unique" : false }, { "id" : "CVE-2024-33600", "title" : "nscd: Null pointer crashes after notfound response", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33600" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2024-33601", "title" : "nscd: netgroup cache may terminate daemon on memory allocation failure", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33601" ], "unique" : false }, { "id" : "CVE-2024-33602", "title" : "nscd: netgroup cache assumes NSS callback uses in-buffer strings", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-common@2.28-251.el8_10.31?arch=x86_64&distro=rhel-8.10&upstream=glibc-2.28-251.el8_10.31.src.rpm", "issues" : [ { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false }, { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2023-4911", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-4911" ], "unique" : false }, { "id" : "CVE-2024-33599", "title" : "nscd: Stack-based buffer overflow in netgroup cache", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-33599" ], "unique" : false }, { "id" : "CVE-2025-4802", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2025-4802" ], "unique" : false }, { "id" : "CVE-2023-4527", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4527" ], "unique" : false }, { "id" : "CVE-2023-4806", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4806" ], "unique" : false }, { "id" : "CVE-2023-4813", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4813" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2025-0395", "title" : "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0395" ], "unique" : false }, { "id" : "CVE-2024-33600", "title" : "nscd: Null pointer crashes after notfound response", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33600" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2024-33601", "title" : "nscd: netgroup cache may terminate daemon on memory allocation failure", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33601" ], "unique" : false }, { "id" : "CVE-2024-33602", "title" : "nscd: netgroup cache assumes NSS callback uses in-buffer strings", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-base@6.1-10.20180224.el8?arch=noarch&distro=rhel-8.10&upstream=ncurses-6.1-10.20180224.el8.src.rpm", "issues" : [ { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false }, { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false }, { "id" : "CVE-2022-29458", "title" : "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2022-29458" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-libs@6.1-10.20180224.el8?arch=x86_64&distro=rhel-8.10&upstream=ncurses-6.1-10.20180224.el8.src.rpm", "issues" : [ { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false }, { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false }, { "id" : "CVE-2022-29458", "title" : "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2022-29458" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/pcre2@10.32-3.el8_6?arch=x86_64&distro=rhel-8.10&upstream=pcre2-10.32-3.el8_6.src.rpm", "issues" : [ { "id" : "CVE-2022-1586", "title" : "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1586" ], "unique" : false }, { "id" : "CVE-2022-1587", "title" : "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1587" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-1586", "title" : "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1586" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/bash@4.4.20-6.el8_10?arch=x86_64&distro=rhel-8.10&upstream=bash-4.4.20-6.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2022-3715", "source" : "redhat-csaf", "cvssScore" : 6.6, "severity" : "MEDIUM", "cves" : [ "CVE-2022-3715" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-3715", "source" : "redhat-csaf", "cvssScore" : 6.6, "severity" : "MEDIUM", "cves" : [ "CVE-2022-3715" ], "unique" : false } } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libsemanage@2.9-12.el8_10?arch=x86_64&distro=rhel-8.10&upstream=libsemanage-2.9-12.el8_10.src.rpm", "transitive" : [ { "ref" : "pkg:rpm/redhat/glibc-minimal-langpack@2.28-251.el8_10.31?arch=x86_64&distro=rhel-8.10&upstream=glibc-2.28-251.el8_10.31.src.rpm", "issues" : [ { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false }, { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2023-4911", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-4911" ], "unique" : false }, { "id" : "CVE-2024-33599", "title" : "nscd: Stack-based buffer overflow in netgroup cache", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-33599" ], "unique" : false }, { "id" : "CVE-2025-4802", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2025-4802" ], "unique" : false }, { "id" : "CVE-2023-4527", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4527" ], "unique" : false }, { "id" : "CVE-2023-4806", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4806" ], "unique" : false }, { "id" : "CVE-2023-4813", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4813" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2025-0395", "title" : "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0395" ], "unique" : false }, { "id" : "CVE-2024-33600", "title" : "nscd: Null pointer crashes after notfound response", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33600" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2024-33601", "title" : "nscd: netgroup cache may terminate daemon on memory allocation failure", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33601" ], "unique" : false }, { "id" : "CVE-2024-33602", "title" : "nscd: netgroup cache assumes NSS callback uses in-buffer strings", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc@2.28-251.el8_10.31?arch=x86_64&distro=rhel-8.10&upstream=glibc-2.28-251.el8_10.31.src.rpm", "issues" : [ { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false }, { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2023-4911", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-4911" ], "unique" : false }, { "id" : "CVE-2024-33599", "title" : "nscd: Stack-based buffer overflow in netgroup cache", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-33599" ], "unique" : false }, { "id" : "CVE-2025-4802", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2025-4802" ], "unique" : false }, { "id" : "CVE-2023-4527", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4527" ], "unique" : false }, { "id" : "CVE-2023-4806", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4806" ], "unique" : false }, { "id" : "CVE-2023-4813", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4813" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2025-0395", "title" : "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0395" ], "unique" : false }, { "id" : "CVE-2024-33600", "title" : "nscd: Null pointer crashes after notfound response", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33600" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2024-33601", "title" : "nscd: netgroup cache may terminate daemon on memory allocation failure", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33601" ], "unique" : false }, { "id" : "CVE-2024-33602", "title" : "nscd: netgroup cache assumes NSS callback uses in-buffer strings", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-common@2.28-251.el8_10.31?arch=x86_64&distro=rhel-8.10&upstream=glibc-2.28-251.el8_10.31.src.rpm", "issues" : [ { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false }, { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2023-4911", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-4911" ], "unique" : false }, { "id" : "CVE-2024-33599", "title" : "nscd: Stack-based buffer overflow in netgroup cache", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-33599" ], "unique" : false }, { "id" : "CVE-2025-4802", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2025-4802" ], "unique" : false }, { "id" : "CVE-2023-4527", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4527" ], "unique" : false }, { "id" : "CVE-2023-4806", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4806" ], "unique" : false }, { "id" : "CVE-2023-4813", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4813" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2025-0395", "title" : "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0395" ], "unique" : false }, { "id" : "CVE-2024-33600", "title" : "nscd: Null pointer crashes after notfound response", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33600" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2024-33601", "title" : "nscd: netgroup cache may terminate daemon on memory allocation failure", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33601" ], "unique" : false }, { "id" : "CVE-2024-33602", "title" : "nscd: netgroup cache assumes NSS callback uses in-buffer strings", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-base@6.1-10.20180224.el8?arch=noarch&distro=rhel-8.10&upstream=ncurses-6.1-10.20180224.el8.src.rpm", "issues" : [ { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false }, { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false }, { "id" : "CVE-2022-29458", "title" : "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2022-29458" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-libs@6.1-10.20180224.el8?arch=x86_64&distro=rhel-8.10&upstream=ncurses-6.1-10.20180224.el8.src.rpm", "issues" : [ { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false }, { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false }, { "id" : "CVE-2022-29458", "title" : "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2022-29458" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/pcre2@10.32-3.el8_6?arch=x86_64&distro=rhel-8.10&upstream=pcre2-10.32-3.el8_6.src.rpm", "issues" : [ { "id" : "CVE-2022-1586", "title" : "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1586" ], "unique" : false }, { "id" : "CVE-2022-1587", "title" : "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1587" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-1586", "title" : "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1586" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/bash@4.4.20-6.el8_10?arch=x86_64&distro=rhel-8.10&upstream=bash-4.4.20-6.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2022-3715", "source" : "redhat-csaf", "cvssScore" : 6.6, "severity" : "MEDIUM", "cves" : [ "CVE-2022-3715" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-3715", "source" : "redhat-csaf", "cvssScore" : 6.6, "severity" : "MEDIUM", "cves" : [ "CVE-2022-3715" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/bzip2-libs@1.0.6-28.el8_10?arch=x86_64&distro=rhel-8.10&upstream=bzip2-1.0.6-28.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2019-12900", "title" : "BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.", "source" : "redhat-csaf", "cvssScore" : 4.4, "severity" : "MEDIUM", "cves" : [ "CVE-2019-12900" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2019-12900", "title" : "BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.", "source" : "redhat-csaf", "cvssScore" : 4.4, "severity" : "MEDIUM", "cves" : [ "CVE-2019-12900" ], "unique" : false } } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/shadow-utils@4.6-23.el8_10?arch=x86_64&distro=rhel-8.10&epoch=2&upstream=shadow-utils-4.6-23.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2023-4641", "source" : "redhat-csaf", "cvssScore" : 4.7, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4641" ], "unique" : false }, { "id" : "CVE-2024-56433", "title" : "shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g., uid 100000 through 165535 for the first user account) that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by leveraging newuidmap for access to an NFS home directory (or same-host resources in the case of remote logins by these local network users). NOTE: it may also be argued that system administrators should not have assigned uids, within local networks, that are within the range that can occur in /etc/subuid.", "source" : "redhat-csaf", "cvssScore" : 3.6, "severity" : "LOW", "cves" : [ "CVE-2024-56433" ], "unique" : false } ], "transitive" : [ { "ref" : "pkg:rpm/redhat/glibc-minimal-langpack@2.28-251.el8_10.31?arch=x86_64&distro=rhel-8.10&upstream=glibc-2.28-251.el8_10.31.src.rpm", "issues" : [ { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false }, { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2023-4911", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-4911" ], "unique" : false }, { "id" : "CVE-2024-33599", "title" : "nscd: Stack-based buffer overflow in netgroup cache", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-33599" ], "unique" : false }, { "id" : "CVE-2025-4802", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2025-4802" ], "unique" : false }, { "id" : "CVE-2023-4527", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4527" ], "unique" : false }, { "id" : "CVE-2023-4806", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4806" ], "unique" : false }, { "id" : "CVE-2023-4813", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4813" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2025-0395", "title" : "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0395" ], "unique" : false }, { "id" : "CVE-2024-33600", "title" : "nscd: Null pointer crashes after notfound response", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33600" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2024-33601", "title" : "nscd: netgroup cache may terminate daemon on memory allocation failure", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33601" ], "unique" : false }, { "id" : "CVE-2024-33602", "title" : "nscd: netgroup cache assumes NSS callback uses in-buffer strings", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc@2.28-251.el8_10.31?arch=x86_64&distro=rhel-8.10&upstream=glibc-2.28-251.el8_10.31.src.rpm", "issues" : [ { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false }, { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2023-4911", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-4911" ], "unique" : false }, { "id" : "CVE-2024-33599", "title" : "nscd: Stack-based buffer overflow in netgroup cache", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-33599" ], "unique" : false }, { "id" : "CVE-2025-4802", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2025-4802" ], "unique" : false }, { "id" : "CVE-2023-4527", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4527" ], "unique" : false }, { "id" : "CVE-2023-4806", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4806" ], "unique" : false }, { "id" : "CVE-2023-4813", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4813" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2025-0395", "title" : "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0395" ], "unique" : false }, { "id" : "CVE-2024-33600", "title" : "nscd: Null pointer crashes after notfound response", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33600" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2024-33601", "title" : "nscd: netgroup cache may terminate daemon on memory allocation failure", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33601" ], "unique" : false }, { "id" : "CVE-2024-33602", "title" : "nscd: netgroup cache assumes NSS callback uses in-buffer strings", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-common@2.28-251.el8_10.31?arch=x86_64&distro=rhel-8.10&upstream=glibc-2.28-251.el8_10.31.src.rpm", "issues" : [ { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false }, { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2023-4911", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-4911" ], "unique" : false }, { "id" : "CVE-2024-33599", "title" : "nscd: Stack-based buffer overflow in netgroup cache", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-33599" ], "unique" : false }, { "id" : "CVE-2025-4802", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2025-4802" ], "unique" : false }, { "id" : "CVE-2023-4527", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4527" ], "unique" : false }, { "id" : "CVE-2023-4806", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4806" ], "unique" : false }, { "id" : "CVE-2023-4813", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4813" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2025-0395", "title" : "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0395" ], "unique" : false }, { "id" : "CVE-2024-33600", "title" : "nscd: Null pointer crashes after notfound response", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33600" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2024-33601", "title" : "nscd: netgroup cache may terminate daemon on memory allocation failure", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33601" ], "unique" : false }, { "id" : "CVE-2024-33602", "title" : "nscd: netgroup cache assumes NSS callback uses in-buffer strings", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libcap@2.48-6.el8_9?arch=x86_64&distro=rhel-8.10&upstream=libcap-2.48-6.el8_9.src.rpm", "issues" : [ { "id" : "CVE-2023-2603", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-2603" ], "unique" : false }, { "id" : "CVE-2023-2602", "title" : "A vulnerability was found in the pthread_create() function in libcap. This issue may allow a malicious actor to use cause __real_pthread_create() to return an error, which can exhaust the process memory.", "source" : "redhat-csaf", "cvssScore" : 3.3, "severity" : "LOW", "cves" : [ "CVE-2023-2602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-2603", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-2603" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-base@6.1-10.20180224.el8?arch=noarch&distro=rhel-8.10&upstream=ncurses-6.1-10.20180224.el8.src.rpm", "issues" : [ { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false }, { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false }, { "id" : "CVE-2022-29458", "title" : "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2022-29458" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-libs@6.1-10.20180224.el8?arch=x86_64&distro=rhel-8.10&upstream=ncurses-6.1-10.20180224.el8.src.rpm", "issues" : [ { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false }, { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false }, { "id" : "CVE-2022-29458", "title" : "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2022-29458" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/pcre2@10.32-3.el8_6?arch=x86_64&distro=rhel-8.10&upstream=pcre2-10.32-3.el8_6.src.rpm", "issues" : [ { "id" : "CVE-2022-1586", "title" : "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1586" ], "unique" : false }, { "id" : "CVE-2022-1587", "title" : "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1587" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-1586", "title" : "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1586" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/bash@4.4.20-6.el8_10?arch=x86_64&distro=rhel-8.10&upstream=bash-4.4.20-6.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2022-3715", "source" : "redhat-csaf", "cvssScore" : 6.6, "severity" : "MEDIUM", "cves" : [ "CVE-2022-3715" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-3715", "source" : "redhat-csaf", "cvssScore" : 6.6, "severity" : "MEDIUM", "cves" : [ "CVE-2022-3715" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libgcc@8.5.0-28.el8_10?arch=x86_64&distro=rhel-8.10&upstream=gcc-8.5.0-28.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2020-11023", "title" : "Potential XSS vulnerability in jQuery", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2020-11023" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2020-11023", "title" : "Potential XSS vulnerability in jQuery", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2020-11023" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/bzip2-libs@1.0.6-28.el8_10?arch=x86_64&distro=rhel-8.10&upstream=bzip2-1.0.6-28.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2019-12900", "title" : "BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.", "source" : "redhat-csaf", "cvssScore" : 4.4, "severity" : "MEDIUM", "cves" : [ "CVE-2019-12900" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2019-12900", "title" : "BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.", "source" : "redhat-csaf", "cvssScore" : 4.4, "severity" : "MEDIUM", "cves" : [ "CVE-2019-12900" ], "unique" : false } } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } } ] } } } }, "licenses" : [ { "status" : { "ok" : false, "name" : "deps.dev", "code" : 400, "message" : "Bad Request: invalid purl \"pkg:maven/io.github.stuartwdouglas.hacbstest.Main/hacbs-test\" at request index 25", "warnings" : { } }, "summary" : { "total" : 1, "concluded" : 119, "permissive" : 1, "weakCopyleft" : 0, "strongCopyleft" : 0, "unknown" : 0, "deprecated" : 0, "osiApproved" : 1, "fsfLibre" : 1 }, "packages" : { "pkg:rpm/redhat/zlib@1.2.11-25.el8?arch=x86_64&distro=rhel-8.10&upstream=zlib-1.2.11-25.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libnghttp2@1.33.0-6.el8_10.2?arch=x86_64&distro=rhel-8.10&upstream=nghttp2-1.33.0-6.el8_10.2.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/p11-kit@0.23.22-2.el8?arch=x86_64&distro=rhel-8.10&upstream=p11-kit-0.23.22-2.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libxcrypt@4.1.1-6.el8?arch=x86_64&distro=rhel-8.10&upstream=libxcrypt-4.1.1-6.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/sed@4.5-5.el8_10?arch=x86_64&distro=rhel-8.10&upstream=sed-4.5-5.el8_10.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/filesystem@3.8-6.el8?arch=x86_64&distro=rhel-8.10&upstream=filesystem-3.8-6.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libsolv@0.7.20-6.el8?arch=x86_64&distro=rhel-8.10&upstream=libsolv-0.7.20-6.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libsemanage@2.9-12.el8_10?arch=x86_64&distro=rhel-8.10&upstream=libsemanage-2.9-12.el8_10.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/nettle@3.4.1-7.el8?arch=x86_64&distro=rhel-8.10&upstream=nettle-3.4.1-7.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/ncurses-base@6.1-10.20180224.el8?arch=noarch&distro=rhel-8.10&upstream=ncurses-6.1-10.20180224.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libverto@0.3.2-2.el8?arch=x86_64&distro=rhel-8.10&upstream=libverto-0.3.2-2.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/gdbm-libs@1.18-2.el8?arch=x86_64&distro=rhel-8.10&epoch=1&upstream=gdbm-1.18-2.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/xz-libs@5.2.4-4.el8_6?arch=x86_64&distro=rhel-8.10&upstream=xz-5.2.4-4.el8_6.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libunistring@0.9.9-3.el8?arch=x86_64&distro=rhel-8.10&upstream=libunistring-0.9.9-3.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/openssl-libs@1.1.1k-15.el8_6?arch=x86_64&distro=rhel-8.10&epoch=1&upstream=openssl-1.1.1k-15.el8_6.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/lua-libs@5.3.4-12.el8?arch=x86_64&distro=rhel-8.10&upstream=lua-5.3.4-12.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/platform-python@3.6.8-75.el8_10?arch=x86_64&distro=rhel-8.10&upstream=python3-3.6.8-75.el8_10.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/shadow-utils@4.6-23.el8_10?arch=x86_64&distro=rhel-8.10&epoch=2&upstream=shadow-utils-4.6-23.el8_10.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/json-c@0.13.1-3.el8?arch=x86_64&distro=rhel-8.10&upstream=json-c-0.13.1-3.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libtasn1@4.13-5.el8_10?arch=x86_64&distro=rhel-8.10&upstream=libtasn1-4.13-5.el8_10.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libyaml@0.1.7-5.el8?arch=x86_64&distro=rhel-8.10&upstream=libyaml-0.1.7-5.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libksba@1.3.5-9.el8_7?arch=x86_64&distro=rhel-8.10&upstream=libksba-1.3.5-9.el8_7.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libmount@2.32.1-48.el8_10?arch=x86_64&distro=rhel-8.10&upstream=util-linux-2.32.1-48.el8_10.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/krb5-libs@1.18.2-32.el8_10?arch=x86_64&distro=rhel-8.10&upstream=krb5-1.18.2-32.el8_10.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/file-libs@5.33-27.el8_10?arch=x86_64&distro=rhel-8.10&upstream=file-5.33-27.el8_10.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/gpgme@1.13.1-12.el8?arch=x86_64&distro=rhel-8.10&upstream=gpgme-1.13.1-12.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libacl@2.2.53-3.el8?arch=x86_64&distro=rhel-8.10&upstream=acl-2.2.53-3.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libmodulemd@2.13.0-1.el8?arch=x86_64&distro=rhel-8.10&upstream=libmodulemd-2.13.0-1.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libcurl@7.61.1-34.el8_10.11?arch=x86_64&distro=rhel-8.10&upstream=curl-7.61.1-34.el8_10.11.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/gpg-pubkey@fd431d51-4ae0493b?distro=rhel-9.2" : { "evidence" : [ ] }, "pkg:rpm/redhat/p11-kit-trust@0.23.22-2.el8?arch=x86_64&distro=rhel-8.10&upstream=p11-kit-0.23.22-2.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libzstd@1.4.4-1.el8?arch=x86_64&distro=rhel-8.10&upstream=zstd-1.4.4-1.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libcap@2.48-6.el8_9?arch=x86_64&distro=rhel-8.10&upstream=libcap-2.48-6.el8_9.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libtirpc@1.1.4-12.el8_10?arch=x86_64&distro=rhel-8.10&upstream=libtirpc-1.1.4-12.el8_10.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/python3-pip-wheel@9.0.3-24.el8?arch=noarch&distro=rhel-8.10&upstream=python-pip-9.0.3-24.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/pcre2@10.32-3.el8_6?arch=x86_64&distro=rhel-8.10&upstream=pcre2-10.32-3.el8_6.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/langpacks-en@1.0-12.el8?arch=noarch&distro=rhel-8.10&upstream=langpacks-1.0-12.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/bzip2-libs@1.0.6-28.el8_10?arch=x86_64&distro=rhel-8.10&upstream=bzip2-1.0.6-28.el8_10.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/keyutils-libs@1.5.10-9.el8?arch=x86_64&distro=rhel-8.10&upstream=keyutils-1.5.10-9.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/gnutls@3.6.16-8.el8_10.5?arch=x86_64&distro=rhel-8.10&upstream=gnutls-3.6.16-8.el8_10.5.src.rpm" : { "evidence" : [ ] }, "pkg:github/beatlabs/delete-old-branches-action@v0.0.10" : { "evidence" : [ ] }, "pkg:rpm/redhat/findutils@4.6.0-24.el8_10?arch=x86_64&distro=rhel-8.10&epoch=1&upstream=findutils-4.6.0-24.el8_10.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libattr@2.4.48-3.el8?arch=x86_64&distro=rhel-8.10&upstream=attr-2.4.48-3.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/npth@1.5-4.el8?arch=x86_64&distro=rhel-8.10&upstream=npth-1.5-4.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libssh@0.9.6-16.el8_10?arch=x86_64&distro=rhel-8.10&upstream=libssh-0.9.6-16.el8_10.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/glibc-common@2.28-251.el8_10.31?arch=x86_64&distro=rhel-8.10&upstream=glibc-2.28-251.el8_10.31.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/librepo@1.14.2-5.el8?arch=x86_64&distro=rhel-8.10&upstream=librepo-1.14.2-5.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/dbus-libs@1.12.8-27.el8_10?arch=x86_64&distro=rhel-8.10&epoch=1&upstream=dbus-1.12.8-27.el8_10.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/glib2@2.56.4-168.el8_10?arch=x86_64&distro=rhel-8.10&upstream=glib2-2.56.4-168.el8_10.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/chkconfig@1.19.2-1.el8?arch=x86_64&distro=rhel-8.10&upstream=chkconfig-1.19.2-1.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libgcc@8.5.0-28.el8_10?arch=x86_64&distro=rhel-8.10&upstream=gcc-8.5.0-28.el8_10.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/tar@1.30-11.el8_10?arch=x86_64&distro=rhel-8.10&epoch=2&upstream=tar-1.30-11.el8_10.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libdb@5.3.28-42.el8_4?arch=x86_64&distro=rhel-8.10&upstream=libdb-5.3.28-42.el8_4.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libssh-config@0.9.6-16.el8_10?arch=noarch&distro=rhel-8.10&upstream=libssh-0.9.6-16.el8_10.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/platform-python-setuptools@39.2.0-9.el8_10?arch=noarch&distro=rhel-8.10&upstream=python-setuptools-39.2.0-9.el8_10.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/librhsm@0.0.3-5.el8?arch=x86_64&distro=rhel-8.10&upstream=librhsm-0.0.3-5.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/publicsuffix-list-dafsa@20180723-1.el8?arch=noarch&distro=rhel-8.10&upstream=publicsuffix-list-20180723-1.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/python3-setuptools-wheel@39.2.0-9.el8_10?arch=noarch&distro=rhel-8.10&upstream=python-setuptools-39.2.0-9.el8_10.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/gpg-pubkey@d4082792-5b32db75?distro=rhel-8.10" : { "evidence" : [ ] }, "pkg:rpm/redhat/readline@7.0-10.el8?arch=x86_64&distro=rhel-8.10&upstream=readline-7.0-10.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64&distro=rhel-8.10&upstream=rpm-4.14.3-32.el8_10.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libdnf@0.63.0-21.el8_10?arch=x86_64&distro=rhel-8.10&upstream=libdnf-0.63.0-21.el8_10.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libusbx@1.0.23-4.el8?arch=x86_64&distro=rhel-8.10&upstream=libusbx-1.0.23-4.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libsigsegv@2.11-5.el8?arch=x86_64&distro=rhel-8.10&upstream=libsigsegv-2.11-5.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libcom_err@1.45.6-7.el8_10?arch=x86_64&distro=rhel-8.10&upstream=e2fsprogs-1.45.6-7.el8_10.