./mage -v ci:teste2e Running target: CI:TestE2E I0420 18:56:14.736409 19686 magefile.go:529] setting up new custom bundle for testing... I0420 18:56:15.054741 19686 util.go:512] found credentials for image ref quay.io/redhat-appstudio-qe/test-images:pipeline-bundle-1776711375-dzev -> user: redhat-appstudio-qe+redhat_appstudio_quality Creating Tekton Bundle: - Added Pipeline: docker-build to image I0420 18:56:16.149466 19686 bundle.go:57] image digest for a new tekton bundle quay.io/redhat-appstudio-qe/test-images:pipeline-bundle-1776711375-dzev: quay.io/redhat-appstudio-qe/test-images@sha256:2556bdcbafb5cb9af29b0826ed7361d80c075cfe1cba9b32ebb89cc923c24969 I0420 18:56:16.149491 19686 magefile.go:535] To use the custom docker bundle locally, run below cmd: export CUSTOM_DOCKER_BUILD_PIPELINE_BUNDLE=quay.io/redhat-appstudio-qe/test-images:pipeline-bundle-1776711375-dzev I0420 18:56:16.149514 19686 release_service.go:50] checking if repository is release-service I0420 18:56:17.272064 19686 release_service_catalog.go:104] checking if repository is release-service-catalog I0420 18:56:17.272082 19686 integration_service.go:49] checking if repository is integration-service I0420 18:56:17.272086 19686 image_controller.go:49] checking if repository is image-controller I0420 18:56:17.272091 19686 build_service.go:50] checking if repository is build-service I0420 18:56:17.272095 19686 e2e_repo.go:347] checking if repository is e2e-tests I0420 18:56:17.272098 19686 e2e_repo.go:335] multi-platform tests and require sprayproxy registering are set to TRUE exec: git "diff" "--name-status" "upstream/main..HEAD" I0420 18:56:17.275353 19686 util.go:451] The following files, pkg/clients/tekton/repository.go, tests/integration-service/README.md, tests/integration-service/const.go, tests/integration-service/forgejo-integration-reporting.go, were changed! exec: go "install" "-mod=mod" "github.com/onsi/ginkgo/v2/ginkgo" go: downloading github.com/go-task/slim-sprig/v3 v3.0.0 go: downloading github.com/google/pprof v0.0.0-20260106004452-d7df1bf2cac7 I0420 18:56:20.816741 19686 install.go:188] cloning 'https://github.com/redhat-appstudio/infra-deployments' with git ref 'refs/heads/main' Enumerating objects: 79310, done. Counting objects: 0% (1/255) Counting objects: 1% (3/255) Counting objects: 2% (6/255) Counting objects: 3% (8/255) Counting objects: 4% (11/255) Counting objects: 5% (13/255) Counting objects: 6% (16/255) Counting objects: 7% (18/255) Counting objects: 8% (21/255) Counting objects: 9% (23/255) Counting objects: 10% (26/255) Counting objects: 11% (29/255) Counting objects: 12% (31/255) Counting objects: 13% (34/255) Counting objects: 14% (36/255) Counting objects: 15% (39/255) Counting objects: 16% (41/255) Counting objects: 17% (44/255) Counting objects: 18% (46/255) Counting objects: 19% (49/255) Counting objects: 20% (51/255) Counting objects: 21% (54/255) Counting objects: 22% (57/255) Counting objects: 23% (59/255) Counting objects: 24% (62/255) Counting objects: 25% (64/255) Counting objects: 26% (67/255) Counting objects: 27% (69/255) Counting objects: 28% (72/255) Counting objects: 29% (74/255) Counting objects: 30% (77/255) Counting objects: 31% (80/255) Counting objects: 32% (82/255) Counting objects: 33% (85/255) Counting objects: 34% (87/255) Counting objects: 35% (90/255) Counting objects: 36% (92/255) Counting objects: 37% (95/255) Counting objects: 38% (97/255) Counting objects: 39% (100/255) Counting objects: 40% (102/255) Counting objects: 41% (105/255) Counting objects: 42% (108/255) Counting objects: 43% (110/255) Counting objects: 44% (113/255) Counting objects: 45% (115/255) Counting objects: 46% (118/255) Counting objects: 47% (120/255) Counting objects: 48% (123/255) Counting objects: 49% (125/255) Counting objects: 50% (128/255) Counting objects: 51% (131/255) Counting objects: 52% (133/255) Counting objects: 53% (136/255) Counting objects: 54% (138/255) Counting objects: 55% (141/255) Counting objects: 56% (143/255) Counting objects: 57% (146/255) Counting objects: 58% (148/255) Counting objects: 59% (151/255) Counting objects: 60% (153/255) Counting objects: 61% (156/255) Counting objects: 62% (159/255) Counting objects: 63% (161/255) Counting objects: 64% (164/255) Counting objects: 65% (166/255) Counting objects: 66% (169/255) Counting objects: 67% (171/255) Counting objects: 68% (174/255) Counting objects: 69% (176/255) Counting objects: 70% (179/255) Counting objects: 71% (182/255) Counting objects: 72% (184/255) Counting objects: 73% (187/255) Counting objects: 74% (189/255) Counting objects: 75% (192/255) Counting objects: 76% (194/255) Counting objects: 77% (197/255) Counting objects: 78% (199/255) Counting objects: 79% (202/255) Counting objects: 80% (204/255) Counting objects: 81% (207/255) Counting objects: 82% (210/255) Counting objects: 83% (212/255) Counting objects: 84% (215/255) Counting objects: 85% (217/255) Counting objects: 86% (220/255) Counting objects: 87% (222/255) Counting objects: 88% (225/255) Counting objects: 89% (227/255) Counting objects: 90% (230/255) Counting objects: 91% (233/255) Counting objects: 92% (235/255) Counting objects: 93% (238/255) Counting objects: 94% (240/255) Counting objects: 95% (243/255) Counting objects: 96% (245/255) Counting objects: 97% (248/255) Counting objects: 98% (250/255) Counting objects: 99% (253/255) Counting objects: 100% (255/255) Counting objects: 100% (255/255), done. Compressing objects: 0% (1/161) Compressing objects: 1% (2/161) Compressing objects: 2% (4/161) Compressing objects: 3% (5/161) Compressing objects: 4% (7/161) Compressing objects: 5% (9/161) Compressing objects: 6% (10/161) Compressing objects: 7% (12/161) Compressing objects: 8% (13/161) Compressing objects: 9% (15/161) Compressing objects: 10% (17/161) Compressing objects: 11% (18/161) Compressing objects: 12% (20/161) Compressing objects: 13% (21/161) Compressing objects: 14% (23/161) Compressing objects: 15% (25/161) Compressing objects: 16% (26/161) Compressing objects: 17% (28/161) Compressing objects: 18% (29/161) Compressing objects: 19% (31/161) Compressing objects: 20% (33/161) Compressing objects: 21% (34/161) Compressing objects: 22% (36/161) Compressing objects: 23% (38/161) Compressing objects: 24% (39/161) Compressing objects: 25% (41/161) Compressing objects: 26% (42/161) Compressing objects: 27% (44/161) Compressing objects: 28% (46/161) Compressing objects: 29% (47/161) Compressing objects: 30% (49/161) Compressing objects: 31% (50/161) Compressing objects: 32% (52/161) Compressing objects: 33% (54/161) Compressing objects: 34% (55/161) Compressing objects: 35% (57/161) Compressing objects: 36% (58/161) Compressing objects: 37% (60/161) Compressing objects: 38% (62/161) Compressing objects: 39% (63/161) Compressing objects: 40% (65/161) Compressing objects: 41% (67/161) Compressing objects: 42% (68/161) Compressing objects: 43% (70/161) Compressing objects: 44% (71/161) Compressing objects: 45% (73/161) Compressing objects: 46% (75/161) Compressing objects: 47% (76/161) Compressing objects: 48% (78/161) Compressing objects: 49% (79/161) Compressing objects: 50% (81/161) Compressing objects: 51% (83/161) Compressing objects: 52% (84/161) Compressing objects: 53% (86/161) Compressing objects: 54% (87/161) Compressing objects: 55% (89/161) Compressing objects: 56% (91/161) Compressing objects: 57% (92/161) Compressing objects: 58% (94/161) Compressing objects: 59% (95/161) Compressing objects: 60% (97/161) Compressing objects: 61% (99/161) Compressing objects: 62% (100/161) Compressing objects: 63% (102/161) Compressing objects: 64% (104/161) Compressing objects: 65% (105/161) Compressing objects: 66% (107/161) Compressing objects: 67% (108/161) Compressing objects: 68% (110/161) Compressing objects: 69% (112/161) Compressing objects: 70% (113/161) Compressing objects: 71% (115/161) Compressing objects: 72% (116/161) Compressing objects: 73% (118/161) Compressing objects: 74% (120/161) Compressing objects: 75% (121/161) Compressing objects: 76% (123/161) Compressing objects: 77% (124/161) Compressing objects: 78% (126/161) Compressing objects: 79% (128/161) Compressing objects: 80% (129/161) Compressing objects: 81% (131/161) Compressing objects: 82% (133/161) Compressing objects: 83% (134/161) Compressing objects: 84% (136/161) Compressing objects: 85% (137/161) Compressing objects: 86% (139/161) Compressing objects: 87% (141/161) Compressing objects: 88% (142/161) Compressing objects: 89% (144/161) Compressing objects: 90% (145/161) Compressing objects: 91% (147/161) Compressing objects: 92% (149/161) Compressing objects: 93% (150/161) Compressing objects: 94% (152/161) Compressing objects: 95% (153/161) Compressing objects: 96% (155/161) Compressing objects: 97% (157/161) Compressing objects: 98% (158/161) Compressing objects: 99% (160/161) Compressing objects: 100% (161/161) Compressing objects: 100% (161/161), done. Total 79310 (delta 188), reused 94 (delta 94), pack-reused 79055 (from 2) From https://github.com/redhat-appstudio/infra-deployments * branch main -> FETCH_HEAD Already up to date. ============================================================================= [2026-04-20 18:56:24] [STEP] Starting Konflux Cluster Bootstrap ============================================================================= [2026-04-20 18:56:24] [INFO] Mode: preview [2026-04-20 18:56:24] [INFO] Options: OBO=disabled, EAAS=disabled [2026-04-20 18:56:24] [INFO] Start time: 2026-04-20 18:56:24 UTC ============================================================================= [2026-04-20 18:56:24] [STEP] Phase 1: Deploying ArgoCD ============================================================================= ============================================================================= [2026-04-20 18:56:24] [STEP] Deploying OpenShift GitOps (ArgoCD) ============================================================================= [2026-04-20 18:56:24] [SUBSTEP] Verifying cluster-admin permissions [2026-04-20 18:56:24] [SUCCESS] User 'cluster-admin' has cluster-admin permissions [2026-04-20 18:56:24] [SUBSTEP] Installing OpenShift GitOps operator subscription clusterrole.rbac.authorization.k8s.io/appstudio-openshift-gitops-argocd-application-controller created clusterrole.rbac.authorization.k8s.io/appstudio-openshift-gitops-argocd-server created clusterrolebinding.rbac.authorization.k8s.io/appstudio-openshift-gitops-argocd-application-controller created clusterrolebinding.rbac.authorization.k8s.io/appstudio-openshift-gitops-argocd-server created subscription.operators.coreos.com/openshift-gitops-operator created [2026-04-20 18:56:24] [SUCCESS] GitOps operator subscription applied [2026-04-20 18:56:24] [SUBSTEP] Waiting for default ArgoCD project to be created [2026-04-20 18:56:25] [WAITING] Default project not yet available (5s/300s) [2026-04-20 18:56:30] [WAITING] Default project not yet available (10s/300s) [2026-04-20 18:56:35] [WAITING] Default project not yet available (15s/300s) [2026-04-20 18:56:40] [WAITING] Default project not yet available (20s/300s) [2026-04-20 18:56:45] [WAITING] Default project not yet available (25s/300s) [2026-04-20 18:56:50] [WAITING] Default project not yet available (30s/300s) [2026-04-20 18:56:56] [WAITING] Default project not yet available (35s/300s) [2026-04-20 18:57:01] [SUCCESS] Default ArgoCD project is available [2026-04-20 18:57:01] [SUBSTEP] Waiting for OpenShift GitOps route to be created [2026-04-20 18:57:01] [SUCCESS] OpenShift GitOps route is available [2026-04-20 18:57:01] [SUBSTEP] Configuring ArgoCD repo server resources and timeout argocd.argoproj.io/openshift-gitops patched [2026-04-20 18:57:01] [SUCCESS] Repo server configured: timeout=5m, cpu=100m, memory=100Mi [2026-04-20 18:57:01] [SUBSTEP] Configuring ArgoCD application controller resources argocd.argoproj.io/openshift-gitops patched [2026-04-20 18:57:01] [SUCCESS] Application controller configured: cpu=4, memory=4Gi [2026-04-20 18:57:01] [SUBSTEP] Switching ArgoCD route to re-encryption TLS argocd.argoproj.io/openshift-gitops patched [2026-04-20 18:57:01] [SUCCESS] Route TLS termination set to 'reencrypt' [2026-04-20 18:57:01] [SUBSTEP] Restarting ArgoCD server after TLS configuration change pod "openshift-gitops-server-6944966b75-6jfsh" deleted [2026-04-20 18:57:02] [SUCCESS] ArgoCD server pods deleted for restart [2026-04-20 18:57:02] [SUBSTEP] Granting admin role to authenticated users [2026-04-20 18:57:02] [INFO] Note: This should be updated once proper access policy is in place argocd.argoproj.io/openshift-gitops patched [2026-04-20 18:57:03] [SUCCESS] RBAC policy set: system:authenticated -> role:admin [2026-04-20 18:57:03] [SUBSTEP] Configuring PVC health check (WaitForFirstConsumer workaround) Warning: unknown field "spec.resourceCustomizations" argocd.argoproj.io/openshift-gitops patched (no change) [2026-04-20 18:57:03] [SUCCESS] PVC health customization applied (Pending/Bound = Healthy) [2026-04-20 18:57:03] [SUBSTEP] Enabling Helm support in Kustomize builds argocd.argoproj.io/openshift-gitops patched [2026-04-20 18:57:03] [SUCCESS] Kustomize build options set: --enable-helm [2026-04-20 18:57:03] [SUBSTEP] Configuring ArgoCD to ignore aggregated roles in diff argocd.argoproj.io/openshift-gitops patched [2026-04-20 18:57:03] [SUCCESS] ignoreAggregatedRoles set to true [2026-04-20 18:57:03] [SUBSTEP] Setting ArgoCD tracking method to annotation argocd.argoproj.io/openshift-gitops patched [2026-04-20 18:57:03] [SUCCESS] Resource tracking method set to 'annotation' [2026-04-20 18:57:03] [SUBSTEP] Restarting GitOps server deployment deployment.apps/openshift-gitops-server restarted [2026-04-20 18:57:03] [SUCCESS] GitOps server restart initiated [2026-04-20 18:57:03] [INFO] Waiting for rollout to complete... Waiting for deployment "openshift-gitops-server" rollout to finish: 1 old replicas are pending termination... Waiting for deployment "openshift-gitops-server" rollout to finish: 1 old replicas are pending termination... Waiting for deployment "openshift-gitops-server" rollout to finish: 1 old replicas are pending termination... deployment "openshift-gitops-server" successfully rolled out [2026-04-20 18:57:34] [SUCCESS] GitOps server rollout complete ============================================================================= [2026-04-20 18:57:34] [STEP] ArgoCD Access Information ============================================================================= [2026-04-20 18:57:34] [INFO] ArgoCD URL: https://openshift-gitops-server-openshift-gitops.apps.rosa.kx-d1a7985ec1.n9s3.p3.openshiftapps.com [2026-04-20 18:57:34] [INFO] Authentication: Use 'Login with OpenShift' button (OpenShift credentials) [2026-04-20 18:57:34] [SUBSTEP] Verifying ArgoCD route is accessible [2026-04-20 18:57:54] [WAITING] Waiting for route to respond (5s/120s) [2026-04-20 18:57:59] [SUCCESS] ArgoCD is accessible at https://openshift-gitops-server-openshift-gitops.apps.rosa.kx-d1a7985ec1.n9s3.p3.openshiftapps.com [ARGOCD_DEPLOY_JSON] {"status":"success","url":"https://openshift-gitops-server-openshift-gitops.apps.rosa.kx-d1a7985ec1.n9s3.p3.openshiftapps.com","namespace":"openshift-gitops","auth_method":"openshift"} ============================================================================= [2026-04-20 18:57:59] [STEP] OpenShift GitOps Deployment Complete ============================================================================= ============================================================================= [2026-04-20 18:57:59] [STEP] Phase 2: Bootstrapping Host Cluster ============================================================================= [2026-04-20 18:57:59] [INFO] Bootstrapping host cluster components [2026-04-20 18:57:59] [INFO] No preview.env file found - using environment variables only [2026-04-20 18:57:59] [SUBSTEP] Configuring Quality Dashboard secrets Setting secrets for Quality Dashboard namespace/quality-dashboard created secret/quality-dashboard-secrets created [2026-04-20 18:58:03] [SUCCESS] Quality Dashboard secrets configured [2026-04-20 18:58:03] [SUBSTEP] Configuring CI Helper App secret Creating secret for CI Helper App namespace/ci-helper-app created secret/ci-helper-app-secrets created [2026-04-20 18:58:06] [SUCCESS] CI Helper App secret configured [2026-04-20 18:58:06] [SUCCESS] Host cluster bootstrap complete ============================================================================= [2026-04-20 18:58:06] [STEP] Phase 3: Bootstrapping Member Cluster ============================================================================= [2026-04-20 18:58:06] [INFO] Bootstrapping member cluster components [2026-04-20 18:58:06] [INFO] No preview.env file found - using environment variables only [2026-04-20 18:58:06] [SUBSTEP] Configuring Pipeline Service secrets Setting secrets for pipeline-service tekton-results namespace already exists, skipping creation tekton-logging namespace already exists, skipping creation namespace/product-kubearchive-logging created Creating DB secret secret/tekton-results-database created Creating S3 secret secret/tekton-results-s3 created Creating MinIO config secret/minio-storage-configuration created Creating S3 secret secret/tekton-results-s3 created Creating MinIO config MinIO config already exists, skipping creation Creating Postgres TLS certs secret/postgresql-tls created configmap/rds-root-crt created [2026-04-20 18:58:09] [SUCCESS] Pipeline Service secrets configured [2026-04-20 18:58:09] [SUBSTEP] Configuring GitHub secrets [2026-04-20 18:58:09] [INFO] GitHub token provided - creating secrets namespace/application-service created Creating a has secret from legacy token secret/has-github-token created [2026-04-20 18:58:10] [SUCCESS] GitHub secrets configured [2026-04-20 18:58:10] [SUBSTEP] Configuring Image Controller secrets [2026-04-20 18:58:10] [INFO] Quay organization: redhat-appstudio-qe Creating a secret with a token for Image Controller namespace/image-controller created secret/quaytoken created [2026-04-20 18:58:11] [SUCCESS] Image Controller secrets configured [2026-04-20 18:58:11] [SUCCESS] Member cluster bootstrap complete ============================================================================= [2026-04-20 18:58:11] [STEP] Phase 4: Bootstrapping Common Components ============================================================================= [2026-04-20 18:58:11] [INFO] Bootstrapping common cluster components [2026-04-20 18:58:11] [INFO] No preview.env file found at /tmp/tmp.VA2UVYReoU/tmp/infra-deployments/hack/../hack/preview.env - using environment variables only [2026-04-20 18:58:11] [SUBSTEP] Configuring Docker Hub pull secret Configuring the cluster with a pull secret for Docker Hub Saved credentials for docker.io into /tmp/tmp.UEphsisnSz secret/pull-secret data updated Saved credentials for docker.io into /tmp/tmp.UEphsisnSz secret/docker-io-pull created [2026-04-20 18:58:12] [SUCCESS] Docker Hub pull secret configured [2026-04-20 18:58:12] [SUBSTEP] Configuring DORA metrics exporter secrets Setting secrets for Dora metrics exporter namespace/dora-metrics created secret/exporters-secret created [2026-04-20 18:58:12] [SUCCESS] DORA metrics exporter secrets configured [2026-04-20 18:58:12] [SUCCESS] Common cluster bootstrap complete ============================================================================= [2026-04-20 18:58:12] [STEP] Phase 5: Mode-Specific Deployment (preview) ============================================================================= [2026-04-20 18:58:12] [INFO] Deploying preview configuration ============================================================================= [2026-04-20 18:58:12] [STEP] Starting Konflux Preview Environment Setup ============================================================================= [2026-04-20 18:58:12] [INFO] Script: /tmp/tmp.VA2UVYReoU/tmp/infra-deployments/hack/../hack/preview.sh [2026-04-20 18:58:13] [INFO] Options: OBO=false, GRAFANA=false, EAAS=false [2026-04-20 18:58:13] [INFO] Start time: 2026-04-20 18:58:13 UTC ============================================================================= [2026-04-20 18:58:13] [STEP] Cluster Context Information ============================================================================= [2026-04-20 18:58:13] [INFO] OpenShift Version: 4.18.9 [2026-04-20 18:58:13] [INFO] API Server: https://api.kx-d1a7985ec1.n9s3.p3.openshiftapps.com:443 [2026-04-20 18:58:13] [INFO] Cluster ID: 1b147f0e-5874-48d8-98bd-ab1311289110 [2026-04-20 18:58:13] [INFO] Cluster Domain: apps.rosa.kx-d1a7985ec1.n9s3.p3.openshiftapps.com [2026-04-20 18:58:13] [INFO] Total Nodes: 3 [2026-04-20 18:58:13] [INFO] - Master nodes: 0 [2026-04-20 18:58:13] [INFO] - Worker nodes: 3 [2026-04-20 18:58:14] [SUCCESS] Cluster operators: All healthy [CLUSTER_CONTEXT_JSON] {"ocp_version":"4.18.9","api_server":"https://api.kx-d1a7985ec1.n9s3.p3.openshiftapps.com:443","cluster_id":"1b147f0e-5874-48d8-98bd-ab1311289110","cluster_domain":"apps.rosa.kx-d1a7985ec1.n9s3.p3.openshiftapps.com","total_nodes":3,"master_nodes":0,"worker_nodes":3,"degraded_operators":0} Switched to a new branch 'preview-main-wlna' [2026-04-20 18:58:14] [SUCCESS] Git environment initialized [2026-04-20 18:58:14] [INFO] - Repository URL: https://github.com/redhat-appstudio-qe/infra-deployments.git [2026-04-20 18:58:14] [INFO] - Source branch: main [2026-04-20 18:58:14] [INFO] - Preview branch: preview-main-wlna [2026-04-20 18:58:14] [INFO] - GitHub org: redhat-appstudio-qe ============================================================================= [2026-04-20 18:58:14] [STEP] Patching ArgoCD application manifests to use fork repository ============================================================================= [2026-04-20 18:58:14] [INFO] Setting repoURL to: https://github.com/redhat-appstudio-qe/infra-deployments.git [2026-04-20 18:58:14] [INFO] Setting targetRevision to: preview-main-wlna [2026-04-20 18:58:14] [SUBSTEP] Patched: application-patch.yaml [2026-04-20 18:58:14] [SUBSTEP] Patched: application-set-patch.yaml [2026-04-20 18:58:14] [SUBSTEP] Patched: application-set-multisrc-src-1-patch.yaml [2026-04-20 18:58:14] [SUCCESS] All ArgoCD patch files updated ============================================================================= [2026-04-20 18:58:14] [STEP] Labeling cluster nodes for Konflux workloads ============================================================================= [2026-04-20 18:58:14] [INFO] Reference: https://github.com/redhat-appstudio/infra-deployments/pull/4415 [2026-04-20 18:58:14] [INFO] Found 3 nodes to label with 'konflux-ci.dev/workload=konflux-tenants' [2026-04-20 18:58:14] [SUBSTEP] Labeling node/ip-10-0-134-199.ec2.internal node/ip-10-0-134-199.ec2.internal labeled [2026-04-20 18:58:14] [SUCCESS] Successfully labeled node/ip-10-0-134-199.ec2.internal [2026-04-20 18:58:14] [SUBSTEP] Labeling node/ip-10-0-156-158.ec2.internal node/ip-10-0-156-158.ec2.internal labeled [2026-04-20 18:58:14] [SUCCESS] Successfully labeled node/ip-10-0-156-158.ec2.internal [2026-04-20 18:58:14] [SUBSTEP] Labeling node/ip-10-0-161-12.ec2.internal node/ip-10-0-161-12.ec2.internal labeled [2026-04-20 18:58:14] [SUCCESS] Successfully labeled node/ip-10-0-161-12.ec2.internal [2026-04-20 18:58:14] [SUBSTEP] Verifying labels on all nodes... [2026-04-20 18:58:15] [SUCCESS] All 3 nodes labeled and verified successfully ============================================================================= [2026-04-20 18:58:15] [STEP] Checking OCP version for Kueue compatibility ============================================================================= [2026-04-20 18:58:15] [INFO] Detected OpenShift Container Platform version: 4.18.9 (minor: 18) [2026-04-20 18:58:15] [SUCCESS] OCP version 4.18.9 meets Kueue requirements - Kueue will be deployed ============================================================================= [2026-04-20 18:58:15] [STEP] Configuring GitHub organization ============================================================================= [2026-04-20 18:58:15] [INFO] Setting GitHub org to: redhat-appstudio-qe [2026-04-20 18:58:15] [INFO] Configuring GitHub organization for Application Service (HAS) [2026-04-20 18:58:15] [INFO] - Target org: redhat-appstudio-qe [2026-04-20 18:58:15] [INFO] - Config file: /tmp/tmp.VA2UVYReoU/tmp/infra-deployments/hack/../components/has/base/kustomization.yaml [2026-04-20 18:58:15] [SUCCESS] GitHub organization set to 'redhat-appstudio-qe' [2026-04-20 18:58:15] [SUCCESS] Verified: Configuration updated correctly [2026-04-20 18:58:15] [SUCCESS] GitHub organization configured ============================================================================= [2026-04-20 18:58:15] [STEP] Configuring Rekor server hostname ============================================================================= [2026-04-20 18:58:15] [INFO] Cluster domain: apps.rosa.kx-d1a7985ec1.n9s3.p3.openshiftapps.com [2026-04-20 18:58:15] [INFO] Rekor server hostname: rekor.apps.rosa.kx-d1a7985ec1.n9s3.p3.openshiftapps.com [2026-04-20 18:58:15] [SUCCESS] Rekor server hostname configured ============================================================================= [2026-04-20 18:58:15] [STEP] Applying service image overrides from environment variables ============================================================================= [2026-04-20 18:58:15] [INFO] No service image overrides configured - using default images ============================================================================= [2026-04-20 18:58:15] [STEP] Committing and pushing preview changes ============================================================================= [preview-main-wlna ef15aa354] Preview mode, do not merge into main 8 files changed, 15 insertions(+), 21 deletions(-) remote: remote: Create a pull request for 'preview-main-wlna' on GitHub by visiting: remote: https://github.com/redhat-appstudio-qe/infra-deployments/pull/new/preview-main-wlna remote: To https://github.com/redhat-appstudio-qe/infra-deployments.git * [new branch] preview-main-wlna -> preview-main-wlna branch 'preview-main-wlna' set up to track 'qe/preview-main-wlna'. [2026-04-20 18:58:16] [SUCCESS] Preview changes committed and pushed to qe/preview-main-wlna ============================================================================= [2026-04-20 18:58:16] [STEP] Deploying ArgoCD applications ============================================================================= [2026-04-20 18:58:16] [SUBSTEP] Applying root Application from: /tmp/tmp.VA2UVYReoU/tmp/infra-deployments/hack/../argo-cd-apps/app-of-app-sets/development application.argoproj.io/all-application-sets created [2026-04-20 18:58:16] [SUCCESS] Root Application 'all-application-sets' created [2026-04-20 18:58:16] [SUBSTEP] Waiting for 'all-application-sets' to become Healthy and Synced [2026-04-20 18:58:16] [WAITING] Root application status: ' ' (target: 'Healthy Synced') - 5s elapsed [2026-04-20 18:58:22] [WAITING] Root application status: ' ' (target: 'Healthy Synced') - 10s elapsed [2026-04-20 18:58:27] [WAITING] Root application status: 'Healthy OutOfSync' (target: 'Healthy Synced') - 15s elapsed [2026-04-20 18:58:32] [WAITING] Root application status: 'Healthy OutOfSync' (target: 'Healthy Synced') - 20s elapsed [2026-04-20 18:58:37] [SUCCESS] Root application 'all-application-sets' is Healthy and Synced [2026-04-20 18:58:37] [SUBSTEP] Triggering hard refresh on all ArgoCD applications [2026-04-20 18:58:37] [INFO] Found 43 applications to refresh application.argoproj.io/project-controller-in-cluster-local patched application.argoproj.io/build-templates-in-cluster-local patched application.argoproj.io/image-rbac-proxy-in-cluster-local patched application.argoproj.io/all-application-sets patched application.argoproj.io/enterprise-contract-in-cluster-local patched application.argoproj.io/knative-eventing-in-cluster-local patched application.argoproj.io/monitoring-workload-prometheus-in-cluster-local patched application.argoproj.io/has-in-cluster-local patched application.argoproj.io/backup-in-cluster-local patched application.argoproj.io/disaster-recovery-in-cluster-local patched application.argoproj.io/crossplane-control-plane-in-cluster-local patched application.argoproj.io/konflux-info-in-cluster-local patched application.argoproj.io/disable-csvcopy-in-cluster-local patched application.argoproj.io/monitoring-registry-in-cluster-local patched application.argoproj.io/trust-manager-in-cluster-local patched application.argoproj.io/konflux-kite-in-cluster-local patched application.argoproj.io/release-in-cluster-local patched application.argoproj.io/cert-manager-in-cluster-local patched application.argoproj.io/application-api-in-cluster-local patched application.argoproj.io/kueue-in-cluster-local patched application.argoproj.io/integration-in-cluster-local patched application.argoproj.io/squid-in-cluster-local patched application.argoproj.io/image-controller-in-cluster-local patched application.argoproj.io/multi-platform-controller-in-cluster-local patched application.argoproj.io/policies-in-cluster-local patched application.argoproj.io/smee-client-in-cluster-local patched application.argoproj.io/konflux-rbac-in-cluster-local patched application.argoproj.io/kubearchive-in-cluster-local patched application.argoproj.io/pipeline-service-in-cluster-local patched application.argoproj.io/repository-validator-in-cluster-local patched application.argoproj.io/vector-tekton-logs-collector-in-cluster-local patched application.argoproj.io/monitoring-workload-custom-kube-state-metrics-in-cluster-local patched application.argoproj.io/perf-team-prometheus-reader-in-cluster-local patched application.argoproj.io/tracing-workload-otel-collector-in-cluster-local patched application.argoproj.io/tracing-workload-tracing-in-cluster-local patched application.argoproj.io/tempo-in-cluster-local patched application.argoproj.io/kyverno-in-cluster-local patched application.argoproj.io/dora-metrics-in-cluster-local patched application.argoproj.io/monitoring-cardinality-in-cluster-local patched application.argoproj.io/vector-kubearchive-log-collector-in-cluster-local patched (no change) application.argoproj.io/build-service-in-cluster-local patched application.argoproj.io/mintmaker-in-cluster-local patched application.argoproj.io/internal-services-in-cluster-local patched [2026-04-20 18:58:44] [SUCCESS] Hard refresh triggered on all 43 applications [2026-04-20 18:58:44] [SUBSTEP] Waiting for refresh operations to complete [2026-04-20 18:58:44] [PROGRESS] Refresh: 0/43 complete | 43 still refreshing (5s elapsed) [2026-04-20 18:58:49] [PROGRESS] Refresh: 0/43 complete | 43 still refreshing (10s elapsed) [2026-04-20 18:58:55] [PROGRESS] Refresh: 0/43 complete | 43 still refreshing (15s elapsed) [2026-04-20 18:59:00] [PROGRESS] Refresh: 6/43 complete | 37 still refreshing (20s elapsed) [2026-04-20 18:59:05] [PROGRESS] Refresh: 12/43 complete | 31 still refreshing (25s elapsed) [2026-04-20 18:59:11] [PROGRESS] Refresh: 26/43 complete | 17 still refreshing (30s elapsed) [2026-04-20 18:59:16] [PROGRESS] Refresh: 33/43 complete | 10 still refreshing (35s elapsed) [2026-04-20 18:59:21] [PROGRESS] Refresh: 36/43 complete | 7 still refreshing (40s elapsed) [2026-04-20 18:59:27] [PROGRESS] Refresh: 38/43 complete | 5 still refreshing (45s elapsed) [2026-04-20 18:59:32] [PROGRESS] Refresh: 39/43 complete | 4 still refreshing (50s elapsed) [2026-04-20 18:59:38] [PROGRESS] Refresh: 40/43 complete | 3 still refreshing (55s elapsed) [2026-04-20 18:59:43] [PROGRESS] Refresh: 41/43 complete | 2 still refreshing (60s elapsed) [2026-04-20 18:59:48] [PROGRESS] Refresh: 41/43 complete | 2 still refreshing (65s elapsed) [2026-04-20 18:59:54] [PROGRESS] Refresh: 41/43 complete | 2 still refreshing (70s elapsed) [2026-04-20 18:59:59] [PROGRESS] Refresh: 41/43 complete | 2 still refreshing (75s elapsed) [2026-04-20 