pod: test-component-pac-vrbmoe-o03297d3c2217afc553582eb4e4ef9857-pod | init container: prepare 2025/09/12 13:27:54 Entrypoint initialization pod: test-component-pac-vrbmoe-o03297d3c2217afc553582eb4e4ef9857-pod | init container: place-scripts 2025/09/12 13:27:55 Decoded script /tekton/scripts/script-0-t6h72 2025/09/12 13:27:55 Decoded script /tekton/scripts/script-1-qb8jl 2025/09/12 13:27:55 Decoded script /tekton/scripts/script-2-wkq8f 2025/09/12 13:27:55 Decoded script /tekton/scripts/script-3-9p222 2025/09/12 13:27:55 Decoded script /tekton/scripts/script-4-qfsrm pod: test-component-pac-vrbmoe-o03297d3c2217afc553582eb4e4ef9857-pod | init container: working-dir-initializer pod: test-component-pac-vrbmoe-o03297d3c2217afc553582eb4e4ef9857-pod | container step-build: [2025-09-12T13:28:17,943822766+00:00] Validate context path [2025-09-12T13:28:17,946654096+00:00] Update CA trust [2025-09-12T13:28:17,947703968+00:00] Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2025-09-12T13:28:19,848366300+00:00] Prepare Dockerfile Checking if /var/workdir/cachi2/output/bom.json exists. Could not find prefetched sbom. No content_sets found for ICM [2025-09-12T13:28:19,860805205+00:00] Prepare system (architecture: x86_64) [2025-09-12T13:28:20,598626265+00:00] Setup prefetched Trying to pull registry.access.redhat.com/ubi8/openjdk-17-runtime:1.13... Getting image source signatures Checking if image destination supports signatures Copying blob sha256:1df969f83266d1d6babc933f3905ecf8ed6121632b2291d337ec8825c3287228 Copying blob sha256:4752687a61a97d6f352ae62c381c87564bcb2f5b6523a05510ca1fb60d640216 Copying blob sha256:0344366a246a0f7590c2bae4536c01f15f20c6d802b4654ce96ac81047bc23f3 Copying config sha256:eadf411b954405e4febecea4f7e9b7e2da59a2f9f33f8cfebe4c11522ade1c23 Writing manifest to image destination Storing signatures { "architecture": "x86_64", "build-date": "2025-09-12T13:28:20Z", "com.redhat.build-host": "cpt-1007.osbs.prod.upshift.rdu2.redhat.com", "com.redhat.component": "openjdk-17-runtime-ubi8-container", "com.redhat.license_terms": "https://www.redhat.com/en/about/red-hat-end-user-license-agreements#UBI", "description": "Image for Red Hat OpenShift providing OpenJDK 17 runtime", "distribution-scope": "public", "io.cekit.version": "3.11.0", "io.k8s.description": "Platform for running plain Java applications (fat-jar and flat classpath)", "io.k8s.display-name": "Java Applications", "io.openshift.expose-services": "", "io.openshift.tags": "java", "maintainer": "Red Hat OpenJDK ", "name": "ubi8/openjdk-17-runtime", "org.jboss.product": "openjdk", "org.jboss.product.openjdk.version": "17", "org.jboss.product.version": "17", "release": "1.1655306380", "summary": "Image for Red Hat OpenShift providing OpenJDK 17 runtime", "url": "https://access.redhat.com/containers/#/registry.access.redhat.com/ubi8/openjdk-17-runtime/images/1.13-1.1655306380", "usage": "https://access.redhat.com/documentation/en-us/red_hat_jboss_middleware_for_openshift/3/html/red_hat_java_s2i_for_openshift/", "vcs-ref": "5317705287d427a5b8ea6186aaebec2fce6ccb89", "vcs-type": "git", "vendor": "Red Hat, Inc.", "version": "1.13", "quay.expires-after": "5d", "io.buildah.version": "1.40.1" } [2025-09-12T13:28:29,682698944+00:00] Register sub-man Adding the entitlement to the build [2025-09-12T13:28:29,686104797+00:00] Add secrets [2025-09-12T13:28:29,770106300+00:00] Run buildah build [2025-09-12T13:28:29,771243781+00:00] buildah build --volume /tmp/entitlement:/etc/pki/entitlement --security-opt=unmask=/proc/interrupts --label architecture=x86_64 --label vcs-type=git --label vcs-ref=5317705287d427a5b8ea6186aaebec2fce6ccb89 --label quay.expires-after=5d --label build-date=2025-09-12T13:28:20Z --tls-verify=true --no-cache --ulimit nofile=4096:4096 --http-proxy=false -f /tmp/Dockerfile.QBV0ee -t quay.io/redhat-appstudio-qe/integration2-knlu/test-component-pac-vrbmoe:on-pr-5317705287d427a5b8ea6186aaebec2fce6ccb89 . [1/2] STEP 1/5: FROM registry.access.redhat.com/ubi8/openjdk-17:1.13 AS builder Trying to pull registry.access.redhat.com/ubi8/openjdk-17:1.13... Getting image source signatures Checking if image destination supports signatures Copying blob sha256:1e443c4e5fd4cedbd0a83cfd29362c370b2a7f9713a6af5bfd1d824275aef75c Copying blob sha256:4752687a61a97d6f352ae62c381c87564bcb2f5b6523a05510ca1fb60d640216 Copying blob sha256:0344366a246a0f7590c2bae4536c01f15f20c6d802b4654ce96ac81047bc23f3 Copying config sha256:60d04f65477a71cf8fb3347dc0e7bf18ba670ac421920938944e912414f329fb Writing manifest to image destination Storing signatures [1/2] STEP 2/5: WORKDIR /work [1/2] STEP 3/5: COPY . . [1/2] STEP 4/5: USER 0 [1/2] STEP 5/5: RUN mvn clean package -DskipTests -DskipDocsGen [INFO] Scanning for projects... [INFO] [INFO] ------------------< org.example:simple-java-project >------------------- [INFO] Building simple-java-project 1.0-SNAPSHOT [INFO] --------------------------------[ jar ]--------------------------------- Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-shade-plugin/3.2.4/maven-shade-plugin-3.2.4.pom Progress (1): 2.8/11 kB Progress (1): 5.5/11 kB Progress (1): 8.3/11 kB Progress (1): 11 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-shade-plugin/3.2.4/maven-shade-plugin-3.2.4.pom (11 kB at 58 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-plugins/34/maven-plugins-34.pom Progress (1): 2.8/11 kB Progress (1): 5.5/11 kB Progress (1): 8.3/11 kB Progress (1): 11 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-plugins/34/maven-plugins-34.pom (11 kB at 427 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/34/maven-parent-34.pom Progress (1): 4.1/43 kB Progress (1): 8.2/43 kB Progress (1): 12/43 kB Progress (1): 16/43 kB Progress (1): 20/43 kB Progress (1): 25/43 kB Progress (1): 29/43 kB Progress (1): 33/43 kB Progress (1): 37/43 kB Progress (1): 41/43 kB Progress (1): 43 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/34/maven-parent-34.pom (43 kB at 1.4 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/apache/23/apache-23.pom Progress (1): 4.1/18 kB Progress (1): 8.2/18 kB Progress (1): 12/18 kB Progress (1): 16/18 kB Progress (1): 18 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/apache/23/apache-23.pom (18 kB at 801 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-shade-plugin/3.2.4/maven-shade-plugin-3.2.4.jar Progress (1): 4.1/134 kB Progress (1): 8.2/134 kB Progress (1): 12/134 kB Progress (1): 16/134 kB Progress (1): 20/134 kB Progress (1): 25/134 kB Progress (1): 29/134 kB Progress (1): 33/134 kB Progress (1): 37/134 kB Progress (1): 41/134 kB Progress (1): 45/134 kB Progress (1): 49/134 kB Progress (1): 53/134 kB Progress (1): 57/134 kB Progress (1): 61/134 kB Progress (1): 66/134 kB Progress (1): 70/134 kB Progress (1): 74/134 kB Progress (1): 78/134 kB Progress (1): 82/134 kB Progress (1): 86/134 kB Progress (1): 90/134 kB Progress (1): 94/134 kB Progress (1): 98/134 kB Progress (1): 102/134 kB Progress (1): 106/134 kB Progress (1): 111/134 kB Progress (1): 115/134 kB Progress (1): 119/134 kB Progress (1): 123/134 kB Progress (1): 127/134 kB Progress (1): 131/134 kB Progress (1): 134 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-shade-plugin/3.2.4/maven-shade-plugin-3.2.4.jar (134 kB at 3.4 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-clean-plugin/2.5/maven-clean-plugin-2.5.pom Progress (1): 3.