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64&distro=rhel-8.10&upstream=python3-3.6.8-75.el8_10.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/ca-certificates@2025.2.80_v9.0.304-80.2.el8_10?arch=noarch&distro=rhel-8.10&upstream=ca-certificates-2025.2.80_v9.0.304-80.2.el8_10.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/gawk@4.2.1-4.el8?arch=x86_64&distro=rhel-8.10&upstream=gawk-4.2.1-4.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libnsl2@1.2.0-2.20180605git4a062cf.el8?arch=x86_64&distro=rhel-8.10&upstream=libnsl2-1.2.0-2.20180605git4a062cf.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/ncurses-libs@6.1-10.20180224.el8?arch=x86_64&distro=rhel-8.10&upstream=ncurses-6.1-10.20180224.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/brotli@1.0.6-4.el8_10?arch=x86_64&distro=rhel-8.10&upstream=brotli-1.0.6-4.el8_10.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/crypto-policies-scripts@20230731-1.git3177e06.el8?arch=noarch&distro=rhel-8.10&upstream=crypto-policies-20230731-1.git3177e06.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libsmartcols@2.32.1-48.el8_10?arch=x86_64&distro=rhel-8.10&upstream=util-linux-2.32.1-48.el8_10.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/basesystem@11-5.el8?arch=noarch&distro=rhel-8.10&upstream=basesystem-11-5.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/popt@1.18-1.el8?arch=x86_64&distro=rhel-8.10&upstream=popt-1.18-1.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libidn2@2.2.0-1.el8?arch=x86_64&distro=rhel-8.10&upstream=libidn2-2.2.0-1.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/setup@2.12.2-9.el8?arch=noarch&distro=rhel-8.10&upstream=setup-2.12.2-9.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/tzdata@2026a-1.el8?arch=noarch&distro=rhel-8.10&upstream=tzdata-2026a-1.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/systemd-libs@239-82.el8_10.15?arch=x86_64&distro=rhel-8.10&upstream=systemd-239-82.el8_10.15.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libxml2@2.9.7-21.el8_10.3?arch=x86_64&distro=rhel-8.10&upstream=libxml2-2.9.7-21.el8_10.3.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/grep@3.1-6.el8?arch=x86_64&distro=rhel-8.10&upstream=grep-3.1-6.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/mpfr@3.1.6-1.el8?arch=x86_64&distro=rhel-8.10&upstream=mpfr-3.1.6-1.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/glibc-minimal-langpack@2.28-251.el8_10.31?arch=x86_64&distro=rhel-8.10&upstream=glibc-2.28-251.el8_10.31.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/redhat-release@8.10-0.3.el8?arch=x86_64&distro=rhel-8.10&upstream=redhat-release-8.10-0.3.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/sqlite-libs@3.26.0-20.el8_10?arch=x86_64&distro=rhel-8.10&upstream=sqlite-3.26.0-20.el8_10.src.rpm" : { "evidence" : [ ] }, "pk 100 1002k 0 641k 100 360k 860k 483k --:--:-- --:--:-- --:--:-- 1344k g:rpm/redhat/bash@4.4.20-6.el8_10?arch=x86_64&distro=rhel-8.10&upstream=bash-4.4.20-6.el8_10.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libassuan@2.5.1-3.el8?arch=x86_64&distro=rhel-8.10&upstream=libassuan-2.5.1-3.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/elfutils-libelf@0.190-2.el8?arch=x86_64&distro=rhel-8.10&upstream=elfutils-0.190-2.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libgcrypt@1.8.5-7.el8_6?arch=x86_64&distro=rhel-8.10&upstream=libgcrypt-1.8.5-7.el8_6.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/json-glib@1.4.4-1.el8?arch=x86_64&distro=rhel-8.10&upstream=json-glib-1.4.4-1.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/gobject-introspection@1.56.1-1.el8?arch=x86_64&distro=rhel-8.10&upstream=gobject-introspection-1.56.1-1.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/gnupg2@2.2.20-4.el8_10?arch=x86_64&distro=rhel-8.10&upstream=gnupg2-2.2.20-4.el8_10.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/glibc@2.28-251.el8_10.31?arch=x86_64&distro=rhel-8.10&upstream=glibc-2.28-251.el8_10.31.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libstdc%2B%2B@8.5.0-28.el8_10?arch=x86_64&distro=rhel-8.10&upstream=gcc-8.5.0-28.el8_10.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libselinux@2.9-11.el8_10?arch=x86_64&distro=rhel-8.10&upstream=libselinux-2.9-11.el8_10.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/gmp@6.1.2-11.el8?arch=x86_64&distro=rhel-8.10&epoch=1&upstream=gmp-6.1.2-11.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libsepol@2.9-3.el8?arch=x86_64&distro=rhel-8.10&upstream=libsepol-2.9-3.el8.src.rpm" : { "evidence" : [ ] }, "pkg:github/actions/checkout@v4" : { "evidence" : [ ] }, "pkg:rpm/redhat/libgpg-error@1.31-1.el8?arch=x86_64&distro=rhel-8.10&upstream=libgpg-error-1.31-1.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/rootfiles@8.1-22.el8?arch=noarch&distro=rhel-8.10&upstream=rootfiles-8.1-22.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/openldap@2.4.46-21.el8_10?arch=x86_64&distro=rhel-8.10&upstream=openldap-2.4.46-21.el8_10.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/info@6.5-7.el8?arch=x86_64&distro=rhel-8.10&upstream=texinfo-6.5-7.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/curl@7.61.1-34.el8_10.11?arch=x86_64&distro=rhel-8.10&upstream=curl-7.61.1-34.el8_10.11.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libdb-utils@5.3.28-42.el8_4?arch=x86_64&distro=rhel-8.10&upstream=libdb-5.3.28-42.el8_4.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libpsl@0.20.2-6.el8?arch=x86_64&distro=rhel-8.10&upstream=libpsl-0.20.2-6.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/coreutils-single@8.30-17.el8_10?arch=x86_64&distro=rhel-8.10&upstream=coreutils-8.30-17.el8_10.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libcap-ng@0.7.11-1.el8?arch=x86_64&distro=rhel-8.10&upstream=libcap-ng-0.7.11-1.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/rpm@4.14.3-32.el8_10?arch=x86_64&distro=rhel-8.10&upstream=rpm-4.14.3-32.el8_10.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/cyrus-sasl-lib@2.1.27-6.el8_5?arch=x86_64&distro=rhel-8.10&upstream=cyrus-sasl-2.1.27-6.el8_5.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/crypto-policies@20230731-1.git3177e06.el8?arch=noarch&distro=rhel-8.10&upstream=crypto-policies-20230731-1.git3177e06.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libffi@3.1-24.el8?arch=x86_64&distro=rhel-8.10&upstream=libffi-3.1-24.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/pcre@8.42-6.el8?arch=x86_64&distro=rhel-8.10&upstream=pcre-8.42-6.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/gdbm@1.18-2.el8?arch=x86_64&distro=rhel-8.10&epoch=1&upstream=gdbm-1.18-2.el8.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/audit-libs@3.1.2-1.el8_10.1?arch=x86_64&distro=rhel-8.10&upstream=audit-3.1.2-1.el8_10.1.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/lz4-libs@1.8.3-5.el8_10?arch=x86_64&distro=rhel-8.10&upstream=lz4-1.8.3-5.el8_10.src.rpm" : { "evidence" : [ ] }, "pkg:pypi/setuptools@39.2.0" : { "concluded" : { "identifiers" : [ { "id" : "MIT", "name" : "MIT License", "isDeprecated" : false, "isOsiApproved" : true, "isFsfLibre" : true, "category" : "PERMISSIVE" } ], "expression" : "MIT", "name" : "MIT License", "category" : "PERMISSIVE", "source" : "deps.dev", "sourceUrl" : "https://api.deps.dev" }, "evidence" : [ { "identifiers" : [ { "id" : "MIT", "name" : "MIT License", "isDeprecated" : false, "isOsiApproved" : true, "isFsfLibre" : true, "category" : "PERMISSIVE" } ], "expression" : "MIT", "name" : "MIT License", "category" : "PERMISSIVE", "source" : "deps.dev", "sourceUrl" : "https://api.deps.dev" } ] }, "pkg:rpm/redhat/libblkid@2.32.1-48.el8_10?arch=x86_64&distro=rhel-8.10&upstream=util-linux-2.32.1-48.el8_10.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/expat@2.5.0-1.el8_10?arch=x86_64&distro=rhel-8.10&upstream=expat-2.5.0-1.el8_10.src.rpm" : { "evidence" : [ ] }, "pkg:rpm/redhat/libuuid@2.32.1-48.el8_10?arch=x86_64&distro=rhel-8.10&upstream=util-linux-2.32.1-48.el8_10.src.rpm" : { "evidence" : [ ] } } } ] } pod: test-comp-pac-forgejo-utvouv-on-pull-request-48gpr-tpa-scan-pod | container step-oci-attach-report: Using token for quay.io/redhat-appstudio-qe/forgejo-rep-ccja/test-comp-pac-forgejo-utvouv Attaching tpa-report-amd64.json to quay.io/redhat-appstudio-qe/forgejo-rep-ccja/test-comp-pac-forgejo-utvouv@sha256:1f9c2afcd1335d6e969ddc78b60565f7f5207d8b2e581461d596e85cda2840a1 [retry] executing: oras attach --no-tty --format go-template=\{\{.digest\}\} --registry-config /tmp/auth/config.json --artifact-type application/vnd.redhat.tpa-report+json quay.io/redhat-appstudio-qe/forgejo-rep-ccja/test-comp-pac-forgejo-utvouv@sha256:1f9c2afcd1335d6e969ddc78b60565f7f5207d8b2e581461d596e85cda2840a1 tpa-report-amd64.json:application/vnd.redhat.tpa-report+json pod: test-comp-pac-forgejo-utvouv-on-pull-request-48gpr-tpa-scan-pod | container step-conftest-vulnerabilities: [ { "filename": "/tekton/home/tpa-report-amd64.json", "namespace": "required_checks", "successes": 4, "warnings": [ { "msg": "Found 6 critical vulnerabilities.", "metadata": { "details": { "description": "Source: redhat-csaf. Affected dependencies: pkg:rpm/redhat/openssl-libs@1.1.1k-15.el8_6?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=openssl-1.1.1k-15.el8_6.src.rpm [transitive via pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm] (CVE-2025-15467), pkg:rpm/redhat/krb5-libs@1.18.2-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=krb5-1.18.2-32.el8_10.src.rpm [transitive via pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm] (CVE-2024-3596), pkg:rpm/redhat/openssl-libs@1.1.1k-15.el8_6?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=openssl-1.1.1k-15.el8_6.src.rpm [transitive via pkg:rpm/redhat/openldap@2.4.46-21.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=openldap-2.4.46-21.el8_10.src.rpm] (CVE-2025-15467), pkg:rpm/redhat/krb5-libs@1.18.2-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=krb5-1.18.2-32.el8_10.src.rpm [transitive via pkg:rpm/redhat/openldap@2.4.46-21.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=openldap-2.4.46-21.el8_10.src.rpm] (CVE-2024-3596), pkg:rpm/redhat/openssl-libs@1.1.1k-15.el8_6?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=openssl-1.1.1k-15.el8_6.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2025-15467), pkg:rpm/redhat/krb5-libs@1.18.2-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=krb5-1.18.2-32.el8_10.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2024-3596), pkg:rpm/redhat/openssl-libs@1.1.1k-15.el8_6?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=openssl-1.1.1k-15.el8_6.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2025-15467), pkg:rpm/redhat/libcurl@7.61.1-34.el8_10.11?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=curl-7.61.1-34.el8_10.11.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2022-32207), pkg:rpm/redhat/curl@7.61.1-34.el8_10.11?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=curl-7.61.1-34.el8_10.11.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2022-32207), pkg:rpm/redhat/libxml2@2.9.7-21.el8_10.3?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libxml2-2.9.7-21.el8_10.3.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2024-40896, CVE-2025-49794, CVE-2025-49796), pkg:rpm/redhat/krb5-libs@1.18.2-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=krb5-1.18.2-32.el8_10.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2024-3596), pkg:rpm/redhat/openssl-libs@1.1.1k-15.el8_6?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=openssl-1.1.1k-15.el8_6.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2025-15467), pkg:rpm/redhat/libcurl@7.61.1-34.el8_10.11?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=curl-7.61.1-34.el8_10.11.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2022-32207), pkg:rpm/redhat/curl@7.61.1-34.el8_10.11?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=curl-7.61.1-34.el8_10.11.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2022-32207), pkg:rpm/redhat/libxml2@2.9.7-21.el8_10.3?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libxml2-2.9.7-21.el8_10.3.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2024-40896, CVE-2025-49794, CVE-2025-49796), pkg:rpm/redhat/krb5-libs@1.18.2-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=krb5-1.18.2-32.el8_10.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2024-3596)", "name": "rhtpa_critical_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 6 } }, { "msg": "Found 115 high vulnerabilities.", "metadata": { "details": { "description": "Source: osv-github. Affected dependencies: pkg:pypi/setuptools@39.2.0 [direct] (CVE-2024-6345, CVE-2022-40897); Source: redhat-csaf. Affected dependencies: pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm [direct] (CVE-2023-40217, CVE-2022-42919, CVE-2023-6597, CVE-2015-20107, CVE-2024-12718, CVE-2025-4517, CVE-2020-10735, CVE-2022-45061, CVE-2023-24329, CVE-2024-6232, CVE-2025-12084, CVE-2025-4138, CVE-2025-4435, CVE-2025-8194, CVE-2021-28861, CVE-2025-4330, CVE-2025-15366, CVE-2025-15367, CVE-2026-1299, CVE-2026-4519), pkg:rpm/redhat/openldap@2.4.46-21.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=openldap-2.4.46-21.el8_10.src.rpm [direct] (CVE-2023-2953), pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm [direct] (CVE-2026-21945, CVE-2025-64720, CVE-2025-65018), pkg:rpm/redhat/openssl-libs@1.1.1k-15.el8_6?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=openssl-1.1.1k-15.el8_6.src.rpm [transitive via pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm] (CVE-2022-1473, CVE-2022-3358, CVE-2022-3602, CVE-2022-3786, CVE-2022-4450, CVE-2023-0215, CVE-2023-0216, CVE-2023-0217, CVE-2023-0401, CVE-2023-5363, CVE-2023-0286, CVE-2024-12797, CVE-2025-69419), pkg:rpm/redhat/krb5-libs@1.18.2-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=krb5-1.18.2-32.el8_10.src.rpm [transitive via pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm] (CVE-2022-42898, CVE-2023-39975, CVE-2024-26462, CVE-2024-37370, CVE-2020-17049), pkg:rpm/redhat/python3-setuptools-wheel@39.2.0-9.el8_10?arch=noarch\u0026distro=rhel-8.10\u0026upstream=python-setuptools-39.2.0-9.el8_10.src.rpm [transitive via pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm] (CVE-2024-6345, CVE-2025-47273), pkg:rpm/redhat/glibc-minimal-langpack@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm] (CVE-2024-2961, CVE-2026-0861, CVE-2023-4911, CVE-2024-33599, CVE-2025-4802), pkg:rpm/redhat/glibc@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm] (CVE-2024-2961, CVE-2026-0861, CVE-2023-4911, CVE-2024-33599, CVE-2025-4802), pkg:rpm/redhat/glibc-common@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm] (CVE-2024-2961, CVE-2026-0861, CVE-2023-4911, CVE-2024-33599, CVE-2025-4802), pkg:rpm/redhat/xz-libs@5.2.4-4.el8_6?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=xz-5.2.4-4.el8_6.src.rpm [transitive via pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm] (CVE-2022-1271, CVE-2025-31115), pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm [transitive via pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm] (CVE-2023-40217, CVE-2022-42919, CVE-2023-6597, CVE-2015-20107, CVE-2024-12718, CVE-2025-4517, CVE-2020-10735, CVE-2022-45061, CVE-2023-24329, CVE-2024-6232, CVE-2025-12084, CVE-2025-4138, CVE-2025-4435, CVE-2025-8194, CVE-2021-28861, CVE-2025-4330, CVE-2025-15366, CVE-2025-15367, CVE-2026-1299, CVE-2026-4519), pkg:rpm/redhat/zlib@1.2.11-25.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=zlib-1.2.11-25.el8.src.rpm [transitive via pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm] (CVE-2018-25032, CVE-2022-37434), pkg:rpm/redhat/libcap@2.48-6.el8_9?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libcap-2.48-6.el8_9.src.rpm [transitive via pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm] (CVE-2023-2603), pkg:rpm/redhat/ncurses-base@6.1-10.20180224.el8?arch=noarch\u0026distro=rhel-8.10\u0026upstream=ncurses-6.1-10.20180224.el8.src.rpm [transitive via pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm] (CVE-2023-29491, CVE-2025-69720), pkg:rpm/redhat/ncurses-libs@6.1-10.20180224.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=ncurses-6.1-10.20180224.el8.src.rpm [transitive via pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm] (CVE-2023-29491, CVE-2025-69720), pkg:rpm/redhat/sqlite-libs@3.26.0-20.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=sqlite-3.26.0-20.el8_10.src.rpm [transitive via pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm] (CVE-2025-6965, CVE-2023-7104, CVE-2025-3277), pkg:rpm/redhat/expat@2.5.0-1.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=expat-2.5.0-1.el8_10.src.rpm [transitive via pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm] (CVE-2023-52425, CVE-2024-28757, CVE-2024-45490, CVE-2024-45491, CVE-2024-8176), pkg:rpm/redhat/libtirpc@1.1.4-12.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libtirpc-1.1.4-12.el8_10.src.rpm [transitive via pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm] (CVE-2021-46828), pkg:rpm/redhat/pcre2@10.32-3.el8_6?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=pcre2-10.32-3.el8_6.src.rpm [transitive via pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm] (CVE-2022-1586, CVE-2022-1587), pkg:rpm/redhat/openssl-libs@1.1.1k-15.el8_6?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=openssl-1.1.1k-15.el8_6.src.rpm [transitive via pkg:rpm/redhat/openldap@2.4.46-21.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=openldap-2.4.46-21.el8_10.src.rpm] (CVE-2022-1473, CVE-2022-3358, CVE-2022-3602, CVE-2022-3786, CVE-2022-4450, CVE-2023-0215, CVE-2023-0216, CVE-2023-0217, CVE-2023-0401, CVE-2023-5363, CVE-2023-0286, CVE-2024-12797, CVE-2025-69419), pkg:rpm/redhat/krb5-libs@1.18.2-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=krb5-1.18.2-32.el8_10.src.rpm [transitive via pkg:rpm/redhat/openldap@2.4.46-21.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=openldap-2.4.46-21.el8_10.src.rpm] (CVE-2022-42898, CVE-2023-39975, CVE-2024-26462, CVE-2024-37370, CVE-2020-17049), pkg:rpm/redhat/glibc-minimal-langpack@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/openldap@2.4.46-21.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=openldap-2.4.46-21.el8_10.src.rpm] (CVE-2024-2961, CVE-2026-0861, CVE-2023-4911, CVE-2024-33599, CVE-2025-4802), pkg:rpm/redhat/glibc@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/openldap@2.4.46-21.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=openldap-2.4.46-21.el8_10.src.rpm] (CVE-2024-2961, CVE-2026-0861, CVE-2023-4911, CVE-2024-33599, CVE-2025-4802), pkg:rpm/redhat/glibc-common@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/openldap@2.4.46-21.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=openldap-2.4.46-21.el8_10.src.rpm] (CVE-2024-2961, CVE-2026-0861, CVE-2023-4911, CVE-2024-33599, CVE-2025-4802), pkg:rpm/redhat/zlib@1.2.11-25.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=zlib-1.2.11-25.el8.src.rpm [transitive via pkg:rpm/redhat/openldap@2.4.46-21.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=openldap-2.4.46-21.el8_10.src.rpm] (CVE-2018-25032, CVE-2022-37434), pkg:rpm/redhat/libcap@2.48-6.el8_9?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libcap-2.48-6.el8_9.src.rpm [transitive via pkg:rpm/redhat/openldap@2.4.46-21.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=openldap-2.4.46-21.el8_10.src.rpm] (CVE-2023-2603), pkg:rpm/redhat/ncurses-base@6.1-10.20180224.el8?arch=noarch\u0026distro=rhel-8.10\u0026upstream=ncurses-6.1-10.20180224.el8.src.rpm [transitive via pkg:rpm/redhat/openldap@2.4.46-21.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=openldap-2.4.46-21.el8_10.src.rpm] (CVE-2023-29491, CVE-2025-69720), pkg:rpm/redhat/ncurses-libs@6.1-10.20180224.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=ncurses-6.1-10.20180224.el8.src.rpm [transitive via pkg:rpm/redhat/openldap@2.4.46-21.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=openldap-2.4.46-21.el8_10.src.rpm] (CVE-2023-29491, CVE-2025-69720), pkg:rpm/redhat/pcre2@10.32-3.el8_6?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=pcre2-10.32-3.el8_6.src.rpm [transitive via pkg:rpm/redhat/openldap@2.4.46-21.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=openldap-2.4.46-21.el8_10.src.rpm] (CVE-2022-1586, CVE-2022-1587), pkg:rpm/redhat/openssl-libs@1.1.1k-15.el8_6?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=openssl-1.1.1k-15.el8_6.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2022-1473, CVE-2022-3358, CVE-2022-3602, CVE-2022-3786, CVE-2022-4450, CVE-2023-0215, CVE-2023-0216, CVE-2023-0217, CVE-2023-0401, CVE-2023-5363, CVE-2023-0286, CVE-2024-12797, CVE-2025-69419), pkg:rpm/redhat/krb5-libs@1.18.2-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=krb5-1.18.2-32.el8_10.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2022-42898, CVE-2023-39975, CVE-2024-26462, CVE-2024-37370, CVE-2020-17049), pkg:rpm/redhat/python3-setuptools-wheel@39.2.0-9.el8_10?arch=noarch\u0026distro=rhel-8.10\u0026upstream=python-setuptools-39.2.0-9.el8_10.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2024-6345, CVE-2025-47273), pkg:rpm/redhat/glibc-minimal-langpack@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2024-2961, CVE-2026-0861, CVE-2023-4911, CVE-2024-33599, CVE-2025-4802), pkg:rpm/redhat/glibc@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2024-2961, CVE-2026-0861, CVE-2023-4911, CVE-2024-33599, CVE-2025-4802), pkg:rpm/redhat/glibc-common@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2024-2961, CVE-2026-0861, CVE-2023-4911, CVE-2024-33599, CVE-2025-4802), pkg:rpm/redhat/javapackages-filesystem@5.3.0-1.module%2Bel8%2B2447%2B6f56d9a6?arch=noarch\u0026distro=rhel-8.10\u0026upstream=javapackages-tools-5.3.0-1.module%2Bel8%2B2447%2B6f56d9a6.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2025-48734, CVE-2019-10086), pkg:rpm/redhat/xz-libs@5.2.4-4.el8_6?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=xz-5.2.4-4.el8_6.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2022-1271, CVE-2025-31115), pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2023-40217, CVE-2022-42919, CVE-2023-6597, CVE-2015-20107, CVE-2024-12718, CVE-2025-4517, CVE-2020-10735, CVE-2022-45061, CVE-2023-24329, CVE-2024-6232, CVE-2025-12084, CVE-2025-4138, CVE-2025-4435, CVE-2025-8194, CVE-2021-28861, CVE-2025-4330, CVE-2025-15366, CVE-2025-15367, CVE-2026-1299, CVE-2026-4519), pkg:rpm/redhat/zlib@1.2.11-25.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=zlib-1.2.11-25.el8.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2018-25032, CVE-2022-37434), pkg:rpm/redhat/cups-libs@2.2.6-67.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=cups-2.2.6-67.el8_10.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2025-58060, CVE-2024-47175, CVE-2023-34241), pkg:rpm/redhat/libcap@2.48-6.el8_9?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libcap-2.48-6.el8_9.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2023-2603), pkg:rpm/redhat/ncurses-base@6.1-10.20180224.el8?arch=noarch\u0026distro=rhel-8.10\u0026upstream=ncurses-6.1-10.20180224.el8.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2023-29491, CVE-2025-69720), pkg:rpm/redhat/ncurses-libs@6.1-10.20180224.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=ncurses-6.1-10.20180224.el8.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2023-29491, CVE-2025-69720), pkg:rpm/redhat/sqlite-libs@3.26.0-20.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=sqlite-3.26.0-20.el8_10.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2025-6965, CVE-2023-7104, CVE-2025-3277), pkg:rpm/redhat/expat@2.5.0-1.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=expat-2.5.0-1.el8_10.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2023-52425, CVE-2024-28757, CVE-2024-45490, CVE-2024-45491, CVE-2024-8176), pkg:rpm/redhat/gnutls@3.6.16-8.el8_10.5?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=gnutls-3.6.16-8.el8_10.5.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2022-2509, CVE-2024-0553, CVE-2024-0567, CVE-2023-0361), pkg:rpm/redhat/libtirpc@1.1.4-12.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libtirpc-1.1.4-12.el8_10.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2021-46828), pkg:rpm/redhat/pcre2@10.32-3.el8_6?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=pcre2-10.32-3.el8_6.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2022-1586, CVE-2022-1587), pkg:rpm/redhat/lua@5.3.4-12.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=lua-5.3.4-12.el8.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2021-44964), pkg:rpm/redhat/lua-libs@5.3.4-12.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=lua-5.3.4-12.el8.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2021-44964), pkg:rpm/redhat/openssl-libs@1.1.1k-15.el8_6?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=openssl-1.1.1k-15.el8_6.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2022-1473, CVE-2022-3358, CVE-2022-3602, CVE-2022-3786, CVE-2022-4450, CVE-2023-0215, CVE-2023-0216, CVE-2023-0217, CVE-2023-0401, CVE-2023-5363, CVE-2023-0286, CVE-2024-12797, CVE-2025-69419), pkg:rpm/redhat/libcurl@7.61.1-34.el8_10.11?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=curl-7.61.1-34.el8_10.11.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2022-22576, CVE-2023-38545, CVE-2022-27775, CVE-2022-27782, CVE-2024-2398), pkg:rpm/redhat/curl@7.61.1-34.el8_10.11?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=curl-7.61.1-34.el8_10.11.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2022-22576, CVE-2023-38545, CVE-2025-15079, CVE-2022-27775, CVE-2022-27782, CVE-2024-2398), pkg:rpm/redhat/libxml2@2.9.7-21.el8_10.3?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libxml2-2.9.7-21.el8_10.3.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2024-56171, CVE-2022-40304, CVE-2025-24928, CVE-2025-7425, CVE-2022-40303, CVE-2024-25062, CVE-2025-32415, CVE-2025-49795, CVE-2025-6021, CVE-2025-7424, CVE-2022-29824), pkg:rpm/redhat/krb5-libs@1.18.2-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=krb5-1.18.2-32.el8_10.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2022-42898, CVE-2023-39975, CVE-2024-26462, CVE-2024-37370, CVE-2020-17049), pkg:rpm/redhat/glibc-minimal-langpack@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2024-2961, CVE-2026-0861, CVE-2023-4911, CVE-2024-33599, CVE-2025-4802), pkg:rpm/redhat/glibc@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2024-2961, CVE-2026-0861, CVE-2023-4911, CVE-2024-33599, CVE-2025-4802), pkg:rpm/redhat/glibc-common@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2024-2961, CVE-2026-0861, CVE-2023-4911, CVE-2024-33599, CVE-2025-4802), pkg:rpm/redhat/xz-libs@5.2.4-4.el8_6?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=xz-5.2.4-4.el8_6.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2022-1271, CVE-2025-31115), pkg:rpm/redhat/zlib@1.2.11-25.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=zlib-1.2.11-25.el8.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2018-25032, CVE-2022-37434), pkg:rpm/redhat/libssh-config@0.9.6-16.el8_10?arch=noarch\u0026distro=rhel-8.10\u0026upstream=libssh-0.9.6-16.el8_10.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2025-5318, CVE-2025-5987), pkg:rpm/redhat/libssh@0.9.6-16.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libssh-0.9.6-16.el8_10.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2025-5318, CVE-2025-5987), pkg:rpm/redhat/libarchive@3.3.3-7.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libarchive-3.3.3-7.el8_10.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2025-5914, CVE-2026-4111, CVE-2026-4424, CVE-2026-5121), pkg:rpm/redhat/libcap@2.48-6.el8_9?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libcap-2.48-6.el8_9.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2023-2603), pkg:rpm/redhat/ncurses-base@6.1-10.20180224.el8?arch=noarch\u0026distro=rhel-8.10\u0026upstream=ncurses-6.1-10.20180224.el8.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2023-29491, CVE-2025-69720), pkg:rpm/redhat/ncurses-libs@6.1-10.20180224.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=ncurses-6.1-10.20180224.el8.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2023-29491, CVE-2025-69720), pkg:rpm/redhat/sqlite-libs@3.26.0-20.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=sqlite-3.26.0-20.el8_10.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2025-6965, CVE-2023-7104, CVE-2025-3277), pkg:rpm/redhat/libnghttp2@1.33.0-6.el8_10.2?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=nghttp2-1.33.0-6.el8_10.2.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2023-44487, CVE-2026-27135), pkg:rpm/redhat/brotli@1.0.6-4.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=brotli-1.0.6-4.el8_10.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2025-6176), pkg:rpm/redhat/pcre2@10.32-3.el8_6?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=pcre2-10.32-3.el8_6.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2022-1586, CVE-2022-1587), pkg:rpm/redhat/openldap@2.4.46-21.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=openldap-2.4.46-21.el8_10.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2023-2953), pkg:rpm/redhat/lua-libs@5.3.4-12.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=lua-5.3.4-12.el8.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2021-44964), pkg:rpm/redhat/openssl-libs@1.1.1k-15.el8_6?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=openssl-1.1.1k-15.el8_6.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2022-1473, CVE-2022-3358, CVE-2022-3602, CVE-2022-3786, CVE-2022-4450, CVE-2023-0215, CVE-2023-0216, CVE-2023-0217, CVE-2023-0401, CVE-2023-5363, CVE-2023-0286, CVE-2024-12797, CVE-2025-69419), pkg:rpm/redhat/libcurl@7.61.1-34.el8_10.11?