19:00:04] [PROGRESS] Refresh: 41/43 complete | 2 still refreshing (80s elapsed) [2026-04-20 19:00:10] [PROGRESS] Refresh: 41/43 complete | 2 still refreshing (85s elapsed) [2026-04-20 19:00:15] [PROGRESS] Refresh: 41/43 complete | 2 still refreshing (90s elapsed) [2026-04-20 19:00:20] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (95s elapsed) [2026-04-20 19:00:26] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (100s elapsed) [2026-04-20 19:00:31] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (105s elapsed) [2026-04-20 19:00:36] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (110s elapsed) [2026-04-20 19:00:41] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (115s elapsed) [2026-04-20 19:00:47] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (120s elapsed) [2026-04-20 19:00:52] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (125s elapsed) [2026-04-20 19:00:57] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (130s elapsed) [2026-04-20 19:01:03] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (135s elapsed) [2026-04-20 19:01:08] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (140s elapsed) [2026-04-20 19:01:13] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (145s elapsed) [2026-04-20 19:01:19] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (150s elapsed) [2026-04-20 19:01:24] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (155s elapsed) [2026-04-20 19:01:29] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (160s elapsed) [2026-04-20 19:01:35] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (165s elapsed) [2026-04-20 19:01:40] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (170s elapsed) [2026-04-20 19:01:45] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (175s elapsed) [2026-04-20 19:01:51] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (180s elapsed) [2026-04-20 19:01:56] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (185s elapsed) [2026-04-20 19:02:01] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (190s elapsed) [2026-04-20 19:02:07] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (195s elapsed) [2026-04-20 19:02:12] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (200s elapsed) [2026-04-20 19:02:17] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (205s elapsed) [2026-04-20 19:02:23] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (210s elapsed) [2026-04-20 19:02:28] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (215s elapsed) [2026-04-20 19:02:33] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (220s elapsed) [2026-04-20 19:02:39] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (225s elapsed) [2026-04-20 19:02:44] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (230s elapsed) [2026-04-20 19:02:49] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (235s elapsed) [2026-04-20 19:02:55] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (240s elapsed) [2026-04-20 19:03:00] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (245s elapsed) [2026-04-20 19:03:05] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (250s elapsed) [2026-04-20 19:03:11] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (255s elapsed) [2026-04-20 19:03:16] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (260s elapsed) [2026-04-20 19:03:21] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (265s elapsed) [2026-04-20 19:03:27] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (270s elapsed) [2026-04-20 19:03:32] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (275s elapsed) [2026-04-20 19:03:37] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (280s elapsed) [2026-04-20 19:03:43] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (285s elapsed) [2026-04-20 19:03:48] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (290s elapsed) [2026-04-20 19:03:53] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (295s elapsed) [2026-04-20 19:03:59] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (300s elapsed) [2026-04-20 19:04:04] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (305s elapsed) [2026-04-20 19:04:09] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (310s elapsed) [2026-04-20 19:04:15] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (315s elapsed) [2026-04-20 19:04:20] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (320s elapsed) [2026-04-20 19:04:25] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (325s elapsed) [2026-04-20 19:04:31] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (330s elapsed) [2026-04-20 19:04:36] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (335s elapsed) [2026-04-20 19:04:41] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (340s elapsed) [2026-04-20 19:04:47] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (345s elapsed) [2026-04-20 19:04:52] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (350s elapsed) [2026-04-20 19:04:57] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (355s elapsed) [2026-04-20 19:05:03] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (360s elapsed) [2026-04-20 19:05:08] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (365s elapsed) [2026-04-20 19:05:13] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (370s elapsed) [2026-04-20 19:05:19] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (375s elapsed) [2026-04-20 19:05:24] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (380s elapsed) [2026-04-20 19:05:29] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (385s elapsed) [2026-04-20 19:05:35] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (390s elapsed) [2026-04-20 19:05:40] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (395s elapsed) [2026-04-20 19:05:46] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (400s elapsed) [2026-04-20 19:05:51] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (405s elapsed) [2026-04-20 19:05:56] [PROGRESS] Refresh: 42/43 complete | 1 still refreshing (410s elapsed) [2026-04-20 19:06:02] [SUCCESS] All 43 applications refreshed ============================================================================= [2026-04-20 19:06:02] [STEP] Waiting for all ArgoCD applications to sync and become healthy ============================================================================= [2026-04-20 19:06:02] [INFO] Timeout: 2700 seconds (45 minutes) [2026-04-20 19:06:02] [PROGRESS] Applications: 37/44 ready | 7 pending (0m 0s elapsed) [2026-04-20 19:06:02] [INFO] Pending: integration-in-cluster-local,internal-services-in-cluster-local,konflux-kite-in-cluster-local,kubearchive-in-cluster-local,kyverno-in-cluster-local,pipeline-service-in-cluster-local,trust-manager-in-cluster-local [2026-04-20 19:06:02] [WAITING] Waiting 10 seconds before next sync check... [2026-04-20 19:06:12] [PROGRESS] Applications: 37/44 ready | 7 pending (0m 10s elapsed) [2026-04-20 19:06:12] [INFO] Pending: integration-in-cluster-local,internal-services-in-cluster-local,konflux-kite-in-cluster-local,kubearchive-in-cluster-local,kyverno-in-cluster-local,pipeline-service-in-cluster-local,trust-manager-in-cluster-local [2026-04-20 19:06:12] [WAITING] Waiting 10 seconds before next sync check... [2026-04-20 19:06:22] [PROGRESS] Applications: 37/44 ready | 7 pending (0m 20s elapsed) [2026-04-20 19:06:22] [INFO] Pending: integration-in-cluster-local,internal-services-in-cluster-local,konflux-kite-in-cluster-local,kubearchive-in-cluster-local,kyverno-in-cluster-local,pipeline-service-in-cluster-local,trust-manager-in-cluster-local [2026-04-20 19:06:22] [WAITING] Waiting 10 seconds before next sync check... [2026-04-20 19:06:32] [PROGRESS] Applications: 37/44 ready | 7 pending (0m 30s elapsed) [2026-04-20 19:06:32] [INFO] Pending: integration-in-cluster-local,internal-services-in-cluster-local,konflux-kite-in-cluster-local,kubearchive-in-cluster-local,kyverno-in-cluster-local,pipeline-service-in-cluster-local,trust-manager-in-cluster-local [2026-04-20 19:06:32] [WAITING] Waiting 10 seconds before next sync check... [2026-04-20 19:06:43] [PROGRESS] Applications: 37/44 ready | 7 pending (0m 40s elapsed) [2026-04-20 19:06:43] [INFO] Pending: integration-in-cluster-local,internal-services-in-cluster-local,konflux-kite-in-cluster-local,kubearchive-in-cluster-local,kyverno-in-cluster-local,pipeline-service-in-cluster-local,trust-manager-in-cluster-local [2026-04-20 19:06:43] [WAITING] Waiting 10 seconds before next sync check... [2026-04-20 19:06:53] [PROGRESS] Applications: 37/44 ready | 7 pending (0m 51s elapsed) [2026-04-20 19:06:53] [INFO] Pending: integration-in-cluster-local,internal-services-in-cluster-local,konflux-kite-in-cluster-local,kubearchive-in-cluster-local,kyverno-in-cluster-local,pipeline-service-in-cluster-local,trust-manager-in-cluster-local [2026-04-20 19:06:53] [WAITING] Waiting 10 seconds before next sync check... [2026-04-20 19:07:03] [PROGRESS] Applications: 37/44 ready | 7 pending (1m 1s elapsed) [2026-04-20 19:07:03] [INFO] Pending: integration-in-cluster-local,internal-services-in-cluster-local,konflux-kite-in-cluster-local,kubearchive-in-cluster-local,kyverno-in-cluster-local,pipeline-service-in-cluster-local,trust-manager-in-cluster-local [2026-04-20 19:07:03] [WAITING] Waiting 10 seconds before next sync check... [2026-04-20 19:07:13] [PROGRESS] Applications: 37/44 ready | 7 pending (1m 11s elapsed) [2026-04-20 19:07:13] [INFO] Pending: integration-in-cluster-local,internal-services-in-cluster-local,konflux-kite-in-cluster-local,kubearchive-in-cluster-local,kyverno-in-cluster-local,pipeline-service-in-cluster-local,trust-manager-in-cluster-local [2026-04-20 19:07:13] [WAITING] Waiting 10 seconds before next sync check... [2026-04-20 19:07:23] [PROGRESS] Applications: 37/44 ready | 7 pending (1m 21s elapsed) [2026-04-20 19:07:23] [INFO] Pending: integration-in-cluster-local,internal-services-in-cluster-local,konflux-kite-in-cluster-local,kubearchive-in-cluster-local,kyverno-in-cluster-local,pipeline-service-in-cluster-local,trust-manager-in-cluster-local [2026-04-20 19:07:23] [WAITING] Waiting 10 seconds before next sync check... [2026-04-20 19:07:34] [PROGRESS] Applications: 37/44 ready | 7 pending (1m 31s elapsed) [2026-04-20 19:07:34] [INFO] Pending: integration-in-cluster-local,internal-services-in-cluster-local,konflux-kite-in-cluster-local,kubearchive-in-cluster-local,kyverno-in-cluster-local,pipeline-service-in-cluster-local,trust-manager-in-cluster-local [2026-04-20 19:07:34] [WAITING] Waiting 10 seconds before next sync check... [2026-04-20 19:07:44] [PROGRESS] Applications: 37/44 ready | 7 pending (1m 42s elapsed) [2026-04-20 19:07:44] [INFO] Pending: integration-in-cluster-local,internal-services-in-cluster-local,konflux-kite-in-cluster-local,kubearchive-in-cluster-local,kyverno-in-cluster-local,pipeline-service-in-cluster-local,trust-manager-in-cluster-local [2026-04-20 19:07:44] [WAITING] Waiting 10 seconds before next sync check... [2026-04-20 19:07:54] [PROGRESS] Applications: 38/44 ready | 6 pending (1m 52s elapsed) [2026-04-20 19:07:54] [INFO] Pending: internal-services-in-cluster-local,konflux-kite-in-cluster-local,kubearchive-in-cluster-local,kyverno-in-cluster-local,pipeline-service-in-cluster-local,trust-manager-in-cluster-local [2026-04-20 19:07:54] [WAITING] Waiting 10 seconds before next sync check... [2026-04-20 19:08:04] [PROGRESS] Applications: 38/44 ready | 6 pending (2m 2s elapsed) [2026-04-20 19:08:04] [INFO] Pending: internal-services-in-cluster-local,konflux-kite-in-cluster-local,kubearchive-in-cluster-local,kyverno-in-cluster-local,pipeline-service-in-cluster-local,trust-manager-in-cluster-local [2026-04-20 19:08:04] [SUBSTEP] Detailed status of pending applications: [2026-04-20 19:08:04] [INFO] ├─ App: internal-services-in-cluster-local [2026-04-20 19:08:04] [INFO] │ ├─ Sync Status: OutOfSync [2026-04-20 19:08:04] [INFO] │ ├─ Health Status: Missing [2026-04-20 19:08:04] [INFO] │ ├─ Out-of-sync resources: 2 [2026-04-20 19:08:04] [WARN] │ ├─ Degraded/Missing resources: [2026-04-20 19:08:04] [WARN] │ │ └─ CustomResourceDefinition/internalrequests.appstudio.redhat.com: Missing [2026-04-20 19:08:04] [WARN] │ │ └─ CustomResourceDefinition/internalservicesconfigs.appstudio.redhat.com: Missing [2026-04-20 19:08:04] [INFO] │ └─ Message: No message [2026-04-20 19:08:05] [INFO] ├─ App: konflux-kite-in-cluster-local [2026-04-20 19:08:05] [INFO] │ ├─ Sync Status: OutOfSync [2026-04-20 19:08:05] [INFO] │ ├─ Health Status: Healthy [2026-04-20 19:08:05] [INFO] │ ├─ Out-of-sync resources: 1 [2026-04-20 19:08:05] [INFO] │ └─ Message: No message [2026-04-20 19:08:05] [INFO] ├─ App: kubearchive-in-cluster-local [2026-04-20 19:08:05] [INFO] │ ├─ Sync Status: OutOfSync [2026-04-20 19:08:05] [INFO] │ ├─ Health Status: Missing [2026-04-20 19:08:05] [INFO] │ ├─ Out-of-sync resources: 5 [2026-04-20 19:08:05] [WARN] │ ├─ Degraded/Missing resources: [2026-04-20 19:08:05] [WARN] │ │ └─ CustomResourceDefinition/clusterkubearchiveconfigs.kubearchive.org: Missing [2026-04-20 19:08:05] [WARN] │ │ └─ CustomResourceDefinition/clustervacuumconfigs.kubearchive.org: Missing [2026-04-20 19:08:05] [WARN] │ │ └─ CustomResourceDefinition/kubearchiveconfigs.kubearchive.org: Missing [2026-04-20 19:08:05] [INFO] │ └─ Message: No message [2026-04-20 19:08:05] [INFO] ├─ App: kyverno-in-cluster-local [2026-04-20 19:08:05] [INFO] │ ├─ Sync Status: OutOfSync [2026-04-20 19:08:05] [INFO] │ ├─ Health Status: Missing [2026-04-20 19:08:05] [INFO] │ ├─ Out-of-sync resources: 17 [2026-04-20 19:08:05] [WARN] │ ├─ Degraded/Missing resources: [2026-04-20 19:08:05] [WARN] │ │ └─ CustomResourceDefinition/cleanuppolicies.kyverno.io: Missing [2026-04-20 19:08:05] [WARN] │ │ └─ CustomResourceDefinition/clustercleanuppolicies.kyverno.io: Missing [2026-04-20 19:08:05] [WARN] │ │ └─ CustomResourceDefinition/clusterephemeralreports.reports.kyverno.io: Missing [2026-04-20 19:08:05] [INFO] │ └─ Message: No message [2026-04-20 19:08:05] [INFO] ├─ App: pipeline-service-in-cluster-local [2026-04-20 19:08:05] [INFO] │ ├─ Sync Status: OutOfSync [2026-04-20 19:08:05] [INFO] │ ├─ Health Status: Missing [2026-04-20 19:08:05] [INFO] │ ├─ Out-of-sync resources: 7 [2026-04-20 19:08:05] [WARN] │ ├─ Degraded/Missing resources: [2026-04-20 19:08:05] [WARN] │ │ └─ Service/tekton-results-watcher: Missing [2026-04-20 19:08:05] [WARN] │ │ └─ CustomResourceDefinition/miniojobs.job.min.io: Missing [2026-04-20 19:08:05] [WARN] │ │ └─ CustomResourceDefinition/policybindings.sts.min.io: Missing [2026-04-20 19:08:06] [INFO] │ └─ Message: No message [2026-04-20 19:08:06] [INFO] ├─ App: trust-manager-in-cluster-local [2026-04-20 19:08:06] [INFO] │ ├─ Sync Status: OutOfSync [2026-04-20 19:08:06] [INFO] │ ├─ Health Status: Missing [2026-04-20 19:08:06] [INFO] │ ├─ Out-of-sync resources: 1 [2026-04-20 19:08:06] [WARN] │ ├─ Degraded/Missing resources: [2026-04-20 19:08:06] [WARN] │ │ └─ CustomResourceDefinition/bundles.trust.cert-manager.io: Missing [2026-04-20 19:08:06] [INFO] │ └─ Message: No message [2026-04-20 19:08:06] [WAITING] Waiting 10 seconds before next sync check... [2026-04-20 19:08:16] [PROGRESS] Applications: 38/44 ready | 6 pending (2m 14s elapsed) [2026-04-20 19:08:16] [INFO] Pending: internal-services-in-cluster-local,konflux-kite-in-cluster-local,kubearchive-in-cluster-local,kyverno-in-cluster-local,pipeline-service-in-cluster-local,trust-manager-in-cluster-local [2026-04-20 19:08:16] [WAITING] Waiting 10 seconds before next sync check... [2026-04-20 19:08:26] [PROGRESS] Applications: 38/44 ready | 6 pending (2m 24s elapsed) [2026-04-20 19:08:26] [INFO] Pending: internal-services-in-cluster-local,konflux-kite-in-cluster-local,kubearchive-in-cluster-local,kyverno-in-cluster-local,pipeline-service-in-cluster-local,trust-manager-in-cluster-local [2026-04-20 19:08:26] [WAITING] Waiting 10 seconds before next sync check... [2026-04-20 19:08:36] [PROGRESS] Applications: 38/44 ready | 6 pending (2m 34s elapsed) [2026-04-20 19:08:36] [INFO] Pending: internal-services-in-cluster-local,konflux-kite-in-cluster-local,kubearchive-in-cluster-local,kyverno-in-cluster-local,pipeline-service-in-cluster-local,trust-manager-in-cluster-local [2026-04-20 19:08:36] [WAITING] Waiting 10 seconds before next sync check... [2026-04-20 19:08:47] [PROGRESS] Applications: 39/44 ready | 5 pending (2m 44s elapsed) [2026-04-20 19:08:47] [INFO] Pending: konflux-kite-in-cluster-local,kubearchive-in-cluster-local,kyverno-in-cluster-local,pipeline-service-in-cluster-local,trust-manager-in-cluster-local [2026-04-20 19:08:47] [WAITING] Waiting 10 seconds before next sync check... [2026-04-20 19:08:57] [PROGRESS] Applications: 39/44 ready | 5 pending (2m 55s elapsed) [2026-04-20 19:08:57] [INFO] Pending: konflux-kite-in-cluster-local,kubearchive-in-cluster-local,kyverno-in-cluster-local,pipeline-service-in-cluster-local,trust-manager-in-cluster-local [2026-04-20 19:08:57] [WAITING] Waiting 10 seconds before next sync check... [2026-04-20 19:09:07] [PROGRESS] Applications: 39/44 ready | 5 pending (3m 5s elapsed) [2026-04-20 19:09:07] [INFO] Pending: konflux-kite-in-cluster-local,kubearchive-in-cluster-local,kyverno-in-cluster-local,pipeline-service-in-cluster-local,trust-manager-in-cluster-local [2026-04-20 19:09:07] [WAITING] Waiting 10 seconds before next sync check... [2026-04-20 19:09:17] [PROGRESS] Applications: 40/44 ready | 4 pending (3m 15s elapsed) [2026-04-20 19:09:17] [INFO] Pending: konflux-kite-in-cluster-local,kubearchive-in-cluster-local,kyverno-in-cluster-local,pipeline-service-in-cluster-local [2026-04-20 19:09:17] [WAITING] Waiting 10 seconds before next sync check... [2026-04-20 19:09:27] [PROGRESS] Applications: 41/44 ready | 3 pending (3m 25s elapsed) [2026-04-20 19:09:27] [INFO] Pending: konflux-kite-in-cluster-local,kubearchive-in-cluster-local,pipeline-service-in-cluster-local [2026-04-20 19:09:27] [WAITING] Waiting 10 seconds before next sync check... [2026-04-20 19:09:38] [PROGRESS] Applications: 41/44 ready | 3 pending (3m 35s elapsed) [2026-04-20 19:09:38] [INFO] Pending: konflux-kite-in-cluster-local,kubearchive-in-cluster-local,pipeline-service-in-cluster-local [2026-04-20 19:09:38] [WAITING] Waiting 10 seconds before next sync check... [2026-04-20 19:09:48] [PROGRESS] Applications: 41/44 ready | 3 pending (3m 46s elapsed) [2026-04-20 19:09:48] [INFO] Pending: konflux-kite-in-cluster-local,kubearchive-in-cluster-local,pipeline-service-in-cluster-local [2026-04-20 19:09:48] [WAITING] Waiting 10 seconds before next sync check... [2026-04-20 19:09:58] [PROGRESS] Applications: 41/44 ready | 3 pending (3m 56s elapsed) [2026-04-20 19:09:58] [INFO] Pending: konflux-kite-in-cluster-local,kubearchive-in-cluster-local,pipeline-service-in-cluster-local [2026-04-20 19:09:58] [WAITING] Waiting 10 seconds before next sync check... [2026-04-20 19:10:08] [PROGRESS] Applications: 42/44 ready | 2 pending (4m 6s elapsed) [2026-04-20 19:10:08] [INFO] Pending: konflux-kite-in-cluster-local,pipeline-service-in-cluster-local [2026-04-20 19:10:08] [SUBSTEP] Detailed status of pending applications: [2026-04-20 19:10:08] [INFO] ├─ App: konflux-kite-in-cluster-local [2026-04-20 19:10:08] [INFO] │ ├─ Sync Status: OutOfSync [2026-04-20 19:10:08] [INFO] │ ├─ Health Status: Healthy [2026-04-20 19:10:08] [INFO] │ ├─ Out-of-sync resources: 1 [2026-04-20 19:10:08] [INFO] │ └─ Message: No message [2026-04-20 19:10:09] [INFO] ├─ App: pipeline-service-in-cluster-local [2026-04-20 19:10:09] [INFO] │ ├─ Sync Status: OutOfSync [2026-04-20 19:10:09] [INFO] │ ├─ Health Status: Missing [2026-04-20 19:10:09] [INFO] │ ├─ Out-of-sync resources: 2 [2026-04-20 19:10:09] [WARN] │ ├─ Degraded/Missing resources: [2026-04-20 19:10:09] [WARN] │ │ └─ Service/tekton-results-watcher: Missing [2026-04-20 19:10:09] [WARN] │ │ └─ Deployment/tekton-results-watcher: Missing [2026-04-20 19:10:09] [INFO] │ └─ Message: No message [2026-04-20 19:10:09] [WAITING] Waiting 10 seconds before next sync check... [2026-04-20 19:10:19] [PROGRESS] Applications: 42/44 ready | 2 pending (4m 17s elapsed) [2026-04-20 19:10:19] [INFO] Pending: konflux-kite-in-cluster-local,pipeline-service-in-cluster-local [2026-04-20 19:10:19] [WAITING] Waiting 10 seconds before next sync check... [2026-04-20 19:10:29] [PROGRESS] Applications: 42/44 ready | 2 pending (4m 27s elapsed) [2026-04-20 19:10:29] [INFO] Pending: konflux-kite-in-cluster-local,pipeline-service-in-cluster-local [2026-04-20 19:10:29] [WAITING] Waiting 10 seconds before next sync check... [2026-04-20 19:10:39] [PROGRESS] Applications: 42/44 ready | 2 pending (4m 37s elapsed) [2026-04-20 19:10:39] [INFO] Pending: konflux-kite-in-cluster-local,pipeline-service-in-cluster-local [2026-04-20 19:10:39] [WAITING] Waiting 10 seconds before next sync check... [2026-04-20 19:10:49] [PROGRESS] Applications: 42/44 ready | 2 pending (4m 47s elapsed) [2026-04-20 19:10:49] [INFO] Pending: konflux-kite-in-cluster-local,pipeline-service-in-cluster-local [2026-04-20 19:10:49] [WAITING] Waiting 10 seconds before next sync check... [2026-04-20 19:11:00] [PROGRESS] Applications: 42/44 ready | 2 pending (4m 57s elapsed) [2026-04-20 19:11:00] [INFO] Pending: konflux-kite-in-cluster-local,pipeline-service-in-cluster-local [2026-04-20 19:11:00] [WAITING] Waiting 10 seconds before next sync check... [2026-04-20 19:11:10] [PROGRESS] Applications: 44/44 ready | 0 pending (5m 8s elapsed) [2026-04-20 19:11:10] [SUCCESS] All 44 ArgoCD applications are Synced and Healthy in 5m 8s ============================================================================= [2026-04-20 19:11:10] [STEP] Waiting for Tekton components to be ready ============================================================================= [2026-04-20 19:11:10] [INFO] Reference: https://tekton.dev/docs/operator/tektonconfig/#tekton-config [2026-04-20 19:11:10] [INFO] Timeout: 900 seconds (15 minutes) [2026-04-20 19:11:10] [PROGRESS] Tekton readiness check iteration 1: status=True (0m 0s elapsed) [2026-04-20 19:11:10] [SUCCESS] All Tekton components are installed and ready in 0m 0s ============================================================================= [2026-04-20 19:11:10] [STEP] Waiting for Tekton CRDs to be available ============================================================================= [2026-04-20 19:11:10] [PROGRESS] Tekton CRD check attempt 1/5 [2026-04-20 19:11:10] [SUCCESS] All required Tekton CRDs are available: pipelines tasks pipelineruns taskruns ============================================================================= [2026-04-20 19:11:10] [STEP] Configuring Pipelines as Code integration ============================================================================= [2026-04-20 19:11:10] [INFO] ============================================================================= [2026-04-20 19:11:10] [INFO] Pipelines as Code (PAC) Integration Setup [2026-04-20 19:11:10] [INFO] ============================================================================= [2026-04-20 19:11:10] [INFO] PAC Namespace: openshift-pipelines [2026-04-20 19:11:10] [INFO] PAC Secret Name: pipelines-as-code-secret [2026-04-20 19:11:10] [INFO] Integration Namespace: integration-service [2026-04-20 19:11:10] [INFO] Authentication method: GitHub App [2026-04-20 19:11:10] [INFO] - GitHub App ID: 310332 [2026-04-20 19:11:10] [INFO] Using existing QE sprayproxy configuration (webhook secret provided) [2026-04-20 19:11:10] [SUCCESS] GitHub App credentials configured [2026-04-20 19:11:10] [INFO] GitHub token provided via MY_GITHUB_TOKEN (fallback) [2026-04-20 19:11:10] [DEBUG] No GitLab token provided (PAC_GITLAB_TOKEN not set) [2026-04-20 19:11:10] [INFO] Creating required namespaces [2026-04-20 19:11:10] [SUBSTEP] Ensuring namespace 'openshift-pipelines' exists [2026-04-20 19:11:10] [DEBUG] Namespace 'openshift-pipelines' already exists [2026-04-20 19:11:10] [SUBSTEP] Ensuring namespace 'build-service' exists [2026-04-20 19:11:10] [DEBUG] Namespace 'build-service' already exists [2026-04-20 19:11:10] [SUBSTEP] Ensuring namespace 'integration-service' exists [2026-04-20 19:11:11] [DEBUG] Namespace 'integration-service' already exists [2026-04-20 19:11:11] [INFO] Configuring PAC secrets across namespaces [2026-04-20 19:11:11] [SUBSTEP] Creating PAC secret in namespace 'openshift-pipelines' secret/pipelines-as-code-secret created [2026-04-20 19:11:17] [SUCCESS] PAC secret configured in 'openshift-pipelines' [2026-04-20 19:11:17] [SUBSTEP] Creating PAC secret in namespace 'build-service' secret/pipelines-as-code-secret created [2026-04-20 19:11:17] [SUCCESS] PAC secret configured in 'build-service' [2026-04-20 19:11:17] [SUBSTEP] Creating PAC secret in namespace 'integration-service' secret/pipelines-as-code-secret created [2026-04-20 19:11:18] [SUCCESS] PAC secret configured in 'integration-service' [2026-04-20 19:11:18] [SUBSTEP] Creating PAC secret in namespace 'mintmaker' secret/pipelines-as-code-secret created [2026-04-20 19:11:19] [SUCCESS] PAC secret configured in 'mintmaker' [2026-04-20 19:11:19] [INFO] ============================================================================= [2026-04-20 19:11:19] [SUCCESS] PAC Integration Setup Complete [2026-04-20 19:11:19] [INFO] ============================================================================= [2026-04-20 19:11:19] [INFO] Configured namespaces: [2026-04-20 19:11:19] [INFO] - openshift-pipelines (PAC controller) [2026-04-20 19:11:19] [INFO] - build-service (Build Service) [2026-04-20 19:11:19] [INFO] - integration-service (Integration Service) [2026-04-20 19:11:19] [INFO] - mintmaker (Mintmaker) [PAC_SETUP_JSON] {"status":"success","namespaces":["openshift-pipelines","build-service","integration-service","mintmaker"],"github_app_configured":true,"github_token_configured":true,"gitlab_token_configured":false} [2026-04-20 19:11:19] [SUCCESS] Pipelines as Code configured ============================================================================= [2026-04-20 19:11:19] [STEP] Preview Environment Setup Complete ============================================================================= [2026-04-20 19:11:19] [SUCCESS] Konflux preview environment is ready! [2026-04-20 19:11:19] [INFO] - Fork: https://github.com/redhat-appstudio-qe/infra-deployments.git [2026-04-20 19:11:19] [INFO] - Branch: preview-main-wlna [2026-04-20 19:11:19] [INFO] - GitHub Org: redhat-appstudio-qe [2026-04-20 19:11:19] [INFO] - OpenShift Version: 4.18.9 [2026-04-20 19:11:19] [INFO] - End time: 2026-04-20 19:11:19 UTC ============================================================================= [2026-04-20 19:11:19] [STEP] Execution Summary ============================================================================= [2026-04-20 19:11:19] [SUCCESS] Status: SUCCESS [2026-04-20 19:11:19] [INFO] Total Execution Time: 13m 7s (787 seconds) [2026-04-20 19:11:19] [INFO] Applications Deployed: 44 [EXECUTION_SUMMARY_JSON] {"status":"success","total_time_seconds":787,"apps_deployed":44,"ocp_version":"4.18.9","preview_branch":"preview-main-wlna","git_repo":"https://github.com/redhat-appstudio-qe/infra-deployments.git"} Switched to branch 'main' Your branch is up to date with 'upstream/main'. ============================================================================= [2026-04-20 19:11:19] [STEP] Cluster Bootstrap Complete ============================================================================= [2026-04-20 19:11:19] [SUCCESS] Konflux cluster bootstrap finished successfully [2026-04-20 19:11:19] [INFO] - Mode: preview [2026-04-20 19:11:19] [INFO] - Total time: 14m 55s [2026-04-20 19:11:19] [INFO] - End time: 2026-04-20 19:11:19 UTC [BOOTSTRAP_SUMMARY_JSON] {"status":"success","mode":"preview","obo_enabled":false,"eaas_enabled":false,"total_time_seconds":895} [controller-runtime] log.SetLogger(...) was never called; logs will not be displayed. Detected at: > goroutine 97 [running]: > runtime/debug.Stack() > /usr/lib/golang/src/runtime/debug/stack.go:26 +0x5e > sigs.k8s.io/controller-runtime/pkg/log.eventuallyFulfillRoot() > /opt/app-root/src/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.20.2/pkg/log/log.go:60 +0xcd > sigs.k8s.io/controller-runtime/pkg/log.(*delegatingLogSink).WithName(0xc000992b80, {0x3760823, 0x14}) > /opt/app-root/src/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.20.2/pkg/log/deleg.go:147 +0x3e > github.com/go-logr/logr.Logger.WithName({{0x3fdb9c0, 0xc000992b80}, 0x0}, {0x3760823?, 0x0?}) > /opt/app-root/src/go/pkg/mod/github.com/go-logr/logr@v1.4.3/logr.go:345 +0x36 > sigs.k8s.io/controller-runtime/pkg/client.newClient(0x1?, {0x0, 0xc00082c700, {0x0, 0x0}, 0x0, 0x0}) > /opt/app-root/src/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.20.2/pkg/client/client.go:118 +0xdb > sigs.k8s.io/controller-runtime/pkg/client.New(0xc0009ba248?, {0x0, 0xc00082c700, {0x0, 0x0}, 0x0, 0x0}) > /opt/app-root/src/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.20.2/pkg/client/client.go:98 +0x4d > github.com/konflux-ci/e2e-tests/pkg/clients/kubernetes.NewAdminKubernetesClient() > /tmp/tmp.VA2UVYReoU/pkg/clients/kubernetes/client.go:159 +0x8f > github.com/konflux-ci/e2e-tests/pkg/clients/sprayproxy.GetPaCHost() > /tmp/tmp.VA2UVYReoU/pkg/clients/sprayproxy/sprayproxy.go:93 +0x1c > github.com/konflux-ci/e2e-tests/magefiles/rulesengine/repos.registerPacServer() > /tmp/tmp.VA2UVYReoU/magefiles/rulesengine/repos/common.go:426 +0x78 > github.com/konflux-ci/e2e-tests/magefiles/rulesengine/repos.init.func8(0xc000958a08?) > /tmp/tmp.VA2UVYReoU/magefiles/rulesengine/repos/common.go:378 +0x25 > github.com/konflux-ci/e2e-tests/magefiles/rulesengine.ActionFunc.Execute(0xc?, 0x373803b?) > /tmp/tmp.VA2UVYReoU/magefiles/rulesengine/types.go:279 +0x19 > github.com/konflux-ci/e2e-tests/magefiles/rulesengine.(*Rule).Apply(...) > /tmp/tmp.VA2UVYReoU/magefiles/rulesengine/types.go:315 > github.com/konflux-ci/e2e-tests/magefiles/rulesengine.(*Rule).Check(0x6138820, 0xc000958a08) > /tmp/tmp.VA2UVYReoU/magefiles/rulesengine/types.go:348 +0xb3 > github.com/konflux-ci/e2e-tests/magefiles/rulesengine.All.Check({0x6130760?, 0xc001c35bd8?, 0x2414119?}, 0xc000958a08) > /tmp/tmp.VA2UVYReoU/magefiles/rulesengine/types.go:245 +0x4f > github.com/konflux-ci/e2e-tests/magefiles/rulesengine.(*Rule).Eval(...) > /tmp/tmp.VA2UVYReoU/magefiles/rulesengine/types.go:308 > github.com/konflux-ci/e2e-tests/magefiles/rulesengine.(*Rule).Check(0x61388e0, 0xc000958a08) > /tmp/tmp.VA2UVYReoU/magefiles/rulesengine/types.go:340 +0x2b > github.com/konflux-ci/e2e-tests/magefiles/rulesengine.All.Check({0x613a560?, 0xc001179c90?, 0x42ee65?}, 0xc000958a08) > /tmp/tmp.VA2UVYReoU/magefiles/rulesengine/types.go:245 +0x4f > github.com/konflux-ci/e2e-tests/magefiles/rulesengine.(*Rule).Eval(...) > /tmp/tmp.VA2UVYReoU/magefiles/rulesengine/types.go:308 > github.com/konflux-ci/e2e-tests/magefiles/rulesengine.(*RuleEngine).runLoadedCatalog(0x61710b0, {0xc000cc0008?, 0xc001179e60?, 0x47?}, 0xc000958a08) > /tmp/tmp.VA2UVYReoU/magefiles/rulesengine/types.go:129 +0x11f > github.com/konflux-ci/e2e-tests/magefiles/rulesengine.(*RuleEngine).RunRulesOfCategory(0x61710b0, {0x3732002, 0x2}, 0xc000958a08) > /tmp/tmp.VA2UVYReoU/magefiles/rulesengine/types.go:121 +0x1b4 > main.CI.TestE2E({}) > /tmp/tmp.VA2UVYReoU/magefiles/magefile.go:330 +0x18a > main.main.func20({0x0?, 0x0?