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-clean-plugin/2.5/maven-clean-plugin-2.5.pom (3.9 kB at 187 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-plugins/22/maven-plugins-22.pom Progress (1): 4.1/13 kB Progress (1): 8.2/13 kB Progress (1): 12/13 kB Progress (1): 13 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-plugins/22/maven-plugins-22.pom (13 kB at 373 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/21/maven-parent-21.pom Progress (1): 4.1/26 kB Progress (1): 8.2/26 kB Progress (1): 12/26 kB Progress (1): 16/26 kB Progress (1): 20/26 kB Progress (1): 25/26 kB Progress (1): 26 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/21/maven-parent-21.pom (26 kB at 1.1 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/apache/10/apache-10.pom Progress (1): 4.1/15 kB Progress (1): 8.2/15 kB Progress (1): 12/15 kB Progress (1): 15 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/apache/10/apache-10.pom (15 kB at 705 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-clean-plugin/2.5/maven-clean-plugin-2.5.jar Progress (1): 4.1/25 kB Progress (1): 8.2/25 kB Progress (1): 12/25 kB Progress (1): 16/25 kB Progress (1): 20/25 kB Progress (1): 24/25 kB Progress (1): 25 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-clean-plugin/2.5/maven-clean-plugin-2.5.jar (25 kB at 985 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-resources-plugin/2.6/maven-resources-plugin-2.6.pom Progress (1): 4.1/8.1 kB Progress (1): 8.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-resources-plugin/2.6/maven-resources-plugin-2.6.pom (8.1 kB at 386 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-plugins/23/maven-plugins-23.pom Progress (1): 4.1/9.2 kB Progress (1): 8.2/9.2 kB Progress (1): 9.2 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-plugins/23/maven-plugins-23.pom (9.2 kB at 438 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/22/maven-parent-22.pom Progress (1): 4.1/30 kB Progress (1): 8.2/30 kB Progress (1): 12/30 kB Progress (1): 16/30 kB Progress (1): 20/30 kB Progress (1): 25/30 kB Progress (1): 29/30 kB Progress (1): 30 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/22/maven-parent-22.pom (30 kB at 1.3 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/apache/11/apache-11.pom Progress (1): 4.1/15 kB Progress (1): 8.2/15 kB Progress (1): 12/15 kB Progress (1): 15 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/apache/11/apache-11.pom (15 kB at 705 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-resources-plugin/2.6/maven-resources-plugin-2.6.jar Progress (1): 4.1/30 kB Progress (1): 8.2/30 kB Progress (1): 12/30 kB Progress (1): 16/30 kB Progress (1): 20/30 kB Progress (1): 25/30 kB Progress (1): 29/30 kB Progress (1): 30 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-resources-plugin/2.6/maven-resources-plugin-2.6.jar (30 kB at 1.1 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-compiler-plugin/3.1/maven-compiler-plugin-3.1.pom Progress (1): 4.1/10 kB Progress (1): 8.2/10 kB Progress (1): 10 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-compiler-plugin/3.1/maven-compiler-plugin-3.1.pom (10 kB at 464 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-plugins/24/maven-plugins-24.pom Progress (1): 4.1/11 kB Progress (1): 8.2/11 kB Progress (1): 11 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-plugins/24/maven-plugins-24.pom (11 kB at 251 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/23/maven-parent-23.pom Progress (1): 4.1/33 kB Progress (1): 8.2/33 kB Progress (1): 12/33 kB Progress (1): 16/33 kB Progress (1): 20/33 kB Progress (1): 25/33 kB Progress (1): 29/33 kB Progress (1): 33 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/23/maven-parent-23.pom (33 kB at 1.6 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/apache/13/apache-13.pom Progress (1): 4.1/14 kB Progress (1): 8.2/14 kB Progress (1): 12/14 kB Progress (1): 14 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/apache/13/apache-13.pom (14 kB at 665 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-compiler-plugin/3.1/maven-compiler-plugin-3.1.jar Progress (1): 4.1/43 kB Progress (1): 8.2/43 kB Progress (1): 12/43 kB Progress (1): 16/43 kB Progress (1): 20/43 kB Progress (1): 25/43 kB Progress (1): 29/43 kB Progress (1): 33/43 kB Progress (1): 37/43 kB Progress (1): 41/43 kB Progress (1): 43 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-compiler-plugin/3.1/maven-compiler-plugin-3.1.jar (43 kB at 1.8 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-surefire-plugin/2.12.4/maven-surefire-plugin-2.12.4.pom Progress (1): 4.1/10 kB Progress (1): 8.2/10 kB Progress (1): 10 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-surefire-plugin/2.12.4/maven-surefire-plugin-2.12.4.pom (10 kB at 524 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/surefire/surefire/2.12.4/surefire-2.12.4.pom Progress (1): 4.1/14 kB Progress (1): 8.2/14 kB Progress (1): 12/14 kB Progress (1): 14 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/surefire/surefire/2.12.4/surefire-2.12.4.pom (14 kB at 657 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-surefire-plugin/2.12.4/maven-surefire-plugin-2.12.4.jar Progress (1): 4.1/30 kB Progress (1): 8.2/30 kB Progress (1): 12/30 kB Progress (1): 16/30 kB Progress (1): 20/30 kB Progress (1): 25/30 kB Progress (1): 29/30 kB Progress (1): 30 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-surefire-plugin/2.12.4/maven-surefire-plugin-2.12.4.jar (30 kB at 1.2 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-jar-plugin/3.3.0/maven-jar-plugin-3.3.0.pom Progress (1): 4.1/6.8 kB Progress (1): 6.8 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-jar-plugin/3.3.0/maven-jar-plugin-3.3.0.pom (6.8 kB at 199 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-plugins/37/maven-plugins-37.pom Progress (1): 4.1/9.9 kB Progress (1): 8.2/9.9 kB Progress (1): 9.