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=curl-7.61.1-34.el8_10.11.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2022-22576, CVE-2023-38545, CVE-2022-27775, CVE-2022-27782, CVE-2024-2398), pkg:rpm/redhat/curl@7.61.1-34.el8_10.11?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=curl-7.61.1-34.el8_10.11.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2022-22576, CVE-2023-38545, CVE-2025-15079, CVE-2022-27775, CVE-2022-27782, CVE-2024-2398), pkg:rpm/redhat/libxml2@2.9.7-21.el8_10.3?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libxml2-2.9.7-21.el8_10.3.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2024-56171, CVE-2022-40304, CVE-2025-24928, CVE-2025-7425, CVE-2022-40303, CVE-2024-25062, CVE-2025-32415, CVE-2025-49795, CVE-2025-6021, CVE-2025-7424, CVE-2022-29824), pkg:rpm/redhat/krb5-libs@1.18.2-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=krb5-1.18.2-32.el8_10.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2022-42898, CVE-2023-39975, CVE-2024-26462, CVE-2024-37370, CVE-2020-17049), pkg:rpm/redhat/glibc-minimal-langpack@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2024-2961, CVE-2026-0861, CVE-2023-4911, CVE-2024-33599, CVE-2025-4802), pkg:rpm/redhat/glibc@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2024-2961, CVE-2026-0861, CVE-2023-4911, CVE-2024-33599, CVE-2025-4802), pkg:rpm/redhat/glibc-common@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2024-2961, CVE-2026-0861, CVE-2023-4911, CVE-2024-33599, CVE-2025-4802), pkg:rpm/redhat/xz-libs@5.2.4-4.el8_6?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=xz-5.2.4-4.el8_6.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2022-1271, CVE-2025-31115), pkg:rpm/redhat/libksba@1.3.5-9.el8_7?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libksba-1.3.5-9.el8_7.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2022-3515, CVE-2022-47629), pkg:rpm/redhat/gnupg2@2.2.20-4.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=gnupg2-2.2.20-4.el8_10.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2026-24882, CVE-2025-68973), pkg:rpm/redhat/zlib@1.2.11-25.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=zlib-1.2.11-25.el8.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2018-25032, CVE-2022-37434), pkg:rpm/redhat/libssh-config@0.9.6-16.el8_10?arch=noarch\u0026distro=rhel-8.10\u0026upstream=libssh-0.9.6-16.el8_10.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2025-5318, CVE-2025-5987), pkg:rpm/redhat/libssh@0.9.6-16.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libssh-0.9.6-16.el8_10.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2025-5318, CVE-2025-5987), pkg:rpm/redhat/libcap@2.48-6.el8_9?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libcap-2.48-6.el8_9.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2023-2603), pkg:rpm/redhat/ncurses-base@6.1-10.20180224.el8?arch=noarch\u0026distro=rhel-8.10\u0026upstream=ncurses-6.1-10.20180224.el8.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2023-29491, CVE-2025-69720), pkg:rpm/redhat/ncurses-libs@6.1-10.20180224.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=ncurses-6.1-10.20180224.el8.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2023-29491, CVE-2025-69720), pkg:rpm/redhat/libarchive@3.3.3-7.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libarchive-3.3.3-7.el8_10.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2025-5914, CVE-2026-4111, CVE-2026-4424, CVE-2026-5121), pkg:rpm/redhat/glib2@2.56.4-168.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glib2-2.56.4-168.el8_10.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2025-13601, CVE-2024-52533), pkg:rpm/redhat/sqlite-libs@3.26.0-20.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=sqlite-3.26.0-20.el8_10.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2025-6965, CVE-2023-7104, CVE-2025-3277), pkg:rpm/redhat/libsolv@0.7.20-6.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libsolv-0.7.20-6.el8.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2021-33928, CVE-2021-33929, CVE-2021-33930, CVE-2021-33938, CVE-2021-46877), pkg:rpm/redhat/brotli@1.0.6-4.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=brotli-1.0.6-4.el8_10.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2025-6176), pkg:rpm/redhat/gnutls@3.6.16-8.el8_10.5?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=gnutls-3.6.16-8.el8_10.5.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2022-2509, CVE-2024-0553, CVE-2024-0567, CVE-2023-0361), pkg:rpm/redhat/libnghttp2@1.33.0-6.el8_10.2?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=nghttp2-1.33.0-6.el8_10.2.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2023-44487, CVE-2026-27135), pkg:rpm/redhat/pcre2@10.32-3.el8_6?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=pcre2-10.32-3.el8_6.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2022-1586, CVE-2022-1587), pkg:rpm/redhat/openldap@2.4.46-21.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=openldap-2.4.46-21.el8_10.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2023-2953), pkg:rpm/redhat/lua-libs@5.3.4-12.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=lua-5.3.4-12.el8.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2021-44964), pkg:rpm/redhat/glibc-minimal-langpack@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/tar@1.30-11.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=2\u0026upstream=tar-1.30-11.el8_10.src.rpm] (CVE-2024-2961, CVE-2026-0861, CVE-2023-4911, CVE-2024-33599, CVE-2025-4802), pkg:rpm/redhat/glibc@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/tar@1.30-11.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=2\u0026upstream=tar-1.30-11.el8_10.src.rpm] (CVE-2024-2961, CVE-2026-0861, CVE-2023-4911, CVE-2024-33599, CVE-2025-4802), pkg:rpm/redhat/glibc-common@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/tar@1.30-11.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=2\u0026upstream=tar-1.30-11.el8_10.src.rpm] (CVE-2024-2961, CVE-2026-0861, CVE-2023-4911, CVE-2024-33599, CVE-2025-4802), pkg:rpm/redhat/zlib@1.2.11-25.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=zlib-1.2.11-25.el8.src.rpm [transitive via pkg:rpm/redhat/tar@1.30-11.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=2\u0026upstream=tar-1.30-11.el8_10.src.rpm] (CVE-2018-25032, CVE-2022-37434), pkg:rpm/redhat/ncurses-base@6.1-10.20180224.el8?arch=noarch\u0026distro=rhel-8.10\u0026upstream=ncurses-6.1-10.20180224.el8.src.rpm [transitive via pkg:rpm/redhat/tar@1.30-11.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=2\u0026upstream=tar-1.30-11.el8_10.src.rpm] (CVE-2023-29491, CVE-2025-69720), pkg:rpm/redhat/ncurses-libs@6.1-10.20180224.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=ncurses-6.1-10.20180224.el8.src.rpm [transitive via pkg:rpm/redhat/tar@1.30-11.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=2\u0026upstream=tar-1.30-11.el8_10.src.rpm] (CVE-2023-29491, CVE-2025-69720), pkg:rpm/redhat/pcre2@10.32-3.el8_6?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=pcre2-10.32-3.el8_6.src.rpm [transitive via pkg:rpm/redhat/tar@1.30-11.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=2\u0026upstream=tar-1.30-11.el8_10.src.rpm] (CVE-2022-1586, CVE-2022-1587), pkg:rpm/redhat/glibc-minimal-langpack@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/lz4-libs@1.8.3-5.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=lz4-1.8.3-5.el8_10.src.rpm] (CVE-2024-2961, CVE-2026-0861, CVE-2023-4911, CVE-2024-33599, CVE-2025-4802), pkg:rpm/redhat/glibc@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/lz4-libs@1.8.3-5.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=lz4-1.8.3-5.el8_10.src.rpm] (CVE-2024-2961, CVE-2026-0861, CVE-2023-4911, CVE-2024-33599, CVE-2025-4802), pkg:rpm/redhat/glibc-common@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/lz4-libs@1.8.3-5.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=lz4-1.8.3-5.el8_10.src.rpm] (CVE-2024-2961, CVE-2026-0861, CVE-2023-4911, CVE-2024-33599, CVE-2025-4802), pkg:rpm/redhat/ncurses-base@6.1-10.20180224.el8?arch=noarch\u0026distro=rhel-8.10\u0026upstream=ncurses-6.1-10.20180224.el8.src.rpm [transitive via pkg:rpm/redhat/lz4-libs@1.8.3-5.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=lz4-1.8.3-5.el8_10.src.rpm] (CVE-2023-29491, CVE-2025-69720), pkg:rpm/redhat/ncurses-libs@6.1-10.20180224.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=ncurses-6.1-10.20180224.el8.src.rpm [transitive via pkg:rpm/redhat/lz4-libs@1.8.3-5.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=lz4-1.8.3-5.el8_10.src.rpm] (CVE-2023-29491, CVE-2025-69720), pkg:rpm/redhat/pcre2@10.32-3.el8_6?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=pcre2-10.32-3.el8_6.src.rpm [transitive via pkg:rpm/redhat/lz4-libs@1.8.3-5.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=lz4-1.8.3-5.el8_10.src.rpm] (CVE-2022-1586, CVE-2022-1587), pkg:rpm/redhat/glibc-minimal-langpack@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/rootfiles@8.1-22.el8?arch=noarch\u0026distro=rhel-8.10\u0026upstream=rootfiles-8.1-22.el8.src.rpm] (CVE-2024-2961, CVE-2026-0861, CVE-2023-4911, CVE-2024-33599, CVE-2025-4802), pkg:rpm/redhat/glibc@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/rootfiles@8.1-22.el8?arch=noarch\u0026distro=rhel-8.10\u0026upstream=rootfiles-8.1-22.el8.src.rpm] (CVE-2024-2961, CVE-2026-0861, CVE-2023-4911, CVE-2024-33599, CVE-2025-4802), pkg:rpm/redhat/glibc-common@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/rootfiles@8.1-22.el8?arch=noarch\u0026distro=rhel-8.10\u0026upstream=rootfiles-8.1-22.el8.src.rpm] (CVE-2024-2961, CVE-2026-0861, CVE-2023-4911, CVE-2024-33599, CVE-2025-4802), pkg:rpm/redhat/ncurses-base@6.1-10.20180224.el8?arch=noarch\u0026distro=rhel-8.10\u0026upstream=ncurses-6.1-10.20180224.el8.src.rpm [transitive via pkg:rpm/redhat/rootfiles@8.1-22.el8?arch=noarch\u0026distro=rhel-8.10\u0026upstream=rootfiles-8.1-22.el8.src.rpm] (CVE-2023-29491, CVE-2025-69720), pkg:rpm/redhat/ncurses-libs@6.1-10.20180224.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=ncurses-6.1-10.20180224.el8.src.rpm [transitive via pkg:rpm/redhat/rootfiles@8.1-22.el8?arch=noarch\u0026distro=rhel-8.10\u0026upstream=rootfiles-8.1-22.el8.src.rpm] (CVE-2023-29491, CVE-2025-69720), pkg:rpm/redhat/pcre2@10.32-3.el8_6?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=pcre2-10.32-3.el8_6.src.rpm [transitive via pkg:rpm/redhat/rootfiles@8.1-22.el8?arch=noarch\u0026distro=rhel-8.10\u0026upstream=rootfiles-8.1-22.el8.src.rpm] (CVE-2022-1586, CVE-2022-1587), pkg:rpm/redhat/glibc-minimal-langpack@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/libsemanage@2.9-12.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libsemanage-2.9-12.el8_10.src.rpm] (CVE-2024-2961, CVE-2026-0861, CVE-2023-4911, CVE-2024-33599, CVE-2025-4802), pkg:rpm/redhat/glibc@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/libsemanage@2.9-12.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libsemanage-2.9-12.el8_10.src.rpm] (CVE-2024-2961, CVE-2026-0861, CVE-2023-4911, CVE-2024-33599, CVE-2025-4802), pkg:rpm/redhat/glibc-common@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/libsemanage@2.9-12.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libsemanage-2.9-12.el8_10.src.rpm] (CVE-2024-2961, CVE-2026-0861, CVE-2023-4911, CVE-2024-33599, CVE-2025-4802), pkg:rpm/redhat/ncurses-base@6.1-10.20180224.el8?arch=noarch\u0026distro=rhel-8.10\u0026upstream=ncurses-6.1-10.20180224.el8.src.rpm [transitive via pkg:rpm/redhat/libsemanage@2.9-12.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libsemanage-2.9-12.el8_10.src.rpm] (CVE-2023-29491, CVE-2025-69720), pkg:rpm/redhat/ncurses-libs@6.1-10.20180224.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=ncurses-6.1-10.20180224.el8.src.rpm [transitive via pkg:rpm/redhat/libsemanage@2.9-12.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libsemanage-2.9-12.el8_10.src.rpm] (CVE-2023-29491, CVE-2025-69720), pkg:rpm/redhat/pcre2@10.32-3.el8_6?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=pcre2-10.32-3.el8_6.src.rpm [transitive via pkg:rpm/redhat/libsemanage@2.9-12.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libsemanage-2.9-12.el8_10.src.rpm] (CVE-2022-1586, CVE-2022-1587), pkg:rpm/redhat/glibc-minimal-langpack@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/shadow-utils@4.6-23.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=2\u0026upstream=shadow-utils-4.6-23.el8_10.src.rpm] (CVE-2024-2961, CVE-2026-0861, CVE-2023-4911, CVE-2024-33599, CVE-2025-4802), pkg:rpm/redhat/glibc@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/shadow-utils@4.6-23.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=2\u0026upstream=shadow-utils-4.6-23.el8_10.src.rpm] (CVE-2024-2961, CVE-2026-0861, CVE-2023-4911, CVE-2024-33599, CVE-2025-4802), pkg:rpm/redhat/glibc-common@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/shadow-utils@4.6-23.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=2\u0026upstream=shadow-utils-4.6-23.el8_10.src.rpm] (CVE-2024-2961, CVE-2026-0861, CVE-2023-4911, CVE-2024-33599, CVE-2025-4802), pkg:rpm/redhat/libcap@2.48-6.el8_9?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libcap-2.48-6.el8_9.src.rpm [transitive via pkg:rpm/redhat/shadow-utils@4.6-23.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=2\u0026upstream=shadow-utils-4.6-23.el8_10.src.rpm] (CVE-2023-2603), pkg:rpm/redhat/ncurses-base@6.1-10.20180224.el8?arch=noarch\u0026distro=rhel-8.10\u0026upstream=ncurses-6.1-10.20180224.el8.src.rpm [transitive via pkg:rpm/redhat/shadow-utils@4.6-23.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=2\u0026upstream=shadow-utils-4.6-23.el8_10.src.rpm] (CVE-2023-29491, CVE-2025-69720), pkg:rpm/redhat/ncurses-libs@6.1-10.20180224.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=ncurses-6.1-10.20180224.el8.src.rpm [transitive via pkg:rpm/redhat/shadow-utils@4.6-23.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=2\u0026upstream=shadow-utils-4.6-23.el8_10.src.rpm] (CVE-2023-29491, CVE-2025-69720), pkg:rpm/redhat/pcre2@10.32-3.el8_6?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=pcre2-10.32-3.el8_6.src.rpm [transitive via pkg:rpm/redhat/shadow-utils@4.6-23.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=2\u0026upstream=shadow-utils-4.6-23.el8_10.src.rpm] (CVE-2022-1586, CVE-2022-1587)", "name": "rhtpa_high_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 115 } }, { "msg": "Found 178 medium vulnerabilities.", "metadata": { "details": { "description": "Source: redhat-csaf. Affected dependencies: pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm [direct] (CVE-2024-6923, CVE-2025-0938, CVE-2025-13836, CVE-2024-9287, CVE-2024-0450, CVE-2007-4559, CVE-2023-27043, CVE-2024-8088, CVE-2024-0397, CVE-2024-7592, CVE-2026-0865, CVE-2025-6069, CVE-2025-8291, CVE-2025-6075), pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm [direct] (CVE-2026-21933, CVE-2026-21925), pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm [direct] (CVE-2021-35938, CVE-2021-35939, CVE-2021-35937), pkg:rpm/redhat/tar@1.30-11.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=2\u0026upstream=tar-1.30-11.el8_10.src.rpm [direct] (CVE-2025-45582, CVE-2022-48303), pkg:rpm/redhat/shadow-utils@4.6-23.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=2\u0026upstream=shadow-utils-4.6-23.el8_10.src.rpm [direct] (CVE-2023-4641), pkg:rpm/redhat/openssl-libs@1.1.1k-15.el8_6?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=openssl-1.1.1k-15.el8_6.src.rpm [transitive via pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm] (CVE-2022-1292, CVE-2022-2068, CVE-2023-2650, CVE-2023-6129, CVE-2025-69421, CVE-2025-11187, CVE-2020-1971, CVE-2022-4304, CVE-2023-0464, CVE-2023-6237, CVE-2024-5535, CVE-2024-6119, CVE-2025-15468, CVE-2025-66199, CVE-2025-69420, CVE-2026-22796, CVE-2024-4741, CVE-2025-9230, CVE-2024-0727, CVE-2025-15469, CVE-2026-22795, CVE-2022-1343, CVE-2022-2097, CVE-2023-0465, CVE-2023-0466, CVE-2023-2975, CVE-2023-3446, CVE-2023-3817, CVE-2023-5678, CVE-2024-4603, CVE-2023-1255, CVE-2022-4203, CVE-2025-68160, CVE-2025-69418), pkg:rpm/redhat/krb5-libs@1.18.2-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=krb5-1.18.2-32.el8_10.src.rpm [transitive via pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm] (CVE-2023-36054, CVE-2024-37371, CVE-2025-24528, CVE-2024-26458, CVE-2024-26461, CVE-2025-3576), pkg:rpm/redhat/python3-setuptools-wheel@39.2.0-9.el8_10?arch=noarch\u0026distro=rhel-8.10\u0026upstream=python-setuptools-39.2.0-9.el8_10.src.rpm [transitive via pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm] (CVE-2022-40897), pkg:rpm/redhat/glibc-minimal-langpack@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm] (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2025-5702, CVE-2025-0395, CVE-2024-33600, CVE-2026-0915, CVE-2025-8058, CVE-2024-33601, CVE-2024-33602), pkg:rpm/redhat/glibc@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm] (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2025-15281, CVE-2025-5702, CVE-2025-0395, CVE-2024-33600, CVE-2026-0915, CVE-2025-8058, CVE-2024-33601, CVE-2024-33602), pkg:rpm/redhat/glibc-common@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm] (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2025-5702, CVE-2025-0395, CVE-2024-33600, CVE-2026-0915, CVE-2025-8058, CVE-2024-33601, CVE-2024-33602), pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm [transitive via pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm] (CVE-2024-6923, CVE-2025-0938, CVE-2025-13836, CVE-2024-9287, CVE-2024-0450, CVE-2007-4559, CVE-2023-27043, CVE-2024-8088, CVE-2024-0397, CVE-2024-7592, CVE-2026-0865, CVE-2025-6069, CVE-2025-8291, CVE-2025-6075), pkg:rpm/redhat/ncurses-base@6.1-10.20180224.el8?arch=noarch\u0026distro=rhel-8.10\u0026upstream=ncurses-6.1-10.20180224.el8.src.rpm [transitive via pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm] (CVE-2022-29458), pkg:rpm/redhat/ncurses-libs@6.1-10.20180224.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=ncurses-6.1-10.20180224.el8.src.rpm [transitive via pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm] (CVE-2022-29458), pkg:rpm/redhat/sqlite-libs@3.26.0-20.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=sqlite-3.26.0-20.el8_10.src.rpm [transitive via pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm] (CVE-2022-35737), pkg:rpm/redhat/expat@2.5.0-1.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=expat-2.5.0-1.el8_10.src.rpm [transitive via pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm] (CVE-2024-45492, CVE-2024-50602, CVE-2025-59375), pkg:rpm/redhat/bash@4.4.20-6.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=bash-4.4.20-6.el8_10.src.rpm [transitive via pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm] (CVE-2022-3715), pkg:rpm/redhat/gmp@6.1.2-11.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=gmp-6.1.2-11.el8.src.rpm [transitive via pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm] (CVE-2021-43618), pkg:rpm/redhat/libgcc@8.5.0-28.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=gcc-8.5.0-28.el8_10.src.rpm [transitive via pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm] (CVE-2020-11023), pkg:rpm/redhat/libtasn1@4.13-5.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libtasn1-4.13-5.el8_10.src.rpm [transitive via pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm] (CVE-2021-46848, CVE-2024-12133), pkg:rpm/redhat/libcom_err@1.45.6-7.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=e2fsprogs-1.45.6-7.el8_10.src.rpm [transitive via pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm] (CVE-2022-1304), pkg:rpm/redhat/python3-pip-wheel@9.0.3-24.el8?arch=noarch\u0026distro=rhel-8.10\u0026upstream=python-pip-9.0.3-24.el8.src.rpm [transitive via pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm] (CVE-2007-4559), pkg:rpm/redhat/bzip2-libs@1.0.6-28.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=bzip2-1.0.6-28.el8_10.src.rpm [transitive via pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm] (CVE-2019-12900), pkg:rpm/redhat/openssl-libs@1.1.1k-15.el8_6?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=openssl-1.1.1k-15.el8_6.src.rpm [transitive via pkg:rpm/redhat/openldap@2.4.46-21.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=openldap-2.4.46-21.el8_10.src.rpm] (CVE-2022-1292, CVE-2022-2068, CVE-2023-2650, CVE-2023-6129, CVE-2025-69421, CVE-2025-11187, CVE-2020-1971, CVE-2022-4304, CVE-2023-0464, CVE-2023-6237, CVE-2024-5535, CVE-2024-6119, CVE-2025-15468, CVE-2025-66199, CVE-2025-69420, CVE-2026-22796, CVE-2024-4741, CVE-2025-9230, CVE-2024-0727, CVE-2025-15469, CVE-2026-22795, CVE-2022-1343, CVE-2022-2097, CVE-2023-0465, CVE-2023-0466, CVE-2023-2975, CVE-2023-3446, CVE-2023-3817, CVE-2023-5678, CVE-2024-4603, CVE-2023-1255, CVE-2022-4203, CVE-2025-68160, CVE-2025-69418), pkg:rpm/redhat/krb5-libs@1.18.2-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=krb5-1.18.2-32.el8_10.src.rpm [transitive via pkg:rpm/redhat/openldap@2.4.46-21.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=openldap-2.4.46-21.el8_10.src.rpm] (CVE-2023-36054, CVE-2024-37371, CVE-2025-24528, CVE-2024-26458, CVE-2024-26461, CVE-2025-3576), pkg:rpm/redhat/glibc-minimal-langpack@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/openldap@2.4.46-21.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=openldap-2.4.46-21.el8_10.src.rpm] (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2025-5702, CVE-2025-0395, CVE-2024-33600, CVE-2026-0915, CVE-2025-8058, CVE-2024-33601, CVE-2024-33602), pkg:rpm/redhat/glibc@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/openldap@2.4.46-21.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=openldap-2.4.46-21.el8_10.src.rpm] (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2025-15281, CVE-2025-5702, CVE-2025-0395, CVE-2024-33600, CVE-2026-0915, CVE-2025-8058, CVE-2024-33601, CVE-2024-33602), pkg:rpm/redhat/glibc-common@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/openldap@2.4.46-21.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=openldap-2.4.46-21.el8_10.src.rpm] (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2025-5702, CVE-2025-0395, CVE-2024-33600, CVE-2026-0915, CVE-2025-8058, CVE-2024-33601, CVE-2024-33602), pkg:rpm/redhat/ncurses-base@6.1-10.20180224.el8?arch=noarch\u0026distro=rhel-8.10\u0026upstream=ncurses-6.1-10.20180224.el8.src.rpm [transitive via pkg:rpm/redhat/openldap@2.4.46-21.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=openldap-2.4.46-21.el8_10.src.rpm] (CVE-2022-29458), pkg:rpm/redhat/ncurses-libs@6.1-10.20180224.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=ncurses-6.1-10.20180224.el8.src.rpm [transitive via pkg:rpm/redhat/openldap@2.4.46-21.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=openldap-2.4.46-21.el8_10.src.rpm] (CVE-2022-29458), pkg:rpm/redhat/bash@4.4.20-6.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=bash-4.4.20-6.el8_10.src.rpm [transitive via pkg:rpm/redhat/openldap@2.4.46-21.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=openldap-2.4.46-21.el8_10.src.rpm] (CVE-2022-3715), pkg:rpm/redhat/gmp@6.1.2-11.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=gmp-6.1.2-11.el8.src.rpm [transitive via pkg:rpm/redhat/openldap@2.4.46-21.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=openldap-2.4.46-21.el8_10.src.rpm] (CVE-2021-43618), pkg:rpm/redhat/libgcc@8.5.0-28.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=gcc-8.5.0-28.el8_10.src.rpm [transitive via pkg:rpm/redhat/openldap@2.4.46-21.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=openldap-2.4.46-21.el8_10.src.rpm] (CVE-2020-11023), pkg:rpm/redhat/libtasn1@4.13-5.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libtasn1-4.13-5.el8_10.src.rpm [transitive via pkg:rpm/redhat/openldap@2.4.46-21.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=openldap-2.4.46-21.el8_10.src.rpm] (CVE-2021-46848, CVE-2024-12133), pkg:rpm/redhat/libcom_err@1.45.6-7.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=e2fsprogs-1.45.6-7.el8_10.src.rpm [transitive via pkg:rpm/redhat/openldap@2.4.46-21.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=openldap-2.4.46-21.el8_10.src.rpm] (CVE-2022-1304), pkg:rpm/redhat/openssl-libs@1.1.1k-15.el8_6?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=openssl-1.1.1k-15.el8_6.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2022-1292, CVE-2022-2068, CVE-2023-2650, CVE-2023-6129, CVE-2025-69421, CVE-2025-11187, CVE-2020-1971, CVE-2022-4304, CVE-2023-0464, CVE-2023-6237, CVE-2024-5535, CVE-2024-6119, CVE-2025-15468, CVE-2025-66199, CVE-2025-69420, CVE-2026-22796, CVE-2024-4741, CVE-2025-9230, CVE-2024-0727, CVE-2025-15469, CVE-2026-22795, CVE-2022-1343, CVE-2022-2097, CVE-2023-0465, CVE-2023-0466, CVE-2023-2975, CVE-2023-3446, CVE-2023-3817, CVE-2023-5678, CVE-2024-4603, CVE-2023-1255, CVE-2022-4203, CVE-2025-68160, CVE-2025-69418), pkg:rpm/redhat/krb5-libs@1.18.2-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=krb5-1.18.2-32.el8_10.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2023-36054, CVE-2024-37371, CVE-2025-24528, CVE-2024-26458, CVE-2024-26461, CVE-2025-3576), pkg:rpm/redhat/python3-setuptools-wheel@39.2.0-9.el8_10?arch=noarch\u0026distro=rhel-8.10\u0026upstream=python-setuptools-39.2.0-9.el8_10.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2022-40897), pkg:rpm/redhat/glibc-minimal-langpack@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2025-5702, CVE-2025-0395, CVE-2024-33600, CVE-2026-0915, CVE-2025-8058, CVE-2024-33601, CVE-2024-33602), pkg:rpm/redhat/glibc@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2025-15281, CVE-2025-5702, CVE-2025-0395, CVE-2024-33600, CVE-2026-0915, CVE-2025-8058, CVE-2024-33601, CVE-2024-33602), pkg:rpm/redhat/glibc-common@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2025-5702, CVE-2025-0395, CVE-2024-33600, CVE-2026-0915, CVE-2025-8058, CVE-2024-33601, CVE-2024-33602), pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2024-6923, CVE-2025-0938, CVE-2025-13836, CVE-2024-9287, CVE-2024-0450, CVE-2007-4559, CVE-2023-27043, CVE-2024-8088, CVE-2024-0397, CVE-2024-7592, CVE-2026-0865, CVE-2025-6069, CVE-2025-8291, CVE-2025-6075), pkg:rpm/redhat/cups-libs@2.2.6-67.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=cups-2.2.6-67.el8_10.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2022-26691, CVE-2023-32360, CVE-2025-58364, CVE-2023-32324, CVE-2025-58436, CVE-2024-35235), pkg:rpm/redhat/ncurses-base@6.1-10.20180224.el8?arch=noarch\u0026distro=rhel-8.10\u0026upstream=ncurses-6.1-10.20180224.el8.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2022-29458), pkg:rpm/redhat/ncurses-libs@6.1-10.20180224.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=ncurses-6.1-10.20180224.el8.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2022-29458), pkg:rpm/redhat/sqlite-libs@3.26.0-20.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=sqlite-3.26.0-20.el8_10.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2022-35737), pkg:rpm/redhat/expat@2.5.0-1.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=expat-2.5.0-1.el8_10.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2024-45492, CVE-2024-50602, CVE-2025-59375), pkg:rpm/redhat/gnutls@3.6.16-8.el8_10.5?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=gnutls-3.6.16-8.el8_10.5.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2025-32988, CVE-2025-32990, CVE-2025-6395, CVE-2023-5981, CVE-2024-12243, CVE-2024-28834, CVE-2025-14831, CVE-2025-32989, CVE-2024-28835, CVE-2025-9820), pkg:rpm/redhat/lua@5.3.4-12.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=lua-5.3.4-12.el8.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2022-33099, CVE-2022-28805, CVE-2021-43519), pkg:rpm/redhat/lua-libs@5.3.4-12.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=lua-5.3.4-12.el8.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2022-33099, CVE-2022-28805, CVE-2021-43519), pkg:rpm/redhat/bash@4.4.20-6.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=bash-4.4.20-6.el8_10.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2022-3715), pkg:rpm/redhat/dbus-libs@1.12.8-27.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=dbus-1.12.8-27.el8_10.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2022-42010, CVE-2022-42011, CVE-2022-42012, CVE-2023-34969), pkg:rpm/redhat/gmp@6.1.2-11.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=gmp-6.1.2-11.el8.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2021-43618), pkg:rpm/redhat/avahi-libs@0.7-27.el8_10.1?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=avahi-0.7-27.el8_10.1.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2021-3468, CVE-2023-1981, CVE-2023-38469, CVE-2023-38470, CVE-2023-38471, CVE-2023-38472, CVE-2023-38473, CVE-2021-3502, CVE-2024-52615, CVE-2024-52616), pkg:rpm/redhat/libuuid@2.32.1-48.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=util-linux-2.32.1-48.el8_10.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2025-14104), pkg:rpm/redhat/libgcc@8.5.0-28.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=gcc-8.5.0-28.el8_10.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2020-11023), pkg:rpm/redhat/libblkid@2.32.1-48.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=util-linux-2.32.1-48.el8_10.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2025-14104, CVE-2026-27456), pkg:rpm/redhat/libstdc%2B%2B@8.5.0-28.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=gcc-8.5.0-28.el8_10.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2020-11023), pkg:rpm/redhat/libmount@2.32.1-48.