}) > /tmp/tmp.VA2UVYReoU/magefiles/mage_output_file.go:877 +0xf > main.main.func12.1() > /tmp/tmp.VA2UVYReoU/magefiles/mage_output_file.go:305 +0x5b > created by main.main.func12 in goroutine 1 > /tmp/tmp.VA2UVYReoU/magefiles/mage_output_file.go:300 +0xbe I0420 19:11:19.495821 19686 common.go:434] Registered PaC server: https://pipelines-as-code-controller-openshift-pipelines.apps.rosa.kx-d1a7985ec1.n9s3.p3.openshiftapps.com I0420 19:11:19.560792 19686 common.go:459] The PaC servers registered in Sprayproxy: https://pipelines-as-code-controller-openshift-pipelines.apps.konflux-4-18-us-west-2-jc9qh.konflux-qe.devcluster.openshift.com, https://pipelines-as-code-controller-openshift-pipelines.apps.rosa.kx-d1a7985ec1.n9s3.p3.openshiftapps.com, https://pipelines-as-code-controller-openshift-pipelines.apps.rosa.kx-f4180e48a9.sfjo.p3.openshiftapps.com, https://pipelines-as-code-controller-openshift-pipelines.apps.konflux-4-18-us-west-2-dq62d.konflux-qe.devcluster.openshift.com I0420 19:11:19.560807 19686 common.go:475] going to create new Tekton bundle remote-build for the purpose of testing multi-platform-controller PR I0420 19:11:19.914650 19686 common.go:516] Found current task ref quay.io/konflux-ci/tekton-catalog/task-buildah:0.9@sha256:62f09c50d552eac57e17638c67e88b0982352a71975858c8ba262bcff293de06 I0420 19:11:19.916863 19686 util.go:512] found credentials for image ref quay.io/redhat-appstudio-qe/test-images:pipeline-bundle-1776712279-kuht -> user: redhat-appstudio-qe+redhat_appstudio_quality Creating Tekton Bundle: - Added Pipeline: buildah-remote-pipeline to image I0420 19:11:21.347248 19686 bundle.go:57] image digest for a new tekton bundle quay.io/redhat-appstudio-qe/test-images:pipeline-bundle-1776712279-kuht: quay.io/redhat-appstudio-qe/test-images@sha256:4bc42ea83cfff47ba1ed8c678b5b0c9c0413742d2b247945ec501a3555a65c3c I0420 19:11:21.347281 19686 common.go:542] SETTING ENV VAR CUSTOM_BUILDAH_REMOTE_PIPELINE_BUILD_BUNDLE_ARM64 to value quay.io/redhat-appstudio-qe/test-images:pipeline-bundle-1776712279-kuht I0420 19:11:21.566360 19686 common.go:516] Found current task ref quay.io/konflux-ci/tekton-catalog/task-buildah:0.9@sha256:62f09c50d552eac57e17638c67e88b0982352a71975858c8ba262bcff293de06 I0420 19:11:21.568467 19686 util.go:512] found credentials for image ref quay.io/redhat-appstudio-qe/test-images:pipeline-bundle-1776712281-tbwj -> user: redhat-appstudio-qe+redhat_appstudio_quality Creating Tekton Bundle: - Added Pipeline: buildah-remote-pipeline to image I0420 19:11:22.753301 19686 bundle.go:57] image digest for a new tekton bundle quay.io/redhat-appstudio-qe/test-images:pipeline-bundle-1776712281-tbwj: quay.io/redhat-appstudio-qe/test-images@sha256:1f5314c1ce088712aaf1d0d1baaf3b4192476738afa970db90b41f4ba06e8702 I0420 19:11:22.753338 19686 common.go:542] SETTING ENV VAR CUSTOM_BUILDAH_REMOTE_PIPELINE_BUILD_BUNDLE_S390X to value quay.io/redhat-appstudio-qe/test-images:pipeline-bundle-1776712281-tbwj I0420 19:11:22.994652 19686 common.go:516] Found current task ref quay.io/konflux-ci/tekton-catalog/task-buildah:0.9@sha256:62f09c50d552eac57e17638c67e88b0982352a71975858c8ba262bcff293de06 I0420 19:11:22.996562 19686 util.go:512] found credentials for image ref quay.io/redhat-appstudio-qe/test-images:pipeline-bundle-1776712282-feef -> user: redhat-appstudio-qe+redhat_appstudio_quality Creating Tekton Bundle: - Added Pipeline: buildah-remote-pipeline to image I0420 19:11:24.206601 19686 bundle.go:57] image digest for a new tekton bundle quay.io/redhat-appstudio-qe/test-images:pipeline-bundle-1776712282-feef: quay.io/redhat-appstudio-qe/test-images@sha256:ccb106fd5c7f3f68423671149dbd6548fec63c3fd61cd3c39dfc5539f93fa52d I0420 19:11:24.206630 19686 common.go:542] SETTING ENV VAR CUSTOM_BUILDAH_REMOTE_PIPELINE_BUILD_BUNDLE_PPC64LE to value quay.io/redhat-appstudio-qe/test-images:pipeline-bundle-1776712282-feef exec: ginkgo "--seed=1776711374" "--timeout=1h30m0s" "--grace-period=30s" "--output-interceptor-mode=none" "--label-filter=!upgrade-create && !upgrade-verify && !upgrade-cleanup && !release-pipelines && !disaster-recovery" "--no-color" "--json-report=e2e-report.json" "--junit-report=e2e-report.xml" "--procs=20" "--nodes=20" "--p" "--output-dir=/workspace/artifact-dir" "./cmd" "--" go: downloading github.com/konflux-ci/build-service v0.0.0-20240611083846-2dee6cfe6fe4 go: downloading github.com/minio/minio-go/v7 v7.0.99 go: downloading github.com/aws/aws-sdk-go-v2 v1.41.3 go: downloading github.com/IBM/vpc-go-sdk v0.48.0 go: downloading github.com/IBM/go-sdk-core/v5 v5.15.3 go: downloading github.com/aws/aws-sdk-go-v2/config v1.31.3 go: downloading github.com/aws/aws-sdk-go-v2/service/ec2 v1.143.0 go: downloading github.com/go-playground/validator/v10 v10.17.0 go: downloading github.com/go-openapi/strfmt v0.23.0 go: downloading github.com/google/go-github/v45 v45.2.0 go: downloading go.mongodb.org/mongo-driver v1.17.4 go: downloading github.com/go-openapi/errors v0.22.2 go: downloading github.com/mitchellh/mapstructure v1.5.1-0.20231216201459-8508981c8b6c go: downloading github.com/oklog/ulid v1.3.1 go: downloading github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 go: downloading github.com/klauspost/crc32 v1.3.0 go: downloading github.com/go-ini/ini v1.67.0 go: downloading github.com/minio/crc64nvme v1.1.1 go: downloading github.com/minio/md5-simd v1.1.2 go: downloading github.com/rs/xid v1.6.0 go: downloading github.com/tinylib/msgp v1.6.1 go: downloading github.com/dustin/go-humanize v1.0.1 go: downloading github.com/gabriel-vasile/mimetype v1.4.3 go: downloading github.com/go-playground/universal-translator v0.18.1 go: downloading github.com/leodido/go-urn v1.3.0 go: downloading github.com/aws/smithy-go v1.24.2 go: downloading github.com/aws/aws-sdk-go-v2/credentials v1.18.7 go: downloading github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.4 go: downloading github.com/aws/aws-sdk-go-v2/service/sso v1.28.2 go: downloading github.com/aws/aws-sdk-go-v2/service/ssooidc v1.34.0 go: downloading github.com/aws/aws-sdk-go-v2/internal/ini v1.8.3 go: downloading github.com/aws/aws-sdk-go-v2/service/sts v1.38.0 go: downloading github.com/go-playground/locales v0.14.1 go: downloading github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.19 go: downloading github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.6 go: downloading github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.19 go: downloading github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.19 go: downloading github.com/philhofer/fwd v1.2.0 Running Suite: Red Hat App Studio E2E tests - /tmp/tmp.VA2UVYReoU/cmd ===================================================================== Random Seed: 1776711374 Will run 367 of 477 specs Running in parallel across 20 processes ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for rh-advisories pipeline] Rh-advisories happy path Post-release verification verifies if release CR is created [release-pipelines, rh-advisories, rhAdvisories] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/rh_advisories.go:117 ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for rh-advisories pipeline] Rh-advisories happy path Post-release verification verifies the advs release pipelinerun is running and succeeds [release-pipelines, rh-advisories, rhAdvisories] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/rh_advisories.go:127 ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for rh-advisories pipeline] Rh-advisories happy path Post-release verification verifies release CR completed and set succeeded. [release-pipelines, rh-advisories, rhAdvisories] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/rh_advisories.go:157 ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for rh-advisories pipeline] Rh-advisories happy path Post-release verification verifies if the repository URL is valid [release-pipelines, rh-advisories, rhAdvisories] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/rh_advisories.go:168 ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for rhtap-service-push pipeline] Rhtap-service-push happy path Post-release verification verifies if the release CR is created [release-pipelines, rhtap-service-push, RhtapServicePush] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/rhtap_service_push.go:150 ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for rhtap-service-push pipeline] Rhtap-service-push happy path Post-release verification verifies the rhtap release pipelinerun is running and succeeds [release-pipelines, rhtap-service-push, RhtapServicePush] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/rhtap_service_push.go:160 ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for rhtap-service-push pipeline] Rhtap-service-push happy path Post-release verification verifies release CR completed and set succeeded. [release-pipelines, rhtap-service-push, RhtapServicePush] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/rhtap_service_push.go:190 ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for rhtap-service-push pipeline] Rhtap-service-push happy path Post-release verification verifies if the PR in infra-deployments repo is created/updated [release-pipelines, rhtap-service-push, RhtapServicePush] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/rhtap_service_push.go:200 ------------------------------ P [PENDING] [task-suite tkn bundle task] creates Tekton bundles with different params when context points to a file [build-templates] /tmp/tmp.VA2UVYReoU/tests/build/tkn-bundle.go:188 ------------------------------ P [PENDING] [task-suite tkn bundle task] creates Tekton bundles with different params creates Tekton bundles from specific context [build-templates] /tmp/tmp.VA2UVYReoU/tests/build/tkn-bundle.go:199 ------------------------------ P [PENDING] [task-suite tkn bundle task] creates Tekton bundles with different params when context is the root directory [build-templates] /tmp/tmp.VA2UVYReoU/tests/build/tkn-bundle.go:209 ------------------------------ P [PENDING] [task-suite tkn bundle task] creates Tekton bundles with different params creates Tekton bundles when context points to a file and a directory [build-templates] /tmp/tmp.VA2UVYReoU/tests/build/tkn-bundle.go:218 ------------------------------ P [PENDING] [task-suite tkn bundle task] creates Tekton bundles with different params creates Tekton bundles when using negation [build-templates] /tmp/tmp.VA2UVYReoU/tests/build/tkn-bundle.go:228 ------------------------------ P [PENDING] [task-suite tkn bundle task] creates Tekton bundles with different params allows overriding HOME environment variable [build-templates] /tmp/tmp.VA2UVYReoU/tests/build/tkn-bundle.go:238 ------------------------------ P [PENDING] [task-suite tkn bundle task] creates Tekton bundles with different params allows overriding STEP image [build-templates] /tmp/tmp.VA2UVYReoU/tests/build/tkn-bundle.go:247 ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for rh-push-to-redhat-io pipeline] Rh-push-to-redhat-io happy path Post-release verification verifies if the release CR is created [release-pipelines, rh-push-to-registry-redhat-io, PushToRedhatIO] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/rh_push_to_registry_redhat_io.go:108 ------------------------------ P [PENDING] [release-pipelines-suite [HACBS-1571]test-release-e2e-push-image-to-pyxis] Post-release verification tests that Release CR is created for the Snapshot [release-pipelines, rh-push-to-external-registry] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/rh_push_to_external_registry.go:215 ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for rh-push-to-redhat-io pipeline] Rh-push-to-redhat-io happy path Post-release verification verifies the rhio release pipelinerun is running and succeeds [release-pipelines, rh-push-to-registry-redhat-io, PushToRedhatIO] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/rh_push_to_registry_redhat_io.go:118 ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for rh-push-to-redhat-io pipeline] Rh-push-to-redhat-io happy path Post-release verification verifies release CR completed and set succeeded. [release-pipelines, rh-push-to-registry-redhat-io, PushToRedhatIO] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/rh_push_to_registry_redhat_io.go:148 ------------------------------ P [PENDING] [release-pipelines-suite [HACBS-1571]test-release-e2e-push-image-to-pyxis] Post-release verification verifies a release PipelineRun is started and succeeded in managed namespace [release-pipelines, rh-push-to-external-registry] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/rh_push_to_external_registry.go:226 ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for rh-push-to-redhat-io pipeline] Rh-push-to-redhat-io happy path Post-release verification verifies if the MR URL is valid [release-pipelines, rh-push-to-registry-redhat-io, PushToRedhatIO] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/rh_push_to_registry_redhat_io.go:159 ------------------------------ P [PENDING] [release-pipelines-suite [HACBS-1571]test-release-e2e-push-image-to-pyxis] Post-release verification validate the result of task create-pyxis-image contains image ids [release-pipelines, rh-push-to-external-registry] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/rh_push_to_external_registry.go:233 ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for multi arch with rh-advisories pipeline] Multi arch test happy path Post-release verification verifies the release CR is created [release-pipelines, rh-advisories, multiarch-advisories, multiArchAdvisories] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/multiarch_advisories.go:112 ------------------------------ P [PENDING] [release-pipelines-suite [HACBS-1571]test-release-e2e-push-image-to-pyxis] Post-release verification tests that Release CR has completed [release-pipelines, rh-push-to-external-registry] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/rh_push_to_external_registry.go:248 ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for multi arch with rh-advisories pipeline] Multi arch test happy path Post-release verification verifies the multiarch release pipelinerun is running and succeeds [release-pipelines, rh-advisories, multiarch-advisories, multiArchAdvisories] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/multiarch_advisories.go:122 ------------------------------ P [PENDING] [release-pipelines-suite [HACBS-1571]test-release-e2e-push-image-to-pyxis] Post-release verification validates that imageIds from task create-pyxis-image exist in Pyxis. [release-pipelines, rh-push-to-external-registry] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/rh_push_to_external_registry.go:265 ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for multi arch with rh-advisories pipeline] Multi arch test happy path Post-release verification verifies release CR completed and set succeeded. [release-pipelines, rh-advisories, multiarch-advisories, multiArchAdvisories] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/multiarch_advisories.go:152 ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for multi arch with rh-advisories pipeline] Multi arch test happy path Post-release verification verifies if the repository URL is valid [release-pipelines, rh-advisories, multiarch-advisories, multiArchAdvisories] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/multiarch_advisories.go:163 ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] aws host-pool allocation when the Component with multi-platform-build is created a PipelineRun is triggered [multi-platform, aws-host-pool] /tmp/tmp.VA2UVYReoU/tests/build/multi-platform.go:120 ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] aws host-pool allocation when the Component with multi-platform-build is created the build-container task from component pipelinerun is buildah-remote [multi-platform, aws-host-pool] /tmp/tmp.VA2UVYReoU/tests/build/multi-platform.go:124 ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] aws host-pool allocation when the Component with multi-platform-build is created The multi platform secret is populated [multi-platform, aws-host-pool] /tmp/tmp.VA2UVYReoU/tests/build/multi-platform.go:127 ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] aws host-pool allocation when the Component with multi-platform-build is created that PipelineRun completes successfully [multi-platform, aws-host-pool] /tmp/tmp.VA2UVYReoU/tests/build/multi-platform.go:148 ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] aws host-pool allocation when the Component with multi-platform-build is created test that cleanup happened successfully [multi-platform, aws-host-pool] /tmp/tmp.VA2UVYReoU/tests/build/multi-platform.go:152 ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] aws dynamic allocation when the Component with multi-platform-build is created a PipelineRun is triggered [multi-platform, aws-dynamic] /tmp/tmp.VA2UVYReoU/tests/build/multi-platform.go:251 ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for release-to-github pipeline] Release-to-github happy path Post-release verification verifies if release CR is created [release-pipelines, release-to-github, releaseToGithub] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/release_to_github.go:138 ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] aws dynamic allocation when the Component with multi-platform-build is created the build-container task from component pipelinerun is buildah-remote [multi-platform, aws-dynamic] /tmp/tmp.VA2UVYReoU/tests/build/multi-platform.go:255 ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for release-to-github pipeline] Release-to-github happy path Post-release verification verifies the release pipelinerun is running and succeeds [release-pipelines, release-to-github, releaseToGithub] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/release_to_github.go:148 ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] aws dynamic allocation when the Component with multi-platform-build is created The multi platform secret is populated [multi-platform, aws-dynamic] /tmp/tmp.VA2UVYReoU/tests/build/multi-platform.go:259 ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for release-to-github pipeline] Release-to-github happy path Post-release verification verifies release CR completed and set succeeded. [release-pipelines, release-to-github, releaseToGithub] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/release_to_github.go:181 ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] aws dynamic allocation when the Component with multi-platform-build is created that PipelineRun completes successfully [multi-platform, aws-dynamic] /tmp/tmp.VA2UVYReoU/tests/build/multi-platform.go:263 ------------------------------ P [PENDING] [release-pipelines-suite e2e tests for release-to-github pipeline] Release-to-github happy path Post-release verification verifies if the Release exists in github repo [release-pipelines, release-to-github, releaseToGithub] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/release_to_github.go:192 ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] aws dynamic allocation when the Component with multi-platform-build is created check cleanup happened successfully [multi-platform, aws-dynamic] /tmp/tmp.VA2UVYReoU/tests/build/multi-platform.go:267 ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] ibm system z dynamic allocation when the Component with multi-platform-build is created a PipelineRun is triggered [multi-platform, ibmz-dynamic] /tmp/tmp.VA2UVYReoU/tests/build/multi-platform.go:341 ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] ibm system z dynamic allocation when the Component with multi-platform-build is created the build-container task from component pipelinerun is buildah-remote [multi-platform, ibmz-dynamic] /tmp/tmp.VA2UVYReoU/tests/build/multi-platform.go:345 ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] ibm system z dynamic allocation when the Component with multi-platform-build is created The multi platform secret is populated [multi-platform, ibmz-dynamic] /tmp/tmp.VA2UVYReoU/tests/build/multi-platform.go:349 ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] ibm system z dynamic allocation when the Component with multi-platform-build is created that PipelineRun completes successfully [multi-platform, ibmz-dynamic] /tmp/tmp.VA2UVYReoU/tests/build/multi-platform.go:353 ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] ibm system z dynamic allocation when the Component with multi-platform-build is created check cleanup happened successfully [multi-platform, ibmz-dynamic] /tmp/tmp.VA2UVYReoU/tests/build/multi-platform.go:357 ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] ibm power pc dynamic allocation when the Component with multi-platform-build is created a PipelineRun is triggered [multi-platform, ibmp-dynamic] /tmp/tmp.VA2UVYReoU/tests/build/multi-platform.go:432 ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] ibm power pc dynamic allocation when the Component with multi-platform-build is created the build-container task from component pipelinerun is buildah-remote [multi-platform, ibmp-dynamic] /tmp/tmp.VA2UVYReoU/tests/build/multi-platform.go:436 ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] ibm power pc dynamic allocation when the Component with multi-platform-build is created The multi platform secret is populated [multi-platform, ibmp-dynamic] /tmp/tmp.VA2UVYReoU/tests/build/multi-platform.go:440 ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] ibm power pc dynamic allocation when the Component with multi-platform-build is created that PipelineRun completes successfully [multi-platform, ibmp-dynamic] /tmp/tmp.VA2UVYReoU/tests/build/multi-platform.go:444 ------------------------------ P [PENDING] [multi-platform-build-service-suite Multi Platform Controller E2E tests] ibm power pc dynamic allocation when the Component with multi-platform-build is created check cleanup happened successfully [multi-platform, ibmp-dynamic] /tmp/tmp.VA2UVYReoU/tests/build/multi-platform.go:448 ------------------------------ SSS ------------------------------ P [PENDING] [release-pipelines-suite Push to external registry] Post-release verification verifies that a Release CR should have been created in the dev namespace [release-pipelines, push-to-external-registry] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/push_to_external_registry.go:157 ------------------------------ P [PENDING] [release-pipelines-suite Push to external registry] Post-release verification verifies that Release PipelineRun should eventually succeed [release-pipelines, push-to-external-registry] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/push_to_external_registry.go:164 ------------------------------ P [PENDING] [release-pipelines-suite Push to external registry] Post-release verification tests if the image was pushed to quay [release-pipelines, push-to-external-registry] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/push_to_external_registry.go:168 ------------------------------ P [PENDING] [release-pipelines-suite Push to external registry] Post-release verification verifies that a Release is marked as succeeded. [release-pipelines, push-to-external-registry] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/push_to_external_registry.go:175 ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC happy path Post-release verification creates component from git source https://github.com/redhat-appstudio-qe/fbc-sample-repo-test [release-pipelines, fbc-release, fbcHappyPath] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/fbc_release.go:123 ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC happy path Post-release verification Creates a push snapshot for a release [release-pipelines, fbc-release, fbcHappyPath] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/fbc_release.go:128 ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC happy path Post-release verification verifies the fbc release pipelinerun is running and succeeds [release-pipelines, fbc-release, fbcHappyPath] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/fbc_release.go:132 ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC happy path Post-release verification verifies release CR completed and set succeeded. [release-pipelines, fbc-release, fbcHappyPath] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/fbc_release.go:136 ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC Staged Index Post-release verification creates component from git source https://github.com/redhat-appstudio-qe/fbc-sample-repo-test [release-pipelines, fbc-release, fbcStagedIndex] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/fbc_release.go:178 ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC Staged Index Post-release verification Creates a push snapshot for a release [release-pipelines, fbc-release, fbcStagedIndex] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/fbc_release.go:183 ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC Staged Index Post-release verification verifies the fbc release pipelinerun is running and succeeds [release-pipelines, fbc-release, fbcStagedIndex] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/fbc_release.go:187 ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC Staged Index Post-release verification verifies release CR completed and set succeeded. [release-pipelines, fbc-release, fbcStagedIndex] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/fbc_release.go:191 ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC hotfix process FBC hotfix post-release verification creates component from git source https://github.com/redhat-appstudio-qe/fbc-sample-repo-test [release-pipelines, fbc-release, fbcHotfix] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/fbc_release.go:233 ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC hotfix process FBC hotfix post-release verification Creates a push snapshot for a release [release-pipelines, fbc-release, fbcHotfix] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/fbc_release.go:238 ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC hotfix process FBC hotfix post-release verification verifies the fbc release pipelinerun is running and succeeds [release-pipelines, fbc-release, fbcHotfix] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/fbc_release.go:242 ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC hotfix process FBC hotfix post-release verification verifies release CR completed and set succeeded. [release-pipelines, fbc-release, fbcHotfix] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/fbc_release.go:246 ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC pre-GA process FBC pre-GA post-release verification creates component from git source https://github.com/redhat-appstudio-qe/fbc-sample-repo-test [release-pipelines, fbc-release, fbcPreGA] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/fbc_release.go:286 ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC pre-GA process FBC pre-GA post-release verification Creates a push snapshot for a release [release-pipelines, fbc-release, fbcPreGA] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/fbc_release.go:291 ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC pre-GA process FBC pre-GA post-release verification verifies the fbc release pipelinerun is running and succeeds [release-pipelines, fbc-release, fbcPreGA] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/fbc_release.go:295 ------------------------------ P [PENDING] [release-pipelines-suite FBC e2e-tests] with FBC pre-GA process FBC pre-GA post-release verification verifies release CR completed and set succeeded. [release-pipelines, fbc-release, fbcPreGA] /tmp/tmp.VA2UVYReoU/tests/release/pipelines/fbc_release.go:299 ------------------------------ • [FAILED] [23.519 seconds] [integration-service-suite Gitlab Status Reporting of Integration tests] Gitlab with status reporting of Integration tests in the assosiated merge request [BeforeAll] when a new Component with specified custom branch is created triggers a Build PipelineRun [integration-service, gitlab-status-reporting, custom-branch] [BeforeAll] /tmp/tmp.VA2UVYReoU/tests/integration-service/gitlab-integration-reporting.go:45 [It] /tmp/tmp.VA2UVYReoU/tests/integration-service/gitlab-integration-reporting.go:130 Timeline >> [FAILED] in [BeforeAll] - /tmp/tmp.VA2UVYReoU/tests/integration-service/gitlab-integration-reporting.go:68 @ 04/20/26 19:14:23.365 [FAILED] in [AfterAll] - /tmp/tmp.VA2UVYReoU/tests/integration-service/gitlab-integration-reporting.go:97 @ 04/20/26 19:14:23.622 << Timeline [FAILED] Unexpected error: <*errors.StatusError | 0xc0027df720>: admission webhook "dintegrationtestscenario.kb.io" denied the request: could not find application 'integ-app-pluz' in namespace 'gitlab-rep-hayq' { ErrStatus: { TypeMeta: {Kind: "", APIVersion: ""}, ListMeta: { SelfLink: "", ResourceVersion: "", Continue: "", RemainingItemCount: nil, }, Status: "Failure", Message: "admission webhook \"dintegrationtestscenario.kb.io\" denied the request: could not find application 'integ-app-pluz' in namespace 'gitlab-rep-hayq'", Reason: "Forbidden", Details: nil, Code: 403, }, } occurred In [BeforeAll] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/gitlab-integration-reporting.go:68 @ 04/20/26 19:14:23.365 There were additional failures detected. To view them in detail run ginkgo -vv ------------------------------ SSSSSSSSSSSSSSSSSSSSS•••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••• ------------------------------ • [FAILED] [43.493 seconds] [enterprise-contract-suite Conforma E2E tests] test creating and signing an image and task verify-enterprise-contract task [It] succeeds when policy is met [ec, pipeline] /tmp/tmp.VA2UVYReoU/tests/enterprise-contract/contract.go:177 Timeline >> Copy public key from openshift-pipelines/signing-secrets to a new secret Configured Rekor host: https://rekor.sigstore.dev Using verify EC task bundle: quay.io/conforma/tekton-task:kf-cdfd9188f9352d7269ae1fe8c273a9e67f60ab8a@sha256:3801e78906a70b6dcf850a063cd90b8f5a785b3b54e39ba04630268b08703048 Creating Pipeline "verify-enterprise-contract-run-w2tln" Waiting for pipeline "verify-enterprise-contract-run-w2tln" to finish *** TaskRun status: artifacts: {} completionTime: "2026-04-20T19:19:10Z" conditions: - lastTransitionTime: "2026-04-20T19:19:10Z" message: '"step-show-config" exited with code 2: Error' reason: Failed status: "False" type: Succeeded podName: verify-enterprise-contract-ff10333682fc0172b279ea64b944c06b-pod provenance: featureFlags: awaitSidecarReadiness: true coschedule: workspaces enableAPIFields: alpha enableParamEnum: true enableProvenanceInStatus: true enforceNonfalsifiability: none maxResultSize: 4096 resultExtractionMethod: termination-message runningInEnvWithInjectedSidecars: true verificationNoMatchPolicy: ignore refSource: digest: sha256: 3801e78906a70b6dcf850a063cd90b8f5a785b3b54e39ba04630268b08703048 entryPoint: verify-enterprise-contract uri: quay.io/conforma/tekton-task spanContext: traceparent: 00-56648284d71d959fe24e226a1e3df9d0-752ed45df5394c41-01 startTime: "2026-04-20T19:18:28Z" steps: - container: step-initialize-tuf imageID: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: initialize-tuf provenance: {} terminated: containerID: cri-o://5e836c6659f2734a6de486d0524a2baae1dd769c81b45bec3a3604296910b916 exitCode: 0 finishedAt: "2026-04-20T19:19:03Z" reason: Completed startedAt: "2026-04-20T19:19:03Z" terminationReason: Skipped - container: step-reduce imageID: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: reduce provenance: {} terminated: containerID: cri-o://e5a273d834203f5de88f0a538f64271d153e734703a0085c39522d85ec893e3c exitCode: 0 finishedAt: "2026-04-20T19:19:03Z" reason: Completed startedAt: "2026-04-20T19:19:03Z" terminationReason: Completed - container: step-validate imageID: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: validate provenance: {} terminated: containerID: cri-o://62df43b7d40d2b2c10315af6914e7f45aea8e5318a9a934477862f2db0ff6489 exitCode: 1 finishedAt: "2026-04-20T19:19:08Z" reason: Completed startedAt: "2026-04-20T19:19:04Z" terminationReason: Continued - container: step-report-json imageID: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: report-json provenance: {} terminated: containerID: cri-o://84ad9c669f4d0254ca7d2b32e5d7c8821b93a1badb270909d67e0a698d7b7426 exitCode: 0 finishedAt: "2026-04-20T19:19:09Z" reason: Completed startedAt: "2026-04-20T19:19:09Z" terminationReason: Completed - container: step-summary imageID: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: summary provenance: {} terminated: containerID: cri-o://23c7226f71db1143c020675687a9cf61cf6dac886b5b32f1a02acf8a2cc0b248 exitCode: 2 finishedAt: "2026-04-20T19:19:09Z" reason: Completed startedAt: "2026-04-20T19:19:09Z" terminationReason: Continued - container: step-info imageID: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: info provenance: {} terminated: containerID: cri-o://514efe0ba3fd7ffb9ea2faab9503300a94599c68b663014884e8fc437d0e3445 exitCode: 0 finishedAt: "2026-04-20T19:19:09Z" reason: Completed startedAt: "2026-04-20T19:19:09Z" terminationReason: Completed - container: step-version imageID: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: version provenance: {} terminated: containerID: cri-o://7e255a68435e5825c1973c85c8a3553c90b5fea9504f3dead8b64f99cf06ba39 exitCode: 0 finishedAt: "2026-04-20T19:19:09Z" reason: Completed startedAt: "2026-04-20T19:19:09Z" terminationReason: Completed - container: step-show-config imageID: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: show-config provenance: {} terminated: containerID: cri-o://7806cf66728eb18729c319c10f587dec0b83c8d42bc01a83cd4cb6a54dc35139 exitCode: 2 finishedAt: "2026-04-20T19:19:09Z" reason: Error startedAt: "2026-04-20T19:19:09Z" terminationReason: Error - container: step-assert imageID: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: assert provenance: {} terminated: containerID: cri-o://01726e11d3293569b926c510a2cc546b4cf59180151374b1911053523215770f exitCode: 1 finishedAt: "2026-04-20T19:19:09Z" reason: Error startedAt: "2026-04-20T19:19:09Z" terminationReason: Skipped taskSpec: description: Verify the enterprise contract is met params: - description: | Spec section of an ApplicationSnapshot resource. Not all fields of the resource are required. A minimal example: ```json { "components": [ { "containerImage": "quay.io/example/repo:latest" } ] } ``` Each `containerImage` in the `components` array is validated. name: IMAGES type: string - default: enterprise-contract-service/default description: | Name of the policy configuration (EnterpriseContractPolicy resource) to use. `namespace/name` or `name` syntax supported. If namespace is omitted the namespace where the task runs is used. You can also specify a policy configuration using a git url, e.g. `github.com/conforma/config//slsa3`. name: POLICY_CONFIGURATION type: string - default: "" description: Public key used to verify signatures. Must be a valid k8s cosign reference, e.g. k8s://my-space/my-secret where my-secret contains the expected cosign.pub attribute. name: PUBLIC_KEY type: string - default: "" description: Rekor host for transparency log lookups name: REKOR_HOST type: string - default: "false" description: Skip Rekor transparency log checks during validation. name: IGNORE_REKOR type: string - default: "" description: TUF mirror URL. Provide a value when NOT using public sigstore deployment. name: TUF_MIRROR type: string - default: "" description: | Path to a directory containing SSL certs to be used when communicating with external services. This is useful when using the integrated registry and a local instance of Rekor on a development cluster which may use certificates issued by a not-commonly trusted root CA. In such cases, `/var/run/secrets/kubernetes.io/serviceaccount` is a good value. Multiple paths can be provided by using the `:` separator. name: SSL_CERT_DIR type: string - default: trusted-ca description: The name of the ConfigMap to read CA bundle data from. name: CA_TRUST_CONFIGMAP_NAME type: string - default: ca-bundle.crt description: The name of the key in the ConfigMap that contains the CA bundle data. name: CA_TRUST_CONFIG_MAP_KEY type: string - default: "true" description: Include rule titles and descriptions in the output. Set to `"false"` to disable it. name: INFO type: string - default: "true" description: Fail the task if policy fails. Set to `"false"` to disable it. name: STRICT type: string - default: /tekton/home description: Value for the HOME environment variable. name: HOMEDIR type: string - default: now description: Run policy checks with the provided time. name: EFFECTIVE_TIME type: string - default: "" description: Merge additional Rego variables into the policy data. Use syntax "key=value,key2=value2..." name: EXTRA_RULE_DATA type: string - default: "" description: | This param is deprecated and will be removed in future. Its value is ignored. EC will be run without a timeout. (If you do want to apply a timeout use the Tekton task timeout.) name: TIMEOUT type: string - default: "1" description: Number of parallel workers to use for policy evaluation. name: WORKERS type: string - default: "false" description: Reduce the Snapshot to only the component whose build caused the Snapshot to be created name: SINGLE_COMPONENT type: string - default: unknown description: | Name, including kind, of the Kubernetes resource to query for labels when single component mode is enabled, e.g. pr/somepipeline. name: SINGLE_COMPONENT_CUSTOM_RESOURCE type: string - default: "" description: | Kubernetes namespace where the SINGLE_COMPONENT_NAME is found. Only used when single component mode is enabled. name: SINGLE_COMPONENT_CUSTOM_RESOURCE_NS type: string results: - description: Short summary of the policy evaluation for each image name: TEST_OUTPUT type: string stepTemplate: computeResources: {} env: - name: HOME value: /tekton/home steps: - args: - sigstore - initialize - --mirror - "" - --root - /root.json command: - ec computeResources: limits: memory: 256Mi requests: cpu: 100m memory: 256Mi image: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: initialize-tuf when: - operator: notin values: - "" - command: - reduce-snapshot.sh computeResources: limits: memory: 256Mi requests: cpu: 100m memory: 256Mi env: - name: SNAPSHOT value: '{"application":"","components":[{"name":"","containerImage":"quay.io/redhat-appstudio-qe/test-images:buildah-demo-hfropftayf@sha256:f7879ac0d584ab8a184e5d7f8bf7bdc39e48560c80bb0f2163e21be1c5f9227c","source":{}}],"artifacts":{}}' - name: SINGLE_COMPONENT value: "false" - name: CUSTOM_RESOURCE value: unknown - name: CUSTOM_RESOURCE_NAMESPACE - name: SNAPSHOT_PATH value: /tekton/home/snapshot.json image: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: reduce onError: continue - args: - validate - image - --images - /tekton/home/snapshot.json - --policy - ec-policy - --public-key - k8s://chains-e2e-mdkj/cosign-public-key - --rekor-url - "" - --ignore-rekor=true - --workers - "1" - --info=true - --timeout=100h - --strict=false - --show-successes - --effective-time=now - --extra-rule-data= - --output - text?show-successes=false - --output - appstudio=/tekton/results/TEST_OUTPUT - --output - json=/tekton/home/report-json.json command: - ec computeResources: limits: memory: 2Gi requests: cpu: 1800m memory: 2Gi env: - name: SSL_CERT_DIR value: /tekton-custom-certs:/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts:/var/run/secrets/kubernetes.io/serviceaccount - name: EC_CACHE value: "false" image: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: validate onError: continue volumeMounts: - mountPath: /etc/pki/tls/certs/ca-custom-bundle.crt name: trusted-ca readOnly: true subPath: ca-bundle.crt - args: - jq . /tekton/home/report-json.json | awk '{gsub(/^ +/, ""); acc += length; if (acc >= 8000) { printf "\n"; acc=length } printf $0 }' command: - sh - -c computeResources: limits: memory: 256Mi requests: cpu: 100m memory: 256Mi image: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: report-json onError: continue - args: - . - /tekton/results/TEST_OUTPUT command: - jq computeResources: limits: memory: 256Mi requests: cpu: 100m memory: 256Mi image: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: summary onError: continue - args: - | ----- DEBUG OUTPUT ----- command: - printf computeResources: limits: memory: 256Mi requests: cpu: 100m memory: 256Mi image: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: info - args: - version command: - ec computeResources: limits: memory: 256Mi requests: cpu: 100m memory: 256Mi image: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: version - args: - '{policy: .policy, key: .key, "effective-time": .["effective-time"]}' - /tekton/home/report-json.json command: - jq computeResources: limits: memory: 256Mi requests: cpu: 100m memory: 256Mi image: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: show-config - args: - --argjson - strict - "true" - -e - | .result == "SUCCESS" or .result == "WARNING" or ($strict | not) - /tekton/results/TEST_OUTPUT command: - jq computeResources: limits: memory: 256Mi requests: cpu: 100m memory: 256Mi image: quay.io/conforma/cli@sha256:9275ec5f062399135ecb3f54f520ee5f20e818a846c34250e0d417dce9221459 name: assert volumes: - configMap: items: - key: ca-bundle.crt path: ca-bundle.crt name: trusted-ca optional: true name: trusted-ca workspaces: - description: The workspace where the snapshot spec json file resides name: data optional: true *** Logs from pod 'verify-enterprise-contract-ff10333682fc0172b279ea64b944c06b-pod', container 'step-initialize-tuf': ----- START -----2026/04/20 19:19:03 INFO Step was skipped due to when expressions were evaluated to false. ----- END ----- *** Logs from pod 'verify-enterprise-contract-ff10333682fc0172b279ea64b944c06b-pod', container 'step-reduce': ----- START -----Single Component mode? false { "application": "", "components": [ { "name": "", "containerImage": "quay.io/redhat-appstudio-qe/test-images:buildah-demo-hfropftayf@sha256:f7879ac0d584ab8a184e5d7f8bf7bdc39e48560c80bb0f2163e21be1c5f9227c", "source": {} } ], "artifacts": {} } ----- END ----- *** Logs from pod 'verify-enterprise-contract-ff10333682fc0172b279ea64b944c06b-pod', container 'step-validate': ----- START -----Error: error validating image quay.io/redhat-appstudio-qe/test-images:buildah-demo-hfropftayf@sha256:f7879ac0d584ab8a184e5d7f8bf7bdc39e48560c80bb0f2163e21be1c5f9227c of component : load: loading policies: get compiler: 5 errors occurred: /tmp/ec-work-620744388/policy/ecc96998b/policy/lib/sbom/sbom.rego:88: rego_type_error: undefined function ec.oci.image_referrers /tmp/ec-work-620744388/policy/ecc96998b/policy/lib/sbom/sbom.rego:98: rego_type_error: undefined function ec.oci.image_tag_refs /tmp/ec-work-620744388/policy/ecc96998b/policy/release/slsa_build_scripted_build/slsa_build_scripted_build.rego:23: rego_type_error: undefined function ec.oci.image_manifests /tmp/ec-work-620744388/policy/ecc96998b/policy/release/tasks/tasks.rego:37: rego_type_error: undefined function ec.oci.image_manifests /tmp/ec-work-620744388/policy/ecc96998b/policy/release/trusted_task/trusted_task.rego:23: rego_type_error: undefined function ec.oci.image_manifests ----- END ----- *** Logs from pod 'verify-enterprise-contract-ff10333682fc0172b279ea64b944c06b-pod', container 'step-report-json': ----- START -----jq: error: Could not open file /tekton/home/report-json.json: No such file or directory ----- END ----- *** Logs from pod 'verify-enterprise-contract-ff10333682fc0172b279ea64b944c06b-pod', container 'step-summary': ----- START -----jq: error: Could not open file /tekton/results/TEST_OUTPUT: No such file or directory ----- END ----- *** Logs from pod 'verify-enterprise-contract-ff10333682fc0172b279ea64b944c06b-pod', container 'step-info': ----- START ---------- DEBUG OUTPUT ----- ----- END ----- *** Logs from pod 'verify-enterprise-contract-ff10333682fc0172b279ea64b944c06b-pod', container 'step-version': ----- START -----Version v0.7.111 Source ID cdfd9188f9352d7269ae1fe8c273a9e67f60ab8a Change date 2025-07-09 12:58:49 +0000 UTC (40 weeks ago) ECC v0.1.112 OPA v0.70.0 Conftest v0.55.0 Cosign v2.4.1 Sigstore v1.8.9 Rekor v1.3.6 Tekton Pipeline v0.63.0 Kubernetes Client v0.31.0 ----- END ----- *** Logs from pod 'verify-enterprise-contract-ff10333682fc0172b279ea64b944c06b-pod', container 'step-show-config': ----- START -----jq: error: Could not open file /tekton/home/report-json.json: No such file or directory ----- END ----- *** Logs from pod 'verify-enterprise-contract-ff10333682fc0172b279ea64b944c06b-pod', container 'step-assert': ----- START -----2026/04/20 19:19:09 Skipping step because a previous step failed ----- END ----- Make sure TaskRun verify-enterprise-contract of PipelineRun verify-enterprise-contract-run-w2tln succeeded [FAILED] in [It] - /tmp/tmp.VA2UVYReoU/tests/enterprise-contract/contract.go:190 @ 04/20/26 19:19:10.973 << Timeline [FAILED] Expected : false to be true In [It] at: /tmp/tmp.VA2UVYReoU/tests/enterprise-contract/contract.go:190 @ 04/20/26 19:19:10.973 ------------------------------ SSSSSSSS• ------------------------------ P [PENDING] [build-service-suite Build service E2E tests] test build secret lookup when two secrets are created when second component is deleted, pac pr branch should not exist in the repo [build-service, github, pac-build, secret-lookup] /tmp/tmp.VA2UVYReoU/tests/build/secret_lookup.go:206 ------------------------------ • [FAILED] [355.076 seconds] [konflux-demo-suite] Maven project - Default build when Component is created [It] triggers creation of a PR in the sample repo [konflux, upstream-konflux] /tmp/tmp.VA2UVYReoU/tests/konflux-demo/konflux-demo.go:259 Timeline >> "level"=0 "msg"="Konflux demo: waiting for PaC PRrepohacbs-test-project-konflux-demopacBranchNamekonflux-konflux-demo-component-cetn" "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "msg"="Konflux demo: could not get the expected PaC branch name konflux-konflux-demo-component-cetn (found 14 PRs)" "error"=null "level"=0 "msg"="Konflux demo: PaC PR createdprNumber29098prSHAa53086642bd14d49e0aef569838a1c1525e9a348" "level"=0 "msg"="Konflux demo: waiting for pull-request PipelineRun to appear (will delete it)componentkonflux-demo-component-cetnprSHAa53086642bd14d49e0aef569838a1c1525e9a348" PipelineRun not found yet for component konflux-mdyp/konflux-demo-component-cetn prSHA a53086642bd14d49e0aef569838a1c1525e9a348: no pipelinerun found for component konflux-demo-component-cetn PipelineRun not found yet for component konflux-mdyp/konflux-demo-component-cetn prSHA a53086642bd14d49e0aef569838a1c1525e9a348: no pipelinerun found for component konflux-demo-component-cetn PipelineRun not found yet for component konflux-mdyp/konflux-demo-component-cetn prSHA a53086642bd14d49e0aef569838a1c1525e9a348: no pipelinerun found for component konflux-demo-component-cetn PipelineRun not found yet for component konflux-mdyp/konflux-demo-component-cetn prSHA a53086642bd14d49e0aef569838a1c1525e9a348: no pipelinerun found for component konflux-demo-component-cetn PipelineRun not found yet for component konflux-mdyp/konflux-demo-component-cetn prSHA a53086642bd14d49e0aef569838a1c1525e9a348: no pipelinerun found for component konflux-demo-component-cetn PipelineRun not found yet for component konflux-mdyp/konflux-demo-component-cetn prSHA a53086642bd14d49e0aef569838a1c1525e9a348: no pipelinerun found for component konflux-demo-component-cetn PipelineRun not found yet for component konflux-mdyp/konflux-demo-component-cetn prSHA a53086642bd14d49e0aef569838a1c1525e9a348: no pipelinerun found for component konflux-demo-component-cetn PipelineRun not found yet for component konflux-mdyp/konflux-demo-component-cetn prSHA a53086642bd14d49e0aef569838a1c1525e9a348: no pipelinerun found for component konflux-demo-component-cetn PipelineRun not found yet for component konflux-mdyp/konflux-demo-component-cetn prSHA a53086642bd14d49e0aef569838a1c1525e9a348: no pipelinerun found for component konflux-demo-component-cetn PipelineRun not found yet for component konflux-mdyp/konflux-demo-component-cetn prSHA a53086642bd14d49e0aef569838a1c1525e9a348: no pipelinerun found for component konflux-demo-component-cetn PipelineRun not found yet for component konflux-mdyp/konflux-demo-component-cetn prSHA a53086642bd14d49e0aef569838a1c1525e9a348: no pipelinerun found for component konflux-demo-component-cetn PipelineRun not found yet for component konflux-mdyp/konflux-demo-component-cetn prSHA a53086642bd14d49e0aef569838a1c1525e9a348: no pipelinerun found for component konflux-demo-component-cetn PipelineRun not found yet for component konflux-mdyp/konflux-demo-component-cetn prSHA a53086642bd14d49e0aef569838a1c1525e9a348: no pipelinerun found for component konflux-demo-component-cetn PipelineRun not found yet for component konflux-mdyp/konflux-demo-component-cetn prSHA a53086642bd14d49e0aef569838a1c1525e9a348: no pipelinerun found for component konflux-demo-component-cetn PipelineRun not found yet for component konflux-mdyp/konflux-demo-component-cetn prSHA a53086642bd14d49e0aef569838a1c1525e9a348: no pipelinerun found for component konflux-demo-component-cetn [FAILED] in [It] - /tmp/tmp.VA2UVYReoU/tests/konflux-demo/konflux-demo.go:294 @ 04/20/26 19:21:03.747 << Timeline [FAILED] Timed out after 300.001s. timed out when waiting for `pull-request` event type PaC PipelineRun to be present in the user namespace "konflux-mdyp" for component "konflux-demo-component-cetn" with a label pointing to "konflux-demo-app" Expected success, but got an error: <*errors.errorString | 0xc001b98a60>: no pipelinerun found for component konflux-demo-component-cetn { s: "no pipelinerun found for component konflux-demo-component-cetn", } In [It] at: /tmp/tmp.VA2UVYReoU/tests/konflux-demo/konflux-demo.go:294 @ 04/20/26 19:21:03.747 ------------------------------ SSSSSSSSSSSSSSSS••••••••••••••••• ------------------------------ • [FAILED] [901.745 seconds] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] with status reporting of Integration tests in CheckRuns when we start creation of a new Component A [It] triggers a Build PipelineRun for componentA go-component [integration-service, group-snapshot-creation] /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:213 Timeline >> Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn Build PipelineRun has not been created yet for the componentA group-rtpt/go-component-ceunjn [FAILED] in [It] - /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:224 @ 04/20/26 19:29:29.347 << Timeline [FAILED] Timed out after 900.001s. timed out when waiting for the build PipelineRun to start for the componentA group-rtpt/go-component-ceunjn Expected success, but got an error: <*errors.errorString | 0xc00174c530>: no pipelinerun found for component go-component-ceunjn { s: "no pipelinerun found for component go-component-ceunjn", } In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:224 @ 04/20/26 19:29:29.347 ------------------------------ SSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS ------------------------------ • [FAILED] [953.438 seconds] [integration-service-suite Status Reporting of Integration tests] with status reporting of Integration tests in CheckRuns [BeforeAll] when a new Component with specified custom branch is created does not contain an annotation with a Snapshot Name [integration-service, github-status-reporting, custom-branch] [BeforeAll] /tmp/tmp.VA2UVYReoU/tests/integration-service/status-reporting-to-pullrequest.go:45 [It] /tmp/tmp.VA2UVYReoU/tests/integration-service/status-reporting-to-pullrequest.go:109 Timeline >> Image repository for component test-component-pac-tupjqc in namespace stat-rep-qmrx do not have right state ('' != 'ready') yet but it has status { { } { } []}. Image repository for component test-component-pac-tupjqc in namespace stat-rep-qmrx do not have right state ('' != 'ready') yet but it has status { { } { } []}. Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc Build PipelineRun has not been created yet for the component stat-rep-qmrx/test-component-pac-tupjqc [FAILED] in [BeforeAll] - /tmp/tmp.VA2UVYReoU/tests/integration-service/status-reporting-to-pullrequest.go:86 @ 04/20/26 19:29:53.03 << Timeline [FAILED] Timed out after 900.001s. timed out when waiting for the build PipelineRun to start for the component stat-rep-qmrx/test-component-pac-tupjqc Expected success, but got an error: <*errors.errorString | 0xc00170c910>: no pipelinerun found for component test-component-pac-tupjqc { s: "no pipelinerun found for component test-component-pac-tupjqc", } In [BeforeAll] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/status-reporting-to-pullrequest.go:86 @ 04/20/26 19:29:53.03 ------------------------------ SSSSSSSSSSSSSSSSSSSSSS ------------------------------ • [FAILED] [1005.628 seconds] [integration-service-suite Forgejo Status Reporting of Integration tests] Forgejo with status reporting of Integration tests in the associated merge request when a new Component with specified custom branch is created [It] should lead to build PipelineRun finishing successfully [integration-service, forgejo-status-reporting, custom-branch] /tmp/tmp.VA2UVYReoU/tests/integration-service/forgejo-integration-reporting.go:229 Timeline >> PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-zb4tg found for Component forgejo-rep-ccja/test-comp-pac-forgejo-utvouv PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-zb4tg reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-zb4tg reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun test-comp-pac-forgejo-utvouv-on-pull-request-48gpr reason: Running PipelineRun my-integration-test-cckl-v9cr8 reason: Running PipelineRun my-integration-test-cckl-v9cr8 reason: Running PipelineRun my-integration-test-cckl-v9cr8 reason: Running PipelineRun my-integration-test-cckl-v9cr8 reason: Failed attempt 1/3: PipelineRun "my-integration-test-cckl-v9cr8" failed: pod: test-comp-pac-forgejo-utvouv-on-pull-request-48gpr-init-pod | init container: prepare 2026/04/20 19:15:18 Entrypoint initialization pod: test-comp-pac-forgejo-utvouv-on-pull-request-48gpr-init-pod | container step-init: time="2026-04-20T19:15:20Z" level=info msg="Using in-cluster config" logger=KubeClient time="2026-04-20T19:15:20Z" level=info msg="[param] enable: false" time="2026-04-20T19:15:20Z" level=info msg="[param] default-http-proxy: squid.caching.svc.cluster.local:3128" time="2026-04-20T19:15:20Z" level=info msg="[param] default-no-proxy: brew.registry.redhat.io,docker.io,gcr.io,ghcr.io,images.paas.redhat.com,mirror.gcr.io,nvcr.io,quay.io,registry-proxy.engineering.redhat.com,registry.access.redhat.com,registry.ci.openshift.org,registry.fedoraproject.org,registry.redhat.io,registry.stage.redhat.io,vault.habana.ai" time="2026-04-20T19:15:20Z" level=info msg="[param] http-proxy-result-path: /tekton/results/http-proxy" time="2026-04-20T19:15:20Z" level=info msg="[param] no-proxy-result-path: /tekton/results/no-proxy" time="2026-04-20T19:15:20Z" level=info msg="Cache proxy is disabled in param or in backend" time="2026-04-20T19:15:20Z" level=info msg="[result] HTTP PROXY: " time="2026-04-20T19:15:20Z" level=info msg="[result] NO PROXY: " pod: test-comp-pac-forgejo-utvouv-on-pull-request-48gpr-tpa-scan-pod | init container: prepare 2026/04/20 19:22:04 Entrypoint initialization pod: test-comp-pac-forgejo-utvouv-on-pull-request-48gpr-tpa-scan-pod | init container: place-scripts 2026/04/20 19:22:05 Decoded script /tekton/scripts/script-0-b5sgb 2026/04/20 19:22:05 Decoded script /tekton/scripts/script-1-r4t5h 2026/04/20 19:22:05 Decoded script /tekton/scripts/script-2-25kkm pod: test-comp-pac-forgejo-utvouv-on-pull-request-48gpr-tpa-scan-pod | container step-get-vulnerabilities: Inspecting raw image manifest quay.io/redhat-appstudio-qe/forgejo-rep-ccja/test-comp-pac-forgejo-utvouv@sha256:1f9c2afcd1335d6e969ddc78b60565f7f5207d8b2e581461d596e85cda2840a1. Selecting auth Using token for quay.io/redhat-appstudio-qe/forgejo-rep-ccja/test-comp-pac-forgejo-utvouv Selecting auth Using token for quay.io/redhat-appstudio-qe/forgejo-rep-ccja/test-comp-pac-forgejo-utvouv WARNING: SBOM attachments are deprecated and support will be removed in a Cosign release soon after 2024-02-22 (see https://github.com/sigstore/cosign/issues/2755). Instead, please use SBOM attestations. WARNING: Downloading SBOMs this way does not ensure its authenticity. If you want to ensure a tamper-proof SBOM, download it using 'cosign download attestation '. Found SBOM of media type: text/spdx+json Running TPA scan on amd64 image manifest... % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0{ "scanned" : { "total" : 152, "direct" : 25, "transitive" : 127 }, "providers" : { "rhtpa" : { "status" : { "ok" : true, "name" : "rhtpa", "code" : 200, "message" : "OK", "warnings" : { "pkg:maven/io.github.stuartwdouglas.hacbstest.Main/hacbs-test" : [ "Unable to process: missing version component" ] } }, "sources" : { "osv-github" : { "summary" : { "direct" : 2, "transitive" : 0, "total" : 2, "dependencies" : 1, "critical" : 0, "high" : 2, "medium" : 0, "low" : 0, "remediations" : 0, "recommendations" : 0, "unscanned" : 0 }, "dependencies" : [ { "ref" : "pkg:pypi/setuptools@39.2.0", "issues" : [ { "id" : "CVE-2024-6345", "source" : "osv-github", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-6345" ], "unique" : false }, { "id" : "CVE-2022-40897", "source" : "osv-github", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-40897" ], "unique" : false } ], "transitive" : [ ], "highestVulnerability" : { "id" : "CVE-2024-6345", "source" : "osv-github", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-6345" ], "unique" : false } } ] }, "redhat-csaf" : { "summary" : { "direct" : 50, "transitive" : 338, "total" : 388, "dependencies" : 57, "critical" : 7, "high" : 134, "medium" : 228, "low" : 19, "remediations" : 0, "recommendations" : 0, "unscanned" : 0 }, "dependencies" : [ { "ref" : "pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64&distro=rhel-8.10&upstream=python3-3.6.8-75.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2023-40217", "source" : "redhat-csaf", "cvssScore" : 8.6, "severity" : "HIGH", "cves" : [ "CVE-2023-40217" ], "unique" : false }, { "id" : "CVE-2022-42919", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2022-42919" ], "unique" : false }, { "id" : "CVE-2023-6597", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-6597" ], "unique" : false }, { "id" : "CVE-2015-20107", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2015-20107" ], "unique" : false }, { "id" : "CVE-2024-12718", "title" : "Bypass extraction filter to modify file metadata outside extraction directory", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-12718" ], "unique" : false }, { "id" : "CVE-2025-4517", "title" : "Arbitrary writes via tarfile realpath overflow", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2025-4517" ], "unique" : false }, { "id" : "CVE-2020-10735", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2020-10735" ], "unique" : false }, { "id" : "CVE-2022-45061", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-45061" ], "unique" : false }, { "id" : "CVE-2023-24329", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-24329" ], "unique" : false }, { "id" : "CVE-2024-6232", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-6232" ], "unique" : false }, { "id" : "CVE-2025-12084", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-12084" ], "unique" : false }, { "id" : "CVE-2025-4138", "title" : "Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-4138" ], "unique" : false }, { "id" : "CVE-2025-4435", "title" : "Tarfile extracts filtered members when errorlevel=0", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-4435" ], "unique" : false }, { "id" : "CVE-2025-8194", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-8194" ], "unique" : false }, { "id" : "CVE-2021-28861", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2021-28861" ], "unique" : false }, { "id" : "CVE-2025-4330", "title" : "Extraction filter bypass for linking outside extraction directory", "source" : "redhat-csaf", "cvssScore" : 7.3, "severity" : "HIGH", "cves" : [ "CVE-2025-4330" ], "unique" : false }, { "id" : "CVE-2025-15366", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2025-15366" ], "unique" : false }, { "id" : "CVE-2025-15367", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2025-15367" ], "unique" : false }, { "id" : "CVE-2026-1299", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2026-1299" ], "unique" : false }, { "id" : "CVE-2026-4519", "title" : "webbrowser.open() allows leading dashes in URLs", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2026-4519" ], "unique" : false }, { "id" : "CVE-2024-6923", "source" : "redhat-csaf", "cvssScore" : 6.8, "severity" : "MEDIUM", "cves" : [ "CVE-2024-6923" ], "unique" : false }, { "id" : "CVE-2025-0938", "source" : "redhat-csaf", "cvssScore" : 6.8, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0938" ], "unique" : false }, { "id" : "CVE-2025-13836", "source" : "redhat-csaf", "cvssScore" : 6.8, "severity" : "MEDIUM", "cves" : [ "CVE-2025-13836" ], "unique" : false }, { "id" : "CVE-2024-9287", "source" : "redhat-csaf", "cvssScore" : 6.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-9287" ], "unique" : false }, { "id" : "CVE-2024-0450", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2024-0450" ], "unique" : false }, { "id" : "CVE-2007-4559", "title" : "Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2007-4559" ], "unique" : false }, { "id" : "CVE-2023-27043", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-27043" ], "unique" : false }, { "id" : "CVE-2024-8088", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-8088" ], "unique" : false }, { "id" : "CVE-2024-0397", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-0397" ], "unique" : false }, { "id" : "CVE-2024-7592", "source" : "redhat-csaf", "cvssScore" : 4.8, "severity" : "MEDIUM", "cves" : [ "CVE-2024-7592" ], "unique" : false }, { "id" : "CVE-2026-0865", "source" : "redhat-csaf", "cvssScore" : 4.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0865" ], "unique" : false }, { "id" : "CVE-2025-6069", "title" : "HTMLParser quadratic complexity when processing malformed inputs", "source" : "redhat-csaf", "cvssScore" : 4.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-6069" ], "unique" : false }, { "id" : "CVE-2025-8291", "source" : "redhat-csaf", "cvssScore" : 4.