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-plugins/37/maven-plugins-37.pom (9.9 kB at 472 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/37/maven-parent-37.pom Progress (1): 4.1/46 kB Progress (1): 8.2/46 kB Progress (1): 12/46 kB Progress (1): 16/46 kB Progress (1): 20/46 kB Progress (1): 25/46 kB Progress (1): 29/46 kB Progress (1): 33/46 kB Progress (1): 37/46 kB Progress (1): 41/46 kB Progress (1): 45/46 kB Progress (1): 46 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/37/maven-parent-37.pom (46 kB at 2.1 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/apache/27/apache-27.pom Progress (1): 4.1/20 kB Progress (1): 8.2/20 kB Progress (1): 12/20 kB Progress (1): 16/20 kB Progress (1): 20 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/apache/27/apache-27.pom (20 kB at 970 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-jar-plugin/3.3.0/maven-jar-plugin-3.3.0.jar Progress (1): 4.1/27 kB Progress (1): 8.2/27 kB Progress (1): 12/27 kB Progress (1): 16/27 kB Progress (1): 20/27 kB Progress (1): 25/27 kB Progress (1): 27 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-jar-plugin/3.3.0/maven-jar-plugin-3.3.0.jar (27 kB at 1.1 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/io/github/stuartwdouglas/hacbs-test/simple/simple-jdk17/0.1.2/simple-jdk17-0.1.2.pom Progress (1): 3.6 kB Downloaded from central: https://repo.maven.apache.org/maven2/io/github/stuartwdouglas/hacbs-test/simple/simple-jdk17/0.1.2/simple-jdk17-0.1.2.pom (3.6 kB at 162 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/io/github/stuartwdouglas/hacbs-test/shaded/shaded-jdk11/1.9/shaded-jdk11-1.9.pom Progress (1): 4.1/5.0 kB Progress (1): 5.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/io/github/stuartwdouglas/hacbs-test/shaded/shaded-jdk11/1.9/shaded-jdk11-1.9.pom (5.0 kB at 227 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/io/github/stuartwdouglas/hacbs-test/simple/simple-jdk8/1.2.4/simple-jdk8-1.2.4.pom Progress (1): 3.6 kB Downloaded from central: https://repo.maven.apache.org/maven2/io/github/stuartwdouglas/hacbs-test/simple/simple-jdk8/1.2.4/simple-jdk8-1.2.4.pom (3.6 kB at 157 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/io/github/stuartwdouglas/hacbs-test/gradle/hacbs-test-simple-gradle-jdk8/1.1/hacbs-test-simple-gradle-jdk8-1.1.pom Progress (1): 1.8 kB Downloaded from central: https://repo.maven.apache.org/maven2/io/github/stuartwdouglas/hacbs-test/gradle/hacbs-test-simple-gradle-jdk8/1.1/hacbs-test-simple-gradle-jdk8-1.1.pom (1.8 kB at 86 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/io/github/stuartwdouglas/hacbs-test/simple/simple-jdk17/0.1.2/simple-jdk17-0.1.2.jar Downloading from central: https://repo.maven.apache.org/maven2/io/github/stuartwdouglas/hacbs-test/shaded/shaded-jdk11/1.9/shaded-jdk11-1.9.jar Downloading from central: https://repo.maven.apache.org/maven2/io/github/stuartwdouglas/hacbs-test/simple/simple-jdk8/1.2.4/simple-jdk8-1.2.4.jar Downloading from central: https://repo.maven.apache.org/maven2/io/github/stuartwdouglas/hacbs-test/gradle/hacbs-test-simple-gradle-jdk8/1.1/hacbs-test-simple-gradle-jdk8-1.1.jar Progress (1): 3.6 kB Downloaded from central: https://repo.maven.apache.org/maven2/io/github/stuartwdouglas/hacbs-test/simple/simple-jdk17/0.1.2/simple-jdk17-0.1.2.jar (3.6 kB at 163 kB/s) Progress (1): 2.8/3.6 kB Progress (1): 3.6 kB Progress (2): 3.6 kB | 2.0 kB Progress (3): 3.6 kB | 2.0 kB | 2.8/7.1 kB Progress (3): 3.6 kB | 2.0 kB | 5.5/7.1 kB Progress (3): 3.6 kB | 2.0 kB | 7.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/io/github/stuartwdouglas/hacbs-test/simple/simple-jdk8/1.2.4/simple-jdk8-1.2.4.jar (3.6 kB at 86 kB/s) Downloaded from central: https://repo.maven.apache.org/maven2/io/github/stuartwdouglas/hacbs-test/gradle/hacbs-test-simple-gradle-jdk8/1.1/hacbs-test-simple-gradle-jdk8-1.1.jar (2.0 kB at 49 kB/s) Downloaded from central: https://repo.maven.apache.org/maven2/io/github/stuartwdouglas/hacbs-test/shaded/shaded-jdk11/1.9/shaded-jdk11-1.9.jar (7.1 kB at 153 kB/s) [INFO] [INFO] --- maven-clean-plugin:2.5:clean (default-clean) @ simple-java-project --- Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-api/2.0.6/maven-plugin-api-2.0.6.pom Progress (1): 1.5 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-api/2.0.6/maven-plugin-api-2.0.6.pom (1.5 kB at 86 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven/2.0.6/maven-2.0.6.pom Progress (1): 2.8/9.0 kB Progress (1): 5.5/9.0 kB Progress (1): 8.3/9.0 kB Progress (1): 9.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven/2.0.6/maven-2.0.6.pom (9.0 kB at 532 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/5/maven-parent-5.pom Progress (1): 2.8/15 kB Progress (1): 5.5/15 kB Progress (1): 8.3/15 kB Progress (1): 11/15 kB Progress (1): 14/15 kB Progress (1): 15 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/5/maven-parent-5.pom (15 kB at 802 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/apache/3/apache-3.pom Progress (1): 2.8/3.4 kB Progress (1): 3.4 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/apache/3/apache-3.pom (3.4 kB at 181 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/3.0/plexus-utils-3.0.pom Progress (1): 2.8/4.1 kB Progress (1): 4.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/3.0/plexus-utils-3.0.pom (4.1 kB at 194 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/spice/spice-parent/16/spice-parent-16.pom Progress (1): 2.8/8.4 kB Progress (1): 5.5/8.4 kB Progress (1): 8.3/8.4 kB Progress (1): 8.4 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/spice/spice-parent/16/spice-parent-16.pom (8.4 kB at 464 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/forge/forge-parent/5/forge-parent-5.pom Progress (1): 2.8/8.4 kB Progress (1): 5.5/8.4 kB Progress (1): 8.3/8.4 kB Progress (1): 8.4 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/forge/forge-parent/5/forge-parent-5.pom (8.4 kB at 465 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-api/2.0.6/maven-plugin-api-2.0.6.jar Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/3.0/plexus-utils-3.0.jar Progress (1): 4.1/13 kB Progress (1): 8.2/13 kB Progress (2): 8.2/13 kB | 4.1/226 kB Progress (2): 12/13 kB | 4.1/226 kB Progress (2): 12/13 kB | 