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=util-linux-2.32.1-48.el8_10.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2025-14104), pkg:rpm/redhat/systemd-libs@239-82.el8_10.15?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=systemd-239-82.el8_10.15.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2023-7008, CVE-2022-3821, CVE-2022-4415, CVE-2022-45873, CVE-2025-4598), pkg:rpm/redhat/libtasn1@4.13-5.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libtasn1-4.13-5.el8_10.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2021-46848, CVE-2024-12133), pkg:rpm/redhat/libgcrypt@1.8.5-7.el8_6?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libgcrypt-1.8.5-7.el8_6.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2024-2236), pkg:rpm/redhat/libcom_err@1.45.6-7.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=e2fsprogs-1.45.6-7.el8_10.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2022-1304), pkg:rpm/redhat/python3-pip-wheel@9.0.3-24.el8?arch=noarch\u0026distro=rhel-8.10\u0026upstream=python-pip-9.0.3-24.el8.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2007-4559), pkg:rpm/redhat/bzip2-libs@1.0.6-28.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=bzip2-1.0.6-28.el8_10.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2019-12900), pkg:rpm/redhat/alsa-lib@1.2.10-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=alsa-lib-1.2.10-2.el8.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2026-25068), pkg:rpm/redhat/openssl-libs@1.1.1k-15.el8_6?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=openssl-1.1.1k-15.el8_6.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2022-1292, CVE-2022-2068, CVE-2023-2650, CVE-2023-6129, CVE-2025-69421, CVE-2025-11187, CVE-2020-1971, CVE-2022-4304, CVE-2023-0464, CVE-2023-6237, CVE-2024-5535, CVE-2024-6119, CVE-2025-15468, CVE-2025-66199, CVE-2025-69420, CVE-2026-22796, CVE-2024-4741, CVE-2025-9230, CVE-2024-0727, CVE-2025-15469, CVE-2026-22795, CVE-2022-1343, CVE-2022-2097, CVE-2023-0465, CVE-2023-0466, CVE-2023-2975, CVE-2023-3446, CVE-2023-3817, CVE-2023-5678, CVE-2024-4603, CVE-2023-1255, CVE-2022-4203, CVE-2025-68160, CVE-2025-69418), pkg:rpm/redhat/libcurl@7.61.1-34.el8_10.11?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=curl-7.61.1-34.el8_10.11.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2022-32206, CVE-2023-23916, CVE-2022-43552, CVE-2023-27535, CVE-2023-27536, CVE-2023-28321, CVE-2023-27538, CVE-2022-32208, CVE-2023-46218, CVE-2025-9086, CVE-2022-27774, CVE-2022-32221, CVE-2022-27776, CVE-2023-27533), pkg:rpm/redhat/curl@7.61.1-34.el8_10.11?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=curl-7.61.1-34.el8_10.11.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2025-13034, CVE-2025-14819, CVE-2026-1965, CVE-2022-32206, CVE-2023-23916, CVE-2025-14524, CVE-2026-3784, CVE-2026-3805, CVE-2022-43552, CVE-2023-27535, CVE-2023-27536, CVE-2023-28321, CVE-2025-10966, CVE-2026-3783, CVE-2023-27538, CVE-2022-32208, CVE-2023-46218, CVE-2025-9086, CVE-2022-27774, CVE-2022-32221, CVE-2025-10148, CVE-2025-14017, CVE-2025-15224, CVE-2022-27776, CVE-2023-27533), pkg:rpm/redhat/libxml2@2.9.7-21.el8_10.3?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libxml2-2.9.7-21.el8_10.3.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2023-39615, CVE-2025-9714, CVE-2022-49043, CVE-2023-28484, CVE-2023-29469, CVE-2025-32414), pkg:rpm/redhat/krb5-libs@1.18.2-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=krb5-1.18.2-32.el8_10.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2023-36054, CVE-2024-37371, CVE-2025-24528, CVE-2024-26458, CVE-2024-26461, CVE-2025-3576), pkg:rpm/redhat/glibc-minimal-langpack@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2025-5702, CVE-2025-0395, CVE-2024-33600, CVE-2026-0915, CVE-2025-8058, CVE-2024-33601, CVE-2024-33602), pkg:rpm/redhat/glibc@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2025-15281, CVE-2025-5702, CVE-2025-0395, CVE-2024-33600, CVE-2026-0915, CVE-2025-8058, CVE-2024-33601, CVE-2024-33602), pkg:rpm/redhat/glibc-common@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2025-5702, CVE-2025-0395, CVE-2024-33600, CVE-2026-0915, CVE-2025-8058, CVE-2024-33601, CVE-2024-33602), pkg:rpm/redhat/libssh-config@0.9.6-16.el8_10?arch=noarch\u0026distro=rhel-8.10\u0026upstream=libssh-0.9.6-16.el8_10.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2023-48795, CVE-2023-2283, CVE-2023-6004, CVE-2023-1667), pkg:rpm/redhat/libssh@0.9.6-16.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libssh-0.9.6-16.el8_10.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2023-48795, CVE-2023-2283, CVE-2023-6004, CVE-2023-1667), pkg:rpm/redhat/libarchive@3.3.3-7.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libarchive-3.3.3-7.el8_10.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2022-26280, CVE-2022-36227, CVE-2024-57970, CVE-2025-25724), pkg:rpm/redhat/ncurses-base@6.1-10.20180224.el8?arch=noarch\u0026distro=rhel-8.10\u0026upstream=ncurses-6.1-10.20180224.el8.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2022-29458), pkg:rpm/redhat/ncurses-libs@6.1-10.20180224.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=ncurses-6.1-10.20180224.el8.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2022-29458), pkg:rpm/redhat/sqlite-libs@3.26.0-20.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=sqlite-3.26.0-20.el8_10.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2022-35737), pkg:rpm/redhat/libnghttp2@1.33.0-6.el8_10.2?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=nghttp2-1.33.0-6.el8_10.2.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2024-28182), pkg:rpm/redhat/lua-libs@5.3.4-12.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=lua-5.3.4-12.el8.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2022-33099, CVE-2022-28805, CVE-2021-43519), pkg:rpm/redhat/bash@4.4.20-6.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=bash-4.4.20-6.el8_10.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2022-3715), pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2021-35938, CVE-2021-35939, CVE-2021-35937), pkg:rpm/redhat/rpm@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2021-35938, CVE-2021-35939, CVE-2021-35937), pkg:rpm/redhat/gmp@6.1.2-11.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=gmp-6.1.2-11.el8.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2021-43618), pkg:rpm/redhat/libgcc@8.5.0-28.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=gcc-8.5.0-28.el8_10.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2020-11023), pkg:rpm/redhat/libtasn1@4.13-5.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libtasn1-4.13-5.el8_10.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2021-46848, CVE-2024-12133), pkg:rpm/redhat/libcom_err@1.45.6-7.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=e2fsprogs-1.45.6-7.el8_10.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2022-1304), pkg:rpm/redhat/bzip2-libs@1.0.6-28.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=bzip2-1.0.6-28.el8_10.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2019-12900), pkg:rpm/redhat/openssl-libs@1.1.1k-15.el8_6?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=openssl-1.1.1k-15.el8_6.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2022-1292, CVE-2022-2068, CVE-2023-2650, CVE-2023-6129, CVE-2025-69421, CVE-2025-11187, CVE-2020-1971, CVE-2022-4304, CVE-2023-0464, CVE-2023-6237, CVE-2024-5535, CVE-2024-6119, CVE-2025-15468, CVE-2025-66199, CVE-2025-69420, CVE-2026-22796, CVE-2024-4741, CVE-2025-9230, CVE-2024-0727, CVE-2025-15469, CVE-2026-22795, CVE-2022-1343, CVE-2022-2097, CVE-2023-0465, CVE-2023-0466, CVE-2023-2975, CVE-2023-3446, CVE-2023-3817, CVE-2023-5678, CVE-2024-4603, CVE-2023-1255, CVE-2022-4203, CVE-2025-68160, CVE-2025-69418), pkg:rpm/redhat/libcurl@7.61.1-34.el8_10.11?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=curl-7.61.1-34.el8_10.11.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2022-32206, CVE-2023-23916, CVE-2022-43552, CVE-2023-27535, CVE-2023-27536, CVE-2023-28321, CVE-2023-27538, CVE-2022-32208, CVE-2023-46218, CVE-2025-9086, CVE-2022-27774, CVE-2022-32221, CVE-2022-27776, CVE-2023-27533), pkg:rpm/redhat/curl@7.61.1-34.el8_10.11?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=curl-7.61.1-34.el8_10.11.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2025-13034, CVE-2025-14819, CVE-2026-1965, CVE-2022-32206, CVE-2023-23916, CVE-2025-14524, CVE-2026-3784, CVE-2026-3805, CVE-2022-43552, CVE-2023-27535, CVE-2023-27536, CVE-2023-28321, CVE-2025-10966, CVE-2026-3783, CVE-2023-27538, CVE-2022-32208, CVE-2023-46218, CVE-2025-9086, CVE-2022-27774, CVE-2022-32221, CVE-2025-10148, CVE-2025-14017, CVE-2025-15224, CVE-2022-27776, CVE-2023-27533), pkg:rpm/redhat/libxml2@2.9.7-21.el8_10.3?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libxml2-2.9.7-21.el8_10.3.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2023-39615, CVE-2025-9714, CVE-2022-49043, CVE-2023-28484, CVE-2023-29469, CVE-2025-32414), pkg:rpm/redhat/krb5-libs@1.18.2-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=krb5-1.18.2-32.el8_10.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2023-36054, CVE-2024-37371, CVE-2025-24528, CVE-2024-26458, CVE-2024-26461, CVE-2025-3576), pkg:rpm/redhat/glibc-minimal-langpack@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2025-5702, CVE-2025-0395, CVE-2024-33600, CVE-2026-0915, CVE-2025-8058, CVE-2024-33601, CVE-2024-33602), pkg:rpm/redhat/glibc@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2025-15281, CVE-2025-5702, CVE-2025-0395, CVE-2024-33600, CVE-2026-0915, CVE-2025-8058, CVE-2024-33601, CVE-2024-33602), pkg:rpm/redhat/glibc-common@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2025-5702, CVE-2025-0395, CVE-2024-33600, CVE-2026-0915, CVE-2025-8058, CVE-2024-33601, CVE-2024-33602), pkg:rpm/redhat/gnupg2@2.2.20-4.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=gnupg2-2.2.20-4.el8_10.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2022-34903), pkg:rpm/redhat/libssh-config@0.9.6-16.el8_10?arch=noarch\u0026distro=rhel-8.10\u0026upstream=libssh-0.9.6-16.el8_10.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2023-48795, CVE-2023-2283, CVE-2023-6004, CVE-2023-1667), pkg:rpm/redhat/libssh@0.9.6-16.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libssh-0.9.6-16.el8_10.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2023-48795, CVE-2023-2283, CVE-2023-6004, CVE-2023-1667), pkg:rpm/redhat/ncurses-base@6.1-10.20180224.el8?arch=noarch\u0026distro=rhel-8.10\u0026upstream=ncurses-6.1-10.20180224.el8.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2022-29458), pkg:rpm/redhat/ncurses-libs@6.1-10.20180224.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=ncurses-6.1-10.20180224.el8.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2022-29458), pkg:rpm/redhat/libarchive@3.3.3-7.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libarchive-3.3.3-7.el8_10.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2022-26280, CVE-2022-36227, CVE-2024-57970, CVE-2025-25724), pkg:rpm/redhat/glib2@2.56.4-168.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glib2-2.56.4-168.el8_10.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2023-32611, CVE-2023-32665, CVE-2025-14512, CVE-2023-29499, CVE-2025-14087, CVE-2025-4373), pkg:rpm/redhat/sqlite-libs@3.26.0-20.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=sqlite-3.26.0-20.el8_10.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2022-35737), pkg:rpm/redhat/libsolv@0.7.20-6.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libsolv-0.7.20-6.el8.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2024-28863, CVE-2021-44568), pkg:rpm/redhat/gnutls@3.6.16-8.el8_10.5?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=gnutls-3.6.16-8.el8_10.5.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2025-32988, CVE-2025-32990, CVE-2025-6395, CVE-2023-5981, CVE-2024-12243, CVE-2024-28834, CVE-2025-14831, CVE-2025-32989, CVE-2024-28835, CVE-2025-9820), pkg:rpm/redhat/libnghttp2@1.33.0-6.el8_10.2?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=nghttp2-1.33.0-6.el8_10.2.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2024-28182), pkg:rpm/redhat/lua-libs@5.3.4-12.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=lua-5.3.4-12.el8.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2022-33099, CVE-2022-28805, CVE-2021-43519), pkg:rpm/redhat/bash@4.4.20-6.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=bash-4.4.20-6.el8_10.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2022-3715), pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2021-35938, CVE-2021-35939, CVE-2021-35937), pkg:rpm/redhat/rpm@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2021-35938, CVE-2021-35939, CVE-2021-35937), pkg:rpm/redhat/gmp@6.1.2-11.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=gmp-6.1.2-11.el8.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2021-43618), pkg:rpm/redhat/libsmartcols@2.32.1-48.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=util-linux-2.32.1-48.el8_10.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2025-14104), pkg:rpm/redhat/libgcc@8.5.0-28.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=gcc-8.5.0-28.el8_10.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2020-11023), pkg:rpm/redhat/libmount@2.32.1-48.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=util-linux-2.32.1-48.el8_10.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2025-14104), pkg:rpm/redhat/libuuid@2.32.1-48.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=util-linux-2.32.1-48.el8_10.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2025-14104), pkg:rpm/redhat/libblkid@2.32.1-48.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=util-linux-2.32.1-48.el8_10.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2025-14104, CVE-2026-27456), pkg:rpm/redhat/libstdc%2B%2B@8.5.0-28.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=gcc-8.5.0-28.el8_10.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2020-11023), pkg:rpm/redhat/libtasn1@4.13-5.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libtasn1-4.13-5.el8_10.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2021-46848, CVE-2024-12133), pkg:rpm/redhat/libgcrypt@1.8.5-7.el8_6?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libgcrypt-1.8.5-7.el8_6.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2024-2236), pkg:rpm/redhat/systemd-libs@239-82.el8_10.15?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=systemd-239-82.el8_10.15.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2023-7008, CVE-2022-3821, CVE-2022-4415, CVE-2022-45873, CVE-2025-4598), pkg:rpm/redhat/libcom_err@1.45.6-7.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=e2fsprogs-1.45.6-7.el8_10.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2022-1304), pkg:rpm/redhat/file-libs@5.33-27.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=file-5.33-27.el8_10.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2022-48554), pkg:rpm/redhat/bzip2-libs@1.0.6-28.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=bzip2-1.0.6-28.el8_10.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2019-12900), pkg:rpm/redhat/glibc-minimal-langpack@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/tar@1.30-11.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=2\u0026upstream=tar-1.30-11.el8_10.src.rpm] (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2025-5702, CVE-2025-0395, CVE-2024-33600, CVE-2026-0915, CVE-2025-8058, CVE-2024-33601, CVE-2024-33602), pkg:rpm/redhat/glibc@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/tar@1.30-11.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=2\u0026upstream=tar-1.30-11.el8_10.src.rpm] (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2025-15281, CVE-2025-5702, CVE-2025-0395, CVE-2024-33600, CVE-2026-0915, CVE-2025-8058, CVE-2024-33601, CVE-2024-33602), pkg:rpm/redhat/glibc-common@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/tar@1.30-11.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=2\u0026upstream=tar-1.30-11.el8_10.src.rpm] (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2025-5702, CVE-2025-0395, CVE-2024-33600, CVE-2026-0915, CVE-2025-8058, CVE-2024-33601, CVE-2024-33602), pkg:rpm/redhat/ncurses-base@6.1-10.20180224.el8?arch=noarch\u0026distro=rhel-8.10\u0026upstream=ncurses-6.1-10.20180224.el8.src.rpm [transitive via pkg:rpm/redhat/tar@1.30-11.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=2\u0026upstream=tar-1.30-11.el8_10.src.rpm] (CVE-2022-29458), pkg:rpm/redhat/ncurses-libs@6.1-10.20180224.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=ncurses-6.1-10.20180224.el8.src.rpm [transitive via pkg:rpm/redhat/tar@1.30-11.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=2\u0026upstream=tar-1.30-11.el8_10.src.rpm] (CVE-2022-29458), pkg:rpm/redhat/bash@4.4.20-6.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=bash-4.4.20-6.el8_10.src.rpm [transitive via pkg:rpm/redhat/tar@1.30-11.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=2\u0026upstream=tar-1.30-11.el8_10.src.rpm] (CVE-2022-3715), pkg:rpm/redhat/glibc-minimal-langpack@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/lz4-libs@1.8.3-5.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=lz4-1.8.3-5.el8_10.src.rpm] (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2025-5702, CVE-2025-0395, CVE-2024-33600, CVE-2026-0915, CVE-2025-8058, CVE-2024-33601, CVE-2024-33602), pkg:rpm/redhat/glibc@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/lz4-libs@1.8.3-5.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=lz4-1.8.3-5.el8_10.src.rpm] (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2025-15281, CVE-2025-5702, CVE-2025-0395, CVE-2024-33600, CVE-2026-0915, CVE-2025-8058, CVE-2024-33601, CVE-2024-33602), pkg:rpm/redhat/glibc-common@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/lz4-libs@1.8.3-5.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=lz4-1.8.3-5.el8_10.src.rpm] (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2025-5702, CVE-2025-0395, CVE-2024-33600, CVE-2026-0915, CVE-2025-8058, CVE-2024-33601, CVE-2024-33602), pkg:rpm/redhat/ncurses-base@6.1-10.20180224.el8?arch=noarch\u0026distro=rhel-8.10\u0026upstream=ncurses-6.1-10.20180224.el8.src.rpm [transitive via pkg:rpm/redhat/lz4-libs@1.8.3-5.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=lz4-1.8.3-5.el8_10.src.rpm] (CVE-2022-29458), pkg:rpm/redhat/ncurses-libs@6.1-10.20180224.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=ncurses-6.1-10.20180224.el8.src.rpm [transitive via pkg:rpm/redhat/lz4-libs@1.8.3-5.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=lz4-1.8.3-5.el8_10.src.rpm] (CVE-2022-29458), pkg:rpm/redhat/bash@4.4.20-6.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=bash-4.4.20-6.el8_10.src.rpm [transitive via pkg:rpm/redhat/lz4-libs@1.8.3-5.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=lz4-1.8.3-5.el8_10.src.rpm] (CVE-2022-3715), pkg:rpm/redhat/glibc-minimal-langpack@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/rootfiles@8.1-22.el8?arch=noarch\u0026distro=rhel-8.10\u0026upstream=rootfiles-8.1-22.el8.src.rpm] (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2025-5702, CVE-2025-0395, CVE-2024-33600, CVE-2026-0915, CVE-2025-8058, CVE-2024-33601, CVE-2024-33602), pkg:rpm/redhat/glibc@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/rootfiles@8.1-22.el8?arch=noarch\u0026distro=rhel-8.10\u0026upstream=rootfiles-8.1-22.el8.src.rpm] (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2025-15281, CVE-2025-5702, CVE-2025-0395, CVE-2024-33600, CVE-2026-0915, CVE-2025-8058, CVE-2024-33601, CVE-2024-33602), pkg:rpm/redhat/glibc-common@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/rootfiles@8.1-22.el8?arch=noarch\u0026distro=rhel-8.10\u0026upstream=rootfiles-8.1-22.el8.src.rpm] (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2025-5702, CVE-2025-0395, CVE-2024-33600, CVE-2026-0915, CVE-2025-8058, CVE-2024-33601, CVE-2024-33602), pkg:rpm/redhat/ncurses-base@6.1-10.20180224.el8?arch=noarch\u0026distro=rhel-8.10\u0026upstream=ncurses-6.1-10.20180224.el8.src.rpm [transitive via pkg:rpm/redhat/rootfiles@8.1-22.el8?arch=noarch\u0026distro=rhel-8.10\u0026upstream=rootfiles-8.1-22.el8.src.rpm] (CVE-2022-29458), pkg:rpm/redhat/ncurses-libs@6.1-10.20180224.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=ncurses-6.1-10.20180224.el8.src.rpm [transitive via pkg:rpm/redhat/rootfiles@8.1-22.el8?arch=noarch\u0026distro=rhel-8.10\u0026upstream=rootfiles-8.1-22.el8.src.rpm] (CVE-2022-29458), pkg:rpm/redhat/bash@4.4.20-6.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=bash-4.4.20-6.el8_10.src.rpm [transitive via pkg:rpm/redhat/rootfiles@8.1-22.el8?arch=noarch\u0026distro=rhel-8.10\u0026upstream=rootfiles-8.1-22.el8.src.rpm] (CVE-2022-3715), pkg:rpm/redhat/glibc-minimal-langpack@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/libsemanage@2.9-12.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libsemanage-2.9-12.el8_10.src.rpm] (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2025-5702, CVE-2025-0395, CVE-2024-33600, CVE-2026-0915, CVE-2025-8058, CVE-2024-33601, CVE-2024-33602), pkg:rpm/redhat/glibc@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/libsemanage@2.9-12.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libsemanage-2.9-12.el8_10.src.rpm] (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2025-15281, CVE-2025-5702, CVE-2025-0395, CVE-2024-33600, CVE-2026-0915, CVE-2025-8058, CVE-2024-33601, CVE-2024-33602), pkg:rpm/redhat/glibc-common@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/libsemanage@2.9-12.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libsemanage-2.9-12.el8_10.src.rpm] (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2025-5702, CVE-2025-0395, CVE-2024-33600, CVE-2026-0915, CVE-2025-8058, CVE-2024-33601, CVE-2024-33602), pkg:rpm/redhat/ncurses-base@6.1-10.20180224.el8?arch=noarch\u0026distro=rhel-8.10\u0026upstream=ncurses-6.1-10.20180224.el8.src.rpm [transitive via pkg:rpm/redhat/libsemanage@2.9-12.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libsemanage-2.9-12.el8_10.src.rpm] (CVE-2022-29458), pkg:rpm/redhat/ncurses-libs@6.1-10.20180224.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=ncurses-6.1-10.20180224.el8.src.rpm [transitive via pkg:rpm/redhat/libsemanage@2.9-12.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libsemanage-2.9-12.el8_10.src.rpm] (CVE-2022-29458), pkg:rpm/redhat/bash@4.4.20-6.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=bash-4.4.20-6.el8_10.src.rpm [transitive via pkg:rpm/redhat/libsemanage@2.9-12.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libsemanage-2.9-12.el8_10.src.rpm] (CVE-2022-3715), pkg:rpm/redhat/bzip2-libs@1.0.6-28.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=bzip2-1.0.6-28.el8_10.src.rpm [transitive via pkg:rpm/redhat/libsemanage@2.9-12.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libsemanage-2.9-12.el8_10.src.rpm] (CVE-2019-12900), pkg:rpm/redhat/glibc-minimal-langpack@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/shadow-utils@4.6-23.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=2\u0026upstream=shadow-utils-4.6-23.el8_10.src.rpm] (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2025-5702, CVE-2025-0395, CVE-2024-33600, CVE-2026-0915, CVE-2025-8058, CVE-2024-33601, CVE-2024-33602), pkg:rpm/redhat/glibc@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/shadow-utils@4.6-23.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=2\u0026upstream=shadow-utils-4.6-23.el8_10.src.rpm] (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2025-15281, CVE-2025-5702, CVE-2025-0395, CVE-2024-33600, CVE-2026-0915, CVE-2025-8058, CVE-2024-33601, CVE-2024-33602), pkg:rpm/redhat/glibc-common@2.28-251.el8_10.31?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glibc-2.28-251.el8_10.31.src.rpm [transitive via pkg:rpm/redhat/shadow-utils@4.6-23.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=2\u0026upstream=shadow-utils-4.6-23.el8_10.src.rpm] (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2025-5702, CVE-2025-0395, CVE-2024-33600, CVE-2026-0915, CVE-2025-8058, CVE-2024-33601, CVE-2024-33602), pkg:rpm/redhat/ncurses-base@6.1-10.20180224.el8?arch=noarch\u0026distro=rhel-8.10\u0026upstream=ncurses-6.1-10.20180224.el8.src.rpm [transitive via pkg:rpm/redhat/shadow-utils@4.6-23.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=2\u0026upstream=shadow-utils-4.6-23.el8_10.src.rpm] (CVE-2022-29458), pkg:rpm/redhat/ncurses-libs@6.1-10.20180224.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=ncurses-6.1-10.20180224.el8.src.rpm [transitive via pkg:rpm/redhat/shadow-utils@4.6-23.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=2\u0026upstream=shadow-utils-4.6-23.el8_10.src.rpm] (CVE-2022-29458), pkg:rpm/redhat/bash@4.4.20-6.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=bash-4.4.20-6.el8_10.src.rpm [transitive via pkg:rpm/redhat/shadow-utils@4.6-23.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=2\u0026upstream=shadow-utils-4.6-23.el8_10.src.rpm] (CVE-2022-3715), pkg:rpm/redhat/libgcc@8.5.0-28.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=gcc-8.5.0-28.el8_10.src.rpm [transitive via pkg:rpm/redhat/shadow-utils@4.6-23.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=2\u0026upstream=shadow-utils-4.6-23.el8_10.src.rpm] (CVE-2020-11023), pkg:rpm/redhat/bzip2-libs@1.0.6-28.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=bzip2-1.0.6-28.el8_10.src.rpm [transitive via pkg:rpm/redhat/shadow-utils@4.6-23.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=2\u0026upstream=shadow-utils-4.6-23.el8_10.src.rpm] (CVE-2019-12900)", "name": "rhtpa_medium_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 178 } }, { "msg": "Found 14 low vulnerabilities.", "metadata": { "details": { "description": "Source: redhat-csaf. Affected dependencies: pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm [direct] (CVE-2024-11168, CVE-2024-4032, CVE-2024-5642), pkg:rpm/redhat/shadow-utils@4.6-23.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=2\u0026upstream=shadow-utils-4.6-23.el8_10.src.rpm [direct] (CVE-2024-56433), pkg:rpm/redhat/openssl-libs@1.1.1k-15.el8_6?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=openssl-1.1.1k-15.el8_6.src.rpm [transitive via pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm] (CVE-2024-2511), pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm [transitive via pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm] (CVE-2024-11168, CVE-2024-4032, CVE-2024-5642), pkg:rpm/redhat/libcap@2.48-6.el8_9?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libcap-2.48-6.el8_9.src.rpm [transitive via pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm] (CVE-2023-2602), pkg:rpm/redhat/openssl-libs@1.1.1k-15.el8_6?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=openssl-1.1.1k-15.el8_6.src.rpm [transitive via pkg:rpm/redhat/openldap@2.4.46-21.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=openldap-2.4.46-21.el8_10.src.rpm] (CVE-2024-2511), pkg:rpm/redhat/libcap@2.48-6.el8_9?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libcap-2.48-6.el8_9.src.rpm [transitive via pkg:rpm/redhat/openldap@2.4.46-21.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=openldap-2.4.46-21.el8_10.src.rpm] (CVE-2023-2602), pkg:rpm/redhat/openssl-libs@1.1.1k-15.el8_6?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=openssl-1.1.1k-15.el8_6.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2024-2511), pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=python3-3.6.8-75.el8_10.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2024-11168, CVE-2024-4032, CVE-2024-5642), pkg:rpm/redhat/libcap@2.48-6.el8_9?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libcap-2.48-6.el8_9.src.rpm [transitive via pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm] (CVE-2023-2602), pkg:rpm/redhat/openssl-libs@1.1.1k-15.el8_6?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=openssl-1.1.1k-15.el8_6.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2024-2511), pkg:rpm/redhat/libcurl@7.61.1-34.el8_10.11?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=curl-7.61.1-34.el8_10.11.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2023-27534, CVE-2023-28322, CVE-2023-38546, CVE-2022-35252), pkg:rpm/redhat/curl@7.61.1-34.el8_10.11?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=curl-7.61.1-34.el8_10.11.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2023-27534, CVE-2023-28322, CVE-2023-38546, CVE-2022-35252), pkg:rpm/redhat/libxml2@2.9.7-21.el8_10.3?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libxml2-2.9.7-21.el8_10.3.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2025-6170), pkg:rpm/redhat/libssh-config@0.9.6-16.el8_10?arch=noarch\u0026distro=rhel-8.10\u0026upstream=libssh-0.9.6-16.el8_10.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2023-6918), pkg:rpm/redhat/libssh@0.9.6-16.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libssh-0.9.6-16.el8_10.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2023-6918), pkg:rpm/redhat/libcap@2.48-6.el8_9?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libcap-2.48-6.el8_9.src.rpm [transitive via pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=rpm-4.14.3-32.el8_10.src.rpm] (CVE-2023-2602), pkg:rpm/redhat/openssl-libs@1.1.1k-15.el8_6?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=1\u0026upstream=openssl-1.1.1k-15.el8_6.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2024-2511), pkg:rpm/redhat/libcurl@7.61.1-34.el8_10.11?