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8291" ], "unique" : false }, { "id" : "CVE-2025-6075", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2025-6075" ], "unique" : false }, { "id" : "CVE-2024-11168", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2024-11168" ], "unique" : false }, { "id" : "CVE-2024-4032", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2024-4032" ], "unique" : false }, { "id" : "CVE-2024-5642", "title" : "Buffer overread when using an empty list with SSLContext.set_npn_protocols()", "source" : "redhat-csaf", "cvssScore" : 2.7, "severity" : "LOW", "cves" : [ "CVE-2024-5642" ], "unique" : false } ], "transitive" : [ { "ref" : "pkg:rpm/redhat/openssl-libs@1.1.1k-15.el8_6?arch=x86_64&distro=rhel-8.10&epoch=1&upstream=openssl-1.1.1k-15.el8_6.src.rpm", "issues" : [ { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false }, { "id" : "CVE-2022-1473", "title" : "Resource leakage when decoding certificates and keys", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1473" ], "unique" : false }, { "id" : "CVE-2022-3358", "title" : "Using a Custom Cipher with NID_undef may lead to NULL encryption", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-3358" ], "unique" : false }, { "id" : "CVE-2022-3602", "title" : "X.509 Email Address 4-byte Buffer Overflow", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-3602" ], "unique" : false }, { "id" : "CVE-2022-3786", "title" : "X.509 Email Address Variable Length Buffer Overflow", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-3786" ], "unique" : false }, { "id" : "CVE-2022-4450", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-4450" ], "unique" : false }, { "id" : "CVE-2023-0215", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-0215" ], "unique" : false }, { "id" : "CVE-2023-0216", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-0216" ], "unique" : false }, { "id" : "CVE-2023-0217", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-0217" ], "unique" : false }, { "id" : "CVE-2023-0401", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-0401" ], "unique" : false }, { "id" : "CVE-2023-5363", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-5363" ], "unique" : false }, { "id" : "CVE-2023-0286", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2023-0286" ], "unique" : false }, { "id" : "CVE-2024-12797", "title" : "RFC7250 handshakes with unauthenticated servers don't abort as expected", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2024-12797" ], "unique" : false }, { "id" : "CVE-2025-69419", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2025-69419" ], "unique" : false }, { "id" : "CVE-2022-1292", "source" : "redhat-csaf", "cvssScore" : 6.7, "severity" : "MEDIUM", "cves" : [ "CVE-2022-1292" ], "unique" : false }, { "id" : "CVE-2022-2068", "source" : "redhat-csaf", "cvssScore" : 6.7, "severity" : "MEDIUM", "cves" : [ "CVE-2022-2068" ], "unique" : false }, { "id" : "CVE-2023-2650", "title" : "Possible DoS translating ASN.1 object identifiers", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-2650" ], "unique" : false }, { "id" : "CVE-2023-6129", "title" : "POLY1305 MAC implementation corrupts vector registers on PowerPC", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-6129" ], "unique" : false }, { "id" : "CVE-2025-69421", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69421" ], "unique" : false }, { "id" : "CVE-2025-11187", "title" : "Improper validation of PBMAC1 parameters in PKCS#12 MAC verification", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-11187" ], "unique" : false }, { "id" : "CVE-2020-1971", "title" : "EDIPARTYNAME NULL pointer dereference", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2020-1971" ], "unique" : false }, { "id" : "CVE-2022-4304", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2022-4304" ], "unique" : false }, { "id" : "CVE-2023-0464", "title" : "Excessive Resource Usage Verifying X.509 Policy Constraints", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-0464" ], "unique" : false }, { "id" : "CVE-2023-6237", "title" : "Excessive time spent checking invalid RSA public keys", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-6237" ], "unique" : false }, { "id" : "CVE-2024-5535", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-5535" ], "unique" : false }, { "id" : "CVE-2024-6119", "title" : "Possible denial of service in X.509 name checks", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-6119" ], "unique" : false }, { "id" : "CVE-2025-15468", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15468" ], "unique" : false }, { "id" : "CVE-2025-66199", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-66199" ], "unique" : false }, { "id" : "CVE-2025-69420", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69420" ], "unique" : false }, { "id" : "CVE-2026-22796", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-22796" ], "unique" : false }, { "id" : "CVE-2024-4741", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2024-4741" ], "unique" : false }, { "id" : "CVE-2025-9230", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-9230" ], "unique" : false }, { "id" : "CVE-2024-0727", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2024-0727" ], "unique" : false }, { "id" : "CVE-2025-15469", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15469" ], "unique" : false }, { "id" : "CVE-2026-22795", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-22795" ], "unique" : false }, { "id" : "CVE-2022-1343", "title" : "OCSP_basic_verify may incorrectly verify the response signing certificate", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2022-1343" ], "unique" : false }, { "id" : "CVE-2022-2097", "title" : "AES OCB fails to encrypt some bytes", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2022-2097" ], "unique" : false }, { "id" : "CVE-2023-0465", "title" : "Invalid certificate policies in leaf certificates are silently ignored", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-0465" ], "unique" : false }, { "id" : "CVE-2023-0466", "title" : "Certificate policy check not enabled", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-0466" ], "unique" : false }, { "id" : "CVE-2023-2975", "title" : "AES-SIV implementation ignores empty associated data entries", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-2975" ], "unique" : false }, { "id" : "CVE-2023-3446", "title" : "Excessive time spent checking DH keys and parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-3446" ], "unique" : false }, { "id" : "CVE-2023-3817", "title" : "Excessive time spent checking DH q parameter value", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-3817" ], "unique" : false }, { "id" : "CVE-2023-5678", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-5678" ], "unique" : false }, { "id" : "CVE-2024-4603", "title" : "Excessive time spent checking DSA keys and parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-4603" ], "unique" : false }, { "id" : "CVE-2023-1255", "title" : "Input buffer over-read in AES-XTS implementation on 64 bit ARM", "source" : "redhat-csaf", "cvssScore" : 5.1, "severity" : "MEDIUM", "cves" : [ "CVE-2023-1255" ], "unique" : false }, { "id" : "CVE-2022-4203", "source" : "redhat-csaf", "cvssScore" : 4.9, "severity" : "MEDIUM", "cves" : [ "CVE-2022-4203" ], "unique" : false }, { "id" : "CVE-2025-68160", "source" : "redhat-csaf", "cvssScore" : 4.7, "severity" : "MEDIUM", "cves" : [ "CVE-2025-68160" ], "unique" : false }, { "id" : "CVE-2025-69418", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69418" ], "unique" : false }, { "id" : "CVE-2024-2511", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2024-2511" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/krb5-libs@1.18.2-32.el8_10?arch=x86_64&distro=rhel-8.10&upstream=krb5-1.18.2-32.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2024-3596", "source" : "redhat-csaf", "cvssScore" : 9.0, "severity" : "CRITICAL", "cves" : [ "CVE-2024-3596" ], "unique" : false }, { "id" : "CVE-2022-42898", "title" : "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has \"a similar bug.\"", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2022-42898" ], "unique" : false }, { "id" : "CVE-2023-39975", "title" : "kdc/do_tgs_req.c in MIT Kerberos 5 (aka krb5) 1.21 before 1.21.2 has a double free that is reachable if an authenticated user can trigger an authorization-data handling failure. Incorrect data is copied from one ticket to another.", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2023-39975" ], "unique" : false }, { "id" : "CVE-2024-26462", "title" : "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/kdc/ndr.c.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-26462" ], "unique" : false }, { "id" : "CVE-2024-37370", "title" : "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-37370" ], "unique" : false }, { "id" : "CVE-2020-17049", "title" : "Kerberos KDC Security Feature Bypass Vulnerability", "source" : "redhat-csaf", "cvssScore" : 7.2, "severity" : "HIGH", "cves" : [ "CVE-2020-17049" ], "unique" : false }, { "id" : "CVE-2023-36054", "title" : "lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-36054" ], "unique" : false }, { "id" : "CVE-2024-37371", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2024-37371" ], "unique" : false }, { "id" : "CVE-2025-24528", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-24528" ], "unique" : false }, { "id" : "CVE-2024-26458", "title" : "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-26458" ], "unique" : false }, { "id" : "CVE-2024-26461", "title" : "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-26461" ], "unique" : false }, { "id" : "CVE-2025-3576", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-3576" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-3596", "source" : "redhat-csaf", "cvssScore" : 9.0, "severity" : "CRITICAL", "cves" : [ "CVE-2024-3596" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/python3-setuptools-wheel@39.2.0-9.el8_10?arch=noarch&distro=rhel-8.10&upstream=python-setuptools-39.2.0-9.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2024-6345", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-6345" ], "unique" : false }, { "id" : "CVE-2025-47273", "title" : "setuptools has a path traversal vulnerability in PackageIndex.download that leads to Arbitrary File Write", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2025-47273" ], "unique" : false }, { "id" : "CVE-2022-40897", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2022-40897" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-6345", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-6345" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-minimal-langpack@2.28-251.el8_10.31?arch=x86_64&distro=rhel-8.10&upstream=glibc-2.28-251.el8_10.31.src.rpm", "issues" : [ { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false }, { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2023-4911", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-4911" ], "unique" : false }, { "id" : "CVE-2024-33599", "title" : "nscd: Stack-based buffer overflow in netgroup cache", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-33599" ], "unique" : false }, { "id" : "CVE-2025-4802", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2025-4802" ], "unique" : false }, { "id" : "CVE-2023-4527", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4527" ], "unique" : false }, { "id" : "CVE-2023-4806", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4806" ], "unique" : false }, { "id" : "CVE-2023-4813", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4813" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2025-0395", "title" : "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0395" ], "unique" : false }, { "id" : "CVE-2024-33600", "title" : "nscd: Null pointer crashes after notfound response", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33600" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2024-33601", "title" : "nscd: netgroup cache may terminate daemon on memory allocation failure", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33601" ], "unique" : false }, { "id" : "CVE-2024-33602", "title" : "nscd: netgroup cache assumes NSS callback uses in-buffer strings", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc@2.28-251.el8_10.31?arch=x86_64&distro=rhel-8.10&upstream=glibc-2.28-251.el8_10.31.src.rpm", "issues" : [ { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false }, { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2023-4911", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-4911" ], "unique" : false }, { "id" : "CVE-2024-33599", "title" : "nscd: Stack-based buffer overflow in netgroup cache", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-33599" ], "unique" : false }, { "id" : "CVE-2025-4802", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2025-4802" ], "unique" : false }, { "id" : "CVE-2023-4527", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4527" ], "unique" : false }, { "id" : "CVE-2023-4806", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4806" ], "unique" : false }, { "id" : "CVE-2023-4813", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4813" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2025-0395", "title" : "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0395" ], "unique" : false }, { "id" : "CVE-2024-33600", "title" : "nscd: Null pointer crashes after notfound response", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33600" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2024-33601", "title" : "nscd: netgroup cache may terminate daemon on memory allocation failure", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33601" ], "unique" : false }, { "id" : "CVE-2024-33602", "title" : "nscd: netgroup cache assumes NSS callback uses in-buffer strings", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-common@2.28-251.el8_10.31?arch=x86_64&distro=rhel-8.10&upstream=glibc-2.28-251.el8_10.31.src.rpm", "issues" : [ { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false }, { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2023-4911", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-4911" ], "unique" : false }, { "id" : "CVE-2024-33599", "title" : "nscd: Stack-based buffer overflow in netgroup cache", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-33599" ], "unique" : false }, { "id" : "CVE-2025-4802", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2025-4802" ], "unique" : false }, { "id" : "CVE-2023-4527", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4527" ], "unique" : false }, { "id" : "CVE-2023-4806", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4806" ], "unique" : false }, { "id" : "CVE-2023-4813", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4813" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2025-0395", "title" : "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0395" ], "unique" : false }, { "id" : "CVE-2024-33600", "title" : "nscd: Null pointer crashes after notfound response", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33600" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2024-33601", "title" : "nscd: netgroup cache may terminate daemon on memory allocation failure", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33601" ], "unique" : false }, { "id" : "CVE-2024-33602", "title" : "nscd: netgroup cache assumes NSS callback uses in-buffer strings", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/xz-libs@5.2.4-4.el8_6?arch=x86_64&distro=rhel-8.10&upstream=xz-5.2.4-4.el8_6.src.rpm", "issues" : [ { "id" : "CVE-2022-1271", "title" : "An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2022-1271" ], "unique" : false }, { "id" : "CVE-2025-31115", "title" : "XZ has a heap-use-after-free bug in threaded .xz decoder", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-31115" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-1271", "title" : "An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2022-1271" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64&distro=rhel-8.10&upstream=python3-3.6.8-75.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2023-40217", "source" : "redhat-csaf", "cvssScore" : 8.6, "severity" : "HIGH", "cves" : [ "CVE-2023-40217" ], "unique" : false }, { "id" : "CVE-2022-42919", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2022-42919" ], "unique" : false }, { "id" : "CVE-2023-6597", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-6597" ], "unique" : false }, { "id" : "CVE-2015-20107", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2015-20107" ], "unique" : false }, { "id" : "CVE-2024-12718", "title" : "Bypass extraction filter to modify file metadata outside extraction directory", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-12718" ], "unique" : false }, { "id" : "CVE-2025-4517", "title" : "Arbitrary writes via tarfile realpath overflow", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2025-4517" ], "unique" : false }, { "id" : "CVE-2020-10735", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2020-10735" ], "unique" : false }, { "id" : "CVE-2022-45061", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-45061" ], "unique" : false }, { "id" : "CVE-2023-24329", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-24329" ], "unique" : false }, { "id" : "CVE-2024-6232", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-6232" ], "unique" : false }, { "id" : "CVE-2025-12084", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-12084" ], "unique" : false }, { "id" : "CVE-2025-4138", "title" : "Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-4138" ], "unique" : false }, { "id" : "CVE-2025-4435", "title" : "Tarfile extracts filtered members when errorlevel=0", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-4435" ], "unique" : false }, { "id" : "CVE-2025-8194", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-8194" ], "unique" : false }, { "id" : "CVE-2021-28861", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2021-28861" ], "unique" : false }, { "id" : "CVE-2025-4330", "title" : "Extraction filter bypass for linking outside extraction directory", "source" : "redhat-csaf", "cvssScore" : 7.3, "severity" : "HIGH", "cves" : [ "CVE-2025-4330" ], "unique" : false }, { "id" : "CVE-2025-15366", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2025-15366" ], "unique" : false }, { "id" : "CVE-2025-15367", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2025-15367" ], "unique" : false }, { "id" : "CVE-2026-1299", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2026-1299" ], "unique" : false }, { "id" : "CVE-2026-4519", "title" : "webbrowser.open() allows leading dashes in URLs", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2026-4519" ], "unique" : false }, { "id" : "CVE-2024-6923", "source" : "redhat-csaf", "cvssScore" : 6.8, "severity" : "MEDIUM", "cves" : [ "CVE-2024-6923" ], "unique" : false }, { "id" : "CVE-2025-0938", "source" : "redhat-csaf", "cvssScore" : 6.8, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0938" ], "unique" : false }, { "id" : "CVE-2025-13836", "source" : "redhat-csaf", "cvssScore" : 6.8, "severity" : "MEDIUM", "cves" : [ "CVE-2025-13836" ], "unique" : false }, { "id" : "CVE-2024-9287", "source" : "redhat-csaf", "cvssScore" : 6.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-9287" ], "unique" : false }, { "id" : "CVE-2024-0450", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2024-0450" ], "unique" : false }, { "id" : "CVE-2007-4559", "title" : "Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2007-4559" ], "unique" : false }, { "id" : "CVE-2023-27043", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-27043" ], "unique" : false }, { "id" : "CVE-2024-8088", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-8088" ], "unique" : false }, { "id" : "CVE-2024-0397", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-0397" ], "unique" : false }, { "id" : "CVE-2024-7592", "source" : "redhat-csaf", "cvssScore" : 4.8, "severity" : "MEDIUM", "cves" : [ "CVE-2024-7592" ], "unique" : false }, { "id" : "CVE-2026-0865", "source" : "redhat-csaf", "cvssScore" : 4.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0865" ], "unique" : false }, { "id" : "CVE-2025-6069", "title" : "HTMLParser quadratic complexity when processing malformed inputs", "source" : "redhat-csaf", "cvssScore" : 4.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-6069" ], "unique" : false }, { "id" : "CVE-2025-8291", "source" : "redhat-csaf", "cvssScore" : 4.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8291" ], "unique" : false }, { "id" : "CVE-2025-6075", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2025-6075" ], "unique" : false }, { "id" : "CVE-2024-11168", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2024-11168" ], "unique" : false }, { "id" : "CVE-2024-4032", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2024-4032" ], "unique" : false }, { "id" : "CVE-2024-5642", "title" : "Buffer overread when using an empty list with SSLContext.set_npn_protocols()", "source" : "redhat-csaf", "cvssScore" : 2.7, "severity" : "LOW", "cves" : [ "CVE-2024-5642" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-40217", "source" : "redhat-csaf", "cvssScore" : 8.6, "severity" : "HIGH", "cves" : [ "CVE-2023-40217" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/zlib@1.2.11-25.el8?arch=x86_64&distro=rhel-8.10&upstream=zlib-1.2.11-25.el8.src.rpm", "issues" : [ { "id" : "CVE-2018-25032", "title" : "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", "source" : "redhat-csaf", "cvssScore" : 8.2, "severity" : "HIGH", "cves" : [ "CVE-2018-25032" ], "unique" : false }, { "id" : "CVE-2022-37434", "title" : "zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2022-37434" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2018-25032", "title" : "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", "source" : "redhat-csaf", "cvssScore" : 8.2, "severity" : "HIGH", "cves" : [ "CVE-2018-25032" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libcap@2.48-6.el8_9?arch=x86_64&distro=rhel-8.10&upstream=libcap-2.48-6.el8_9.src.rpm", "issues" : [ { "id" : "CVE-2023-2603", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-2603" ], "unique" : false }, { "id" : "CVE-2023-2602", "title" : "A vulnerability was found in the pthread_create() function in libcap. This issue may allow a malicious actor to use cause __real_pthread_create() to return an error, which can exhaust the process memory.", "source" : "redhat-csaf", "cvssScore" : 3.3, "severity" : "LOW", "cves" : [ "CVE-2023-2602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-2603", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-2603" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-base@6.1-10.20180224.el8?arch=noarch&distro=rhel-8.10&upstream=ncurses-6.1-10.20180224.el8.src.rpm", "issues" : [ { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false }, { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false }, { "id" : "CVE-2022-29458", "title" : "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2022-29458" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-libs@6.1-10.20180224.el8?arch=x86_64&distro=rhel-8.10&upstream=ncurses-6.1-10.20180224.el8.src.rpm", "issues" : [ { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false }, { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false }, { "id" : "CVE-2022-29458", "title" : "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2022-29458" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/sqlite-libs@3.26.0-20.el8_10?arch=x86_64&distro=rhel-8.10&upstream=sqlite-3.26.0-20.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2025-6965", "title" : "Integer Truncation on SQLite", "source" : "redhat-csaf", "cvssScore" : 7.7, "severity" : "HIGH", "cves" : [ "CVE-2025-6965" ], "unique" : false }, { "id" : "CVE-2023-7104", "source" : "redhat-csaf", "cvssScore" : 7.3, "severity" : "HIGH", "cves" : [ "CVE-2023-7104" ], "unique" : false }, { "id" : "CVE-2025-3277", "title" : "An integer overflow can be triggered in SQLite’s `concat_ws()` function. The resulting, truncated integer is then used to allocate a buffer. When SQLite then writes the resulting string to the buffer, it uses the original, untruncated size and thus a wild Heap Buffer overflow of size ~4GB can be triggered. This can result in arbitrary code execution.", "source" : "redhat-csaf", "cvssScore" : 7.3, "severity" : "HIGH", "cves" : [ "CVE-2025-3277" ], "unique" : false }, { "id" : "CVE-2022-35737", "title" : "SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2022-35737" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-6965", "title" : "Integer Truncation on SQLite", "source" : "redhat-csaf", "cvssScore" : 7.7, "severity" : "HIGH", "cves" : [ "CVE-2025-6965" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/expat@2.5.0-1.el8_10?arch=x86_64&distro=rhel-8.10&upstream=expat-2.5.0-1.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2023-52425", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-52425" ], "unique" : false }, { "id" : "CVE-2024-28757", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-28757" ], "unique" : false }, { "id" : "CVE-2024-45490", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-45490" ], "unique" : false }, { "id" : "CVE-2024-45491", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-45491" ], "unique" : false }, { "id" : "CVE-2024-8176", "title" : "Libexpat: expat: improper restriction of xml entity expansion depth in libexpat", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-8176" ], "unique" : false }, { "id" : "CVE-2024-45492", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2024-45492" ], "unique" : false }, { "id" : "CVE-2024-50602", "title" : "An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-50602" ], "unique" : false }, { "id" : "CVE-2025-59375", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-59375" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-52425", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-52425" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libtirpc@1.1.4-12.el8_10?arch=x86_64&distro=rhel-8.10&upstream=libtirpc-1.1.4-12.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2021-46828", "title" : "In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2021-46828" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2021-46828", "title" : "In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2021-46828" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/pcre2@10.32-3.el8_6?arch=x86_64&distro=rhel-8.10&upstream=pcre2-10.32-3.el8_6.src.rpm", "issues" : [ { "id" : "CVE-2022-1586", "title" : "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1586" ], "unique" : false }, { "id" : "CVE-2022-1587", "title" : "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1587" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-1586", "title" : "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1586" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/bash@4.4.20-6.el8_10?arch=x86_64&distro=rhel-8.10&upstream=bash-4.4.20-6.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2022-3715", "source" : "redhat-csaf", "cvssScore" : 6.6, "severity" : "MEDIUM", "cves" : [ "CVE-2022-3715" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-3715", "source" : "redhat-csaf", "cvssScore" : 6.6, "severity" : "MEDIUM", "cves" : [ "CVE-2022-3715" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/gmp@6.1.2-11.el8?arch=x86_64&distro=rhel-8.10&epoch=1&upstream=gmp-6.1.2-11.el8.src.rpm", "issues" : [ { "id" : "CVE-2021-43618", "title" : "GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms.", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2021-43618" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2021-43618", "title" : "GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms.", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2021-43618" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libgcc@8.5.0-28.el8_10?arch=x86_64&distro=rhel-8.10&upstream=gcc-8.5.0-28.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2020-11023", "title" : "Potential XSS vulnerability in jQuery", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2020-11023" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2020-11023", "title" : "Potential XSS vulnerability in jQuery", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2020-11023" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libtasn1@4.13-5.el8_10?arch=x86_64&distro=rhel-8.10&upstream=libtasn1-4.13-5.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2021-46848", "title" : "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2021-46848" ], "unique" : false }, { "id" : "CVE-2024-12133", "title" : "Libtasn1: inefficient der decoding in libtasn1 leading to potential remote dos", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-12133" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2021-46848", "title" : "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2021-46848" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libcom_err@1.45.6-7.el8_10?arch=x86_64&distro=rhel-8.10&upstream=e2fsprogs-1.45.6-7.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2022-1304", "title" : "An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.", "source" : "redhat-csaf", "cvssScore" : 5.8, "severity" : "MEDIUM", "cves" : [ "CVE-2022-1304" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-1304", "title" : "An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.", "source" : "redhat-csaf", "cvssScore" : 5.8, "severity" : "MEDIUM", "cves" : [ "CVE-2022-1304" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/python3-pip-wheel@9.0.3-24.el8?arch=noarch&distro=rhel-8.10&upstream=python-pip-9.0.3-24.el8.src.rpm", "issues" : [ { "id" : "CVE-2007-4559", "title" : "Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2007-4559" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2007-4559", "title" : "Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2007-4559" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/bzip2-libs@1.0.6-28.el8_10?arch=x86_64&distro=rhel-8.10&upstream=bzip2-1.0.6-28.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2019-12900", "title" : "BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.", "source" : "redhat-csaf", "cvssScore" : 4.4, "severity" : "MEDIUM", "cves" : [ "CVE-2019-12900" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2019-12900", "title" : "BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.", "source" : "redhat-csaf", "cvssScore" : 4.4, "severity" : "MEDIUM", "cves" : [ "CVE-2019-12900" ], "unique" : false } } ], "highestVulnerability" : { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/openldap@2.4.46-21.el8_10?arch=x86_64&distro=rhel-8.10&upstream=openldap-2.4.46-21.