8.2/226 kB Progress (2): 13 kB | 8.2/226 kB Progress (2): 13 kB | 12/226 kB Progress (2): 13 kB | 16/226 kB Progress (2): 13 kB | 20/226 kB Progress (2): 13 kB | 25/226 kB Progress (2): 13 kB | 29/226 kB Progress (2): 13 kB | 33/226 kB Progress (2): 13 kB | 37/226 kB Progress (2): 13 kB | 41/226 kB Progress (2): 13 kB | 45/226 kB Progress (2): 13 kB | 49/226 kB Progress (2): 13 kB | 53/226 kB Progress (2): 13 kB | 57/226 kB Progress (2): 13 kB | 61/226 kB Progress (2): 13 kB | 64/226 kB Progress (2): 13 kB | 68/226 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-api/2.0.6/maven-plugin-api-2.0.6.jar (13 kB at 643 kB/s) Progress (1): 73/226 kB Progress (1): 77/226 kB Progress (1): 81/226 kB Progress (1): 85/226 kB Progress (1): 89/226 kB Progress (1): 93/226 kB Progress (1): 97/226 kB Progress (1): 101/226 kB Progress (1): 105/226 kB Progress (1): 109/226 kB Progress (1): 114/226 kB Progress (1): 118/226 kB Progress (1): 122/226 kB Progress (1): 126/226 kB Progress (1): 130/226 kB Progress (1): 134/226 kB Progress (1): 138/226 kB Progress (1): 142/226 kB Progress (1): 146/226 kB Progress (1): 150/226 kB Progress (1): 154/226 kB Progress (1): 159/226 kB Progress (1): 163/226 kB Progress (1): 167/226 kB Progress (1): 171/226 kB Progress (1): 175/226 kB Progress (1): 179/226 kB Progress (1): 183/226 kB Progress (1): 187/226 kB Progress (1): 191/226 kB Progress (1): 195/226 kB Progress (1): 200/226 kB Progress (1): 204/226 kB Progress (1): 208/226 kB Progress (1): 212/226 kB Progress (1): 216/226 kB Progress (1): 220/226 kB Progress (1): 224/226 kB Progress (1): 226 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/3.0/plexus-utils-3.0.jar (226 kB at 5.0 MB/s) [INFO] [INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ simple-java-project --- Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-project/2.0.6/maven-project-2.0.6.pom Progress (1): 2.6 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-project/2.0.6/maven-project-2.0.6.pom (2.6 kB at 165 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-settings/2.0.6/maven-settings-2.0.6.pom Progress (1): 2.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-settings/2.0.6/maven-settings-2.0.6.pom (2.0 kB at 125 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-model/2.0.6/maven-model-2.0.6.pom Progress (1): 3.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-model/2.0.6/maven-model-2.0.6.pom (3.0 kB at 190 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/1.4.1/plexus-utils-1.4.1.pom Progress (1): 1.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/1.4.1/plexus-utils-1.4.1.pom (1.9 kB at 106 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/1.0.11/plexus-1.0.11.pom Progress (1): 4.1/9.0 kB Progress (1): 8.2/9.0 kB Progress (1): 9.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/1.0.11/plexus-1.0.11.pom (9.0 kB at 561 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-container-default/1.0-alpha-9-stable-1/plexus-container-default-1.0-alpha-9-stable-1.pom Progress (1): 3.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-container-default/1.0-alpha-9-stable-1/plexus-container-default-1.0-alpha-9-stable-1.pom (3.9 kB at 247 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-containers/1.0.3/plexus-containers-1.0.3.pom Progress (1): 492 B Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-containers/1.0.3/plexus-containers-1.0.3.pom (492 B at 31 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/1.0.4/plexus-1.0.4.pom Progress (1): 4.1/5.7 kB Progress (1): 5.7 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/1.0.4/plexus-1.0.4.pom (5.7 kB at 337 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/junit/junit/3.8.1/junit-3.8.1.pom Progress (1): 998 B Downloaded from central: https://repo.maven.apache.org/maven2/junit/junit/3.8.1/junit-3.8.1.pom (998 B at 59 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/1.0.4/plexus-utils-1.0.4.pom Progress (1): 4.1/6.9 kB Progress (1): 6.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/1.0.4/plexus-utils-1.0.4.pom (6.9 kB at 428 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/classworlds/classworlds/1.1-alpha-2/classworlds-1.1-alpha-2.pom Progress (1): 3.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/classworlds/classworlds/1.1-alpha-2/classworlds-1.1-alpha-2.pom (3.1 kB at 184 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-profile/2.0.6/maven-profile-2.0.6.pom Progress (1): 2.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-profile/2.0.6/maven-profile-2.0.6.pom (2.0 kB at 124 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact-manager/2.0.6/maven-artifact-manager-2.0.6.pom Progress (1): 2.6 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact-manager/2.0.6/maven-artifact-manager-2.0.6.pom (2.6 kB at 175 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-repository-metadata/2.0.6/maven-repository-metadata-2.0.6.pom Progress (1): 1.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-repository-metadata/2.0.6/maven-repository-metadata-2.0.6.pom (1.9 kB at 123 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact/2.0.6/maven-artifact-2.0.6.pom Progress (1): 1.6 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact/2.0.6/maven-artifact-2.0.6.pom (1.6 kB at 99 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-registry/2.0.6/maven-plugin-registry-2.0.6.pom Progress (1): 1.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-registry/2.0.6/maven-plugin-registry-2.0.6.pom (1.9 kB at 130 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-core/2.0.6/maven-core-2.0.6.pom Progress (1): 4.1/6.7 kB Progress (1): 6.7 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-core/2.0.6/maven-core-2.0.6.pom (6.7 kB at 419 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-parameter-documenter/2.0.6/maven-plugin-parameter-documenter-2.0.6.pom Progress (1): 1.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-parameter-documenter/2.0.6/maven-plugin-parameter-documenter-2.0.6.pom (1.9 kB at 119 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/reporting/maven-reporting-api/2.0.6/maven-reporting-api-2.0.6.pom Progress (1): 1.8 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/reporting/maven-reporting-api/2.0.6/maven-reporting-api-2.0.6.pom (1.8 kB at 92 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/reporting/maven-reporting/2.0.6/maven-reporting-2.0.6.pom Progress (1): 1.4 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/reporting/maven-reporting/2.0.6/maven-reporting-2.0.6.pom (1.4 kB at 96 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/doxia/doxia-sink-api/1.0-alpha-7/doxia-sink-api-1.0-alpha-7.pom Progress (1): 424 B Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/doxia/doxia-sink-api/1.0-alpha-7/doxia-sink-api-1.0-alpha-7.pom (424 B at 28 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/doxia/doxia/1.0-alpha-7/doxia-1.0-alpha-7.pom Progress (1): 3.