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=curl-7.61.1-34.el8_10.11.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2023-27534, CVE-2023-28322, CVE-2023-38546, CVE-2022-35252), pkg:rpm/redhat/curl@7.61.1-34.el8_10.11?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=curl-7.61.1-34.el8_10.11.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2023-27534, CVE-2023-28322, CVE-2023-38546, CVE-2022-35252), pkg:rpm/redhat/libxml2@2.9.7-21.el8_10.3?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libxml2-2.9.7-21.el8_10.3.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2025-6170), pkg:rpm/redhat/libssh-config@0.9.6-16.el8_10?arch=noarch\u0026distro=rhel-8.10\u0026upstream=libssh-0.9.6-16.el8_10.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2023-6918), pkg:rpm/redhat/libssh@0.9.6-16.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libssh-0.9.6-16.el8_10.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2023-6918), pkg:rpm/redhat/libcap@2.48-6.el8_9?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libcap-2.48-6.el8_9.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2023-2602), pkg:rpm/redhat/glib2@2.56.4-168.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=glib2-2.56.4-168.el8_10.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2024-34397), pkg:rpm/redhat/libsolv@0.7.20-6.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libsolv-0.7.20-6.el8.src.rpm [transitive via pkg:rpm/redhat/microdnf@3.8.0-2.el8?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=microdnf-3.8.0-2.el8.src.rpm] (CVE-2021-3200), pkg:rpm/redhat/libcap@2.48-6.el8_9?arch=x86_64\u0026distro=rhel-8.10\u0026upstream=libcap-2.48-6.el8_9.src.rpm [transitive via pkg:rpm/redhat/shadow-utils@4.6-23.el8_10?arch=x86_64\u0026distro=rhel-8.10\u0026epoch=2\u0026upstream=shadow-utils-4.6-23.el8_10.src.rpm] (CVE-2023-2602)", "name": "rhtpa_low_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 14 } } ] } ] {"vulnerabilities":{"critical":6,"high":115,"medium":178,"low":14,"unknown":0},"unpatched_vulnerabilities":{"critical":0,"high":0,"medium":0,"low":0,"unknown":0}} {"image": {"pullspec": "quay.io/redhat-appstudio-qe/forgejo-rep-ccja/test-comp-pac-forgejo-utvouv:on-pr-d7e89c78f26f798f59b7f9ebb0aec5ddd78095b1", "digests": ["sha256:1f9c2afcd1335d6e969ddc78b60565f7f5207d8b2e581461d596e85cda2840a1"]}} {"result":"SUCCESS","timestamp":"2026-04-20T19:22:19+00:00","note":"Task tpa-scan completed: Refer to Tekton task result SCAN_OUTPUT for vulnerabilities scanned by TPA.","namespace":"default","successes":0,"failures":0,"warnings":0} pod: test-comp-pac-forgejo-utvouv-on-pull-request-zb4tg-init-pod | init container: prepare 2026/04/20 19:14:52 Entrypoint initialization pod: test-comp-pac-forgejo-utvouv-on-pull-request-zb4tg-init-pod | container step-init: time="2026-04-20T19:15:08Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-20T19:15:08Z" level=info msg="[param] enable: false" time="2026-04-20T19:15:08Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-20T19:15:08Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-20T19:15:08Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-20T19:15:08Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-20T19:15:08Z" level=info msg="Cache proxy is disabled in param or in backend" time="2026-04-20T19:15:08Z" level=info msg="[result] HTTP PROXY: " time="2026-04-20T19:15:08Z" level=info msg="[result] NO PROXY: " [FAILED] Expected success, but got an error: <*errors.errorString | 0xc0003bf9a0>: unable to retrigger pipelinerun for component forgejo-rep-ccja:test-comp-pac-forgejo-utvouv: timed out waiting for new PipelineRun to appear after retriggering it for component forgejo-rep-ccja:test-comp-pac-forgejo-utvouv { s: "unable to retrigger pipelinerun for component forgejo-rep-ccja:test-comp-pac-forgejo-utvouv: timed out waiting for new PipelineRun to appear after retriggering it for component forgejo-rep-ccja:test-comp-pac-forgejo-utvouv", } In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/forgejo-integration-reporting.go:231 @ 04/20/26 19:31:33.646 < Exit [It] should lead to build PipelineRun finishing successfully - /tmp/tmp.VA2UVYReoU/tests/integration-service/forgejo-integration-reporting.go:229 @ 04/20/26 19:31:33.646 (16m41.009s) > Enter [AfterAll] Forgejo with status reporting of Integration tests in the associated merge request - /tmp/tmp.VA2UVYReoU/tests/integration-service/forgejo-integration-reporting.go:105 @ 04/20/26 19:31:33.647 < Exit [AfterAll] Forgejo with status reporting of Integration tests in the associated merge request - /tmp/tmp.VA2UVYReoU/tests/integration-service/forgejo-integration-reporting.go:105 @ 04/20/26 19:31:38.009 (4.362s) > Enter [AfterEach] [integration-service-suite Forgejo Status Reporting of Integration tests] - /tmp/tmp.VA2UVYReoU/tests/integration-service/forgejo-integration-reporting.go:41 @ 04/20/26 19:31:38.009 < Exit [AfterEach] [integration-service-suite Forgejo Status Reporting of Integration tests] - /tmp/tmp.VA2UVYReoU/tests/integration-service/forgejo-integration-reporting.go:41 @ 04/20/26 19:31:38.266 (257ms) [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/forgejo-integration-reporting.go:234 @ 04/20/26 19:31:38.275 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/forgejo-integration-reporting.go:254 @ 04/20/26 19:31:38.275 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/forgejo-integration-reporting.go:261 @ 04/20/26 19:31:38.276 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/forgejo-integration-reporting.go:265 @ 04/20/26 19:31:38.276 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/forgejo-integration-reporting.go:270 @ 04/20/26 19:31:38.276 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/forgejo-integration-reporting.go:276 @ 04/20/26 19:31:38.276 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/forgejo-integration-reporting.go:285 @ 04/20/26 19:31:38.276 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/forgejo-integration-reporting.go:290 @ 04/20/26 19:31:38.277 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/forgejo-integration-reporting.go:296 @ 04/20/26 19:31:38.277 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/forgejo-integration-reporting.go:325 @ 04/20/26 19:31:38.277 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/forgejo-integration-reporting.go:340 @ 04/20/26 19:31:38.277 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/forgejo-integration-reporting.go:357 @ 04/20/26 19:31:38.277 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/forgejo-integration-reporting.go:362 @ 04/20/26 19:31:38.278 [FAILED] Unexpected error: <context.deadlineExceededError>: context deadline exceeded {} occurred In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:87 @ 04/20/26 19:34:41.008 > Enter [BeforeAll] with happy path for general flow of Integration service - /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:52 @ 04/20/26 19:14:00.664 Image repository for component test-component-pac-eyzzms in namespace integration1-hpfx do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. < Exit [BeforeAll] with happy path for general flow of Integration service - /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:52 @ 04/20/26 19:14:40.999 (40.335s) > Enter [It] triggers a build PipelineRun - /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:85 @ 04/20/26 19:14:40.999 no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx) [FAILED] Unexpected error: <context.deadlineExceededError>: context deadline exceeded {} occurred In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:87 @ 04/20/26 19:34:41.008 < Exit [It] triggers a build PipelineRun - /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:85 @ 04/20/26 19:34:41.008 (20m0.009s) > Enter [AfterAll] with happy path for general flow of Integration service - /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:68 @ 04/20/26 19:34:41.009 < Exit [AfterAll] with happy path for general flow of Integration service - /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:68 @ 04/20/26 19:34:41.761 (752ms) > Enter [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:49 @ 04/20/26 19:34:41.761 < Exit [AfterEach] [integration-service-suite Integration Service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:49 @ 04/20/26 19:34:41.939 (179ms) [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:90 @ 04/20/26 19:34:41.94 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:101 @ 04/20/26 19:34:41.941 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:107 @ 04/20/26 19:34:41.941 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:128 @ 04/20/26 19:34:41.941 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:132 @ 04/20/26 19:34:41.942 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:137 @ 04/20/26 19:34:41.942 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:141 @ 04/20/26 19:34:41.942 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:154 @ 04/20/26 19:34:41.942 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:158 @ 04/20/26 19:34:41.942 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:173 @ 04/20/26 19:34:41.942 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:183 @ 04/20/26 19:34:41.943 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:188 @ 04/20/26 19:34:41.943 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:198 @ 04/20/26 19:34:41.943 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:205 @ 04/20/26 19:34:41.943 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:218 @ 04/20/26 19:34:41.943 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:222 @ 04/20/26 19:34:41.944 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:266 @ 04/20/26 19:34:41.944 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:273 @ 04/20/26 19:34:41.944 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:292 @ 04/20/26 19:34:41.944 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:296 @ 04/20/26 19:34:41.944 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:301 @ 04/20/26 19:34:41.945 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:305 @ 04/20/26 19:34:41.945 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:309 @ 04/20/26 19:34:41.945 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:324 @ 04/20/26 19:34:41.945 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:334 @ 04/20/26 19:34:41.945 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:340 @ 04/20/26 19:34:41.946 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:344 @ 04/20/26 19:34:41.946 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:349 @ 04/20/26 19:34:41.946 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:358 @ 04/20/26 19:34:41.946 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:364 @ 04/20/26 19:34:41.946 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:378 @ 04/20/26 19:34:41.947 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:382 @ 04/20/26 19:34:41.947 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:399 @ 04/20/26 19:34:41.947 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:406 @ 04/20/26 19:34:41.947 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:413 @ 04/20/26 19:34:41.947 > Enter [BeforeAll] PaC component build - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:54 @ 04/20/26 19:14:00.66 < Exit [BeforeAll] PaC component build - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:54 @ 04/20/26 19:14:43.396 (42.736s) > Enter [BeforeAll] when a new component without specified branch is created and with visibility private - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:117 @ 04/20/26 19:14:43.396 Image repository for component gl-test-custom-default-omaknf in namespace build-e2e-lvjp do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Image repository for component gl-test-custom-default-omaknf in namespace build-e2e-lvjp do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. < Exit [BeforeAll] when a new component without specified branch is created and with visibility private - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:117 @ 04/20/26 19:15:03.5 (20.104s) > Enter [It] correctly targets the default branch (that is not named 'main') with PaC - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:136 @ 04/20/26 19:15:03.5 < Exit [It] correctly targets the default branch (that is not named 'main') with PaC - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:136 @ 04/20/26 19:16:00.459 (56.959s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:16:00.459 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:16:00.459 (0s) > Enter [It] workspace parameter is set correctly in PaC repository CR - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:153 @ 04/20/26 19:16:00.46 < Exit [It] workspace parameter is set correctly in PaC repository CR - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:153 @ 04/20/26 19:16:00.476 (16ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:16:00.476 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:16:00.476 (0s) > Enter [It] triggers a PipelineRun - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:176 @ 04/20/26 19:16:00.476 PipelineRun has not been created yet for the component build-e2e-lvjp/gl-test-custom-branch-jcwtxn < Exit [It] triggers a PipelineRun - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:176 @ 04/20/26 19:16:20.502 (20.026s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:16:20.503 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:16:20.503 (0s) > Enter [It] build pipeline uses the correct serviceAccount - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:191 @ 04/20/26 19:16:20.503 < Exit [It] build pipeline uses the correct serviceAccount - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:191 @ 04/20/26 19:16:20.503 (0s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:16:20.503 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:16:20.503 (0s) > Enter [It] component build status is set correctly - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:195 @ 04/20/26 19:16:20.504 build status annotation value: {"pac":{"state":"enabled","merge-url":"https://gitlab.com/konflux-qe/devfile-sample-hello-world-ozjtpc/-/merge_requests/1","configuration-time":"Mon, 20 Apr 2026 19:15:58 UTC"},"message":"done"} state: enabled mergeUrl: https://gitlab.com/konflux-qe/devfile-sample-hello-world-ozjtpc/-/merge_requests/1 errId: 0 errMessage: configurationTime: Mon, 20 Apr 2026 19:15:58 UTC < Exit [It] component build status is set correctly - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:195 @ 04/20/26 19:16:20.511 (7ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:16:20.511 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:16:20.511 (0s) > Enter [It] image repo and robot account created successfully - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:225 @ 04/20/26 19:16:20.511 < Exit [It] image repo and robot account created successfully - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:225 @ 04/20/26 19:16:21.504 (993ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:16:21.505 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:16:21.505 (0s) > Enter [It] created image repo is private - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:243 @ 04/20/26 19:16:21.505 < Exit [It] created image repo is private - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:243 @ 04/20/26 19:16:22.417 (912ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:16:22.418 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:16:22.418 (0s) > Enter [It] a related PipelineRun should be deleted after deleting the component - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:249 @ 04/20/26 19:16:22.418 < Exit [It] a related PipelineRun should be deleted after deleting the component - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:249 @ 04/20/26 19:16:52.487 (30.069s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:16:52.487 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:16:52.488 (0s) > Enter [It] PR branch should not exist in the repo - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:265 @ 04/20/26 19:16:52.488 < Exit [It] PR branch should not exist in the repo - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:265 @ 04/20/26 19:16:53.831 (1.343s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:16:53.831 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:16:53.831 (0s) > Enter [It] related image repo and the robot account should be deleted after deleting the component - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:278 @ 04/20/26 19:16:53.832 < Exit [It] related image repo and the robot account should be deleted after deleting the component - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:278 @ 04/20/26 19:16:54.714 (882ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:16:54.714 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:16:54.715 (0s) > Enter [BeforeAll] when a new Component with specified custom branch is created - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:306 @ 04/20/26 19:16:54.715 < Exit [BeforeAll] when a new Component with specified custom branch is created - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:306 @ 04/20/26 19:17:04.744 (10.029s) > Enter [It] triggers a PipelineRun - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:332 @ 04/20/26 19:17:04.744 PipelineRun has not been created yet for the component build-e2e-lvjp/gl-test-custom-branch-jcwtxn PipelineRun has not been created yet for the component build-e2e-lvjp/gl-test-custom-branch-jcwtxn PipelineRun has not been created yet for the component build-e2e-lvjp/gl-test-custom-branch-jcwtxn < Exit [It] triggers a PipelineRun - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:332 @ 04/20/26 19:18:04.804 (1m0.06s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:18:04.804 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:18:04.804 (0s) > Enter [It] should lead to a PaC init PR creation - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:347 @ 04/20/26 19:18:04.805 < Exit [It] should lead to a PaC init PR creation - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:347 @ 04/20/26 19:18:05.08 (275ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:18:05.08 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:18:05.08 (0s) > Enter [It] the PipelineRun should eventually finish successfully - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:365 @ 04/20/26 19:18:05.081 PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-t9p9k found for Component build-e2e-lvjp/gl-test-custom-branch-jcwtxn PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-t9p9k reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-t9p9k reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-t9p9k reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-t9p9k reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-t9p9k reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-t9p9k reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-t9p9k reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-t9p9k reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-t9p9k reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-t9p9k reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-t9p9k reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-t9p9k reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-t9p9k reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-t9p9k reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-t9p9k reason: Failed attempt 1/3: PipelineRun "gl-test-custom-branch-jcwtxn-on-pull-request-t9p9k" failed: pod: gl-test-custom-branch-jcwtxn-on-pull-request-t9p9k-init-pod | init container: prepare 2026/04/20 19:17:52 Entrypoint initialization pod: gl-test-custom-branch-jcwtxn-on-pull-request-t9p9k-init-pod | container step-init: time="2026-04-20T19:17:55Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-20T19:17:55Z" level=info msg="[param] enable: false" time="2026-04-20T19:17:55Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-20T19:17:55Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-20T19:17:55Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-20T19:17:55Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-20T19:17:55Z" level=info msg="Cache proxy is disabled in param or in backend" time="2026-04-20T19:17:55Z" level=info msg="[result] HTTP PROXY: " time="2026-04-20T19:17:55Z" level=info msg="[result] NO PROXY: " New PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-q5c82 found after retrigger for component build-e2e-lvjp/gl-test-custom-branch-jcwtxn PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-q5c82 found for Component build-e2e-lvjp/gl-test-custom-branch-jcwtxn PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-q5c82 reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-q5c82 reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-q5c82 reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-q5c82 reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-q5c82 reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-q5c82 reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-q5c82 reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-q5c82 reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-q5c82 reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-q5c82 reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-q5c82 reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-q5c82 reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-q5c82 reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-q5c82 reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-q5c82 reason: Succeeded < Exit [It] the PipelineRun should eventually finish successfully - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:365 @ 04/20/26 19:27:36.261 (9m31.18s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:27:36.261 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:27:36.262 (0s) > Enter [It] image repo and robot account created successfully - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:371 @ 04/20/26 19:27:36.262 < Exit [It] image repo and robot account created successfully - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:371 @ 04/20/26 19:27:37.458 (1.195s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:27:37.458 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:27:37.458 (0s) > Enter [It] created image repo is public - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:390 @ 04/20/26 19:27:37.459 < Exit [It] created image repo is public - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:390 @ 04/20/26 19:27:37.733 (275ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:27:37.734 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:27:37.734 (0s) > Enter [It] image tag is updated successfully - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:396 @ 04/20/26 19:27:37.734 Image tag quay.io/redhat-appstudio-qe/build-e2e-lvjp/gl-test-custom-branch-jcwtxn:on-pr-4893c73e4d9e04a2f505df1adfa32b3f0d26cb76 successfully found in Quay < Exit [It] image tag is updated successfully - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:396 @ 04/20/26 19:27:38.116 (382ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:27:38.116 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:27:38.116 (0s) > Enter [It] should ensure pruning labels are set - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:425 @ 04/20/26 19:27:38.117 < Exit [It] should ensure pruning labels are set - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:425 @ 04/20/26 19:27:38.606 (489ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:27:38.606 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:27:38.606 (0s) > Enter [It] eventually leads to the PipelineRun status report at Checks tab - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:439 @ 04/20/26 19:27:38.607 < Exit [It] eventually leads to the PipelineRun status report at Checks tab - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:439 @ 04/20/26 19:27:39.007 (401ms) > Enter [AfterAll] when a new Component with specified custom branch is created - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:324 @ 04/20/26 19:27:39.008 < Exit [AfterAll] when a new Component with specified custom branch is created - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:324 @ 04/20/26 19:27:39.126 (119ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:27:39.127 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:27:39.127 (0s) > Enter [BeforeAll] when the PaC init branch is updated - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:454 @ 04/20/26 19:27:39.128 created file sha: 8786917755e0b8d0616c879eec15fe36b8ea152a < Exit [BeforeAll] when the PaC init branch is updated - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:454 @ 04/20/26 19:27:40.37 (1.242s) > Enter [It] eventually leads to triggering another PipelineRun - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:464 @ 04/20/26 19:27:40.37 PipelineRun has not been created yet for the component build-e2e-lvjp/gl-test-custom-branch-jcwtxn < Exit [It] eventually leads to triggering another PipelineRun - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:464 @ 04/20/26 19:28:00.408 (20.037s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:28:00.408 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:28:00.408 (0s) > Enter [It] should lead to a PaC init PR update - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:479 @ 04/20/26 19:28:00.409 < Exit [It] should lead to a PaC init PR update - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:479 @ 04/20/26 19:28:00.609 (200ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:28:00.609 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:28:00.609 (0s) > Enter [It] PipelineRun should eventually finish - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:498 @ 04/20/26 19:28:00.61 PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-nn8vk found for Component build-e2e-lvjp/gl-test-custom-branch-jcwtxn PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-nn8vk reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-nn8vk reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-nn8vk reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-nn8vk reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-nn8vk reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-nn8vk reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-nn8vk reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-nn8vk reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-nn8vk reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-nn8vk reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-nn8vk reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-nn8vk reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-nn8vk reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-pull-request-nn8vk reason: Succeeded < Exit [It] PipelineRun should eventually finish - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:498 @ 04/20/26 19:32:20.625 (4m20.015s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:32:20.625 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:32:20.625 (0s) > Enter [It] eventually leads to another update of a PR about the PipelineRun status report at Checks tab - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:504 @ 04/20/26 19:32:20.625 < Exit [It] eventually leads to another update of a PR about the PipelineRun status report at Checks tab - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:504 @ 04/20/26 19:32:20.971 (345ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:32:20.971 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:32:20.971 (0s) > Enter [BeforeAll] when the PaC init branch is merged - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:520 @ 04/20/26 19:32:20.971 merged result sha: ae0125589d19cf5f8f445cd7d29de64fa2f3638b < Exit [BeforeAll] when the PaC init branch is merged - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:520 @ 04/20/26 19:32:22.344 (1.373s) > Enter [It] eventually leads to triggering another PipelineRun - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:530 @ 04/20/26 19:32:22.344 PipelineRun has not been created yet for the component build-e2e-lvjp/gl-test-custom-branch-jcwtxn < Exit [It] eventually leads to triggering another PipelineRun - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:530 @ 04/20/26 19:32:42.37 (20.026s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:32:42.37 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:32:42.37 (0s) > Enter [It] pipelineRun should eventually finish - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:546 @ 04/20/26 19:32:42.371 PipelineRun gl-test-custom-branch-jcwtxn-on-push-phq97 found for Component build-e2e-lvjp/gl-test-custom-branch-jcwtxn PipelineRun gl-test-custom-branch-jcwtxn-on-push-phq97 reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-push-phq97 reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-push-phq97 reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-push-phq97 reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-push-phq97 reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-push-phq97 reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-push-phq97 reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-push-phq97 reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-push-phq97 reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-push-phq97 reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-push-phq97 reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-push-phq97 reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-push-phq97 reason: Running PipelineRun gl-test-custom-branch-jcwtxn-on-push-phq97 reason: Succeeded < Exit [It] pipelineRun should eventually finish - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:546 @ 04/20/26 19:37:02.387 (4m20.016s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:37:02.387 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:37:02.387 (0s) > Enter [It] does not have expiration set - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:552 @ 04/20/26 19:37:02.388 < Exit [It] does not have expiration set - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:552 @ 04/20/26 19:37:02.767 (380ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:37:02.768 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:37:02.768 (0s) > Enter [It] After updating image visibility to private, it should not trigger another PipelineRun - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:564 @ 04/20/26 19:37:02.769 waiting for one minute and expecting to not trigger a PipelineRun < Exit [It] After updating image visibility to private, it should not trigger another PipelineRun - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:564 @ 04/20/26 19:39:04.242 (2m1.473s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:39:04.242 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:39:04.242 (0s) > Enter [It] image repo is updated to private - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:595 @ 04/20/26 19:39:04.242 < Exit [It] image repo is updated to private - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:595 @ 04/20/26 19:39:04.649 (406ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:39:04.649 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:39:04.649 (0s) > Enter [BeforeAll] when the component is removed and recreated (with the same name in the same namespace) - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:650 @ 04/20/26 19:39:04.65 < Exit [BeforeAll] when the component is removed and recreated (with the same name in the same namespace) - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:650 @ 04/20/26 19:39:08.361 (3.71s) > Enter [BeforeAll] when the component is removed and recreated (with the same name in the same namespace) - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:679 @ 04/20/26 19:39:08.361 < Exit [BeforeAll] when the component is removed and recreated (with the same name in the same namespace) - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:679 @ 04/20/26 19:39:18.389 (10.028s) > Enter [It] should no longer lead to a creation of a PaC PR - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:715 @ 04/20/26 19:39:18.389 < Exit [It] should no longer lead to a creation of a PaC PR - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:715 @ 04/20/26 19:39:28.389 (10s) > Enter [AfterAll] when the component is removed and recreated (with the same name in the same namespace) - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:697 @ 04/20/26 19:39:28.39 Found purge PR with id: 3 < Exit [AfterAll] when the component is removed and recreated (with the same name in the same namespace) - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:697 @ 04/20/26 19:39:28.541 (151ms) > Enter [AfterAll] PaC component build - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:101 @ 04/20/26 19:39:28.541 < Exit [AfterAll] PaC component build - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:101 @ 04/20/26 19:39:31.747 (3.206s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:39:31.748 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:39:31.748 (0s) > Enter [BeforeAll] PaC component build - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:54 @ 04/20/26 19:14:00.66 < Exit [BeforeAll] PaC component build - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:54 @ 04/20/26 19:14:33.219 (32.559s) > Enter [BeforeAll] when a new component without specified branch is created and with visibility private - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:117 @ 04/20/26 19:14:33.219 Image repository for component fj-test-custom-default-jyiskv in namespace build-e2e-kpuj do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. < Exit [BeforeAll] when a new component without specified branch is created and with visibility private - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:117 @ 04/20/26 19:14:53.294 (20.075s) > Enter [It] correctly targets the default branch (that is not named 'main') with PaC - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:136 @ 04/20/26 19:14:53.294 < Exit [It] correctly targets the default branch (that is not named 'main') with PaC - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:136 @ 04/20/26 19:15:51.904 (58.61s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:15:51.904 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:15:51.904 (0s) > Enter [It] workspace parameter is set correctly in PaC repository CR - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:153 @ 04/20/26 19:15:51.905 < Exit [It] workspace parameter is set correctly in PaC repository CR - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:153 @ 04/20/26 19:15:51.932 (28ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:15:51.933 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:15:51.933 (0s) > Enter [It] triggers a PipelineRun - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:176 @ 04/20/26 19:15:51.933 < Exit [It] triggers a PipelineRun - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:176 @ 04/20/26 19:16:11.966 (20.033s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:16:11.966 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:16:11.966 (0s) > Enter [It] build pipeline uses the correct serviceAccount - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:191 @ 04/20/26 19:16:11.967 < Exit [It] build pipeline uses the correct serviceAccount - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:191 @ 04/20/26 19:16:11.967 (0s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:16:11.967 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:16:11.967 (0s) > Enter [It] component build status is set correctly - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:195 @ 04/20/26 19:16:11.968 build status annotation value: {"pac":{"state":"enabled","merge-url":"https://codeberg.org/konflux-qe/devfile-sample-hello-world-mgewvh/pulls/1","configuration-time":"Mon, 20 Apr 2026 19:15:49 UTC"},"message":"done"} state: enabled mergeUrl: https://codeberg.org/konflux-qe/devfile-sample-hello-world-mgewvh/pulls/1 errId: 0 errMessage: configurationTime: Mon, 20 Apr 2026 19:15:49 UTC < Exit [It] component build status is set correctly - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:195 @ 04/20/26 19:16:11.976 (8ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:16:11.976 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:16:11.976 (0s) > Enter [It] image repo and robot account created successfully - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:225 @ 04/20/26 19:16:11.977 < Exit [It] image repo and robot account created successfully - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:225 @ 04/20/26 19:16:12.877 (900ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:16:12.877 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:16:12.877 (0s) > Enter [It] created image repo is private - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:243 @ 04/20/26 19:16:12.878 < Exit [It] created image repo is private - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:243 @ 04/20/26 19:16:13.164 (286ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:16:13.164 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:16:13.164 (0s) > Enter [It] a related PipelineRun should be deleted after deleting the component - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:249 @ 04/20/26 19:16:13.164 < Exit [It] a related PipelineRun should be deleted after deleting the component - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:249 @ 04/20/26 19:16:27.262 (14.097s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:16:27.262 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:16:27.262 (0s) > Enter [It] PR branch should not exist in the repo - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:265 @ 04/20/26 19:16:27.262 < Exit [It] PR branch should not exist in the repo - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:265 @ 04/20/26 19:16:27.564 (302ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:16:27.564 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:16:27.564 (0s) > Enter [It] related image repo and the robot account should be deleted after deleting the component - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:278 @ 04/20/26 19:16:27.565 < Exit [It] related image repo and the robot account should be deleted after deleting the component - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:278 @ 04/20/26 19:16:28.777 (1.212s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:16:28.777 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:16:28.777 (0s) > Enter [BeforeAll] when a new Component with specified custom branch is created - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:306 @ 04/20/26 19:16:28.778 < Exit [BeforeAll] when a new Component with specified custom branch is created - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:306 @ 04/20/26 19:16:38.81 (10.032s) > Enter [It] triggers a PipelineRun - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:332 @ 04/20/26 19:16:38.81 PipelineRun has not been created yet for the component build-e2e-kpuj/fj-test-custom-branch-zywqqd PipelineRun has not been created yet for the component build-e2e-kpuj/fj-test-custom-branch-zywqqd PipelineRun has not been created yet for the component build-e2e-kpuj/fj-test-custom-branch-zywqqd PipelineRun has not been created yet for the component build-e2e-kpuj/fj-test-custom-branch-zywqqd < Exit [It] triggers a PipelineRun - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:332 @ 04/20/26 19:17:58.882 (1m20.071s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:17:58.882 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:17:58.882 (0s) > Enter [It] should lead to a PaC init PR creation - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:347 @ 04/20/26 19:17:58.883 < Exit [It] should lead to a PaC init PR creation - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:347 @ 04/20/26 19:17:59.333 (450ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:17:59.334 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:17:59.334 (0s) > Enter [It] the PipelineRun should eventually finish successfully - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:365 @ 04/20/26 19:17:59.334 PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-vll69 found for Component build-e2e-kpuj/fj-test-custom-branch-zywqqd PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-vll69 reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-vll69 reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-vll69 reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-vll69 reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-vll69 reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-vll69 reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-vll69 reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-vll69 reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-vll69 reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-vll69 reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-vll69 reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-vll69 reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-vll69 reason: PipelineRunStopping PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-vll69 reason: PipelineRunStopping PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-vll69 reason: PipelineRunStopping PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-vll69 reason: Failed attempt 1/3: PipelineRun "fj-test-custom-branch-zywqqd-on-pull-request-vll69" failed: pod: fj-test-custom-branch-zywqqd-on-pull-request-vll69-init-pod | init container: prepare 2026/04/20 19:17:46 Entrypoint initialization pod: fj-test-custom-branch-zywqqd-on-pull-request-vll69-init-pod | container step-init: time="2026-04-20T19:17:48Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-20T19:17:48Z" level=info msg="[param] enable: false" time="2026-04-20T19:17:48Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-20T19:17:48Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-20T19:17:48Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-20T19:17:48Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-20T19:17:48Z" level=info msg="Cache proxy is disabled in param or in backend" time="2026-04-20T19:17:48Z" level=info msg="[result] HTTP PROXY: " time="2026-04-20T19:17:48Z" level=info msg="[result] NO PROXY: " pod: fj-test-custom-branch-zywqqd-on-pull-request-vll69-tpa-scan-pod | init container: prepare 2026/04/20 19:20:59 Entrypoint initialization pod: fj-test-custom-branch-zywqqd-on-pull-request-vll69-tpa-scan-pod | init container: place-scripts 2026/04/20 19:20:59 Decoded script /tekton/scripts/script-0-h8b7w 2026/04/20 19:20:59 Decoded script /tekton/scripts/script-1-xpmr4 2026/04/20 19:20:59 Decoded script /tekton/scripts/script-2-gff65 pod: fj-test-custom-branch-zywqqd-on-pull-request-vll69-tpa-scan-pod | container step-get-vulnerabilities: Inspecting raw image manifest quay.io/redhat-appstudio-qe/build-e2e-kpuj/fj-test-custom-branch-zywqqd@sha256:e39deddca0f115006a08f66cee66b88ff41b06a9d7e8ec44eeb025d0996f1553. Selecting auth Using token for quay.io/redhat-appstudio-qe/build-e2e-kpuj/fj-test-custom-branch-zywqqd Selecting auth Using token for quay.io/redhat-appstudio-qe/build-e2e-kpuj/fj-test-custom-branch-zywqqd WARNING: SBOM attachments are deprecated and support will be removed in a Cosign release soon after 2024-02-22 (see https://github.com/sigstore/cosign/issues/2755). Instead, please use SBOM attestations. WARNING: Downloading SBOMs this way does not ensure its authenticity. If you want to ensure a tamper-proof SBOM, download it using 'cosign download attestation <image uri>'. Found SBOM of media type: text/spdx+json Running TPA scan on amd64 image manifest... % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 100 112k 0 0 100 112k 0 95561 0:00:01 0:00:01 --:--:-- 95561{ "scanned" : { "total" : 83, "direct" : 32, "transitive" : 51 }, "providers" : { "rhtpa" : { "status" : { "ok" : true, "name" : "rhtpa", "code" : 200, "message" : "OK", "warnings" : { } }, "sources" : { } } }, "licenses" : [ { "status" : { "ok" : true, "name" : "deps.dev", "code" : 200, "message" : "OK", "warnings" : { } }, "summary" : { "total" : 0, "concluded" : 61, "permissive" : 0, "weakCopyleft" : 0, "strongCopyleft" : 0, "unknown" : 0, "deprecated" : 0, "osiApproved" : 0, "fsfLibre" : 0 }, "packages" : { "pkg:apk/alpine/libmd@1.1.0-r0?arch=x86_64&distro=alpine-3.23.3" : { "evidence" : [ ] }, "pkg:apk/alpine/libxdmcp@1.1.5-r1?arch=x86_64&distro=alpine-3.23.3" : { "evidence" : [ ] }, "pkg:apk/alpine/libssl3@3.5.5-r0?arch=x86_64&distro=alpine-3.23.3&upstream=openssl" : { "evidence" : [ ] }, "pkg:apk/alpine/libsm@1.2.6-r0?arch=x86_64&distro=alpine-3.23.3" : { "evidence" : [ ] }, "pkg:apk/alpine/alpine-baselayout-data@3.7.1-r8?arch=x86_64&distro=alpine-3.23.3&upstream=alpine-baselayout" : { "evidence" : [ ] }, "pkg:apk/alpine/zstd-libs@1.5.7-r2?arch=x86_64&distro=alpine-3.23.3&upstream=zstd" : { "evidence" : [ ] }, "pkg:apk/alpine/libbz2@1.0.8-r6?arch=x86_64&distro=alpine-3.23.3&upstream=bzip2" : { "evidence" : [ ] }, "pkg:oci/nginx@sha256%3Ab6f74d18d53ff23b0aa833041c9515de914f4c0e7498ffd566862033cd9b9289?repository_url=quay.io%2Fjitesoft%2Fnginx" : { "evidence" : [ ] }, "pkg:apk/alpine/libjpeg-turbo@3.1.2-r0?arch=x86_64&distro=alpine-3.23.3" : { "evidence" : [ ] }, "pkg:generic/nginx@1.29.8" : { "evidence" : [ ] }, "pkg:apk/alpine/zlib@1.3.1-r2?arch=x86_64&distro=alpine-3.23.3" : { "evidence" : [ ] }, "pkg:apk/alpine/libstdc%2B%2B@15.2.0-r2?arch=x86_64&distro=alpine-3.23.3&upstream=gcc" : { "evidence" : [ ] }, "pkg:apk/alpine/libcrypto3@3.5.5-r0?arch=x86_64&distro=alpine-3.23.3&upstream=openssl" : { "evidence" : [ ] }, "pkg:apk/alpine/brotli-libs@1.2.0-r0?arch=x86_64&distro=alpine-3.23.3&upstream=brotli" : { "evidence" : [ ] }, "pkg:apk/alpine/libapk@3.0.3-r1?arch=x86_64&distro=alpine-3.23.3&upstream=apk-tools" : { "evidence" : [ ] }, "pkg:apk/alpine/scanelf@1.3.8-r2?arch=x86_64&distro=alpine-3.23.3&upstream=pax-utils" : { "evidence" : [ ] }, "pkg:apk/alpine/libice@1.1.2-r0?arch=x86_64&distro=alpine-3.23.3" : { "evidence" : [ ] }, "pkg:apk/alpine/pcre@8.45-r4?arch=x86_64&distro=alpine-3.23.3" : { "evidence" : [ ] }, "pkg:apk/alpine/libsharpyuv@1.6.0-r0?arch=x86_64&distro=alpine-3.23.3&upstream=libwebp" : { "evidence" : [ ] }, "pkg:apk/alpine/libxpm@3.5.17-r0?arch=x86_64&distro=alpine-3.23.3" : { "evidence" : [ ] }, "pkg:apk/alpine/.runtime-deps@20260407.201713?arch=noarch&distro=alpine-3.23.3" : { "evidence" : [ ] }, "pkg:apk/alpine/gd@2.3.3-r10?arch=x86_64&distro=alpine-3.23.3" : { "evidence" : [ ] }, "pkg:apk/alpine/alpine-keys@2.6-r0?arch=x86_64&distro=alpine-3.23.3" : { "evidence" : [ ] }, "pkg:apk/alpine/libxml2@2.13.9-r0?arch=x86_64&distro=alpine-3.23.3" : { "evidence" : [ ] }, "pkg:apk/alpine/libwebp@1.6.0-r0?arch=x86_64&distro=alpine-3.23.3" : { "evidence" : [ ] }, "pkg:apk/alpine/libavif@1.3.0-r0?arch=x86_64&distro=alpine-3.23.3" : { "evidence" : [ ] }, "pkg:apk/alpine/libdav1d@1.5.2-r0?arch=x86_64&distro=alpine-3.23.3&upstream=dav1d" : { "evidence" : [ ] }, "pkg:apk/alpine/xz-libs@5.8.2-r0?arch=x86_64&distro=alpine-3.23.3&upstream=xz" : { "evidence" : [ ] }, "pkg:a 100 120k 0 8007 100 112k 5172 74510 0:00:01 0:00:01 --:--:-- 79632 100 120k 0 8007 100 112k 5172 74510 0:00:01 0:00:01 --:--:-- 79632 pk/alpine/libxt@1.3.1-r0?arch=x86_64&distro=alpine-3.23.3" : { "evidence" : [ ] }, "pkg:apk/alpine/ca-certificates-bundle@20251003-r0?arch=x86_64&distro=alpine-3.23.3&upstream=ca-certificates" : { "evidence" : [ ] }, "pkg:apk/alpine/ca-certificates@20251003-r0?arch=x86_64&distro=alpine-3.23.3" : { "evidence" : [ ] }, "pkg:oci/fj-test-custom-branch-zywqqd@sha256%3Ae39deddca0f115006a08f66cee66b88ff41b06a9d7e8ec44eeb025d0996f1553" : { "evidence" : [ ] }, "pkg:apk/alpine/libgd@2.3.3-r10?arch=x86_64&distro=alpine-3.23.3&upstream=gd" : { "evidence" : [ ] }, "pkg:apk/alpine/libx11@1.8.12-r1?arch=x86_64&distro=alpine-3.23.3" : { "evidence" : [ ] }, "pkg:apk/alpine/ssl_client@1.37.0-r30?arch=x86_64&distro=alpine-3.23.3&upstream=busybox" : { "evidence" : [ ] }, "pkg:apk/alpine/libuuid@2.41.2-r0?arch=x86_64&distro=alpine-3.23.3&upstream=util-linux" : { "evidence" : [ ] }, "pkg:apk/alpine/libgcc@15.2.0-r2?arch=x86_64&distro=alpine-3.23.3&upstream=gcc" : { "evidence" : [ ] }, "pkg:apk/alpine/busybox-binsh@1.37.0-r30?arch=x86_64&distro=alpine-3.23.3&upstream=busybox" : { "evidence" : [ ] }, "pkg:apk/alpine/fontconfig@2.17.1-r0?arch=x86_64&distro=alpine-3.23.3" : { "evidence" : [ ] }, "pkg:github/actions/checkout@v4" : { "evidence" : [ ] }, "pkg:apk/alpine/libexpat@2.7.5-r0?arch=x86_64&distro=alpine-3.23.3&upstream=expat" : { "evidence" : [ ] }, "pkg:github/beatlabs/delete-old-branches-action@v0.0.10" : { "evidence" : [ ] }, "pkg:apk/alpine/libxslt@1.1.43-r3?arch=x86_64&distro=alpine-3.23.3" : { "evidence" : [ ] }, "pkg:apk/alpine/libxau@1.0.12-r0?arch=x86_64&distro=alpine-3.23.3" : { "evidence" : [ ] }, "pkg:apk/alpine/libpng@1.6.56-r0?arch=x86_64&distro=alpine-3.23.3" : { "evidence" : [ ] }, "pkg:apk/alpine/busybox@1.37.0-r30?arch=x86_64&distro=alpine-3.23.3" : { "evidence" : [ ] }, "pkg:apk/alpine/geoip@1.6.12-r6?arch=x86_64&distro=alpine-3.23.3" : { "evidence" : [ ] }, "pkg:apk/alpine/alpine-release@3.23.3-r0?arch=x86_64&distro=alpine-3.23.3&upstream=alpine-base" : { "evidence" : [ ] }, "pkg:apk/alpine/openssl@3.5.5-r0?arch=x86_64&distro=alpine-3.23.3" : { "evidence" : [ ] }, "pkg:apk/alpine/apk-tools@3.0.3-r1?arch=x86_64&distro=alpine-3.23.3" : { "evidence" : [ ] }, "pkg:apk/alpine/aom-libs@3.13.1-r1?arch=x86_64&distro=alpine-3.23.3&upstream=aom" : { "evidence" : [ ] }, "pkg:apk/alpine/freetype@2.14.1-r0?arch=x86_64&distro=alpine-3.23.3" : { "evidence" : [ ] }, "pkg:apk/alpine/alpine-baselayout@3.7.1-r8?arch=x86_64&distro=alpine-3.23.3" : { "evidence" : [ ] }, "pkg:apk/alpine/musl-utils@1.2.5-r21?arch=x86_64&distro=alpine-3.23.3&upstream=musl" : { "evidence" : [ ] }, "pkg:apk/alpine/musl@1.2.5-r21?arch=x86_64&distro=alpine-3.23.3" : { "evidence" : [ ] }, "pkg:apk/alpine/libxext@1.3.6-r2?arch=x86_64&distro=alpine-3.23.3" : { "evidence" : [ ] }, "pkg:apk/alpine/libyuv@0.0.1887.20251502-r1?arch=x86_64&distro=alpine-3.23.3" : { "evidence" : [ ] }, "pkg:apk/alpine/libbsd@0.12.2-r0?arch=x86_64&distro=alpine-3.23.3" : { "evidence" : [ ] }, "pkg:apk/alpine/tiff@4.7.1-r0?arch=x86_64&distro=alpine-3.23.3" : { "evidence" : [ ] }, "pkg:apk/alpine/libxcb@1.17.0-r1?arch=x86_64&distro=alpine-3.23.3" : { "evidence" : [ ] }, "pkg:apk/alpine/perl@5.42.2-r0?arch=x86_64&distro=alpine-3.23.3" : { "evidence" : [ ] } } } ] } pod: fj-test-custom-branch-zywqqd-on-pull-request-vll69-tpa-scan-pod | container step-oci-attach-report: Using token for quay.io/redhat-appstudio-qe/build-e2e-kpuj/fj-test-custom-branch-zywqqd Attaching tpa-report-amd64.json to quay.io/redhat-appstudio-qe/build-e2e-kpuj/fj-test-custom-branch-zywqqd@sha256:e39deddca0f115006a08f66cee66b88ff41b06a9d7e8ec44eeb025d0996f1553 [retry] executing: oras attach --no-tty --format go-template=\{\{.digest\}\} --registry-config /tmp/auth/config.json --artifact-type application/vnd.redhat.tpa-report+json quay.io/redhat-appstudio-qe/build-e2e-kpuj/fj-test-custom-branch-zywqqd@sha256:e39deddca0f115006a08f66cee66b88ff41b06a9d7e8ec44eeb025d0996f1553 tpa-report-amd64.json:application/vnd.redhat.tpa-report+json pod: fj-test-custom-branch-zywqqd-on-pull-request-vll69-tpa-scan-pod | container step-conftest-vulnerabilities: [ { "filename": "/tekton/home/tpa-report-amd64.json", "namespace": "required_checks", "successes": 8 } ] {"vulnerabilities":{"critical":0,"high":0,"medium":0,"low":0,"unknown":0},"unpatched_vulnerabilities":{"critical":0,"high":0,"medium":0,"low":0,"unknown":0}} {"image": {"pullspec": "quay.io/redhat-appstudio-qe/build-e2e-kpuj/fj-test-custom-branch-zywqqd:on-pr-27c1779a825298697ddb9a2aa545b13336968d6b", "digests": ["sha256:e39deddca0f115006a08f66cee66b88ff41b06a9d7e8ec44eeb025d0996f1553"]}} {"result":"SUCCESS","timestamp":"2026-04-20T19:22:39+00:00","note":"Task tpa-scan completed: Refer to Tekton task result SCAN_OUTPUT for vulnerabilities scanned by TPA.","namespace":"default","successes":0,"failures":0,"warnings":0} New PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-6dpxw found after retrigger for component build-e2e-kpuj/fj-test-custom-branch-zywqqd PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-6dpxw found for Component build-e2e-kpuj/fj-test-custom-branch-zywqqd PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-6dpxw reason: ResolvingTaskRef PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-6dpxw reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-6dpxw reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-6dpxw reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-6dpxw reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-6dpxw reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-6dpxw reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-6dpxw reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-6dpxw reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-6dpxw reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-6dpxw reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-6dpxw reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-6dpxw reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-6dpxw reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-6dpxw reason: Succeeded < Exit [It] the PipelineRun should eventually finish successfully - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:365 @ 04/20/26 19:27:53.367 (9m54.033s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:27:53.367 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:27:53.367 (0s) > Enter [It] image repo and robot account created successfully - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:371 @ 04/20/26 19:27:53.368 < Exit [It] image repo and robot account created successfully - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:371 @ 04/20/26 19:27:54.406 (1.038s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:27:54.406 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:27:54.406 (0s) > Enter [It] created image repo is public - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:390 @ 04/20/26 19:27:54.407 < Exit [It] created image repo is public - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:390 @ 04/20/26 19:27:54.929 (522ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:27:54.929 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:27:54.929 (0s) > Enter [It] image tag is updated successfully - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:396 @ 04/20/26 19:27:54.929 Image tag quay.io/redhat-appstudio-qe/build-e2e-kpuj/fj-test-custom-branch-zywqqd:on-pr-79bd2203f973c87bd40904210259ccf7747cbbdf successfully found in Quay < Exit [It] image tag is updated successfully - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:396 @ 04/20/26 19:27:55.341 (411ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:27:55.341 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:27:55.341 (0s) > Enter [It] should ensure pruning labels are set - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:425 @ 04/20/26 19:27:55.342 < Exit [It] should ensure pruning labels are set - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:425 @ 04/20/26 19:27:55.883 (541ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:27:55.883 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:27:55.883 (0s) > Enter [It] eventually leads to the PipelineRun status report at Checks tab - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:439 @ 04/20/26 19:27:55.884 < Exit [It] eventually leads to the PipelineRun status report at Checks tab - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:439 @ 04/20/26 19:27:55.884 (0s) > Enter [AfterAll] when a new Component with specified custom branch is created - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:324 @ 04/20/26 19:27:55.884 < Exit [AfterAll] when a new Component with specified custom branch is created - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:324 @ 04/20/26 19:27:56.491 (607ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:27:56.492 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:27:56.492 (0s) > Enter [BeforeAll] when the PaC init branch is updated - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:454 @ 04/20/26 19:27:56.492 created file sha: da5e8877cdbe7c9ce2ad1dacb8b2d7f5bdcf32c5 < Exit [BeforeAll] when the PaC init branch is updated - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:454 @ 04/20/26 19:27:57.837 (1.345s) > Enter [It] eventually leads to triggering another PipelineRun - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:464 @ 04/20/26 19:27:57.837 PipelineRun has not been created yet for the component build-e2e-kpuj/fj-test-custom-branch-zywqqd < Exit [It] eventually leads to triggering another PipelineRun - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:464 @ 04/20/26 19:28:17.867 (20.03s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:28:17.867 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:28:17.867 (0s) > Enter [It] should lead to a PaC init PR update - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:479 @ 04/20/26 19:28:17.868 < Exit [It] should lead to a PaC init PR update - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:479 @ 04/20/26 19:28:18.136 (268ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:28:18.136 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:28:18.136 (0s) > Enter [It] PipelineRun should eventually finish - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:498 @ 04/20/26 19:28:18.137 PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-d9t46 found for Component build-e2e-kpuj/fj-test-custom-branch-zywqqd PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-d9t46 reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-d9t46 reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-d9t46 reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-d9t46 reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-d9t46 reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-d9t46 reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-d9t46 reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-d9t46 reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-d9t46 reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-d9t46 reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-d9t46 reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-d9t46 reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-d9t46 reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-pull-request-d9t46 reason: Succeeded < Exit [It] PipelineRun should eventually finish - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:498 @ 04/20/26 19:32:38.157 (4m20.02s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:32:38.157 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:32:38.157 (0s) > Enter [It] eventually leads to another update of a PR about the PipelineRun status report at Checks tab - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:504 @ 04/20/26 