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2023-2953", "title" : "A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2023-2953" ], "unique" : false } ], "transitive" : [ { "ref" : "pkg:rpm/redhat/openssl-libs@1.1.1k-15.el8_6?arch=x86_64&distro=rhel-8.10&epoch=1&upstream=openssl-1.1.1k-15.el8_6.src.rpm", "issues" : [ { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false }, { "id" : "CVE-2022-1473", "title" : "Resource leakage when decoding certificates and keys", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1473" ], "unique" : false }, { "id" : "CVE-2022-3358", "title" : "Using a Custom Cipher with NID_undef may lead to NULL encryption", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-3358" ], "unique" : false }, { "id" : "CVE-2022-3602", "title" : "X.509 Email Address 4-byte Buffer Overflow", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-3602" ], "unique" : false }, { "id" : "CVE-2022-3786", "title" : "X.509 Email Address Variable Length Buffer Overflow", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-3786" ], "unique" : false }, { "id" : "CVE-2022-4450", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-4450" ], "unique" : false }, { "id" : "CVE-2023-0215", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-0215" ], "unique" : false }, { "id" : "CVE-2023-0216", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-0216" ], "unique" : false }, { "id" : "CVE-2023-0217", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-0217" ], "unique" : false }, { "id" : "CVE-2023-0401", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-0401" ], "unique" : false }, { "id" : "CVE-2023-5363", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-5363" ], "unique" : false }, { "id" : "CVE-2023-0286", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2023-0286" ], "unique" : false }, { "id" : "CVE-2024-12797", "title" : "RFC7250 handshakes with unauthenticated servers don't abort as expected", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2024-12797" ], "unique" : false }, { "id" : "CVE-2025-69419", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2025-69419" ], "unique" : false }, { "id" : "CVE-2022-1292", "source" : "redhat-csaf", "cvssScore" : 6.7, "severity" : "MEDIUM", "cves" : [ "CVE-2022-1292" ], "unique" : false }, { "id" : "CVE-2022-2068", "source" : "redhat-csaf", "cvssScore" : 6.7, "severity" : "MEDIUM", "cves" : [ "CVE-2022-2068" ], "unique" : false }, { "id" : "CVE-2023-2650", "title" : "Possible DoS translating ASN.1 object identifiers", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-2650" ], "unique" : false }, { "id" : "CVE-2023-6129", "title" : "POLY1305 MAC implementation corrupts vector registers on PowerPC", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-6129" ], "unique" : false }, { "id" : "CVE-2025-69421", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69421" ], "unique" : false }, { "id" : "CVE-2025-11187", "title" : "Improper validation of PBMAC1 parameters in PKCS#12 MAC verification", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-11187" ], "unique" : false }, { "id" : "CVE-2020-1971", "title" : "EDIPARTYNAME NULL pointer dereference", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2020-1971" ], "unique" : false }, { "id" : "CVE-2022-4304", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2022-4304" ], "unique" : false }, { "id" : "CVE-2023-0464", "title" : "Excessive Resource Usage Verifying X.509 Policy Constraints", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-0464" ], "unique" : false }, { "id" : "CVE-2023-6237", "title" : "Excessive time spent checking invalid RSA public keys", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-6237" ], "unique" : false }, { "id" : "CVE-2024-5535", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-5535" ], "unique" : false }, { "id" : "CVE-2024-6119", "title" : "Possible denial of service in X.509 name checks", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-6119" ], "unique" : false }, { "id" : "CVE-2025-15468", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15468" ], "unique" : false }, { "id" : "CVE-2025-66199", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-66199" ], "unique" : false }, { "id" : "CVE-2025-69420", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69420" ], "unique" : false }, { "id" : "CVE-2026-22796", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-22796" ], "unique" : false }, { "id" : "CVE-2024-4741", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2024-4741" ], "unique" : false }, { "id" : "CVE-2025-9230", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-9230" ], "unique" : false }, { "id" : "CVE-2024-0727", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2024-0727" ], "unique" : false }, { "id" : "CVE-2025-15469", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15469" ], "unique" : false }, { "id" : "CVE-2026-22795", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-22795" ], "unique" : false }, { "id" : "CVE-2022-1343", "title" : "OCSP_basic_verify may incorrectly verify the response signing certificate", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2022-1343" ], "unique" : false }, { "id" : "CVE-2022-2097", "title" : "AES OCB fails to encrypt some bytes", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2022-2097" ], "unique" : false }, { "id" : "CVE-2023-0465", "title" : "Invalid certificate policies in leaf certificates are silently ignored", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-0465" ], "unique" : false }, { "id" : "CVE-2023-0466", "title" : "Certificate policy check not enabled", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-0466" ], "unique" : false }, { "id" : "CVE-2023-2975", "title" : "AES-SIV implementation ignores empty associated data entries", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-2975" ], "unique" : false }, { "id" : "CVE-2023-3446", "title" : "Excessive time spent checking DH keys and parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-3446" ], "unique" : false }, { "id" : "CVE-2023-3817", "title" : "Excessive time spent checking DH q parameter value", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-3817" ], "unique" : false }, { "id" : "CVE-2023-5678", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-5678" ], "unique" : false }, { "id" : "CVE-2024-4603", "title" : "Excessive time spent checking DSA keys and parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-4603" ], "unique" : false }, { "id" : "CVE-2023-1255", "title" : "Input buffer over-read in AES-XTS implementation on 64 bit ARM", "source" : "redhat-csaf", "cvssScore" : 5.1, "severity" : "MEDIUM", "cves" : [ "CVE-2023-1255" ], "unique" : false }, { "id" : "CVE-2022-4203", "source" : "redhat-csaf", "cvssScore" : 4.9, "severity" : "MEDIUM", "cves" : [ "CVE-2022-4203" ], "unique" : false }, { "id" : "CVE-2025-68160", "source" : "redhat-csaf", "cvssScore" : 4.7, "severity" : "MEDIUM", "cves" : [ "CVE-2025-68160" ], "unique" : false }, { "id" : "CVE-2025-69418", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69418" ], "unique" : false }, { "id" : "CVE-2024-2511", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2024-2511" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/krb5-libs@1.18.2-32.el8_10?arch=x86_64&distro=rhel-8.10&upstream=krb5-1.18.2-32.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2024-3596", "source" : "redhat-csaf", "cvssScore" : 9.0, "severity" : "CRITICAL", "cves" : [ "CVE-2024-3596" ], "unique" : false }, { "id" : "CVE-2022-42898", "title" : "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has \"a similar bug.\"", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2022-42898" ], "unique" : false }, { "id" : "CVE-2023-39975", "title" : "kdc/do_tgs_req.c in MIT Kerberos 5 (aka krb5) 1.21 before 1.21.2 has a double free that is reachable if an authenticated user can trigger an authorization-data handling failure. Incorrect data is copied from one ticket to another.", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2023-39975" ], "unique" : false }, { "id" : "CVE-2024-26462", "title" : "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/kdc/ndr.c.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-26462" ], "unique" : false }, { "id" : "CVE-2024-37370", "title" : "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-37370" ], "unique" : false }, { "id" : "CVE-2020-17049", "title" : "Kerberos KDC Security Feature Bypass Vulnerability", "source" : "redhat-csaf", "cvssScore" : 7.2, "severity" : "HIGH", "cves" : [ "CVE-2020-17049" ], "unique" : false }, { "id" : "CVE-2023-36054", "title" : "lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-36054" ], "unique" : false }, { "id" : "CVE-2024-37371", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2024-37371" ], "unique" : false }, { "id" : "CVE-2025-24528", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-24528" ], "unique" : false }, { "id" : "CVE-2024-26458", "title" : "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-26458" ], "unique" : false }, { "id" : "CVE-2024-26461", "title" : "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-26461" ], "unique" : false }, { "id" : "CVE-2025-3576", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-3576" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-3596", "source" : "redhat-csaf", "cvssScore" : 9.0, "severity" : "CRITICAL", "cves" : [ "CVE-2024-3596" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-minimal-langpack@2.28-251.el8_10.31?arch=x86_64&distro=rhel-8.10&upstream=glibc-2.28-251.el8_10.31.src.rpm", "issues" : [ { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false }, { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2023-4911", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-4911" ], "unique" : false }, { "id" : "CVE-2024-33599", "title" : "nscd: Stack-based buffer overflow in netgroup cache", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-33599" ], "unique" : false }, { "id" : "CVE-2025-4802", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2025-4802" ], "unique" : false }, { "id" : "CVE-2023-4527", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4527" ], "unique" : false }, { "id" : "CVE-2023-4806", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4806" ], "unique" : false }, { "id" : "CVE-2023-4813", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4813" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2025-0395", "title" : "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0395" ], "unique" : false }, { "id" : "CVE-2024-33600", "title" : "nscd: Null pointer crashes after notfound response", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33600" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2024-33601", "title" : "nscd: netgroup cache may terminate daemon on memory allocation failure", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33601" ], "unique" : false }, { "id" : "CVE-2024-33602", "title" : "nscd: netgroup cache assumes NSS callback uses in-buffer strings", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc@2.28-251.el8_10.31?arch=x86_64&distro=rhel-8.10&upstream=glibc-2.28-251.el8_10.31.src.rpm", "issues" : [ { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false }, { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2023-4911", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-4911" ], "unique" : false }, { "id" : "CVE-2024-33599", "title" : "nscd: Stack-based buffer overflow in netgroup cache", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-33599" ], "unique" : false }, { "id" : "CVE-2025-4802", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2025-4802" ], "unique" : false }, { "id" : "CVE-2023-4527", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4527" ], "unique" : false }, { "id" : "CVE-2023-4806", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4806" ], "unique" : false }, { "id" : "CVE-2023-4813", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4813" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2025-0395", "title" : "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0395" ], "unique" : false }, { "id" : "CVE-2024-33600", "title" : "nscd: Null pointer crashes after notfound response", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33600" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2024-33601", "title" : "nscd: netgroup cache may terminate daemon on memory allocation failure", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33601" ], "unique" : false }, { "id" : "CVE-2024-33602", "title" : "nscd: netgroup cache assumes NSS callback uses in-buffer strings", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-common@2.28-251.el8_10.31?arch=x86_64&distro=rhel-8.10&upstream=glibc-2.28-251.el8_10.31.src.rpm", "issues" : [ { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false }, { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2023-4911", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-4911" ], "unique" : false }, { "id" : "CVE-2024-33599", "title" : "nscd: Stack-based buffer overflow in netgroup cache", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-33599" ], "unique" : false }, { "id" : "CVE-2025-4802", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2025-4802" ], "unique" : false }, { "id" : "CVE-2023-4527", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4527" ], "unique" : false }, { "id" : "CVE-2023-4806", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4806" ], "unique" : false }, { "id" : "CVE-2023-4813", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4813" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2025-0395", "title" : "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0395" ], "unique" : false }, { "id" : "CVE-2024-33600", "title" : "nscd: Null pointer crashes after notfound response", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33600" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2024-33601", "title" : "nscd: netgroup cache may terminate daemon on memory allocation failure", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33601" ], "unique" : false }, { "id" : "CVE-2024-33602", "title" : "nscd: netgroup cache assumes NSS callback uses in-buffer strings", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/zlib@1.2.11-25.el8?arch=x86_64&distro=rhel-8.10&upstream=zlib-1.2.11-25.el8.src.rpm", "issues" : [ { "id" : "CVE-2018-25032", "title" : "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", "source" : "redhat-csaf", "cvssScore" : 8.2, "severity" : "HIGH", "cves" : [ "CVE-2018-25032" ], "unique" : false }, { "id" : "CVE-2022-37434", "title" : "zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2022-37434" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2018-25032", "title" : "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", "source" : "redhat-csaf", "cvssScore" : 8.2, "severity" : "HIGH", "cves" : [ "CVE-2018-25032" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libcap@2.48-6.el8_9?arch=x86_64&distro=rhel-8.10&upstream=libcap-2.48-6.el8_9.src.rpm", "issues" : [ { "id" : "CVE-2023-2603", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-2603" ], "unique" : false }, { "id" : "CVE-2023-2602", "title" : "A vulnerability was found in the pthread_create() function in libcap. This issue may allow a malicious actor to use cause __real_pthread_create() to return an error, which can exhaust the process memory.", "source" : "redhat-csaf", "cvssScore" : 3.3, "severity" : "LOW", "cves" : [ "CVE-2023-2602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-2603", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-2603" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-base@6.1-10.20180224.el8?arch=noarch&distro=rhel-8.10&upstream=ncurses-6.1-10.20180224.el8.src.rpm", "issues" : [ { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false }, { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false }, { "id" : "CVE-2022-29458", "title" : "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2022-29458" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-libs@6.1-10.20180224.el8?arch=x86_64&distro=rhel-8.10&upstream=ncurses-6.1-10.20180224.el8.src.rpm", "issues" : [ { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false }, { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false }, { "id" : "CVE-2022-29458", "title" : "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2022-29458" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/pcre2@10.32-3.el8_6?arch=x86_64&distro=rhel-8.10&upstream=pcre2-10.32-3.el8_6.src.rpm", "issues" : [ { "id" : "CVE-2022-1586", "title" : "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1586" ], "unique" : false }, { "id" : "CVE-2022-1587", "title" : "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1587" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-1586", "title" : "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1586" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/bash@4.4.20-6.el8_10?arch=x86_64&distro=rhel-8.10&upstream=bash-4.4.20-6.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2022-3715", "source" : "redhat-csaf", "cvssScore" : 6.6, "severity" : "MEDIUM", "cves" : [ "CVE-2022-3715" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-3715", "source" : "redhat-csaf", "cvssScore" : 6.6, "severity" : "MEDIUM", "cves" : [ "CVE-2022-3715" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/gmp@6.1.2-11.el8?arch=x86_64&distro=rhel-8.10&epoch=1&upstream=gmp-6.1.2-11.el8.src.rpm", "issues" : [ { "id" : "CVE-2021-43618", "title" : "GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms.", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2021-43618" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2021-43618", "title" : "GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms.", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2021-43618" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libgcc@8.5.0-28.el8_10?arch=x86_64&distro=rhel-8.10&upstream=gcc-8.5.0-28.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2020-11023", "title" : "Potential XSS vulnerability in jQuery", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2020-11023" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2020-11023", "title" : "Potential XSS vulnerability in jQuery", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2020-11023" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libtasn1@4.13-5.el8_10?arch=x86_64&distro=rhel-8.10&upstream=libtasn1-4.13-5.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2021-46848", "title" : "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2021-46848" ], "unique" : false }, { "id" : "CVE-2024-12133", "title" : "Libtasn1: inefficient der decoding in libtasn1 leading to potential remote dos", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-12133" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2021-46848", "title" : "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2021-46848" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libcom_err@1.45.6-7.el8_10?arch=x86_64&distro=rhel-8.10&upstream=e2fsprogs-1.45.6-7.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2022-1304", "title" : "An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.", "source" : "redhat-csaf", "cvssScore" : 5.8, "severity" : "MEDIUM", "cves" : [ "CVE-2022-1304" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-1304", "title" : "An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.", "source" : "redhat-csaf", "cvssScore" : 5.8, "severity" : "MEDIUM", "cves" : [ "CVE-2022-1304" ], "unique" : false } } ], "highestVulnerability" : { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/java-17-openjdk-headless@17.0.18.0.8-1.el8?arch=x86_64&distro=rhel-8.10&epoch=1&upstream=java-17-openjdk-17.0.18.0.8-1.el8.src.rpm", "issues" : [ { "id" : "CVE-2026-21945", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2026-21945" ], "unique" : false }, { "id" : "CVE-2025-64720", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2025-64720" ], "unique" : false }, { "id" : "CVE-2025-65018", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2025-65018" ], "unique" : false }, { "id" : "CVE-2026-21933", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2026-21933" ], "unique" : false }, { "id" : "CVE-2026-21925", "source" : "redhat-csaf", "cvssScore" : 4.8, "severity" : "MEDIUM", "cves" : [ "CVE-2026-21925" ], "unique" : false } ], "transitive" : [ { "ref" : "pkg:rpm/redhat/openssl-libs@1.1.1k-15.el8_6?arch=x86_64&distro=rhel-8.10&epoch=1&upstream=openssl-1.1.1k-15.el8_6.src.rpm", "issues" : [ { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false }, { "id" : "CVE-2022-1473", "title" : "Resource leakage when decoding certificates and keys", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1473" ], "unique" : false }, { "id" : "CVE-2022-3358", "title" : "Using a Custom Cipher with NID_undef may lead to NULL encryption", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-3358" ], "unique" : false }, { "id" : "CVE-2022-3602", "title" : "X.509 Email Address 4-byte Buffer Overflow", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-3602" ], "unique" : false }, { "id" : "CVE-2022-3786", "title" : "X.509 Email Address Variable Length Buffer Overflow", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-3786" ], "unique" : false }, { "id" : "CVE-2022-4450", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-4450" ], "unique" : false }, { "id" : "CVE-2023-0215", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-0215" ], "unique" : false }, { "id" : "CVE-2023-0216", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-0216" ], "unique" : false }, { "id" : "CVE-2023-0217", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-0217" ], "unique" : false }, { "id" : "CVE-2023-0401", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-0401" ], "unique" : false }, { "id" : "CVE-2023-5363", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-5363" ], "unique" : false }, { "id" : "CVE-2023-0286", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2023-0286" ], "unique" : false }, { "id" : "CVE-2024-12797", "title" : "RFC7250 handshakes with unauthenticated servers don't abort as expected", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2024-12797" ], "unique" : false }, { "id" : "CVE-2025-69419", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2025-69419" ], "unique" : false }, { "id" : "CVE-2022-1292", "source" : "redhat-csaf", "cvssScore" : 6.7, "severity" : "MEDIUM", "cves" : [ "CVE-2022-1292" ], "unique" : false }, { "id" : "CVE-2022-2068", "source" : "redhat-csaf", "cvssScore" : 6.7, "severity" : "MEDIUM", "cves" : [ "CVE-2022-2068" ], "unique" : false }, { "id" : "CVE-2023-2650", "title" : "Possible DoS translating ASN.1 object identifiers", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-2650" ], "unique" : false }, { "id" : "CVE-2023-6129", "title" : "POLY1305 MAC implementation corrupts vector registers on PowerPC", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-6129" ], "unique" : false }, { "id" : "CVE-2025-69421", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69421" ], "unique" : false }, { "id" : "CVE-2025-11187", "title" : "Improper validation of PBMAC1 parameters in PKCS#12 MAC verification", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-11187" ], "unique" : false }, { "id" : "CVE-2020-1971", "title" : "EDIPARTYNAME NULL pointer dereference", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2020-1971" ], "unique" : false }, { "id" : "CVE-2022-4304", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2022-4304" ], "unique" : false }, { "id" : "CVE-2023-0464", "title" : "Excessive Resource Usage Verifying X.509 Policy Constraints", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-0464" ], "unique" : false }, { "id" : "CVE-2023-6237", "title" : "Excessive time spent checking invalid RSA public keys", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-6237" ], "unique" : false }, { "id" : "CVE-2024-5535", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-5535" ], "unique" : false }, { "id" : "CVE-2024-6119", "title" : "Possible denial of service in X.509 name checks", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-6119" ], "unique" : false }, { "id" : "CVE-2025-15468", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15468" ], "unique" : false }, { "id" : "CVE-2025-66199", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-66199" ], "unique" : false }, { "id" : "CVE-2025-69420", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69420" ], "unique" : false }, { "id" : "CVE-2026-22796", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-22796" ], "unique" : false }, { "id" : "CVE-2024-4741", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2024-4741" ], "unique" : false }, { "id" : "CVE-2025-9230", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-9230" ], "unique" : false }, { "id" : "CVE-2024-0727", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2024-0727" ], "unique" : false }, { "id" : "CVE-2025-15469", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15469" ], "unique" : false }, { "id" : "CVE-2026-22795", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-22795" ], "unique" : false }, { "id" : "CVE-2022-1343", "title" : "OCSP_basic_verify may incorrectly verify the response signing certificate", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2022-1343" ], "unique" : false }, { "id" : "CVE-2022-2097", "title" : "AES OCB fails to encrypt some bytes", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2022-2097" ], "unique" : false }, { "id" : "CVE-2023-0465", "title" : "Invalid certificate policies in leaf certificates are silently ignored", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-0465" ], "unique" : false }, { "id" : "CVE-2023-0466", "title" : "Certificate policy check not enabled", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-0466" ], "unique" : false }, { "id" : "CVE-2023-2975", "title" : "AES-SIV implementation ignores empty associated data entries", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-2975" ], "unique" : false }, { "id" : "CVE-2023-3446", "title" : "Excessive time spent checking DH keys and parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-3446" ], "unique" : false }, { "id" : "CVE-2023-3817", "title" : "Excessive time spent checking DH q parameter value", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-3817" ], "unique" : false }, { "id" : "CVE-2023-5678", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-5678" ], "unique" : false }, { "id" : "CVE-2024-4603", "title" : "Excessive time spent checking DSA keys and parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-4603" ], "unique" : false }, { "id" : "CVE-2023-1255", "title" : "Input buffer over-read in AES-XTS implementation on 64 bit ARM", "source" : "redhat-csaf", "cvssScore" : 5.1, "severity" : "MEDIUM", "cves" : [ "CVE-2023-1255" ], "unique" : false }, { "id" : "CVE-2022-4203", "source" : "redhat-csaf", "cvssScore" : 4.9, "severity" : "MEDIUM", "cves" : [ "CVE-2022-4203" ], "unique" : false }, { "id" : "CVE-2025-68160", "source" : "redhat-csaf", "cvssScore" : 4.7, "severity" : "MEDIUM", "cves" : [ "CVE-2025-68160" ], "unique" : false }, { "id" : "CVE-2025-69418", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69418" ], "unique" : false }, { "id" : "CVE-2024-2511", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2024-2511" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/krb5-libs@1.18.2-32.el8_10?arch=x86_64&distro=rhel-8.10&upstream=krb5-1.18.2-32.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2024-3596", "source" : "redhat-csaf", "cvssScore" : 9.0, "severity" : "CRITICAL", "cves" : [ "CVE-2024-3596" ], "unique" : false }, { "id" : "CVE-2022-42898", "title" : "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has \"a similar bug.\"", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2022-42898" ], "unique" : false }, { "id" : "CVE-2023-39975", "title" : "kdc/do_tgs_req.c in MIT Kerberos 5 (aka krb5) 1.21 before 1.21.2 has a double free that is reachable if an authenticated user can trigger an authorization-data handling failure. Incorrect data is copied from one ticket to another.", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2023-39975" ], "unique" : false }, { "id" : "CVE-2024-26462", "title" : "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/kdc/ndr.c.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-26462" ], "unique" : false }, { "id" : "CVE-2024-37370", "title" : "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-37370" ], "unique" : false }, { "id" : "CVE-2020-17049", "title" : "Kerberos KDC Security Feature Bypass Vulnerability", "source" : "redhat-csaf", "cvssScore" : 7.2, "severity" : "HIGH", "cves" : [ "CVE-2020-17049" ], "unique" : false }, { "id" : "CVE-2023-36054", "title" : "lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-36054" ], "unique" : false }, { "id" : "CVE-2024-37371", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2024-37371" ], "unique" : false }, { "id" : "CVE-2025-24528", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-24528" ], "unique" : false }, { "id" : "CVE-2024-26458", "title" : "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-26458" ], "unique" : false }, { "id" : "CVE-2024-26461", "title" : "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-26461" ], "unique" : false }, { "id" : "CVE-2025-3576", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-3576" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-3596", "source" : "redhat-csaf", "cvssScore" : 9.0, "severity" : "CRITICAL", "cves" : [ "CVE-2024-3596" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/python3-setuptools-wheel@39.2.0-9.el8_10?arch=noarch&distro=rhel-8.10&upstream=python-setuptools-39.2.0-9.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2024-6345", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-6345" ], "unique" : false }, { "id" : "CVE-2025-47273", "title" : "setuptools has a path traversal vulnerability in PackageIndex.download that leads to Arbitrary File Write", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2025-47273" ], "unique" : false }, { "id" : "CVE-2022-40897", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2022-40897" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-6345", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-6345" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-minimal-langpack@2.28-251.el8_10.31?arch=x86_64&distro=rhel-8.10&upstream=glibc-2.28-251.el8_10.31.src.rpm", "issues" : [ { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false }, { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2023-4911", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-4911" ], "unique" : false }, { "id" : "CVE-2024-33599", "title" : "nscd: Stack-based buffer overflow in netgroup cache", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-33599" ], "unique" : false }, { "id" : "CVE-2025-4802", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2025-4802" ], "unique" : false }, { "id" : "CVE-2023-4527", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4527" ], "unique" : false }, { "id" : "CVE-2023-4806", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4806" ], "unique" : false }, { "id" : "CVE-2023-4813", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4813" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2025-0395", "title" : "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0395" ], "unique" : false }, { "id" : "CVE-2024-33600", "title" : "nscd: Null pointer crashes after notfound response", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33600" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2024-33601", "title" : "nscd: netgroup cache may terminate daemon on memory allocation failure", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33601" ], "unique" : false }, { "id" : "CVE-2024-33602", "title" : "nscd: netgroup cache assumes NSS callback uses in-buffer strings", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc@2.28-251.el8_10.31?arch=x86_64&distro=rhel-8.10&upstream=glibc-2.28-251.el8_10.31.src.rpm", "issues" : [ { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false }, { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2023-4911", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-4911" ], "unique" : false }, { "id" : "CVE-2024-33599", "title" : "nscd: Stack-based buffer overflow in netgroup cache", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-33599" ], "unique" : false }, { "id" : "CVE-2025-4802", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2025-4802" ], "unique" : false }, { "id" : "CVE-2023-4527", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4527" ], "unique" : false }, { "id" : "CVE-2023-4806", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4806" ], "unique" : false }, { "id" : "CVE-2023-4813", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4813" ], "unique" : false }, { "id" : "CVE-2025-15281", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15281" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2025-0395", "title" : "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0395" ], "unique" : false }, { "id" : "CVE-2024-33600", "title" : "nscd: Null pointer crashes after notfound response", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33600" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2024-33601", "title" : "nscd: netgroup cache may terminate daemon on memory allocation failure", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33601" ], "unique" : false }, { "id" : "CVE-2024-33602", "title" : "nscd: netgroup cache assumes NSS callback uses in-buffer strings", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/glibc-common@2.28-251.el8_10.31?arch=x86_64&distro=rhel-8.10&upstream=glibc-2.28-251.el8_10.31.src.rpm", "issues" : [ { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false }, { "id" : "CVE-2026-0861", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2026-0861" ], "unique" : false }, { "id" : "CVE-2023-4911", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-4911" ], "unique" : false }, { "id" : "CVE-2024-33599", "title" : "nscd: Stack-based buffer overflow in netgroup cache", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-33599" ], "unique" : false }, { "id" : "CVE-2025-4802", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2025-4802" ], "unique" : false }, { "id" : "CVE-2023-4527", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4527" ], "unique" : false }, { "id" : "CVE-2023-4806", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4806" ], "unique" : false }, { "id" : "CVE-2023-4813", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-4813" ], "unique" : false }, { "id" : "CVE-2025-5702", "title" : "The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program.", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-5702" ], "unique" : false }, { "id" : "CVE-2025-0395", "title" : "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0395" ], "unique" : false }, { "id" : "CVE-2024-33600", "title" : "nscd: Null pointer crashes after notfound response", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33600" ], "unique" : false }, { "id" : "CVE-2026-0915", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0915" ], "unique" : false }, { "id" : "CVE-2025-8058", "source" : "redhat-csaf", "cvssScore" : 4.2, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8058" ], "unique" : false }, { "id" : "CVE-2024-33601", "title" : "nscd: netgroup cache may terminate daemon on memory allocation failure", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33601" ], "unique" : false }, { "id" : "CVE-2024-33602", "title" : "nscd: netgroup cache assumes NSS callback uses in-buffer strings", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-33602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-2961", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2024-2961" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/javapackages-filesystem@5.3.0-1.module%2Bel8%2B2447%2B6f56d9a6?arch=noarch&distro=rhel-8.10&upstream=javapackages-tools-5.3.0-1.module%2Bel8%2B2447%2B6f56d9a6.src.rpm", "issues" : [ { "id" : "CVE-2025-48734", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2025-48734" ], "unique" : false }, { "id" : "CVE-2019-10086", "title" : "In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean.", "source" : "redhat-csaf", "cvssScore" : 7.3, "severity" : "HIGH", "cves" : [ "CVE-2019-10086" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-48734", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2025-48734" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/xz-libs@5.2.4-4.el8_6?arch=x86_64&distro=rhel-8.10&upstream=xz-5.2.4-4.el8_6.src.rpm", "issues" : [ { "id" : "CVE-2022-1271", "title" : "An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2022-1271" ], "unique" : false }, { "id" : "CVE-2025-31115", "title" : "XZ has a heap-use-after-free bug in threaded .xz decoder", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-31115" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-1271", "title" : "An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.", "source" : "redhat-csaf", "cvssScore" : 8.8, "severity" : "HIGH", "cves" : [ "CVE-2022-1271" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/python3-libs@3.6.8-75.el8_10?arch=x86_64&distro=rhel-8.10&upstream=python3-3.6.8-75.