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/doxia/doxia/1.0-alpha-7/doxia-1.0-alpha-7.pom (3.9 kB at 261 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-error-diagnostics/2.0.6/maven-error-diagnostics-2.0.6.pom Progress (1): 1.7 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-error-diagnostics/2.0.6/maven-error-diagnostics-2.0.6.pom (1.7 kB at 114 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/commons-cli/commons-cli/1.0/commons-cli-1.0.pom Progress (1): 2.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/commons-cli/commons-cli/1.0/commons-cli-1.0.pom (2.1 kB at 132 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-descriptor/2.0.6/maven-plugin-descriptor-2.0.6.pom Progress (1): 2.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-descriptor/2.0.6/maven-plugin-descriptor-2.0.6.pom (2.0 kB at 135 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-interactivity-api/1.0-alpha-4/plexus-interactivity-api-1.0-alpha-4.pom Progress (1): 4.1/7.1 kB Progress (1): 7.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-interactivity-api/1.0-alpha-4/plexus-interactivity-api-1.0-alpha-4.pom (7.1 kB at 443 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-monitor/2.0.6/maven-monitor-2.0.6.pom Progress (1): 1.3 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-monitor/2.0.6/maven-monitor-2.0.6.pom (1.3 kB at 84 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/classworlds/classworlds/1.1/classworlds-1.1.pom Progress (1): 3.3 kB Downloaded from central: https://repo.maven.apache.org/maven2/classworlds/classworlds/1.1/classworlds-1.1.pom (3.3 kB at 222 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/2.0.5/plexus-utils-2.0.5.pom Progress (1): 3.3 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/2.0.5/plexus-utils-2.0.5.pom (3.3 kB at 222 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/2.0.6/plexus-2.0.6.pom Progress (1): 4.1/17 kB Progress (1): 8.2/17 kB Progress (1): 12/17 kB Progress (1): 16/17 kB Progress (1): 17 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/2.0.6/plexus-2.0.6.pom (17 kB at 1.0 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-filtering/1.1/maven-filtering-1.1.pom Progress (1): 4.1/5.8 kB Progress (1): 5.8 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-filtering/1.1/maven-filtering-1.1.pom (5.8 kB at 386 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-components/17/maven-shared-components-17.pom Progress (1): 4.1/8.7 kB Progress (1): 8.2/8.7 kB Progress (1): 8.7 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-components/17/maven-shared-components-17.pom (8.7 kB at 580 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/1.5.15/plexus-utils-1.5.15.pom Progress (1): 4.1/6.8 kB Progress (1): 6.8 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/1.5.15/plexus-utils-1.5.15.pom (6.8 kB at 428 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/2.0.2/plexus-2.0.2.pom Progress (1): 4.1/12 kB Progress (1): 8.2/12 kB Progress (1): 12 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/2.0.2/plexus-2.0.2.pom (12 kB at 774 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-interpolation/1.12/plexus-interpolation-1.12.pom Progress (1): 889 B Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-interpolation/1.12/plexus-interpolation-1.12.pom (889 B at 59 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-components/1.1.14/plexus-components-1.1.14.pom Progress (1): 4.1/5.8 kB Progress (1): 5.8 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-components/1.1.14/plexus-components-1.1.14.pom (5.8 kB at 365 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/plexus/plexus-build-api/0.0.4/plexus-build-api-0.0.4.pom Progress (1): 2.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/plexus/plexus-build-api/0.0.4/plexus-build-api-0.0.4.pom (2.9 kB at 179 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/spice/spice-parent/10/spice-parent-10.pom Progress (1): 3.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/spice/spice-parent/10/spice-parent-10.pom (3.0 kB at 201 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/forge/forge-parent/3/forge-parent-3.pom Progress (1): 4.1/5.0 kB Progress (1): 5.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/forge/forge-parent/3/forge-parent-3.pom (5.0 kB at 315 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/1.5.8/plexus-utils-1.5.8.pom Progress (1): 4.1/8.1 kB Progress (1): 8.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/1.5.8/plexus-utils-1.5.8.pom (8.1 kB at 504 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-interpolation/1.13/plexus-interpolation-1.13.pom Progress (1): 890 B Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-interpolation/1.13/plexus-interpolation-1.13.pom (890 B at 14 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-components/1.1.15/plexus-components-1.1.15.pom Progress (1): 2.8 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-components/1.1.15/plexus-components-1.1.15.pom (2.8 kB at 190 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/2.0.3/plexus-2.0.3.pom Progress (1): 4.1/15 kB Progress (1): 8.2/15 kB Progress (1): 12/15 kB Progress (1): 15 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/2.0.3/plexus-2.0.3.pom (15 kB at 966 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-project/2.0.6/maven-project-2.0.6.jar Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-profile/2.0.6/maven-profile-2.0.6.jar Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact-manager/2.0.6/maven-artifact-manager-2.0.6.jar Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-registry/2.0.6/maven-plugin-registry-2.0.6.jar Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-core/2.0.6/maven-core-2.0.6.jar Progress (1): 4.1/116 kB Progress (1): 8.2/116 kB Progress (1): 12/116 kB Progress (1): 16/116 kB Progress (1): 20/116 kB Progress (1): 25/116 kB Progress (1): 29/116 kB Progress (1): 33/116 kB Progress (1): 37/116 kB Progress (1): 41/116 kB Progress (1): 45/116 kB Progress (1): 49/116 kB Progress (2): 49/116 kB | 4.1/152 kB Progress (2): 49/116 kB | 8.2/152 kB Progress (2): 49/116 