19:32:38.158 < Exit [It] eventually leads to another update of a PR about the PipelineRun status report at Checks tab - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:504 @ 04/20/26 19:32:38.158 (0s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:32:38.158 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:32:38.158 (0s) > Enter [BeforeAll] when the PaC init branch is merged - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:520 @ 04/20/26 19:32:38.159 merged result sha: 5dc5195657846a380a159f1d48709d26f88cb777 < Exit [BeforeAll] when the PaC init branch is merged - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:520 @ 04/20/26 19:32:43.787 (5.629s) > Enter [It] eventually leads to triggering another PipelineRun - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:530 @ 04/20/26 19:32:43.788 PipelineRun has not been created yet for the component build-e2e-kpuj/fj-test-custom-branch-zywqqd < Exit [It] eventually leads to triggering another PipelineRun - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:530 @ 04/20/26 19:33:03.812 (20.025s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:33:03.813 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:33:03.813 (0s) > Enter [It] pipelineRun should eventually finish - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:546 @ 04/20/26 19:33:03.813 PipelineRun fj-test-custom-branch-zywqqd-on-push-v982q found for Component build-e2e-kpuj/fj-test-custom-branch-zywqqd PipelineRun fj-test-custom-branch-zywqqd-on-push-v982q reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-push-v982q reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-push-v982q reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-push-v982q reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-push-v982q reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-push-v982q reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-push-v982q reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-push-v982q reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-push-v982q reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-push-v982q reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-push-v982q reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-push-v982q reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-push-v982q reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-push-v982q reason: Running PipelineRun fj-test-custom-branch-zywqqd-on-push-v982q reason: Succeeded < Exit [It] pipelineRun should eventually finish - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:546 @ 04/20/26 19:37:43.837 (4m40.024s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:37:43.838 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:37:43.838 (0s) > Enter [It] does not have expiration set - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:552 @ 04/20/26 19:37:43.838 < Exit [It] does not have expiration set - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:552 @ 04/20/26 19:37:44.273 (434ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:37:44.273 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:37:44.273 (0s) > Enter [It] After updating image visibility to private, it should not trigger another PipelineRun - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:564 @ 04/20/26 19:37:44.273 waiting for one minute and expecting to not trigger a PipelineRun < Exit [It] After updating image visibility to private, it should not trigger another PipelineRun - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:564 @ 04/20/26 19:39:46.446 (2m2.173s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:39:46.447 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:39:46.447 (0s) > Enter [It] image repo is updated to private - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:595 @ 04/20/26 19:39:46.447 < Exit [It] image repo is updated to private - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:595 @ 04/20/26 19:39:46.752 (305ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:39:46.752 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:39:46.752 (0s) > Enter [BeforeAll] when the component is removed and recreated (with the same name in the same namespace) - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:650 @ 04/20/26 19:39:46.753 < Exit [BeforeAll] when the component is removed and recreated (with the same name in the same namespace) - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:650 @ 04/20/26 19:39:49.934 (3.18s) > Enter [BeforeAll] when the component is removed and recreated (with the same name in the same namespace) - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:679 @ 04/20/26 19:39:49.934 < Exit [BeforeAll] when the component is removed and recreated (with the same name in the same namespace) - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:679 @ 04/20/26 19:39:59.965 (10.031s) > Enter [It] should no longer lead to a creation of a PaC PR - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:715 @ 04/20/26 19:39:59.965 < Exit [It] should no longer lead to a creation of a PaC PR - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:715 @ 04/20/26 19:40:10.093 (10.127s) > Enter [AfterAll] when the component is removed and recreated (with the same name in the same namespace) - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:697 @ 04/20/26 19:40:10.093 Found purge PR with id: 3 < Exit [AfterAll] when the component is removed and recreated (with the same name in the same namespace) - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:697 @ 04/20/26 19:40:11.024 (931ms) > Enter [AfterAll] PaC component build - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:101 @ 04/20/26 19:40:11.024 < Exit [AfterAll] PaC component build - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:101 @ 04/20/26 19:40:15.116 (4.092s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:40:15.116 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:40:15.117 (0s) > Enter [BeforeAll] component update with renovate - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:72 @ 04/20/26 19:14:00.557 ReleaseAdmissionPlan data: {"Mapping":{"Components":[{"Name":"fj-multi-component-parent-fcau","Repository":"quay.io/redhat-appstudio-qe/release-repository"}]}} < Exit [BeforeAll] component update with renovate - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:72 @ 04/20/26 19:15:01.422 (1m0.865s) > Enter [It] creates component with nudges - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:235 @ 04/20/26 19:15:01.422 Image repository for component fj-multi-component-child-fcau in namespace build-e2e-yvmr do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Image repository for component fj-multi-component-child-fcau in namespace build-e2e-yvmr do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Image repository for component fj-multi-component-parent-fcau in namespace build-e2e-yvmr do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Image repository for component fj-multi-component-parent-fcau in namespace build-e2e-yvmr do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. < Exit [It] creates component with nudges - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:235 @ 04/20/26 19:15:51.592 (50.171s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:15:51.593 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:15:51.593 (0s) > Enter [It] triggers a PipelineRun for parent component - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:259 @ 04/20/26 19:15:51.593 PipelineRun has not been created yet for the component build-e2e-yvmr/fj-multi-component-parent-fcau PipelineRun has not been created yet for the component build-e2e-yvmr/fj-multi-component-parent-fcau PipelineRun has not been created yet for the component build-e2e-yvmr/fj-multi-component-parent-fcau PipelineRun has not been created yet for the component build-e2e-yvmr/fj-multi-component-parent-fcau PipelineRun has not been created yet for the component build-e2e-yvmr/fj-multi-component-parent-fcau < Exit [It] triggers a PipelineRun for parent component - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:259 @ 04/20/26 19:17:31.678 (1m40.085s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:17:31.679 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:17:31.679 (0s) > Enter [It] the PipelineRun should eventually finish successfully for parent component - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:274 @ 04/20/26 19:17:31.679 PipelineRun fj-multi-component-parent-fcau-on-pull-request-c74qv found for Component build-e2e-yvmr/fj-multi-component-parent-fcau PipelineRun fj-multi-component-parent-fcau-on-pull-request-c74qv reason: Running PipelineRun fj-multi-component-parent-fcau-on-pull-request-c74qv reason: Running PipelineRun fj-multi-component-parent-fcau-on-pull-request-c74qv reason: Running PipelineRun fj-multi-component-parent-fcau-on-pull-request-c74qv reason: Running PipelineRun fj-multi-component-parent-fcau-on-pull-request-c74qv reason: Running PipelineRun fj-multi-component-parent-fcau-on-pull-request-c74qv reason: Running PipelineRun fj-multi-component-parent-fcau-on-pull-request-c74qv reason: Running PipelineRun fj-multi-component-parent-fcau-on-pull-request-c74qv reason: Running PipelineRun fj-multi-component-parent-fcau-on-pull-request-c74qv reason: Running PipelineRun fj-multi-component-parent-fcau-on-pull-request-c74qv reason: Running PipelineRun fj-multi-component-parent-fcau-on-pull-request-c74qv reason: Running PipelineRun fj-multi-component-parent-fcau-on-pull-request-c74qv reason: Running PipelineRun fj-multi-component-parent-fcau-on-pull-request-c74qv reason: Running PipelineRun fj-multi-component-parent-fcau-on-pull-request-c74qv reason: Running PipelineRun fj-multi-component-parent-fcau-on-pull-request-c74qv reason: Running PipelineRun fj-multi-component-parent-fcau-on-pull-request-c74qv reason: PipelineRunStopping PipelineRun fj-multi-component-parent-fcau-on-pull-request-c74qv reason: Failed attempt 1/3: PipelineRun "fj-multi-component-parent-fcau-on-pull-request-c74qv" failed: pod: fj-multi-component-parent-fcau-on-pull-request-c74qv-init-pod | init container: prepare 2026/04/20 19:17:24 Entrypoint initialization pod: fj-multi-component-parent-fcau-on-pull-request-c74qv-init-pod | container step-init: time="2026-04-20T19:17:27Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-20T19:17:27Z" level=info msg="[param] enable: false" time="2026-04-20T19:17:27Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-20T19:17:27Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-20T19:17:27Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-20T19:17:27Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-20T19:17:27Z" level=info msg="Cache proxy is disabled in param or in backend" time="2026-04-20T19:17:27Z" level=info msg="[result] HTTP PROXY: " time="2026-04-20T19:17:27Z" level=info msg="[result] NO PROXY: " New PipelineRun fj-multi-component-parent-fcau-on-pull-request-s86ms found after retrigger for component build-e2e-yvmr/fj-multi-component-parent-fcau PipelineRun fj-multi-component-parent-fcau-on-pull-request-s86ms found for Component build-e2e-yvmr/fj-multi-component-parent-fcau PipelineRun fj-multi-component-parent-fcau-on-pull-request-s86ms reason: Running PipelineRun fj-multi-component-parent-fcau-on-pull-request-s86ms reason: Running PipelineRun fj-multi-component-parent-fcau-on-pull-request-s86ms reason: Running PipelineRun fj-multi-component-parent-fcau-on-pull-request-s86ms reason: Running PipelineRun fj-multi-component-parent-fcau-on-pull-request-s86ms reason: Running PipelineRun fj-multi-component-parent-fcau-on-pull-request-s86ms reason: Running PipelineRun fj-multi-component-parent-fcau-on-pull-request-s86ms reason: Running PipelineRun fj-multi-component-parent-fcau-on-pull-request-s86ms reason: Running PipelineRun fj-multi-component-parent-fcau-on-pull-request-s86ms reason: Running PipelineRun fj-multi-component-parent-fcau-on-pull-request-s86ms reason: Running PipelineRun fj-multi-component-parent-fcau-on-pull-request-s86ms reason: Running PipelineRun fj-multi-component-parent-fcau-on-pull-request-s86ms reason: Running PipelineRun fj-multi-component-parent-fcau-on-pull-request-s86ms reason: PipelineRunStopping PipelineRun fj-multi-component-parent-fcau-on-pull-request-s86ms reason: Failed attempt 2/3: PipelineRun "fj-multi-component-parent-fcau-on-pull-request-s86ms" failed: pod: fj-multi-component-parent-fcau-on-pull-request-s86ms-init-pod | init container: prepare 2026/04/20 19:23:04 Entrypoint initialization pod: fj-multi-component-parent-fcau-on-pull-request-s86ms-init-pod | container step-init: time="2026-04-20T19:23:07Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-20T19:23:07Z" level=info msg="[param] enable: false" time="2026-04-20T19:23:07Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-20T19:23:07Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-20T19:23:07Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-20T19:23:07Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-20T19:23:07Z" level=info msg="Cache proxy is disabled in param or in backend" time="2026-04-20T19:23:07Z" level=info msg="[result] HTTP PROXY: " time="2026-04-20T19:23:07Z" level=info msg="[result] NO PROXY: " New PipelineRun fj-multi-component-parent-fcau-on-pull-request-h62zz found after retrigger for component build-e2e-yvmr/fj-multi-component-parent-fcau PipelineRun fj-multi-component-parent-fcau-on-pull-request-h62zz found for Component build-e2e-yvmr/fj-multi-component-parent-fcau PipelineRun fj-multi-component-parent-fcau-on-pull-request-h62zz reason: Running PipelineRun fj-multi-component-parent-fcau-on-pull-request-h62zz reason: Running PipelineRun fj-multi-component-parent-fcau-on-pull-request-h62zz reason: Running PipelineRun fj-multi-component-parent-fcau-on-pull-request-h62zz reason: Running PipelineRun fj-multi-component-parent-fcau-on-pull-request-h62zz reason: Running PipelineRun fj-multi-component-parent-fcau-on-pull-request-h62zz reason: Running PipelineRun fj-multi-component-parent-fcau-on-pull-request-h62zz reason: Running PipelineRun fj-multi-component-parent-fcau-on-pull-request-h62zz reason: Running PipelineRun fj-multi-component-parent-fcau-on-pull-request-h62zz reason: Running PipelineRun fj-multi-component-parent-fcau-on-pull-request-h62zz reason: Running PipelineRun fj-multi-component-parent-fcau-on-pull-request-h62zz reason: Running PipelineRun fj-multi-component-parent-fcau-on-pull-request-h62zz reason: Running PipelineRun fj-multi-component-parent-fcau-on-pull-request-h62zz reason: Running PipelineRun fj-multi-component-parent-fcau-on-pull-request-h62zz reason: Succeeded < Exit [It] the PipelineRun should eventually finish successfully for parent component - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:274 @ 04/20/26 19:31:56.861 (14m25.182s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:31:56.861 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:31:56.861 (0s) > Enter [It] the PipelineRun should eventually finish successfully for child component - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:285 @ 04/20/26 19:31:56.862 PipelineRun fj-multi-component-child-fcau-on-pull-request-96mmg found for Component build-e2e-yvmr/fj-multi-component-child-fcau PipelineRun fj-multi-component-child-fcau-on-pull-request-96mmg reason: Failed attempt 1/3: PipelineRun "fj-multi-component-child-fcau-on-pull-request-96mmg" failed: pod: fj-multi-component-child-fcau-on-pull-request-96mmg-init-pod | init container: prepare 2026/04/20 19:16:52 Entrypoint initialization pod: fj-multi-component-child-fcau-on-pull-request-96mmg-init-pod | container step-init: time="2026-04-20T19:16:54Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-20T19:16:54Z" level=info msg="[param] enable: false" time="2026-04-20T19:16:54Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-20T19:16:54Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-20T19:16:54Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-20T19:16:54Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-20T19:16:54Z" level=info msg="Cache proxy is disabled in param or in backend" time="2026-04-20T19:16:54Z" level=info msg="[result] HTTP PROXY: " time="2026-04-20T19:16:54Z" level=info msg="[result] NO PROXY: " New PipelineRun fj-multi-component-child-fcau-on-pull-request-mjsft found after retrigger for component build-e2e-yvmr/fj-multi-component-child-fcau PipelineRun fj-multi-component-child-fcau-on-pull-request-mjsft found for Component build-e2e-yvmr/fj-multi-component-child-fcau PipelineRun fj-multi-component-child-fcau-on-pull-request-mjsft reason: ResolvingTaskRef PipelineRun fj-multi-component-child-fcau-on-pull-request-mjsft reason: Running PipelineRun fj-multi-component-child-fcau-on-pull-request-mjsft reason: Running PipelineRun fj-multi-component-child-fcau-on-pull-request-mjsft reason: Running PipelineRun fj-multi-component-child-fcau-on-pull-request-mjsft reason: Running PipelineRun fj-multi-component-child-fcau-on-pull-request-mjsft reason: Running PipelineRun fj-multi-component-child-fcau-on-pull-request-mjsft reason: Running PipelineRun fj-multi-component-child-fcau-on-pull-request-mjsft reason: Running PipelineRun fj-multi-component-child-fcau-on-pull-request-mjsft reason: Running PipelineRun fj-multi-component-child-fcau-on-pull-request-mjsft reason: Running PipelineRun fj-multi-component-child-fcau-on-pull-request-mjsft reason: Running PipelineRun fj-multi-component-child-fcau-on-pull-request-mjsft reason: Running PipelineRun fj-multi-component-child-fcau-on-pull-request-mjsft reason: Running PipelineRun fj-multi-component-child-fcau-on-pull-request-mjsft reason: Succeeded < Exit [It] the PipelineRun should eventually finish successfully for child component - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:285 @ 04/20/26 19:36:29.59 (4m32.728s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:36:29.59 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:36:29.59 (0s) > Enter [It] should lead to a PaC PR creation for child component - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:289 @ 04/20/26 19:36:29.59 < Exit [It] should lead to a PaC PR creation for child component - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:289 @ 04/20/26 19:36:31.734 (2.144s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:36:31.734 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:36:31.734 (0s) > Enter [It] Merging the PaC PR should be successful for child component - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:307 @ 04/20/26 19:36:31.735 merged result sha: fe332a874935427d95a4da7636f6b374c8f911c2 for PR #1 < Exit [It] Merging the PaC PR should be successful for child component - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:307 @ 04/20/26 19:36:44.638 (12.903s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:36:44.638 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:36:44.638 (0s) > Enter [It] create dockerfile and yaml manifest that references build and distribution repositories - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:318 @ 04/20/26 19:36:44.639 < Exit [It] create dockerfile and yaml manifest that references build and distribution repositories - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:318 @ 04/20/26 19:37:09.301 (24.662s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:37:09.301 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:37:09.301 (0s) > Enter [It] should lead to a PaC PR creation for parent component - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:358 @ 04/20/26 19:37:09.302 < Exit [It] should lead to a PaC PR creation for parent component - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:358 @ 04/20/26 19:37:09.821 (519ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:37:09.821 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:37:09.821 (0s) > Enter [It] Merging the PaC PR should be successful for parent component - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:375 @ 04/20/26 19:37:09.822 merged result sha: 3eebecdd1e99baea3c205a5b097ebd301fbc4a2d for PR #1 < Exit [It] Merging the PaC PR should be successful for parent component - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:375 @ 04/20/26 19:37:15.099 (5.277s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:37:15.099 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:37:15.099 (0s) > Enter [It] PR merge triggers PAC PipelineRun for parent component - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:385 @ 04/20/26 19:37:15.1 Push PipelineRun has not been created yet for the component build-e2e-yvmr/fj-multi-component-parent-fcau < Exit [It] PR merge triggers PAC PipelineRun for parent component - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:385 @ 04/20/26 19:37:35.133 (20.033s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:37:35.133 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:37:35.133 (0s) > Enter [It] PAC PipelineRun for parent component is successful - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:401 @ 04/20/26 19:37:35.134 PipelineRun fj-multi-component-parent-fcau-on-push-6zl9s found for Component build-e2e-yvmr/fj-multi-component-parent-fcau PipelineRun fj-multi-component-parent-fcau-on-push-6zl9s reason: Running PipelineRun fj-multi-component-parent-fcau-on-push-6zl9s reason: Running PipelineRun fj-multi-component-parent-fcau-on-push-6zl9s reason: Running PipelineRun fj-multi-component-parent-fcau-on-push-6zl9s reason: Running PipelineRun fj-multi-component-parent-fcau-on-push-6zl9s reason: Running PipelineRun fj-multi-component-parent-fcau-on-push-6zl9s reason: Running PipelineRun fj-multi-component-parent-fcau-on-push-6zl9s reason: Running PipelineRun fj-multi-component-parent-fcau-on-push-6zl9s reason: Running PipelineRun fj-multi-component-parent-fcau-on-push-6zl9s reason: Running PipelineRun fj-multi-component-parent-fcau-on-push-6zl9s reason: Running PipelineRun fj-multi-component-parent-fcau-on-push-6zl9s reason: Running PipelineRun fj-multi-component-parent-fcau-on-push-6zl9s reason: Running PipelineRun fj-multi-component-parent-fcau-on-push-6zl9s reason: Running PipelineRun fj-multi-component-parent-fcau-on-push-6zl9s reason: Succeeded < Exit [It] PAC PipelineRun for parent component is successful - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:401 @ 04/20/26 19:41:55.152 (4m20.018s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:41:55.152 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:41:55.152 (0s) > Enter [It] should lead to a nudge PR creation for child component - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:412 @ 04/20/26 19:41:55.152 < Exit [It] should lead to a nudge PR creation for child component - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:412 @ 04/20/26 19:41:56.073 (920ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:41:56.073 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:41:56.073 (0s) > Enter [It] merging the PR should be successful for child component - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:429 @ 04/20/26 19:41:56.073 merged result sha: 2485ebe6a6de8e1aa5040ea2c3d02e58e75c14ba for PR #3 < Exit [It] merging the PR should be successful for child component - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:429 @ 04/20/26 19:42:00.231 (4.157s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:42:00.231 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:42:00.231 (0s) > Enter [It] Verify the nudge updated the contents - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:440 @ 04/20/26 19:42:00.232 Verifying Dockerfile.tmp updated to sha sha256:7efcb92024ec63254307f642e287d942252073f3e2b033f32123b00cf556bad9content: FROM quay.io/redhat-appstudio-qe/build-e2e-yvmr/fj-multi-component-parent-fcau@sha256:7efcb92024ec63254307f642e287d942252073f3e2b033f32123b00cf556bad9 RUN echo hello < Exit [It] Verify the nudge updated the contents - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:440 @ 04/20/26 19:42:00.821 (589ms) > Enter [AfterAll] component update with renovate - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:214 @ 04/20/26 19:42:00.821 < Exit [AfterAll] component update with renovate - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:214 @ 04/20/26 19:42:50.765 (49.944s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:42:50.765 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:42:50.766 (0s) > Enter [BeforeAll] PaC component build - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:54 @ 04/20/26 19:14:00.66 < Exit [BeforeAll] PaC component build - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:54 @ 04/20/26 19:14:24.66 (24s) > Enter [BeforeAll] when a new component without specified branch is created and with visibility private - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:117 @ 04/20/26 19:14:24.66 < Exit [BeforeAll] when a new component without specified branch is created and with visibility private - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:117 @ 04/20/26 19:14:34.73 (10.07s) > Enter [It] correctly targets the default branch (that is not named 'main') with PaC - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:136 @ 04/20/26 19:14:34.73 < Exit [It] correctly targets the default branch (that is not named 'main') with PaC - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:136 @ 04/20/26 19:15:21.119 (46.389s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:15:21.119 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:15:21.119 (0s) > Enter [It] workspace parameter is set correctly in PaC repository CR - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:153 @ 04/20/26 19:15:21.119 < Exit [It] workspace parameter is set correctly in PaC repository CR - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:153 @ 04/20/26 19:15:21.137 (17ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:15:21.137 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:15:21.137 (0s) [FAILED] Timed out after 1800.000s. timed out when waiting for the PipelineRun to start for the component gh-test-custom-branch-mreblu/build-e2e-jlth Expected success, but got an error: <*errors.errorString | 0xc000a6e5f0>: no pipelinerun found for component gh-test-custom-default-pdwjen { s: "no pipelinerun found for component gh-test-custom-default-pdwjen", } In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:188 @ 04/20/26 19:45:21.138 > Enter [It] triggers a PipelineRun - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:176 @ 04/20/26 19:15:21.137 PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu [FAILED] Timed out after 1800.000s. timed out when waiting for the PipelineRun to start for the component gh-test-custom-branch-mreblu/build-e2e-jlth Expected success, but got an error: <*errors.errorString | 0xc000a6e5f0>: no pipelinerun found for component gh-test-custom-default-pdwjen { s: "no pipelinerun found for component gh-test-custom-default-pdwjen", } In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:188 @ 04/20/26 19:45:21.138 < Exit [It] triggers a PipelineRun - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:176 @ 04/20/26 19:45:21.138 (30m0.001s) > Enter [AfterAll] PaC component build - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:101 @ 04/20/26 19:45:21.138 < Exit [AfterAll] PaC component build - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:101 @ 04/20/26 19:45:21.138 (0s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:45:21.138 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:28 @ 04/20/26 19:45:21.362 (224ms) [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:191 @ 04/20/26 19:45:21.363 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:195 @ 04/20/26 19:45:21.363 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:225 @ 04/20/26 19:45:21.363 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:243 @ 04/20/26 19:45:21.364 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:249 @ 04/20/26 19:45:21.364 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:265 @ 04/20/26 19:45:21.364 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:278 @ 04/20/26 19:45:21.364 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:332 @ 04/20/26 19:45:21.364 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:347 @ 04/20/26 19:45:21.365 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:365 @ 04/20/26 19:45:21.365 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:371 @ 04/20/26 19:45:21.365 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:390 @ 04/20/26 19:45:21.365 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:396 @ 04/20/26 19:45:21.366 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:425 @ 04/20/26 19:45:21.366 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:439 @ 04/20/26 19:45:21.366 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:464 @ 04/20/26 19:45:21.366 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:479 @ 04/20/26 19:45:21.366 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:498 @ 04/20/26 19:45:21.366 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:504 @ 04/20/26 19:45:21.367 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:530 @ 04/20/26 19:45:21.367 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:546 @ 04/20/26 19:45:21.367 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:552 @ 04/20/26 19:45:21.367 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:564 @ 04/20/26 19:45:21.367 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:595 @ 04/20/26 19:45:21.368 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:715 @ 04/20/26 19:45:21.368 > Enter [BeforeAll] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:32 @ 04/20/26 19:14:00.557 < Exit [BeforeAll] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:32 @ 04/20/26 19:15:00.077 (59.52s) > Enter [It] verifies that the ReleasePlan CR is unmatched in the beginning - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:57 @ 04/20/26 19:15:00.077 < Exit [It] verifies that the ReleasePlan CR is unmatched in the beginning - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:57 @ 04/20/26 19:15:00.107 (30ms) > Enter [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/20/26 19:15:00.107 < Exit [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/20/26 19:15:00.107 (0s) > Enter [It] Creates ReleasePlanAdmission CR in corresponding managed namespace - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:72 @ 04/20/26 19:15:00.107 < Exit [It] Creates ReleasePlanAdmission CR in corresponding managed namespace - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:72 @ 04/20/26 19:15:00.186 (79ms) > Enter [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/20/26 19:15:00.186 < Exit [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/20/26 19:15:00.186 (0s) > Enter [It] verifies that the ReleasePlan CR is set to matched - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:85 @ 04/20/26 19:15:00.187 < Exit [It] verifies that the ReleasePlan CR is set to matched - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:85 @ 04/20/26 19:15:00.379 (193ms) > Enter [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/20/26 19:15:00.379 < Exit [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/20/26 19:15:00.38 (0s) > Enter [It] verifies that the ReleasePlanAdmission CR is set to matched - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:105 @ 04/20/26 19:15:00.38 < Exit [It] verifies that the ReleasePlanAdmission CR is set to matched - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:105 @ 04/20/26 19:15:00.456 (76ms) > Enter [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/20/26 19:15:00.457 < Exit [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/20/26 19:15:00.457 (0s) > Enter [It] Creates a manual release ReleasePlan CR in devNamespace - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:123 @ 04/20/26 19:15:00.457 < Exit [It] Creates a manual release ReleasePlan CR in devNamespace - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:123 @ 04/20/26 19:15:00.516 (59ms) > Enter [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/20/26 19:15:00.517 < Exit [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/20/26 19:15:00.517 (0s) > Enter [It] verifies that the second ReleasePlan CR is set to matched - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:129 @ 04/20/26 19:15:00.517 < Exit [It] verifies that the second ReleasePlan CR is set to matched - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:129 @ 04/20/26 19:15:00.687 (170ms) > Enter [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/20/26 19:15:00.687 < Exit [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/20/26 19:15:00.687 (0s) > Enter [It] verifies that the ReleasePlanAdmission CR has two matched ReleasePlan CRs - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:150 @ 04/20/26 19:15:00.688 < Exit [It] verifies that the ReleasePlanAdmission CR has two matched ReleasePlan CRs - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:150 @ 04/20/26 19:15:00.704 (16ms) > Enter [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/20/26 19:15:00.704 < Exit [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/20/26 19:15:00.704 (0s) > Enter [It] deletes one ReleasePlan CR - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:171 @ 04/20/26 19:15:00.705 < Exit [It] deletes one ReleasePlan CR - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:171 @ 04/20/26 19:15:00.761 (57ms) > Enter [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/20/26 19:15:00.761 < Exit [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/20/26 19:15:00.761 (0s) > Enter [It] verifies that the ReleasePlanAdmission CR has only one matching ReleasePlan - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:177 @ 04/20/26 19:15:00.762 < Exit [It] verifies that the ReleasePlanAdmission CR has only one matching ReleasePlan - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:177 @ 04/20/26 19:15:00.799 (37ms) > Enter [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/20/26 19:15:00.799 < Exit [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/20/26 19:15:00.799 (0s) > Enter [It] deletes the ReleasePlanAdmission CR - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:198 @ 04/20/26 19:15:00.8 < Exit [It] deletes the ReleasePlanAdmission CR - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:198 @ 04/20/26 19:15:00.855 (55ms) > Enter [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/20/26 19:15:00.855 < Exit [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/20/26 19:15:00.855 (0s) > Enter [It] verifies that the ReleasePlan CR has no matched ReleasePlanAdmission - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:204 @ 04/20/26 19:15:00.855 < Exit [It] verifies that the ReleasePlan CR has no matched ReleasePlanAdmission - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:204 @ 04/20/26 19:15:00.878 (23ms) > Enter [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/20/26 19:15:00.878 < Exit [AfterEach] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:30 @ 04/20/26 19:15:00.878 (0s) > Enter [AfterAll] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:48 @ 04/20/26 19:15:00.878 < Exit [AfterAll] [release-service-suite ReleasePlan and ReleasePlanAdmission match] - /tmp/tmp.VA2UVYReoU/tests/release/service/release_plan_and_admission_matched.go:48 @ 04/20/26 19:15:25.043 (24.165s) > Enter [BeforeAll] test pac with multiple components using same repository - /tmp/tmp.VA2UVYReoU/tests/build/multi_component.go:40 @ 04/20/26 19:15:25.044 < Exit [BeforeAll] test pac with multiple components using same repository - /tmp/tmp.VA2UVYReoU/tests/build/multi_component.go:40 @ 04/20/26 19:15:27.363 (2.319s) > Enter [It] creates component with context directory go-component - /tmp/tmp.VA2UVYReoU/tests/build/multi_component.go:106 @ 04/20/26 19:15:27.363 Image repository for component go-component-nofrer in namespace build-e2e-yxit do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Image repository for component go-component-nofrer in namespace build-e2e-yxit do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. < Exit [It] creates component with context directory go-component - /tmp/tmp.VA2UVYReoU/tests/build/multi_component.go:106 @ 04/20/26 19:15:47.477 (20.114s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/multi_component.go:28 @ 04/20/26 19:15:47.478 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/multi_component.go:28 @ 04/20/26 19:15:47.478 (0s) [FAILED] Timed out after 1800.001s. timed out when waiting for the PipelineRun to start for the component go-component-nofrer/build-e2e-yxit Expected success, but got an error: <*errors.errorString | 0xc0014fa0e0>: no pipelinerun found for component go-component-nofrer { s: "no pipelinerun found for component go-component-nofrer", } In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/multi_component.go:137 @ 04/20/26 19:45:47.479 > Enter [It] triggers a PipelineRun for component go-component-nofrer - /tmp/tmp.VA2UVYReoU/tests/build/multi_component.go:125 @ 04/20/26 19:15:47.478 PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer [FAILED] Timed out after 1800.001s. timed out when waiting for the PipelineRun to start for the component go-component-nofrer/build-e2e-yxit Expected success, but got an error: <*errors.errorString | 0xc0014fa0e0>: no pipelinerun found for component go-component-nofrer { s: "no pipelinerun found for component go-component-nofrer", } In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/multi_component.go:137 @ 04/20/26 19:45:47.479 < Exit [It] triggers a PipelineRun for component go-component-nofrer - /tmp/tmp.VA2UVYReoU/tests/build/multi_component.go:125 @ 04/20/26 19:45:47.479 (30m0.001s) > Enter [AfterAll] test pac with multiple components using same repository - /tmp/tmp.VA2UVYReoU/tests/build/multi_component.go:68 @ 04/20/26 19:45:47.479 < Exit [AfterAll] test pac with multiple components using same repository - /tmp/tmp.VA2UVYReoU/tests/build/multi_component.go:68 @ 04/20/26 19:45:49.36 (1.88s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/multi_component.go:28 @ 04/20/26 19:45:49.36 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/multi_component.go:28 @ 04/20/26 19:45:49.588 (228ms) [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/multi_component.go:140 @ 04/20/26 19:45:49.589 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/multi_component.go:159 @ 04/20/26 19:45:49.589 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/multi_component.go:164 @ 04/20/26 19:45:49.59 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/multi_component.go:174 @ 04/20/26 19:45:49.59 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/multi_component.go:106 @ 04/20/26 19:45:49.59 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/multi_component.go:125 @ 04/20/26 19:45:49.59 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/multi_component.go:140 @ 04/20/26 19:45:49.59 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/multi_component.go:159 @ 04/20/26 19:45:49.59 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/multi_component.go:164 @ 04/20/26 19:45:49.591 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/multi_component.go:174 @ 04/20/26 19:45:49.591 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/multi_component.go:190 @ 04/20/26 19:45:49.591 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/multi_component.go:205 @ 04/20/26 19:45:49.591 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/multi_component.go:264 @ 04/20/26 19:45:49.591 > Enter [BeforeAll] component update with renovate - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:72 @ 04/20/26 19:14:00.557 ReleaseAdmissionPlan data: {"Mapping":{"Components":[{"Name":"gh-multi-component-parent-riev","Repository":"quay.io/redhat-appstudio-qe/release-repository"}]}} < Exit [BeforeAll] component update with renovate - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:72 @ 04/20/26 19:15:05.045 (1m4.488s) > Enter [It] creates component with nudges - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:235 @ 04/20/26 19:15:05.046 Image repository for component gh-multi-component-child-riev in namespace build-e2e-jqfz do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Image repository for component gh-multi-component-child-riev in namespace build-e2e-jqfz do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Image repository for component gh-multi-component-parent-riev in namespace build-e2e-jqfz do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Image repository for component gh-multi-component-parent-riev in namespace build-e2e-jqfz do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. < Exit [It] creates component with nudges - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:235 @ 04/20/26 19:15:55.139 (50.093s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:15:55.139 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:15:55.139 (0s) [FAILED] Timed out after 1800.001s. timed out when waiting for the PipelineRun to start for the component gh-multi-component-parent-riev/build-e2e-jqfz Expected success, but got an error: <*errors.errorString | 0xc00088b1f0>: no pipelinerun found for component gh-multi-component-parent-riev { s: "no pipelinerun found for component gh-multi-component-parent-riev", } In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:272 @ 04/20/26 19:45:55.141 > Enter [It] triggers a PipelineRun for parent component - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:259 @ 04/20/26 19:15:55.14 PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev [FAILED] Timed out after 1800.001s. timed out when waiting for the PipelineRun to start for the component gh-multi-component-parent-riev/build-e2e-jqfz Expected success, but got an error: <*errors.errorString | 0xc00088b1f0>: no pipelinerun found for component gh-multi-component-parent-riev { s: "no pipelinerun found for component gh-multi-component-parent-riev", } In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:272 @ 04/20/26 19:45:55.141 < Exit [It] triggers a PipelineRun for parent component - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:259 @ 04/20/26 19:45:55.141 (30m0.001s) > Enter [AfterAll] component update with renovate - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:214 @ 04/20/26 19:45:55.141 < Exit [AfterAll] component update with renovate - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:214 @ 04/20/26 19:46:12.182 (17.041s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:46:12.183 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:46:12.364 (182ms) [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:274 @ 04/20/26 19:46:12.365 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:285 @ 04/20/26 19:46:12.365 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:289 @ 04/20/26 19:46:12.365 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:307 @ 04/20/26 19:46:12.365 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:318 @ 04/20/26 19:46:12.366 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:358 @ 04/20/26 19:46:12.366 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:375 @ 04/20/26 19:46:12.366 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:385 @ 04/20/26 19:46:12.366 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:401 @ 04/20/26 19:46:12.366 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:412 @ 04/20/26 19:46:12.366 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:429 @ 04/20/26 19:46:12.367 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:440 @ 04/20/26 19:46:12.367 > Enter [BeforeAll] component update with renovate - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:72 @ 04/20/26 19:14:00.557 ReleaseAdmissionPlan data: {"Mapping":{"Components":[{"Name":"gl-multi-component-parent-rsqv","Repository":"quay.io/redhat-appstudio-qe/release-repository"}]}} < Exit [BeforeAll] component update with renovate - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:72 @ 04/20/26 19:14:56.621 (56.063s) > Enter [It] creates component with nudges - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:235 @ 04/20/26 19:14:56.621 Image repository for component gl-multi-component-child-rsqv in namespace build-e2e-zttd do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. Image repository for component gl-multi-component-parent-rsqv in namespace build-e2e-zttd do not have right state ('' != 'ready') yet but it has status { { } {<nil> } []}. < Exit [It] creates component with nudges - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:235 @ 04/20/26 19:15:36.821 (40.2s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:15:36.821 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:15:36.821 (0s) > Enter [It] triggers a PipelineRun for parent component - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:259 @ 04/20/26 19:15:36.822 PipelineRun has not been created yet for the component build-e2e-zttd/gl-multi-component-parent-rsqv PipelineRun has not been created yet for the component build-e2e-zttd/gl-multi-component-parent-rsqv PipelineRun has not been created yet for the component build-e2e-zttd/gl-multi-component-parent-rsqv PipelineRun has not been created yet for the component build-e2e-zttd/gl-multi-component-parent-rsqv PipelineRun has not been created yet for the component build-e2e-zttd/gl-multi-component-parent-rsqv < Exit [It] triggers a PipelineRun for parent component - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:259 @ 04/20/26 19:17:16.891 (1m40.069s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:17:16.891 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:17:16.891 (0s) > Enter [It] the PipelineRun should eventually finish successfully for parent component - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:274 @ 04/20/26 19:17:16.892 PipelineRun gl-multi-component-parent-rsqv-on-pull-request-wl4b4 found for Component build-e2e-zttd/gl-multi-component-parent-rsqv PipelineRun gl-multi-component-parent-rsqv-on-pull-request-wl4b4 reason: Running PipelineRun gl-multi-component-parent-rsqv-on-pull-request-wl4b4 reason: Running PipelineRun gl-multi-component-parent-rsqv-on-pull-request-wl4b4 reason: Running PipelineRun gl-multi-component-parent-rsqv-on-pull-request-wl4b4 reason: Running PipelineRun gl-multi-component-parent-rsqv-on-pull-request-wl4b4 reason: Running PipelineRun gl-multi-component-parent-rsqv-on-pull-request-wl4b4 reason: Running PipelineRun gl-multi-component-parent-rsqv-on-pull-request-wl4b4 reason: Running PipelineRun gl-multi-component-parent-rsqv-on-pull-request-wl4b4 reason: Running PipelineRun gl-multi-component-parent-rsqv-on-pull-request-wl4b4 reason: Running PipelineRun gl-multi-component-parent-rsqv-on-pull-request-wl4b4 reason: Running PipelineRun gl-multi-component-parent-rsqv-on-pull-request-wl4b4 reason: Running PipelineRun gl-multi-component-parent-rsqv-on-pull-request-wl4b4 reason: Running PipelineRun gl-multi-component-parent-rsqv-on-pull-request-wl4b4 reason: Running PipelineRun gl-multi-component-parent-rsqv-on-pull-request-wl4b4 reason: Running PipelineRun gl-multi-component-parent-rsqv-on-pull-request-wl4b4 reason: Running PipelineRun gl-multi-component-parent-rsqv-on-pull-request-wl4b4 reason: PipelineRunStopping PipelineRun gl-multi-component-parent-rsqv-on-pull-request-wl4b4 reason: Failed attempt 1/3: PipelineRun "gl-multi-component-parent-rsqv-on-pull-request-wl4b4" failed: pod: gl-multi-component-parent-rsqv-on-pull-request-wl4b4-init-pod | init container: prepare 2026/04/20 19:17:06 Entrypoint initialization pod: gl-multi-component-parent-rsqv-on-pull-request-wl4b4-init-pod | container step-init: time="2026-04-20T19:17:09Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-20T19:17:09Z" level=info msg="[param] enable: false" time="2026-04-20T19:17:09Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-20T19:17:09Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-20T19:17:09Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-20T19:17:09Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-20T19:17:09Z" level=info msg="Cache proxy is disabled in param or in backend" time="2026-04-20T19:17:09Z" level=info msg="[result] HTTP PROXY: " time="2026-04-20T19:17:09Z" level=info msg="[result] NO PROXY: " New PipelineRun gl-multi-component-parent-rsqv-on-pull-request-867bt found after retrigger for component build-e2e-zttd/gl-multi-component-parent-rsqv PipelineRun gl-multi-component-parent-rsqv-on-pull-request-867bt found for Component build-e2e-zttd/gl-multi-component-parent-rsqv PipelineRun gl-multi-component-parent-rsqv-on-pull-request-867bt reason: Running PipelineRun gl-multi-component-parent-rsqv-on-pull-request-867bt reason: Running PipelineRun gl-multi-component-parent-rsqv-on-pull-request-867bt reason: Running PipelineRun gl-multi-component-parent-rsqv-on-pull-request-867bt reason: Running PipelineRun gl-multi-component-parent-rsqv-on-pull-request-867bt reason: Running PipelineRun gl-multi-component-parent-rsqv-on-pull-request-867bt reason: Running PipelineRun gl-multi-component-parent-rsqv-on-pull-request-867bt reason: Running PipelineRun gl-multi-component-parent-rsqv-on-pull-request-867bt reason: Running PipelineRun gl-multi-component-parent-rsqv-on-pull-request-867bt reason: Running PipelineRun gl-multi-component-parent-rsqv-on-pull-request-867bt reason: Running PipelineRun gl-multi-component-parent-rsqv-on-pull-request-867bt reason: Running PipelineRun gl-multi-component-parent-rsqv-on-pull-request-867bt reason: Running PipelineRun gl-multi-component-parent-rsqv-on-pull-request-867bt reason: Running PipelineRun gl-multi-component-parent-rsqv-on-pull-request-867bt reason: Running PipelineRun gl-multi-component-parent-rsqv-on-pull-request-867bt reason: Succeeded < Exit [It] the PipelineRun should eventually finish successfully for parent component - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:274 @ 04/20/26 19:27:28.244 (10m11.353s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:27:28.245 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:27:28.245 (0s) > Enter [It] the PipelineRun should eventually finish successfully for child component - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:285 @ 04/20/26 19:27:28.245 PipelineRun gl-multi-component-child-rsqv-on-pull-request-fwrd2 found for Component build-e2e-zttd/gl-multi-component-child-rsqv PipelineRun gl-multi-component-child-rsqv-on-pull-request-fwrd2 reason: Cancelled attempt 1/3: PipelineRun "gl-multi-component-child-rsqv-on-pull-request-fwrd2" failed: pod: gl-multi-component-child-rsqv-on-pull-request-vfwj8-init-pod | init container: prepare 2026/04/20 19:16:30 Entrypoint initialization pod: gl-multi-component-child-rsqv-on-pull-request-vfwj8-init-pod | container step-init: time="2026-04-20T19:16:32Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-20T19:16:32Z" level=info msg="[param] enable: false" time="2026-04-20T19:16:32Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-20T19:16:32Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-20T19:16:32Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-20T19:16:32Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-20T19:16:32Z" level=info msg="Cache proxy is disabled in param or in backend" time="2026-04-20T19:16:32Z" level=info msg="[result] HTTP PROXY: " time="2026-04-20T19:16:32Z" level=info msg="[result] NO PROXY: " New PipelineRun gl-multi-component-child-rsqv-on-pull-request-vfwj8 found after retrigger for component build-e2e-zttd/gl-multi-component-child-rsqv PipelineRun has not been created yet for the Component build-e2e-zttd/gl-multi-component-child-rsqv PipelineRun gl-multi-component-child-rsqv-on-pull-request-d27mw found for Component build-e2e-zttd/gl-multi-component-child-rsqv PipelineRun gl-multi-component-child-rsqv-on-pull-request-d27mw reason: Running PipelineRun gl-multi-component-child-rsqv-on-pull-request-d27mw reason: Running PipelineRun gl-multi-component-child-rsqv-on-pull-request-d27mw reason: Running PipelineRun gl-multi-component-child-rsqv-on-pull-request-d27mw reason: Running PipelineRun gl-multi-component-child-rsqv-on-pull-request-d27mw reason: Running PipelineRun gl-multi-component-child-rsqv-on-pull-request-d27mw reason: Running PipelineRun gl-multi-component-child-rsqv-on-pull-request-d27mw reason: Running PipelineRun gl-multi-component-child-rsqv-on-pull-request-d27mw reason: Running PipelineRun gl-multi-component-child-rsqv-on-pull-request-d27mw reason: Running PipelineRun gl-multi-component-child-rsqv-on-pull-request-d27mw reason: Running PipelineRun gl-multi-component-child-rsqv-on-pull-request-d27mw reason: Running PipelineRun gl-multi-component-child-rsqv-on-pull-request-d27mw reason: Running PipelineRun gl-multi-component-child-rsqv-on-pull-request-d27mw reason: Succeeded < Exit [It] the PipelineRun should eventually finish successfully for child component - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:285 @ 04/20/26 19:31:59.61 (4m31.365s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:31:59.61 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:31:59.61 (0s) > Enter [It] should lead to a PaC PR creation for child component - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:289 @ 04/20/26 19:31:59.611 < Exit [It] should lead to a PaC PR creation for child component - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:289 @ 04/20/26 19:31:59.877 (267ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:31:59.878 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:31:59.878 (0s) > Enter [It] Merging the PaC PR should be successful for child component - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:307 @ 04/20/26 19:31:59.878 merged result sha: c4a59f8c6d74779020b465ad9faa1279485890b2 for PR #1 < Exit [It] Merging the PaC PR should be successful for child component - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:307 @ 04/20/26 19:32:01.167 (1.289s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:32:01.167 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:32:01.167 (0s) > Enter [It] create dockerfile and yaml manifest that references build and distribution repositories - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:318 @ 04/20/26 19:32:01.168 < Exit [It] create dockerfile and yaml manifest that references build and distribution repositories - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:318 @ 04/20/26 19:33:06.782 (1m5.614s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:33:06.782 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:33:06.782 (0s) > Enter [It] should lead to a PaC PR creation for parent component - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:358 @ 04/20/26 19:33:06.783 < Exit [It] should lead to a PaC PR creation for parent component - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:358 @ 04/20/26 19:33:06.998 (216ms) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:33:06.999 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:33:06.999 (0s) > Enter [It] Merging the PaC PR should be successful for parent component - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:375 @ 04/20/26 19:33:06.999 merged result sha: 8c6aa7dd567cd31476cd2229c2c66476f226b9a0 for PR #1 < Exit [It] Merging the PaC PR should be successful for parent component - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:375 @ 04/20/26 19:33:08.278 (1.278s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:33:08.278 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:33:08.278 (0s) > Enter [It] PR merge triggers PAC PipelineRun for parent component - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:385 @ 04/20/26 19:33:08.279 Push PipelineRun has not been created yet for the component build-e2e-zttd/gl-multi-component-parent-rsqv < Exit [It] PR merge triggers PAC PipelineRun for parent component - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:385 @ 04/20/26 19:33:28.328 (20.05s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:33:28.328 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:33:28.328 (0s) > Enter [It] PAC PipelineRun for parent component is successful - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:401 @ 04/20/26 19:33:28.329 PipelineRun gl-multi-component-parent-rsqv-on-push-czzxh found for Component build-e2e-zttd/gl-multi-component-parent-rsqv PipelineRun gl-multi-component-parent-rsqv-on-push-czzxh reason: Running PipelineRun gl-multi-component-parent-rsqv-on-push-czzxh reason: Running PipelineRun gl-multi-component-parent-rsqv-on-push-czzxh reason: Running PipelineRun gl-multi-component-parent-rsqv-on-push-czzxh reason: Running PipelineRun gl-multi-component-parent-rsqv-on-push-czzxh reason: Running PipelineRun gl-multi-component-parent-rsqv-on-push-czzxh reason: Running PipelineRun gl-multi-component-parent-rsqv-on-push-czzxh reason: Running PipelineRun gl-multi-component-parent-rsqv-on-push-czzxh reason: Running PipelineRun gl-multi-component-parent-rsqv-on-push-czzxh reason: Running PipelineRun gl-multi-component-parent-rsqv-on-push-czzxh reason: Running PipelineRun gl-multi-component-parent-rsqv-on-push-czzxh reason: Running PipelineRun gl-multi-component-parent-rsqv-on-push-czzxh reason: Running PipelineRun gl-multi-component-parent-rsqv-on-push-czzxh reason: Running PipelineRun gl-multi-component-parent-rsqv-on-push-czzxh reason: Succeeded < Exit [It] PAC PipelineRun for parent component is successful - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:401 @ 04/20/26 19:37:48.349 (4m20.02s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:37:48.349 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:37:48.349 (0s) [FAILED] Timed out after 1200.000s. timed out when waiting for component nudge PR to be created in build-nudge-child-evhllx repository Expected <bool>: false to be true In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:427 @ 04/20/26 19:57:48.35 > Enter [It] should lead to a nudge PR creation for child component - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:412 @ 04/20/26 19:37:48.35 [FAILED] Timed out after 1200.000s. timed out when waiting for component nudge PR to be created in build-nudge-child-evhllx repository Expected <bool>: false to be true In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:427 @ 04/20/26 19:57:48.35 < Exit [It] should lead to a nudge PR creation for child component - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:412 @ 04/20/26 19:57:48.35 (20m0.001s) > Enter [AfterAll] component update with renovate - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:214 @ 04/20/26 19:57:48.351 < Exit [AfterAll] component update with renovate - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:214 @ 04/20/26 19:58:04.425 (16.075s) > Enter [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:58:04.426 < Exit [AfterEach] [build-service-suite Build service E2E tests] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:28 @ 04/20/26 19:58:04.708 (282ms) [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:429 @ 04/20/26 19:58:04.709 [SKIPPED] Spec skipped because an earlier spec in an ordered container failed In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:440 @ 04/20/26 19:58:04.709