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2023-40217", "source" : "redhat-csaf", "cvssScore" : 8.6, "severity" : "HIGH", "cves" : [ "CVE-2023-40217" ], "unique" : false }, { "id" : "CVE-2022-42919", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2022-42919" ], "unique" : false }, { "id" : "CVE-2023-6597", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-6597" ], "unique" : false }, { "id" : "CVE-2015-20107", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2015-20107" ], "unique" : false }, { "id" : "CVE-2024-12718", "title" : "Bypass extraction filter to modify file metadata outside extraction directory", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2024-12718" ], "unique" : false }, { "id" : "CVE-2025-4517", "title" : "Arbitrary writes via tarfile realpath overflow", "source" : "redhat-csaf", "cvssScore" : 7.6, "severity" : "HIGH", "cves" : [ "CVE-2025-4517" ], "unique" : false }, { "id" : "CVE-2020-10735", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2020-10735" ], "unique" : false }, { "id" : "CVE-2022-45061", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-45061" ], "unique" : false }, { "id" : "CVE-2023-24329", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-24329" ], "unique" : false }, { "id" : "CVE-2024-6232", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-6232" ], "unique" : false }, { "id" : "CVE-2025-12084", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-12084" ], "unique" : false }, { "id" : "CVE-2025-4138", "title" : "Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-4138" ], "unique" : false }, { "id" : "CVE-2025-4435", "title" : "Tarfile extracts filtered members when errorlevel=0", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-4435" ], "unique" : false }, { "id" : "CVE-2025-8194", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2025-8194" ], "unique" : false }, { "id" : "CVE-2021-28861", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2021-28861" ], "unique" : false }, { "id" : "CVE-2025-4330", "title" : "Extraction filter bypass for linking outside extraction directory", "source" : "redhat-csaf", "cvssScore" : 7.3, "severity" : "HIGH", "cves" : [ "CVE-2025-4330" ], "unique" : false }, { "id" : "CVE-2025-15366", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2025-15366" ], "unique" : false }, { "id" : "CVE-2025-15367", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2025-15367" ], "unique" : false }, { "id" : "CVE-2026-1299", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2026-1299" ], "unique" : false }, { "id" : "CVE-2026-4519", "title" : "webbrowser.open() allows leading dashes in URLs", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2026-4519" ], "unique" : false }, { "id" : "CVE-2024-6923", "source" : "redhat-csaf", "cvssScore" : 6.8, "severity" : "MEDIUM", "cves" : [ "CVE-2024-6923" ], "unique" : false }, { "id" : "CVE-2025-0938", "source" : "redhat-csaf", "cvssScore" : 6.8, "severity" : "MEDIUM", "cves" : [ "CVE-2025-0938" ], "unique" : false }, { "id" : "CVE-2025-13836", "source" : "redhat-csaf", "cvssScore" : 6.8, "severity" : "MEDIUM", "cves" : [ "CVE-2025-13836" ], "unique" : false }, { "id" : "CVE-2024-9287", "source" : "redhat-csaf", "cvssScore" : 6.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-9287" ], "unique" : false }, { "id" : "CVE-2024-0450", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2024-0450" ], "unique" : false }, { "id" : "CVE-2007-4559", "title" : "Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2007-4559" ], "unique" : false }, { "id" : "CVE-2023-27043", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-27043" ], "unique" : false }, { "id" : "CVE-2024-8088", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-8088" ], "unique" : false }, { "id" : "CVE-2024-0397", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-0397" ], "unique" : false }, { "id" : "CVE-2024-7592", "source" : "redhat-csaf", "cvssScore" : 4.8, "severity" : "MEDIUM", "cves" : [ "CVE-2024-7592" ], "unique" : false }, { "id" : "CVE-2026-0865", "source" : "redhat-csaf", "cvssScore" : 4.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-0865" ], "unique" : false }, { "id" : "CVE-2025-6069", "title" : "HTMLParser quadratic complexity when processing malformed inputs", "source" : "redhat-csaf", "cvssScore" : 4.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-6069" ], "unique" : false }, { "id" : "CVE-2025-8291", "source" : "redhat-csaf", "cvssScore" : 4.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-8291" ], "unique" : false }, { "id" : "CVE-2025-6075", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2025-6075" ], "unique" : false }, { "id" : "CVE-2024-11168", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2024-11168" ], "unique" : false }, { "id" : "CVE-2024-4032", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2024-4032" ], "unique" : false }, { "id" : "CVE-2024-5642", "title" : "Buffer overread when using an empty list with SSLContext.set_npn_protocols()", "source" : "redhat-csaf", "cvssScore" : 2.7, "severity" : "LOW", "cves" : [ "CVE-2024-5642" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-40217", "source" : "redhat-csaf", "cvssScore" : 8.6, "severity" : "HIGH", "cves" : [ "CVE-2023-40217" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/zlib@1.2.11-25.el8?arch=x86_64&distro=rhel-8.10&upstream=zlib-1.2.11-25.el8.src.rpm", "issues" : [ { "id" : "CVE-2018-25032", "title" : "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", "source" : "redhat-csaf", "cvssScore" : 8.2, "severity" : "HIGH", "cves" : [ "CVE-2018-25032" ], "unique" : false }, { "id" : "CVE-2022-37434", "title" : "zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2022-37434" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2018-25032", "title" : "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", "source" : "redhat-csaf", "cvssScore" : 8.2, "severity" : "HIGH", "cves" : [ "CVE-2018-25032" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/cups-libs@2.2.6-67.el8_10?arch=x86_64&distro=rhel-8.10&epoch=1&upstream=cups-2.2.6-67.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2025-58060", "source" : "redhat-csaf", "cvssScore" : 8.0, "severity" : "HIGH", "cves" : [ "CVE-2025-58060" ], "unique" : false }, { "id" : "CVE-2024-47175", "source" : "redhat-csaf", "cvssScore" : 7.7, "severity" : "HIGH", "cves" : [ "CVE-2024-47175" ], "unique" : false }, { "id" : "CVE-2023-34241", "title" : "CUPS vulnerable to use-after-free in cupsdAcceptClient()", "source" : "redhat-csaf", "cvssScore" : 7.1, "severity" : "HIGH", "cves" : [ "CVE-2023-34241" ], "unique" : false }, { "id" : "CVE-2022-26691", "title" : "A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to gain elevated privileges.", "source" : "redhat-csaf", "cvssScore" : 6.7, "severity" : "MEDIUM", "cves" : [ "CVE-2022-26691" ], "unique" : false }, { "id" : "CVE-2023-32360", "title" : "An authentication issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An unauthenticated user may be able to access recently printed documents.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-32360" ], "unique" : false }, { "id" : "CVE-2025-58364", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-58364" ], "unique" : false }, { "id" : "CVE-2023-32324", "title" : "OpenPrinting CUPS vulnerable to heap buffer overflow", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-32324" ], "unique" : false }, { "id" : "CVE-2025-58436", "source" : "redhat-csaf", "cvssScore" : 5.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-58436" ], "unique" : false }, { "id" : "CVE-2024-35235", "title" : "Cupsd Listen arbitrary chmod 0140777", "source" : "redhat-csaf", "cvssScore" : 4.4, "severity" : "MEDIUM", "cves" : [ "CVE-2024-35235" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-58060", "source" : "redhat-csaf", "cvssScore" : 8.0, "severity" : "HIGH", "cves" : [ "CVE-2025-58060" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libcap@2.48-6.el8_9?arch=x86_64&distro=rhel-8.10&upstream=libcap-2.48-6.el8_9.src.rpm", "issues" : [ { "id" : "CVE-2023-2603", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-2603" ], "unique" : false }, { "id" : "CVE-2023-2602", "title" : "A vulnerability was found in the pthread_create() function in libcap. This issue may allow a malicious actor to use cause __real_pthread_create() to return an error, which can exhaust the process memory.", "source" : "redhat-csaf", "cvssScore" : 3.3, "severity" : "LOW", "cves" : [ "CVE-2023-2602" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-2603", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-2603" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-base@6.1-10.20180224.el8?arch=noarch&distro=rhel-8.10&upstream=ncurses-6.1-10.20180224.el8.src.rpm", "issues" : [ { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false }, { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false }, { "id" : "CVE-2022-29458", "title" : "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2022-29458" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/ncurses-libs@6.1-10.20180224.el8?arch=x86_64&distro=rhel-8.10&upstream=ncurses-6.1-10.20180224.el8.src.rpm", "issues" : [ { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false }, { "id" : "CVE-2025-69720", "title" : "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2025-69720" ], "unique" : false }, { "id" : "CVE-2022-29458", "title" : "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2022-29458" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-29491", "source" : "redhat-csaf", "cvssScore" : 7.8, "severity" : "HIGH", "cves" : [ "CVE-2023-29491" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/sqlite-libs@3.26.0-20.el8_10?arch=x86_64&distro=rhel-8.10&upstream=sqlite-3.26.0-20.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2025-6965", "title" : "Integer Truncation on SQLite", "source" : "redhat-csaf", "cvssScore" : 7.7, "severity" : "HIGH", "cves" : [ "CVE-2025-6965" ], "unique" : false }, { "id" : "CVE-2023-7104", "source" : "redhat-csaf", "cvssScore" : 7.3, "severity" : "HIGH", "cves" : [ "CVE-2023-7104" ], "unique" : false }, { "id" : "CVE-2025-3277", "title" : "An integer overflow can be triggered in SQLite’s `concat_ws()` function. The resulting, truncated integer is then used to allocate a buffer. When SQLite then writes the resulting string to the buffer, it uses the original, untruncated size and thus a wild Heap Buffer overflow of size ~4GB can be triggered. This can result in arbitrary code execution.", "source" : "redhat-csaf", "cvssScore" : 7.3, "severity" : "HIGH", "cves" : [ "CVE-2025-3277" ], "unique" : false }, { "id" : "CVE-2022-35737", "title" : "SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2022-35737" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-6965", "title" : "Integer Truncation on SQLite", "source" : "redhat-csaf", "cvssScore" : 7.7, "severity" : "HIGH", "cves" : [ "CVE-2025-6965" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/expat@2.5.0-1.el8_10?arch=x86_64&distro=rhel-8.10&upstream=expat-2.5.0-1.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2023-52425", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-52425" ], "unique" : false }, { "id" : "CVE-2024-28757", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-28757" ], "unique" : false }, { "id" : "CVE-2024-45490", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-45490" ], "unique" : false }, { "id" : "CVE-2024-45491", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-45491" ], "unique" : false }, { "id" : "CVE-2024-8176", "title" : "Libexpat: expat: improper restriction of xml entity expansion depth in libexpat", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-8176" ], "unique" : false }, { "id" : "CVE-2024-45492", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2024-45492" ], "unique" : false }, { "id" : "CVE-2024-50602", "title" : "An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-50602" ], "unique" : false }, { "id" : "CVE-2025-59375", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-59375" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-52425", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-52425" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/gnutls@3.6.16-8.el8_10.5?arch=x86_64&distro=rhel-8.10&upstream=gnutls-3.6.16-8.el8_10.5.src.rpm", "issues" : [ { "id" : "CVE-2022-2509", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-2509" ], "unique" : false }, { "id" : "CVE-2024-0553", "title" : "Gnutls: incomplete fix for cve-2023-5981", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-0553" ], "unique" : false }, { "id" : "CVE-2024-0567", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-0567" ], "unique" : false }, { "id" : "CVE-2023-0361", "title" : "A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2023-0361" ], "unique" : false }, { "id" : "CVE-2025-32988", "title" : "Gnutls: vulnerability in gnutls othername san export", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-32988" ], "unique" : false }, { "id" : "CVE-2025-32990", "title" : "Gnutls: vulnerability in gnutls certtool template parsing", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-32990" ], "unique" : false }, { "id" : "CVE-2025-6395", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-6395" ], "unique" : false }, { "id" : "CVE-2023-5981", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-5981" ], "unique" : false }, { "id" : "CVE-2024-12243", "title" : "Gnutls: gnutls impacted by inefficient der decoding in libtasn1 leading to remote dos", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-12243" ], "unique" : false }, { "id" : "CVE-2024-28834", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-28834" ], "unique" : false }, { "id" : "CVE-2025-14831", "title" : "Gnutls: gnutls: denial of service via excessive resource consumption during certificate verification", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14831" ], "unique" : false }, { "id" : "CVE-2025-32989", "title" : "Gnutls: vulnerability in gnutls sct extension parsing", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2025-32989" ], "unique" : false }, { "id" : "CVE-2024-28835", "source" : "redhat-csaf", "cvssScore" : 5.0, "severity" : "MEDIUM", "cves" : [ "CVE-2024-28835" ], "unique" : false }, { "id" : "CVE-2025-9820", "title" : "Gnutls: stack-based buffer overflow in gnutls_pkcs11_token_init() function", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2025-9820" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-2509", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-2509" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libtirpc@1.1.4-12.el8_10?arch=x86_64&distro=rhel-8.10&upstream=libtirpc-1.1.4-12.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2021-46828", "title" : "In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2021-46828" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2021-46828", "title" : "In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2021-46828" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/pcre2@10.32-3.el8_6?arch=x86_64&distro=rhel-8.10&upstream=pcre2-10.32-3.el8_6.src.rpm", "issues" : [ { "id" : "CVE-2022-1586", "title" : "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1586" ], "unique" : false }, { "id" : "CVE-2022-1587", "title" : "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1587" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-1586", "title" : "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1586" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/lua@5.3.4-12.el8?arch=x86_64&distro=rhel-8.10&upstream=lua-5.3.4-12.el8.src.rpm", "issues" : [ { "id" : "CVE-2021-44964", "title" : "Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.0~5.4.3 allows attackers to perform Sandbox Escape via a crafted script file.", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2021-44964" ], "unique" : false }, { "id" : "CVE-2022-33099", "title" : "An issue in the component luaG_runerror of Lua v5.4.4 and below leads to a heap-buffer overflow when a recursive error occurs.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2022-33099" ], "unique" : false }, { "id" : "CVE-2022-28805", "title" : "singlevar in lparser.c in Lua from (including) 5.4.0 up to (excluding) 5.4.4 lacks a certain luaK_exp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code.", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2022-28805" ], "unique" : false }, { "id" : "CVE-2021-43519", "title" : "Stack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4 allows attackers to perform a Denial of Service via a crafted script file.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2021-43519" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2021-44964", "title" : "Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.0~5.4.3 allows attackers to perform Sandbox Escape via a crafted script file.", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2021-44964" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/lua-libs@5.3.4-12.el8?arch=x86_64&distro=rhel-8.10&upstream=lua-5.3.4-12.el8.src.rpm", "issues" : [ { "id" : "CVE-2021-44964", "title" : "Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.0~5.4.3 allows attackers to perform Sandbox Escape via a crafted script file.", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2021-44964" ], "unique" : false }, { "id" : "CVE-2022-33099", "title" : "An issue in the component luaG_runerror of Lua v5.4.4 and below leads to a heap-buffer overflow when a recursive error occurs.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2022-33099" ], "unique" : false }, { "id" : "CVE-2022-28805", "title" : "singlevar in lparser.c in Lua from (including) 5.4.0 up to (excluding) 5.4.4 lacks a certain luaK_exp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code.", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2022-28805" ], "unique" : false }, { "id" : "CVE-2021-43519", "title" : "Stack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4 allows attackers to perform a Denial of Service via a crafted script file.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2021-43519" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2021-44964", "title" : "Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.0~5.4.3 allows attackers to perform Sandbox Escape via a crafted script file.", "source" : "redhat-csaf", "cvssScore" : 7.0, "severity" : "HIGH", "cves" : [ "CVE-2021-44964" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/bash@4.4.20-6.el8_10?arch=x86_64&distro=rhel-8.10&upstream=bash-4.4.20-6.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2022-3715", "source" : "redhat-csaf", "cvssScore" : 6.6, "severity" : "MEDIUM", "cves" : [ "CVE-2022-3715" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-3715", "source" : "redhat-csaf", "cvssScore" : 6.6, "severity" : "MEDIUM", "cves" : [ "CVE-2022-3715" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/dbus-libs@1.12.8-27.el8_10?arch=x86_64&distro=rhel-8.10&epoch=1&upstream=dbus-1.12.8-27.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2022-42010", "title" : "An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2022-42010" ], "unique" : false }, { "id" : "CVE-2022-42011", "title" : "An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2022-42011" ], "unique" : false }, { "id" : "CVE-2022-42012", "title" : "An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2022-42012" ], "unique" : false }, { "id" : "CVE-2023-34969", "title" : "D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the org.freedesktop.DBus.Monitoring interface to monitor message bus traffic, then an unprivileged user with the ability to connect to the same dbus-daemon can cause a dbus-daemon crash under some circumstances via an unreplyable message. When done on the well-known system bus, this is a denial-of-service vulnerability. The fixed versions are 1.12.28, 1.14.8, and 1.15.6.", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2023-34969" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-42010", "title" : "An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2022-42010" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/gmp@6.1.2-11.el8?arch=x86_64&distro=rhel-8.10&epoch=1&upstream=gmp-6.1.2-11.el8.src.rpm", "issues" : [ { "id" : "CVE-2021-43618", "title" : "GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms.", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2021-43618" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2021-43618", "title" : "GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms.", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2021-43618" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/avahi-libs@0.7-27.el8_10.1?arch=x86_64&distro=rhel-8.10&upstream=avahi-0.7-27.el8_10.1.src.rpm", "issues" : [ { "id" : "CVE-2021-3468", "title" : "A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the availability of the avahi service, which becomes unresponsive after this flaw is triggered.", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2021-3468" ], "unique" : false }, { "id" : "CVE-2023-1981", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2023-1981" ], "unique" : false }, { "id" : "CVE-2023-38469", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2023-38469" ], "unique" : false }, { "id" : "CVE-2023-38470", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2023-38470" ], "unique" : false }, { "id" : "CVE-2023-38471", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2023-38471" ], "unique" : false }, { "id" : "CVE-2023-38472", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2023-38472" ], "unique" : false }, { "id" : "CVE-2023-38473", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2023-38473" ], "unique" : false }, { "id" : "CVE-2021-3502", "title" : "A flaw was found in avahi 0.8-5. A reachable assertion is present in avahi_s_host_name_resolver_start function allowing a local attacker to crash the avahi service by requesting hostname resolutions through the avahi socket or dbus methods for invalid hostnames. The highest threat from this vulnerability is to the service availability.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2021-3502" ], "unique" : false }, { "id" : "CVE-2024-52615", "title" : "Avahi: avahi wide-area dns uses constant source port", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-52615" ], "unique" : false }, { "id" : "CVE-2024-52616", "title" : "Avahi: avahi wide-area dns predictable transaction ids", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-52616" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2021-3468", "title" : "A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the availability of the avahi service, which becomes unresponsive after this flaw is triggered.", "source" : "redhat-csaf", "cvssScore" : 6.2, "severity" : "MEDIUM", "cves" : [ "CVE-2021-3468" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libuuid@2.32.1-48.el8_10?arch=x86_64&distro=rhel-8.10&upstream=util-linux-2.32.1-48.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libgcc@8.5.0-28.el8_10?arch=x86_64&distro=rhel-8.10&upstream=gcc-8.5.0-28.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2020-11023", "title" : "Potential XSS vulnerability in jQuery", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2020-11023" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2020-11023", "title" : "Potential XSS vulnerability in jQuery", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2020-11023" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libblkid@2.32.1-48.el8_10?arch=x86_64&distro=rhel-8.10&upstream=util-linux-2.32.1-48.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false }, { "id" : "CVE-2026-27456", "title" : "util-linux: TOCTOU Race Condition in util-linux mount(8) - Loop Device Setup", "source" : "redhat-csaf", "cvssScore" : 4.7, "severity" : "MEDIUM", "cves" : [ "CVE-2026-27456" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libstdc%2B%2B@8.5.0-28.el8_10?arch=x86_64&distro=rhel-8.10&upstream=gcc-8.5.0-28.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2020-11023", "title" : "Potential XSS vulnerability in jQuery", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2020-11023" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2020-11023", "title" : "Potential XSS vulnerability in jQuery", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2020-11023" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libmount@2.32.1-48.el8_10?arch=x86_64&distro=rhel-8.10&upstream=util-linux-2.32.1-48.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-14104", "title" : "Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-14104" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/systemd-libs@239-82.el8_10.15?arch=x86_64&distro=rhel-8.10&upstream=systemd-239-82.el8_10.15.src.rpm", "issues" : [ { "id" : "CVE-2023-7008", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-7008" ], "unique" : false }, { "id" : "CVE-2022-3821", "title" : "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2022-3821" ], "unique" : false }, { "id" : "CVE-2022-4415", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2022-4415" ], "unique" : false }, { "id" : "CVE-2022-45873", "title" : "systemd 250 and 251 allows local users to achieve a systemd-coredump deadlock by triggering a crash that has a long backtrace. This occurs in parse_elf_object in shared/elf-util.c. The exploitation methodology is to crash a binary calling the same function recursively, and put it in a deeply nested directory to make its backtrace large enough to cause the deadlock. This must be done 16 times when MaxConnections=16 is set for the systemd/units/systemd-coredump.socket file.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2022-45873" ], "unique" : false }, { "id" : "CVE-2025-4598", "source" : "redhat-csaf", "cvssScore" : 4.7, "severity" : "MEDIUM", "cves" : [ "CVE-2025-4598" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2023-7008", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-7008" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libtasn1@4.13-5.el8_10?arch=x86_64&distro=rhel-8.10&upstream=libtasn1-4.13-5.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2021-46848", "title" : "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2021-46848" ], "unique" : false }, { "id" : "CVE-2024-12133", "title" : "Libtasn1: inefficient der decoding in libtasn1 leading to potential remote dos", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-12133" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2021-46848", "title" : "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2021-46848" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libgcrypt@1.8.5-7.el8_6?arch=x86_64&distro=rhel-8.10&upstream=libgcrypt-1.8.5-7.el8_6.src.rpm", "issues" : [ { "id" : "CVE-2024-2236", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-2236" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2024-2236", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-2236" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libcom_err@1.45.6-7.el8_10?arch=x86_64&distro=rhel-8.10&upstream=e2fsprogs-1.45.6-7.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2022-1304", "title" : "An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.", "source" : "redhat-csaf", "cvssScore" : 5.8, "severity" : "MEDIUM", "cves" : [ "CVE-2022-1304" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2022-1304", "title" : "An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.", "source" : "redhat-csaf", "cvssScore" : 5.8, "severity" : "MEDIUM", "cves" : [ "CVE-2022-1304" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/python3-pip-wheel@9.0.3-24.el8?arch=noarch&distro=rhel-8.10&upstream=python-pip-9.0.3-24.el8.src.rpm", "issues" : [ { "id" : "CVE-2007-4559", "title" : "Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2007-4559" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2007-4559", "title" : "Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2007-4559" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/bzip2-libs@1.0.6-28.el8_10?arch=x86_64&distro=rhel-8.10&upstream=bzip2-1.0.6-28.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2019-12900", "title" : "BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.", "source" : "redhat-csaf", "cvssScore" : 4.4, "severity" : "MEDIUM", "cves" : [ "CVE-2019-12900" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2019-12900", "title" : "BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.", "source" : "redhat-csaf", "cvssScore" : 4.4, "severity" : "MEDIUM", "cves" : [ "CVE-2019-12900" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/alsa-lib@1.2.10-2.el8?arch=x86_64&distro=rhel-8.10&upstream=alsa-lib-1.2.10-2.el8.src.rpm", "issues" : [ { "id" : "CVE-2026-25068", "source" : "redhat-csaf", "cvssScore" : 4.