kB | 12/152 kB Progress (3): 49/116 kB | 12/152 kB | 4.1/29 kB Progress (3): 49/116 kB | 16/152 kB | 4.1/29 kB Progress (3): 49/116 kB | 16/152 kB | 8.2/29 kB Progress (4): 49/116 kB | 16/152 kB | 8.2/29 kB | 4.1/57 kB Progress (4): 49/116 kB | 16/152 kB | 12/29 kB | 4.1/57 kB Progress (4): 49/116 kB | 16/152 kB | 12/29 kB | 8.2/57 kB Progress (4): 49/116 kB | 16/152 kB | 16/29 kB | 8.2/57 kB Progress (4): 49/116 kB | 16/152 kB | 16/29 kB | 12/57 kB Progress (4): 49/116 kB | 16/152 kB | 16/29 kB | 16/57 kB Progress (4): 49/116 kB | 16/152 kB | 16/29 kB | 20/57 kB Progress (4): 49/116 kB | 16/152 kB | 16/29 kB | 25/57 kB Progress (4): 49/116 kB | 16/152 kB | 16/29 kB | 29/57 kB Progress (4): 53/116 kB | 16/152 kB | 16/29 kB | 29/57 kB Progress (4): 53/116 kB | 16/152 kB | 16/29 kB | 33/57 kB Progress (4): 57/116 kB | 16/152 kB | 16/29 kB | 33/57 kB Progress (4): 61/116 kB | 16/152 kB | 16/29 kB | 33/57 kB Progress (4): 66/116 kB | 16/152 kB | 16/29 kB | 33/57 kB Progress (4): 66/116 kB | 16/152 kB | 16/29 kB | 37/57 kB Progress (4): 66/116 kB | 16/152 kB | 16/29 kB | 41/57 kB Progress (4): 66/116 kB | 16/152 kB | 16/29 kB | 45/57 kB Progress (4): 66/116 kB | 16/152 kB | 16/29 kB | 49/57 kB Progress (4): 66/116 kB | 16/152 kB | 16/29 kB | 53/57 kB Progress (4): 70/116 kB | 16/152 kB | 16/29 kB | 53/57 kB Progress (4): 70/116 kB | 16/152 kB | 16/29 kB | 57 kB Progress (4): 74/116 kB | 16/152 kB | 16/29 kB | 57 kB Progress (4): 78/116 kB | 16/152 kB | 16/29 kB | 57 kB Progress (4): 82/116 kB | 16/152 kB | 16/29 kB | 57 kB Progress (4): 82/116 kB | 16/152 kB | 20/29 kB | 57 kB Progress (4): 86/116 kB | 16/152 kB | 20/29 kB | 57 kB Progress (4): 86/116 kB | 16/152 kB | 25/29 kB | 57 kB Progress (4): 90/116 kB | 16/152 kB | 25/29 kB | 57 kB Progress (4): 90/116 kB | 20/152 kB | 25/29 kB | 57 kB Progress (4): 90/116 kB | 20/152 kB | 29/29 kB | 57 kB Progress (4): 90/116 kB | 25/152 kB | 29/29 kB | 57 kB Progress (4): 94/116 kB | 25/152 kB | 29/29 kB | 57 kB Progress (4): 94/116 kB | 29/152 kB | 29/29 kB | 57 kB Progress (4): 94/116 kB | 29/152 kB | 29 kB | 57 kB Progress (4): 94/116 kB | 33/152 kB | 29 kB | 57 kB Progress (4): 98/116 kB | 33/152 kB | 29 kB | 57 kB Progress (4): 102/116 kB | 33/152 kB | 29 kB | 57 kB Progress (4): 106/116 kB | 33/152 kB | 29 kB | 57 kB Progress (4): 111/116 kB | 33/152 kB | 29 kB | 57 kB Progress (4): 115/116 kB | 33/152 kB | 29 kB | 57 kB Progress (4): 116 kB | 33/152 kB | 29 kB | 57 kB Progress (4): 116 kB | 37/152 kB | 29 kB | 57 kB Progress (4): 116 kB | 41/152 kB | 29 kB | 57 kB Progress (4): 116 kB | 45/152 kB | 29 kB | 57 kB Progress (4): 116 kB | 49/152 kB | 29 kB | 57 kB Progress (4): 116 kB | 53/152 kB | 29 kB | 57 kB Progress (4): 116 kB | 57/152 kB | 29 kB | 57 kB Progress (4): 116 kB | 61/152 kB | 29 kB | 57 kB Progress (4): 116 kB | 65/152 kB | 29 kB | 57 kB Progress (4): 116 kB | 69/152 kB | 29 kB | 57 kB Progress (4): 116 kB | 73/152 kB | 29 kB | 57 kB Progress (4): 116 kB | 78/152 kB | 29 kB | 57 kB Progress (4): 116 kB | 82/152 kB | 29 kB | 57 kB Progress (4): 116 kB | 86/152 kB | 29 kB | 57 kB Progress (4): 116 kB | 90/152 kB | 29 kB | 57 kB Progress (4): 116 kB | 94/152 kB | 29 kB | 57 kB Progress (4): 116 kB | 98/152 kB | 29 kB | 57 kB Progress (4): 116 kB | 102/152 kB | 29 kB | 57 kB Progress (4): 116 kB | 106/152 kB | 29 kB | 57 kB Progress (4): 116 kB | 110/152 kB | 29 kB | 57 kB Progress (4): 116 kB | 114/152 kB | 29 kB | 57 kB Progress (4): 116 kB | 118/152 kB | 29 kB | 57 kB Progress (4): 116 kB | 123/152 kB | 29 kB | 57 kB Progress (4): 116 kB | 127/152 kB | 29 kB | 57 kB Progress (4): 116 kB | 131/152 kB | 29 kB | 57 kB Progress (4): 116 kB | 135/152 kB | 29 kB | 57 kB Progress (4): 116 kB | 139/152 kB | 29 kB | 57 kB Progress (4): 116 kB | 143/152 kB | 29 kB | 57 kB Progress (4): 116 kB | 147/152 kB | 29 kB | 57 kB Progress (4): 116 kB | 151/152 kB | 29 kB | 57 kB Progress (4): 116 kB | 152 kB | 29 kB | 57 kB Progress (5): 116 kB | 152 kB | 29 kB | 57 kB | 2.8/35 kB Progress (5): 116 kB | 152 kB | 29 kB | 57 kB | 5.5/35 kB Progress (5): 116 kB | 152 kB | 29 kB | 57 kB | 8.3/35 kB Progress (5): 116 kB | 152 kB | 29 kB | 57 kB | 11/35 kB Progress (5): 116 kB | 152 kB | 29 kB | 57 kB | 14/35 kB Progress (5): 116 kB | 152 kB | 29 kB | 57 kB | 17/35 kB Progress (5): 116 kB | 152 kB | 29 kB | 57 kB | 20/35 kB Progress (5): 116 kB | 152 kB | 29 kB | 57 kB | 23/35 kB Progress (5): 116 kB | 152 kB | 29 kB | 57 kB | 25/35 kB Progress (5): 116 kB | 152 kB | 29 kB | 57 kB | 28/35 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact-manager/2.0.6/maven-artifact-manager-2.0.6.jar (57 kB at 1.9 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-parameter-documenter/2.0.6/maven-plugin-parameter-documenter-2.0.6.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-project/2.0.6/maven-project-2.0.6.jar (116 kB at 3.7 MB/s) Progress (3): 152 kB | 29 kB | 31/35 kB Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/reporting/maven-reporting-api/2.0.6/maven-reporting-api-2.0.6.jar Progress (3): 152 kB | 29 kB | 34/35 kB Progress (3): 152 kB | 29 kB | 35 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-registry/2.0.6/maven-plugin-registry-2.0.6.jar (29 kB at 904 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/doxia/doxia-sink-api/1.0-alpha-7/doxia-sink-api-1.0-alpha-7.jar Progress (3): 152 kB | 35 kB | 4.1/21 kB Progress (3): 152 kB | 35 kB | 8.2/21 kB Progress (3): 152 kB | 35 kB | 12/21 kB Progress (3): 152 kB | 35 kB | 16/21 kB Progress (3): 152 kB | 35 kB | 20/21 kB Progress (4): 152 kB | 35 kB | 20/21 kB | 2.8/9.9 kB Progress (4): 152 kB | 35 kB | 21 kB | 2.8/9.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-profile/2.0.6/maven-profile-2.0.6.jar (35 kB at 881 kB/s) Progress (3): 152 kB | 21 kB | 5.5/9.9 kB Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-repository-metadata/2.0.6/maven-repository-metadata-2.0.6.jar Progress (3): 152 kB | 21 kB | 8.3/9.9 kB Progress (3): 152 kB | 21 kB | 9.9 kB Progress (4): 152 kB | 21 kB | 9.9 kB | 4.1/5.9 kB Progress (4): 152 kB | 21 kB | 9.9 kB | 5.