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-25068" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2026-25068", "source" : "redhat-csaf", "cvssScore" : 4.3, "severity" : "MEDIUM", "cves" : [ "CVE-2026-25068" ], "unique" : false } } ], "highestVulnerability" : { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/rpm-libs@4.14.3-32.el8_10?arch=x86_64&distro=rhel-8.10&upstream=rpm-4.14.3-32.el8_10.src.rpm", "issues" : [ { "id" : "CVE-2021-35938", "title" : "A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2021-35938" ], "unique" : false }, { "id" : "CVE-2021-35939", "title" : "It was found that the fix for CVE-2017-7500 and CVE-2017-7501 was incomplete: the check was only implemented for the parent directory of the file to be created. A local unprivileged user who owns another ancestor directory could potentially use this flaw to gain root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2021-35939" ], "unique" : false }, { "id" : "CVE-2021-35937", "title" : "A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "source" : "redhat-csaf", "cvssScore" : 6.3, "severity" : "MEDIUM", "cves" : [ "CVE-2021-35937" ], "unique" : false } ], "transitive" : [ { "ref" : "pkg:rpm/redhat/openssl-libs@1.1.1k-15.el8_6?arch=x86_64&distro=rhel-8.10&epoch=1&upstream=openssl-1.1.1k-15.el8_6.src.rpm", "issues" : [ { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false }, { "id" : "CVE-2022-1473", "title" : "Resource leakage when decoding certificates and keys", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-1473" ], "unique" : false }, { "id" : "CVE-2022-3358", "title" : "Using a Custom Cipher with NID_undef may lead to NULL encryption", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-3358" ], "unique" : false }, { "id" : "CVE-2022-3602", "title" : "X.509 Email Address 4-byte Buffer Overflow", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-3602" ], "unique" : false }, { "id" : "CVE-2022-3786", "title" : "X.509 Email Address Variable Length Buffer Overflow", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-3786" ], "unique" : false }, { "id" : "CVE-2022-4450", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-4450" ], "unique" : false }, { "id" : "CVE-2023-0215", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-0215" ], "unique" : false }, { "id" : "CVE-2023-0216", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-0216" ], "unique" : false }, { "id" : "CVE-2023-0217", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-0217" ], "unique" : false }, { "id" : "CVE-2023-0401", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-0401" ], "unique" : false }, { "id" : "CVE-2023-5363", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2023-5363" ], "unique" : false }, { "id" : "CVE-2023-0286", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2023-0286" ], "unique" : false }, { "id" : "CVE-2024-12797", "title" : "RFC7250 handshakes with unauthenticated servers don't abort as expected", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2024-12797" ], "unique" : false }, { "id" : "CVE-2025-69419", "source" : "redhat-csaf", "cvssScore" : 7.4, "severity" : "HIGH", "cves" : [ "CVE-2025-69419" ], "unique" : false }, { "id" : "CVE-2022-1292", "source" : "redhat-csaf", "cvssScore" : 6.7, "severity" : "MEDIUM", "cves" : [ "CVE-2022-1292" ], "unique" : false }, { "id" : "CVE-2022-2068", "source" : "redhat-csaf", "cvssScore" : 6.7, "severity" : "MEDIUM", "cves" : [ "CVE-2022-2068" ], "unique" : false }, { "id" : "CVE-2023-2650", "title" : "Possible DoS translating ASN.1 object identifiers", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-2650" ], "unique" : false }, { "id" : "CVE-2023-6129", "title" : "POLY1305 MAC implementation corrupts vector registers on PowerPC", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2023-6129" ], "unique" : false }, { "id" : "CVE-2025-69421", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69421" ], "unique" : false }, { "id" : "CVE-2025-11187", "title" : "Improper validation of PBMAC1 parameters in PKCS#12 MAC verification", "source" : "redhat-csaf", "cvssScore" : 6.1, "severity" : "MEDIUM", "cves" : [ "CVE-2025-11187" ], "unique" : false }, { "id" : "CVE-2020-1971", "title" : "EDIPARTYNAME NULL pointer dereference", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2020-1971" ], "unique" : false }, { "id" : "CVE-2022-4304", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2022-4304" ], "unique" : false }, { "id" : "CVE-2023-0464", "title" : "Excessive Resource Usage Verifying X.509 Policy Constraints", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-0464" ], "unique" : false }, { "id" : "CVE-2023-6237", "title" : "Excessive time spent checking invalid RSA public keys", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2023-6237" ], "unique" : false }, { "id" : "CVE-2024-5535", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-5535" ], "unique" : false }, { "id" : "CVE-2024-6119", "title" : "Possible denial of service in X.509 name checks", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2024-6119" ], "unique" : false }, { "id" : "CVE-2025-15468", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15468" ], "unique" : false }, { "id" : "CVE-2025-66199", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-66199" ], "unique" : false }, { "id" : "CVE-2025-69420", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69420" ], "unique" : false }, { "id" : "CVE-2026-22796", "source" : "redhat-csaf", "cvssScore" : 5.9, "severity" : "MEDIUM", "cves" : [ "CVE-2026-22796" ], "unique" : false }, { "id" : "CVE-2024-4741", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2024-4741" ], "unique" : false }, { "id" : "CVE-2025-9230", "source" : "redhat-csaf", "cvssScore" : 5.6, "severity" : "MEDIUM", "cves" : [ "CVE-2025-9230" ], "unique" : false }, { "id" : "CVE-2024-0727", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2024-0727" ], "unique" : false }, { "id" : "CVE-2025-15469", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2025-15469" ], "unique" : false }, { "id" : "CVE-2026-22795", "source" : "redhat-csaf", "cvssScore" : 5.5, "severity" : "MEDIUM", "cves" : [ "CVE-2026-22795" ], "unique" : false }, { "id" : "CVE-2022-1343", "title" : "OCSP_basic_verify may incorrectly verify the response signing certificate", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2022-1343" ], "unique" : false }, { "id" : "CVE-2022-2097", "title" : "AES OCB fails to encrypt some bytes", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2022-2097" ], "unique" : false }, { "id" : "CVE-2023-0465", "title" : "Invalid certificate policies in leaf certificates are silently ignored", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-0465" ], "unique" : false }, { "id" : "CVE-2023-0466", "title" : "Certificate policy check not enabled", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-0466" ], "unique" : false }, { "id" : "CVE-2023-2975", "title" : "AES-SIV implementation ignores empty associated data entries", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-2975" ], "unique" : false }, { "id" : "CVE-2023-3446", "title" : "Excessive time spent checking DH keys and parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-3446" ], "unique" : false }, { "id" : "CVE-2023-3817", "title" : "Excessive time spent checking DH q parameter value", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-3817" ], "unique" : false }, { "id" : "CVE-2023-5678", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2023-5678" ], "unique" : false }, { "id" : "CVE-2024-4603", "title" : "Excessive time spent checking DSA keys and parameters", "source" : "redhat-csaf", "cvssScore" : 5.3, "severity" : "MEDIUM", "cves" : [ "CVE-2024-4603" ], "unique" : false }, { "id" : "CVE-2023-1255", "title" : "Input buffer over-read in AES-XTS implementation on 64 bit ARM", "source" : "redhat-csaf", "cvssScore" : 5.1, "severity" : "MEDIUM", "cves" : [ "CVE-2023-1255" ], "unique" : false }, { "id" : "CVE-2022-4203", "source" : "redhat-csaf", "cvssScore" : 4.9, "severity" : "MEDIUM", "cves" : [ "CVE-2022-4203" ], "unique" : false }, { "id" : "CVE-2025-68160", "source" : "redhat-csaf", "cvssScore" : 4.7, "severity" : "MEDIUM", "cves" : [ "CVE-2025-68160" ], "unique" : false }, { "id" : "CVE-2025-69418", "source" : "redhat-csaf", "cvssScore" : 4.0, "severity" : "MEDIUM", "cves" : [ "CVE-2025-69418" ], "unique" : false }, { "id" : "CVE-2024-2511", "source" : "redhat-csaf", "cvssScore" : 3.7, "severity" : "LOW", "cves" : [ "CVE-2024-2511" ], "unique" : false } ], "highestVulnerability" : { "id" : "CVE-2025-15467", "title" : "Stack buffer overflow in CMS (Auth)EnvelopedData parsing", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2025-15467" ], "unique" : false } }, { "ref" : "pkg:rpm/redhat/libcurl@7.61.1-34.el8_10.11?arch=x86_64&distro=rhel-8.10&upstream=curl-7.61.1-34.el8_10.11.src.rpm", "issues" : [ { "id" : "CVE-2022-32207", "title" : "When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the target file, leaving the updated file accessible to more users than intended.", "source" : "redhat-csaf", "cvssScore" : 9.8, "severity" : "CRITICAL", "cves" : [ "CVE-2022-32207" ], "unique" : false }, { "id" : "CVE-2022-22576", "title" : "An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL-enabled protocols: SMPTP(S), IMAP(S), POP3(S) and LDAP(S) (openldap only).", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2022-22576" ], "unique" : false }, { "id" : "CVE-2023-38545", "title" : "This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy\nhandshake.\n\nWhen curl is asked to pass along the host name to the SOCKS5 proxy to allow\nthat to resolve the address instead of it getting done by curl itself, the\nmaximum length that host name can be is 255 bytes.\n\nIf the host name is detected to be longer, curl switches to local name\nresolving and instead passes on the resolved address only. Due to this bug,\nthe local variable that means \"let the host resolve the name\" could get the\nwrong value during a slow SOCKS5 handshake, and contrary to the intention,\ncopy the too long host name to the target buffer instead of copying just the\nresolved address there.\n\nThe target buffer being a heap based buffer, and the host name coming from the\nURL that curl has been told to operate with.", "source" : "redhat-csaf", "cvssScore" : 8.1, "severity" : "HIGH", "cves" : [ "CVE-2023-38545" ], "unique" : false }, { "id" : "CVE-2022-27775", "title" : "An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-27775" ], "unique" : false }, { "id" : "CVE-2022-27782", "title" : "libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily.", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2022-27782" ], "unique" : false }, { "id" : "CVE-2024-2398", "title" : "HTTP/2 push headers memory-leak", "source" : "redhat-csaf", "cvssScore" : 7.5, "severity" : "HIGH", "cves" : [ "CVE-2024-2398" ], "unique" : false }, { "id" : "CVE-2022-32206", "title" : "curl < 7.84.0 supports \"chained\" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable \"links\" in this \"decompression chain\" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a \"malloc bomb\", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors.", "source" : "redhat-csaf", "cvssScore" : 6.5, "severity" : "MEDIUM", "cves" : [ "CVE-2022-32206" ], "unique" : false }, { "id" : "CVE-2023-23916", "title" : "An allocation of resources without limits or throttling vulnerability exists in curl : unable to retrigger pipelinerun for component forgejo-rep-ccja:test-comp-pac-forgejo-utvouv: timed out waiting for new PipelineRun to appear after retriggering it for component forgejo-rep-ccja:test-comp-pac-forgejo-utvouv { s: "unable to retrigger pipelinerun for component forgejo-rep-ccja:test-comp-pac-forgejo-utvouv: timed out waiting for new PipelineRun to appear after retriggering it for component forgejo-rep-ccja:test-comp-pac-forgejo-utvouv", } In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/forgejo-integration-reporting.go:231 @ 04/20/26 19:31:33.646 ------------------------------ SSSSSSSSSSSSS•••••••••••••• ------------------------------ • [FAILED] [1241.276 seconds] [integration-service-suite Integration Service E2E tests] with happy path for general flow of Integration service when a new Component is created [It] triggers a build PipelineRun [integration-service] /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:85 Timeline >> Image repository for component test-component-pac-eyzzms in namespace integration1-hpfx do not have right state ('' != 'ready') yet but it has status { { } { } []}. no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx)no pipelinerun found for component test-component-pac-eyzzms (application: integ-app-ksne, namespace: integration1-hpfx) [FAILED] in [It] - /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:87 @ 04/20/26 19:34:41.008 << Timeline [FAILED] Unexpected error: : context deadline exceeded {} occurred In [It] at: /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:87 @ 04/20/26 19:34:41.008 ------------------------------ SSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS ------------------------------ • [FAILED] [1334.436 seconds] [build-service-suite Build templates E2E test] HACBS pipelines [It] triggers PipelineRun for symlink component with source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic with component name test-symlink-comp-pnms [build, build-templates, HACBS, pipeline-service, pipeline, build-templates-e2e, source-build-e2e] /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:325 Timeline >> "level"=0 "msg"="found credentials for image ref quay.io/redhat-appstudio-qe/test-images:pipeline-bundle-1776712446-azvu -> user: redhat-appstudio-qe+redhat_appstudio_quality" Created component for scenario sample-python-basic-oci: component: test-comp-jobv, repo: https://github.com/redhat-appstudio-qe/devfile-sample-python-basic, baseBranchName: base-nxcdon, pacBranchName: konflux-test-comp-jobv "level"=0 "msg"="found credentials for image ref quay.io/redhat-appstudio-qe/test-images:pipeline-bundle-1776712459-llbc -> user: redhat-appstudio-qe+redhat_appstudio_quality" Created component for scenario sample-python-basic-oci: component: test-comp-qvnh, repo: https://github.com/redhat-appstudio-qe/devfile-sample-python-basic, baseBranchName: base-jhlkmc, pacBranchName: konflux-test-comp-qvnh "level"=0 "msg"="found credentials for image ref quay.io/redhat-appstudio-qe/test-images:pipeline-bundle-1776712472-pinr -> user: redhat-appstudio-qe+redhat_appstudio_quality" Image repository for component test-comp-cknl in namespace build-e2e-eqjr do not have right state ('' != 'ready') yet but it has status { { } { } []}. Created component for scenario sample-python-basic-oci: component: test-comp-cknl, repo: https://github.com/redhat-appstudio-qe/devfile-sample-python-basic, baseBranchName: base-pzfsow, pacBranchName: konflux-test-comp-cknl Image repository for component test-symlink-comp-pnms in namespace build-e2e-eqjr do not have right state ('' != 'ready') yet but it has status { { } { } []}. Created component for scenario sample-python-basic-oci: component: test-symlink-comp-pnms, repo: https://github.com/redhat-appstudio-qe/devfile-sample-python-basic, baseBranchName: base-oguozi, pacBranchName: konflux-test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms PipelineRun has not been created yet for Component build-e2e-eqjr/test-symlink-comp-pnms [FAILED] in [It] - /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:200 @ 04/20/26 19:35:14.686 error while getting pipelineruns: no pipelinerun found for application test-app-nxdqerror while getting pipelineruns: no pipelinerun found for application test-app-nxdqerror while getting pipelineruns: no pipelinerun found for application test-app-nxdqerror while getting pipelineruns: no pipelinerun found for application test-app-nxdqerror while getting pipelineruns: no pipelinerun found for application test-app-nxdqerror while getting pipelineruns: no pipelinerun found for application test-app-nxdq [FAILED] in [AfterAll] - /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:289 @ 04/20/26 19:36:14.686 << Timeline [FAILED] Timed out after 1200.001s. timed out when waiting for the PipelineRun to start for the Component build-e2e-eqjr/test-symlink-comp-pnms Expected success, but got an error: <*errors.errorString | 0xc000eb4370>: no pipelinerun found for component test-symlink-comp-pnms { s: "no pipelinerun found for component test-symlink-comp-pnms", } In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:200 @ 04/20/26 19:35:14.686 There were additional failures detected. To view them in detail run ginkgo -vv ------------------------------ SSSSSSSSS ------------------------------ P [PENDING] [build-service-suite Build templates E2E test] HACBS pipelines scenario sample-python-basic-oci (docker-build) when Pipeline Results are stored for component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic and Pipeline docker-build should have Pipeline Logs [build, build-templates, HACBS, pipeline-service, pipeline] /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:507 ------------------------------ S ------------------------------ P [PENDING] [build-service-suite Build templates E2E test] HACBS pipelines scenario sample-python-basic-oci (docker-build) when the container image for component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic is created and pushed to container registry verify-enterprise-contract check should pass [build, build-templates, HACBS, pipeline-service, pipeline, sbom, slow, build-templates-e2e] /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:569 ------------------------------ S ------------------------------ P [PENDING] [build-service-suite Build templates E2E test] HACBS pipelines scenario sample-python-basic-oci (docker-build) build-definitions ec pipelines runs ec pipeline pipelines/enterprise-contract.yaml [build, build-templates, HACBS, pipeline-service, pipeline, build-templates-e2e] /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:744 ------------------------------ SSSSSS ------------------------------ P [PENDING] [build-service-suite Build templates E2E test] HACBS pipelines scenario sample-python-basic-oci (docker-build-oci-ta) when Pipeline Results are stored for component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic and Pipeline docker-build-oci-ta should have Pipeline Logs [build, build-templates, HACBS, pipeline-service, pipeline] /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:507 ------------------------------ S ------------------------------ P [PENDING] [build-service-suite Build templates E2E test] HACBS pipelines scenario sample-python-basic-oci (docker-build-oci-ta) when the container image for component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic is created and pushed to container registry verify-enterprise-contract check should pass [build, build-templates, HACBS, pipeline-service, pipeline, sbom, slow, build-templates-e2e] /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:569 ------------------------------ S ------------------------------ P [PENDING] [build-service-suite Build templates E2E test] HACBS pipelines scenario sample-python-basic-oci (docker-build-oci-ta) build-definitions ec pipelines runs ec pipeline pipelines/enterprise-contract.yaml [build, build-templates, HACBS, pipeline-service, pipeline, build-templates-e2e] /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:744 ------------------------------ SSSSSS ------------------------------ P [PENDING] [build-service-suite Build templates E2E test] HACBS pipelines scenario sample-python-basic-oci (docker-build-oci-ta-min) when Pipeline Results are stored for component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic and Pipeline docker-build-oci-ta-min should have Pipeline Logs [build, build-templates, HACBS, pipeline-service, pipeline] /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:507 ------------------------------ S ------------------------------ P [PENDING] [build-service-suite Build templates E2E test] HACBS pipelines scenario sample-python-basic-oci (docker-build-oci-ta-min) when the container image for component with Git source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic is created and pushed to container registry verify-enterprise-contract check should pass [build, build-templates, HACBS, pipeline-service, pipeline, sbom, slow, build-templates-e2e] /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:569 ------------------------------ S ------------------------------ P [PENDING] [build-service-suite Build templates E2E test] HACBS pipelines scenario sample-python-basic-oci (docker-build-oci-ta-min) build-definitions ec pipelines runs ec pipeline pipelines/enterprise-contract.yaml [build, build-templates, HACBS, pipeline-service, pipeline, build-templates-e2e] /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:744 ------------------------------ S•••••••••••••• ------------------------------ P [PENDING] [build-service-suite Build service E2E tests] test git provider gl PaC component build when the PaC init branch is merged retrigger the pipeline manually [build-service, github-webhook, pac-build, pipeline, image-controller, gitlab, build-custom-branch] /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:600 ------------------------------ P [PENDING] [build-service-suite Build service E2E tests] test git provider gl PaC component build when the PaC init branch is merged retriggered pipelineRun should eventually finish [build-service, github-webhook, pac-build, pipeline, image-controller, gitlab, build-custom-branch] /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:642 ------------------------------ ••• ------------------------------ P [PENDING] [build-service-suite Build service E2E tests] test git provider fj PaC component build when the PaC init branch is merged retrigger the pipeline manually [build-service, github-webhook, pac-build, pipeline, image-controller, forgejo, build-custom-branch] /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:600 ------------------------------ P [PENDING] [build-service-suite Build service E2E tests] test git provider fj PaC component build when the PaC init branch is merged retriggered pipelineRun should eventually finish [build-service, github-webhook, pac-build, pipeline, image-controller, forgejo, build-custom-branch] /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:642 ------------------------------ ••••• ------------------------------ • [FAILED] [1800.225 seconds] [build-service-suite Build service E2E tests] test git provider gh PaC component build when a new component without specified branch is created and with visibility private [It] triggers a PipelineRun [build-service, github-webhook, pac-build, pipeline, image-controller, github, pac-custom-default-branch] /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:176 Timeline >> PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu PipelineRun has not been created yet for the component build-e2e-jlth/gh-test-custom-branch-mreblu [FAILED] in [It] - /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:188 @ 04/20/26 19:45:21.138 << Timeline [FAILED] Timed out after 1800.000s. timed out when waiting for the PipelineRun to start for the component gh-test-custom-branch-mreblu/build-e2e-jlth Expected success, but got an error: <*errors.errorString | 0xc000a6e5f0>: no pipelinerun found for component gh-test-custom-default-pdwjen { s: "no pipelinerun found for component gh-test-custom-default-pdwjen", } In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:188 @ 04/20/26 19:45:21.138 ------------------------------ SSSSSSSSSSSSSSSSSSSSSSSS ------------------------------ P [PENDING] [build-service-suite Build service E2E tests] test git provider gh PaC component build when the PaC init branch is merged retrigger the pipeline manually [build-service, github-webhook, pac-build, pipeline, image-controller, github, build-custom-branch] /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:600 ------------------------------ P [PENDING] [build-service-suite Build service E2E tests] test git provider gh PaC component build when the PaC init branch is merged retriggered pipelineRun should eventually finish [build-service, github-webhook, pac-build, pipeline, image-controller, github, build-custom-branch] /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:642 ------------------------------ S ------------------------------ • [FAILED] [1802.110 seconds] [build-service-suite Build service E2E tests] test pac with multiple components using same repository when components are created in same namespace [It] triggers a PipelineRun for component go-component-nofrer [build-service, github, pac-build, multi-component] /tmp/tmp.VA2UVYReoU/tests/build/multi_component.go:125 Timeline >> PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer PipelineRun has not been created yet for the component build-e2e-yxit/go-component-nofrer [FAILED] in [It] - /tmp/tmp.VA2UVYReoU/tests/build/multi_component.go:137 @ 04/20/26 19:45:47.479 << Timeline [FAILED] Timed out after 1800.001s. timed out when waiting for the PipelineRun to start for the component go-component-nofrer/build-e2e-yxit Expected success, but got an error: <*errors.errorString | 0xc0014fa0e0>: no pipelinerun found for component go-component-nofrer { s: "no pipelinerun found for component go-component-nofrer", } In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/multi_component.go:137 @ 04/20/26 19:45:47.479 ------------------------------ SSSSSSSSSSSSS ------------------------------ • [FAILED] [1817.225 seconds] [build-service-suite Build service E2E tests] test git provider gh component update with renovate when components are created in same namespace [It] triggers a PipelineRun for parent component [build-service, renovate, multi-component, github] /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:259 Timeline >> PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev PipelineRun has not been created yet for the component build-e2e-jqfz/gh-multi-component-parent-riev [FAILED] in [It] - /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:272 @ 04/20/26 19:45:55.141 << Timeline [FAILED] Timed out after 1800.001s. timed out when waiting for the PipelineRun to start for the component gh-multi-component-parent-riev/build-e2e-jqfz Expected success, but got an error: <*errors.errorString | 0xc00088b1f0>: no pipelinerun found for component gh-multi-component-parent-riev { s: "no pipelinerun found for component gh-multi-component-parent-riev", } In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:272 @ 04/20/26 19:45:55.141 ------------------------------ SSSSSSSSSSSS ------------------------------ • [FAILED] [1216.359 seconds] [build-service-suite Build service E2E tests] test git provider gl component update with renovate when components are created in same namespace [It] should lead to a nudge PR creation for child component [build-service, renovate, multi-component, gitlab] /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:412 [FAILED] Timed out after 1200.000s. timed out when waiting for component nudge PR to be created in build-nudge-child-evhllx repository Expected : false to be true In [It] at: /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:427 @ 04/20/26 19:57:48.35 ------------------------------ SSSSSSSSSSSSSSSSSSSSS Summarizing 12 Failures: [FAIL] [enterprise-contract-suite Conforma E2E tests] test creating and signing an image and task verify-enterprise-contract task [It] succeeds when policy is met [ec, pipeline] /tmp/tmp.VA2UVYReoU/tests/enterprise-contract/contract.go:190 [FAIL] [integration-service-suite Gitlab Status Reporting of Integration tests] Gitlab with status reporting of Integration tests in the assosiated merge request [BeforeAll] when a new Component with specified custom branch is created triggers a Build PipelineRun [integration-service, gitlab-status-reporting, custom-branch] /tmp/tmp.VA2UVYReoU/tests/integration-service/gitlab-integration-reporting.go:68 [FAIL] [konflux-demo-suite] Maven project - Default build when Component is created [It] triggers creation of a PR in the sample repo [konflux, upstream-konflux] /tmp/tmp.VA2UVYReoU/tests/konflux-demo/konflux-demo.go:294 [FAIL] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] with status reporting of Integration tests in CheckRuns when we start creation of a new Component A [It] triggers a Build PipelineRun for componentA go-component [integration-service, group-snapshot-creation] /tmp/tmp.VA2UVYReoU/tests/integration-service/group-snapshots-tests.go:224 [FAIL] [integration-service-suite Status Reporting of Integration tests] with status reporting of Integration tests in CheckRuns [BeforeAll] when a new Component with specified custom branch is created does not contain an annotation with a Snapshot Name [integration-service, github-status-reporting, custom-branch] /tmp/tmp.VA2UVYReoU/tests/integration-service/status-reporting-to-pullrequest.go:86 [FAIL] [integration-service-suite Forgejo Status Reporting of Integration tests] Forgejo with status reporting of Integration tests in the associated merge request when a new Component with specified custom branch is created [It] should lead to build PipelineRun finishing successfully [integration-service, forgejo-status-reporting, custom-branch] /tmp/tmp.VA2UVYReoU/tests/integration-service/forgejo-integration-reporting.go:231 [FAIL] [integration-service-suite Integration Service E2E tests] with happy path for general flow of Integration service when a new Component is created [It] triggers a build PipelineRun [integration-service] /tmp/tmp.VA2UVYReoU/tests/integration-service/integration.go:87 [FAIL] [build-service-suite Build service E2E tests] test git provider gh PaC component build when a new component without specified branch is created and with visibility private [It] triggers a PipelineRun [build-service, github-webhook, pac-build, pipeline, image-controller, github, pac-custom-default-branch] /tmp/tmp.VA2UVYReoU/tests/build/pac_build.go:188 [FAIL] [build-service-suite Build service E2E tests] test pac with multiple components using same repository when components are created in same namespace [It] triggers a PipelineRun for component go-component-nofrer [build-service, github, pac-build, multi-component] /tmp/tmp.VA2UVYReoU/tests/build/multi_component.go:137 [FAIL] [build-service-suite Build service E2E tests] test git provider gh component update with renovate when components are created in same namespace [It] triggers a PipelineRun for parent component [build-service, renovate, multi-component, github] /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:272 [FAIL] [build-service-suite Build service E2E tests] test git provider gl component update with renovate when components are created in same namespace [It] should lead to a nudge PR creation for child component [build-service, renovate, multi-component, gitlab] /tmp/tmp.VA2UVYReoU/tests/build/renovate.go:427 [FAIL] [build-service-suite Build templates E2E test] HACBS pipelines [It] triggers PipelineRun for symlink component with source URL https://github.com/redhat-appstudio-qe/devfile-sample-python-basic with component name test-symlink-comp-pnms [build, build-templates, HACBS, pipeline-service, pipeline, build-templates-e2e, source-build-e2e] /tmp/tmp.VA2UVYReoU/tests/build/build_templates.go:200 Ran 134 of 477 Specs in 2644.710 seconds FAIL! -- 122 Passed | 12 Failed | 88 Pending | 255 Skipped Ginkgo ran 1 suite in 46m40.723122733s Test Suite Failed Error: running "ginkgo --seed=1776711374 --timeout=1h30m0s --grace-period=30s --output-interceptor-mode=none --label-filter=!upgrade-create && !upgrade-verify && !upgrade-cleanup && !release-pipelines && !disaster-recovery --no-color --json-report=e2e-report.json --junit-report=e2e-report.xml --procs=20 --nodes=20 --p --output-dir=/workspace/artifact-dir ./cmd --" failed with exit code 1 make: *** [Makefile:25: ci/test/e2e] Error 1