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-core/2.0.6/maven-core-2.0.6.jar (152 kB at 3.7 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-error-diagnostics/2.0.6/maven-error-diagnostics-2.0.6.jar Progress (4): 21 kB | 9.9 kB | 5.9 kB | 4.1/24 kB Progress (4): 21 kB | 9.9 kB | 5.9 kB | 8.2/24 kB Progress (4): 21 kB | 9.9 kB | 5.9 kB | 12/24 kB Progress (4): 21 kB | 9.9 kB | 5.9 kB | 16/24 kB Progress (4): 21 kB | 9.9 kB | 5.9 kB | 20/24 kB Progress (4): 21 kB | 9.9 kB | 5.9 kB | 24 kB Progress (5): 21 kB | 9.9 kB | 5.9 kB | 24 kB | 4.1/14 kB Progress (5): 21 kB | 9.9 kB | 5.9 kB | 24 kB | 8.2/14 kB Progress (5): 21 kB | 9.9 kB | 5.9 kB | 24 kB | 12/14 kB Progress (5): 21 kB | 9.9 kB | 5.9 kB | 24 kB | 14 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/reporting/maven-reporting-api/2.0.6/maven-reporting-api-2.0.6.jar (9.9 kB at 207 kB/s) Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-parameter-documenter/2.0.6/maven-plugin-parameter-documenter-2.0.6.jar (21 kB at 432 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/commons-cli/commons-cli/1.0/commons-cli-1.0.jar Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-descriptor/2.0.6/maven-plugin-descriptor-2.0.6.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/doxia/doxia-sink-api/1.0-alpha-7/doxia-sink-api-1.0-alpha-7.jar (5.9 kB at 121 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-interactivity-api/1.0-alpha-4/plexus-interactivity-api-1.0-alpha-4.jar Progress (3): 24 kB | 14 kB | 4.1/30 kB Progress (3): 24 kB | 14 kB | 8.2/30 kB Progress (3): 24 kB | 14 kB | 12/30 kB Progress (3): 24 kB | 14 kB | 16/30 kB Progress (3): 24 kB | 14 kB | 20/30 kB Progress (4): 24 kB | 14 kB | 20/30 kB | 4.1/13 kB Progress (4): 24 kB | 14 kB | 25/30 kB | 4.1/13 kB Progress (4): 24 kB | 14 kB | 29/30 kB | 4.1/13 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-error-diagnostics/2.0.6/maven-error-diagnostics-2.0.6.jar (14 kB at 239 kB/s) Progress (3): 24 kB | 29/30 kB | 8.2/13 kB Progress (4): 24 kB | 29/30 kB | 8.2/13 kB | 4.1/37 kB Downloading from central: https://repo.maven.apache.org/maven2/classworlds/classworlds/1.1/classworlds-1.1.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-repository-metadata/2.0.6/maven-repository-metadata-2.0.6.jar (24 kB at 422 kB/s) Progress (3): 30 kB | 8.2/13 kB | 4.1/37 kB Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact/2.0.6/maven-artifact-2.0.6.jar Progress (3): 30 kB | 8.2/13 kB | 8.2/37 kB Progress (3): 30 kB | 12/13 kB | 8.2/37 kB Progress (3): 30 kB | 13 kB | 8.2/37 kB Progress (3): 30 kB | 13 kB | 12/37 kB Progress (3): 30 kB | 13 kB | 16/37 kB Progress (3): 30 kB | 13 kB | 20/37 kB Progress (3): 30 kB | 13 kB | 25/37 kB Progress (3): 30 kB | 13 kB | 29/37 kB Progress (3): 30 kB | 13 kB | 33/37 kB Progress (3): 30 kB | 13 kB | 37/37 kB Progress (3): 30 kB | 13 kB | 37 kB Progress (4): 30 kB | 13 kB | 37 kB | 4.1/38 kB Progress (4): 30 kB | 13 kB | 37 kB | 8.2/38 kB Progress (4): 30 kB | 13 kB | 37 kB | 12/38 kB Progress (4): 30 kB | 13 kB | 37 kB | 16/38 kB Progress (5): 30 kB | 13 kB | 37 kB | 16/38 kB | 4.1/87 kB Progress (5): 30 kB | 13 kB | 37 kB | 20/38 kB | 4.1/87 kB Progress (5): 30 kB | 13 kB | 37 kB | 20/38 kB | 8.2/87 kB Progress (5): 30 kB | 13 kB | 37 kB | 25/38 kB | 8.2/87 kB Progress (5): 30 kB | 13 kB | 37 kB | 25/38 kB | 12/87 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-interactivity-api/1.0-alpha-4/plexus-interactivity-api-1.0-alpha-4.jar (13 kB at 200 kB/s) Progress (4): 30 kB | 37 kB | 29/38 kB | 12/87 kB Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-settings/2.0.6/maven-settings-2.0.6.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-descriptor/2.0.6/maven-plugin-descriptor-2.0.6.jar (37 kB at 542 kB/s) Progress (3): 30 kB | 29/38 kB | 16/87 kB Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-model/2.0.6/maven-model-2.0.6.jar Progress (3): 30 kB | 33/38 kB | 16/87 kB Progress (3): 30 kB | 33/38 kB | 20/87 kB Progress (3): 30 kB | 33/38 kB | 25/87 kB Progress (3): 30 kB | 37/38 kB | 25/87 kB Progress (3): 30 kB | 37/38 kB | 29/87 kB Progress (3): 30 kB | 38 kB | 29/87 kB Progress (3): 30 kB | 38 kB | 33/87 kB Progress (3): 30 kB | 38 kB | 37/87 kB Progress (3): 30 kB | 38 kB | 41/87 kB Progress (3): 30 kB | 38 kB | 45/87 kB Progress (3): 30 kB | 38 kB | 49/87 kB Downloaded from central: https://repo.maven.apache.org/maven2/commons-cli/commons-cli/1.0/commons-cli-1.0.jar (30 kB at 436 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-monitor/2.0.6/maven-monitor-2.0.6.jar Progress (2): 38 kB | 53/87 kB Progress (2): 38 kB | 57/87 kB Progress (2): 38 kB | 61/87 kB Progress (2): 38 kB | 66/87 kB Progress (2): 38 kB | 70/87 kB Progress (2): 38 kB | 74/87 kB Progress (2): 38 kB | 78/87 kB Progress (2): 38 kB | 82/87 kB Progress (2): 38 kB | 86/87 kB Progress (2): 38 kB | 87 kB Progress (3): 38 kB | 87 kB | 4.1/49 kB Progress (3): 38 kB | 87 kB | 8.2/49 kB Progress (3): 38 kB | 87 kB | 12/49 kB Progress (3): 38 kB | 87 kB | 16/49 kB Progress (3): 38 kB | 87 kB | 20/49 kB Progress (3): 38 kB | 87 kB | 25/49 kB Progress (4): 38 kB | 87 kB | 25/49 kB | 4.1/86 kB Progress (4): 38 kB | 87 kB | 29/49 kB | 4.1/86 kB Progress (4): 38 kB | 87 kB | 29/49 kB | 8.2/86 kB Progress (4): 38 kB | 87 kB | 33/49 kB | 8.2/86 kB Progress (4): 38 kB | 87 kB | 33/49 kB | 12/86 kB Progress (4): 38 kB | 87 kB | 33/49 kB | 16/86 kB Progress (4): 38 kB | 87 kB | 37/49 kB | 16/86 kB Progress (4): 38 kB | 87 kB | 41/49 kB | 16/86 kB Progress (4): 38 kB | 87 kB | 45/49 kB | 16/86 kB Progress (4): 38 kB | 87 kB | 49 kB | 16/86 kB Progress (4): 38 kB | 87 kB | 49 kB | 20/86 kB Progress (4): 38 kB | 87 kB | 49 kB | 25/86 kB Progress (4): 38 kB | 87 kB | 49 kB | 29/86 kB Progress (4): 38 kB | 87 kB | 49 kB | 33/86 kB Downloaded from central: https://repo.maven.apache.org/maven2/classworlds/classworlds/1.1/classworlds-1.1.jar (38 kB at 492 kB/s) Progress (3): 87 kB | 49 kB | 37/86 kB Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-container-default/1.0-alpha-9-stable-1/plexus-container-default-1.0-alpha-9-stable-1.jar Progress (3): 87 kB | 49 kB | 41/86 kB Progress (3): 87 kB | 49 kB | 45/86 kB Progress (3): 87 kB | 49 kB | 49/86 kB Progress (4): 87 kB | 49 kB | 49/86 kB | 4.1/10 kB Progress (4): 87 kB | 49 kB | 49/86 kB | 8.2/10 kB Progress (4): 87 kB | 49 kB | 49/86 kB | 10 kB Progress (4): 87 kB | 49 kB | 53/86 kB | 10 kB Progress (4): 87 kB | 49 kB | 57/86 kB | 10 kB Progress (4): 87 kB | 49 kB | 61/86 kB | 10 kB Progress (4): 87 kB | 49 kB | 66/86 kB | 10 kB Progress (4): 87 kB | 49 kB | 70/86 kB | 10 kB Progress (4): 87 kB | 49 kB | 74/86 kB | 10 kB Progress (4): 87 kB | 49 kB | 78/86 kB | 10 kB Progress (4): 87 kB | 49 kB | 82/86 kB | 10 kB Progress (4): 87 kB | 49 kB | 86/86 kB | 10 kB Progress (4): 87 kB | 49 kB | 86 kB | 10 kB Progress (5): 87 kB | 49 kB | 86 kB | 10 kB | 4.1/194 kB Progress (5): 87 kB | 49 kB | 86 kB | 10 kB | 8.2/194 kB Progress (5): 87 kB | 49 kB | 86 kB | 10 kB | 12/194 kB Progress (5): 87 kB | 49 kB | 86 kB | 10 kB | 16/194 kB Progress (5): 87 kB | 49 kB | 86 kB | 10 kB | 20/194 kB Progress (5): 87 kB | 49 kB | 86 kB | 10 kB | 25/194 kB Progress (5): 87 kB | 49 kB | 86 kB | 10 kB | 29/194 kB Progress (5): 87 kB | 49 kB | 86 kB | 10 kB | 33/194 kB Progress (5): 87 kB | 49 kB | 86 kB | 10 kB | 37/194 kB Progress (5): 87 kB | 49 kB | 86 kB | 10 kB | 41/194 kB Progress (5): 87 kB | 49 kB | 86 kB | 10 kB | 45/194 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-monitor/2.0.6/maven-monitor-2.0.6.jar (10 kB at 118 kB/s) Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact/2.0.6/maven-artifact-2.0.6.jar (87 kB at 993 kB/s) Progress (3): 49 kB | 86 kB | 49/194 kB Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/2.0.5/plexus-utils-2.0.5.jar Downloading from central: https://repo.maven.apache.org/maven2/junit/junit/3.8.1/junit-3.8.1.jar Progress (3): 49 kB | 86 kB | 53/194 kB Progress (3): 49 kB | 86 kB | 57/194 kB Progress (3): 49 kB | 86 kB | 61/194 kB Progress (3): 49 kB | 86 kB | 65/194 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-settings/2.0.6/maven-settings-2.0.6.jar (49 kB at 552 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-filtering/1.1/maven-filtering-1.1.jar Progress (2): 86 kB | 69/194 kB Progress (2): 86 kB | 73/194 kB Progress (2): 86 kB | 77/194 kB Progress (2): 86 kB | 81/194 kB Progress (2): 86 kB | 85/194 kB Progress (2): 86 kB | 89/194 kB Progress (2): 86 kB | 93/194 kB Progress (2): 86 kB | 97/194 kB Progress (2): 86 kB | 102/194 kB Progress (2): 86 kB | 106/194 kB Progress (2): 86 kB | 110/194 kB Progress (2): 86 kB | 114/194 kB Progress (2): 86 kB | 118/194 kB Progress (2): 86 kB | 122/194 kB Progress (2): 86 kB | 126/194 kB Progress (2): 86 kB | 130/194 kB Progress (2): 86 kB | 134/194 kB Progress (2): 86 kB | 138/194 kB Progress (2): 86 kB | 142/194 kB Progress (2): 86 kB | 147/194 kB Progress (2): 86 kB | 151/194 kB Progress (2): 86 kB | 155/194 kB Progress (2): 86 kB | 159/194 kB Progress (2): 86 kB | 163/194 kB Progress (2): 86 kB | 167/194 kB Progress (2): 86 kB | 171/194 kB Progress (2): 86 kB | 175/194 kB Progress (2): 86 kB | 179/194 kB Progress (3): 86 kB | 179/194 kB | 4.1/223 kB Progress (3): 86 kB | 179/194 kB | 8.2/223 kB Progress (4): 86 kB | 179/194 kB | 8.2/223 kB | 4.1/121 kB Progress (4): 86 kB | 179/194 kB | 12/223 kB | 4.1/121 kB Progress (4): 86 kB | 179/194 kB | 12/223 kB | 8.2/121 kB Progress (4): 86 kB | 179/194 kB | 16/223 kB | 8.2/121 kB Progress (4): 86 kB | 179/194 kB | 16/223 kB | 12/121 kB Progress (4): 86 kB | 179/194 kB | 16/223 kB | 16/121 kB Progress (4): 86 kB | 179/194 kB | 20/223 kB | 16/121 kB Progress (4): 86 kB | 179/194 kB | 25/223 kB | 16/121 kB Progress (4): 86 kB | 179/194 kB | 25/223 kB | 20/121 kB Progress (4): 86 kB | 179/194 kB | 29/223 kB | 20/121 kB Progress (5): 86 kB | 179/194 kB | 29/223 kB | 20/121 kB | 4.1/43 kB Progress (5): 86 kB | 179/194 kB | 29/223 kB | 25/121 kB | 4.1/43 kB Progress (5): 86 kB | 179/194 kB | 29/223 kB | 25/121 kB | 8.2/43 kB Progress (5): 86 kB | 179/194 kB | 33/223 kB | 25/121 kB | 8.2/43 kB Progress (5): 86 kB | 183/194 kB | 33/223 kB | 25/121 kB | 8.2/43 kB Progress (5): 86 kB | 183/194 kB | 33/223 kB | 25/121 kB | 12/43 kB Progress (5): 86 kB | 183/194 kB | 33/223 kB | 29/121 kB | 12/43 kB Progress (5): 86 kB | 183/194 kB | 33/223 kB | 29/121 kB | 16/43 kB Progress (5): 86 kB | 183/194 kB | 33/223 kB | 29/121 kB | 20/43 kB Progress (5): 86 kB | 188/194 kB | 33/223 kB | 29/121 kB | 20/43 kB Progress (5): 86 kB | 188/194 kB | 37/223 kB | 29/121 kB | 20/43 kB Progress (5): 86 kB | 188/194 kB | 41/223 kB | 29/121 kB | 20/43 kB Progress (5): 86 kB | 188/194 kB | 45/223 kB | 29/121 kB | 20/43 kB Progress (5): 86 kB | 188/194 kB | 49/223 kB | 29/121 kB | 20/43 kB Progress (5): 86 kB | 192/194 kB | 49/223 kB | 29/121 kB | 20/43 kB Progress (5): 86 kB | 192/194 kB | 49/223 kB | 29/121 kB | 25/43 kB Progress (5): 86 kB | 192/194 kB | 49/223 kB | 33/121 kB | 25/43 kB Progress (5): 86 kB | 192/194 kB | 49/223 kB | 33/121 kB | 29/43 kB Progress (5): 86 kB | 192/194 kB | 49/223 kB | 33/121 kB | 33/43 kB Progress (5): 86 kB | 194 kB | 49/223 kB | 33/121 kB | 33/43 kB Progress (5): 86 kB | 194 kB | 53/223 kB | 33/121 kB | 33/43 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-model/2.0.6/maven-model-2.0.6.jar (86 kB at 873 kB/s) Progress (4): 194 kB | 57/223 kB | 33/121 kB | 33/43 kB Progress (4): 194 kB | 57/223 kB | 33/121 kB | 37/43 kB Progress (4): 194 kB | 57/223 kB | 37/121 kB | 37/43 kB Progress (4): 194 kB | 57/223 kB | 37/121 kB | 41/43 kB Progress (4): 194 kB | 61/223 kB | 37/121 kB | 41/43 kB Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/plexus/plexus-build-api/0.0.4/plexus-build-api-0.0.4.jar Progress (4): 194 kB | 65/223 kB | 37/121 kB | 41/43 kB Progress (4): 194 kB | 65/223 kB | 37/121 kB | 43 kB Progress (4): 194 kB | 65/223 kB | 41/121 kB | 43 kB Progress (4): 194 kB | 69/223 kB | 41/121 kB | 43 kB Progress (4): 194 kB | 69/223 kB | 45/121 kB | 43 kB Progress (4): 194 kB | 74/223 kB | 45/121 kB | 43 kB Progress (4): 194 kB | 74/223 kB | 49/121 kB | 43 kB Progress (4): 194 kB | 78/223 kB | 49/121 kB | 43 kB Progress (4): 194 kB | 78/223 kB | 53/121 kB | 43 kB Progress (4): 194 kB | 82/223 kB | 53/121 kB | 43 kB Progress (4): 194 kB | 82/223 kB | 57/121 kB | 43 kB Progress (4): 194 kB | 86/223 kB | 57/121 kB | 43 kB Progress (4): 194 kB | 86/223 kB | 61/121 kB | 43 kB Progress (4): 194 kB | 90/223 kB | 61/121 kB | 43 kB Progress (4): 194 kB | 90/223 kB | 66/121 kB | 43 kB Progress (4): 194 kB | 94/223 kB | 66/121 kB | 43 kB Progress (4): 194 kB | 94/223 kB | 70/121 kB | 43 kB Progress (4): 194 kB | 98/223 kB | 70/121 kB | 43 kB Progress (4): 194 kB | 98/223 kB | 74/121 kB | 43 kB Progress (4): 194 kB | 102/223 kB | 74/121 kB | 43 kB Progress (4): 194 kB | 102/223 kB | 78/121 kB | 43 kB Progress (4): 194 kB | 106/223 kB | 78/121 kB | 43 kB Progress (4): 194 kB | 106/223 kB | 82/121 kB | 43 kB Progress (4): 194 kB | 110/223 kB | 82/121 kB | 43 kB Progress (4): 194 kB | 110/223 kB | 86/121 kB | 43 kB Progress (4): 194 kB | 115/223 kB | 86/121 kB | 43 kB Progress (4): 194 kB | 115/223 kB | 90/121 kB | 43 kB Progress (4): 194 kB | 119/223 kB | 90/121 kB | 43 kB Progress (4): 194 kB | 119/223 kB | 94/121 kB | 43 kB Progress (4): 194 kB | 123/223 kB | 94/121 kB | 43 kB Progress (4): 194 kB | 123/223 kB | 98/121 kB | 43 kB Progress (4): 194 kB | 127/223 kB | 98/121 kB | 43 kB Progress (4): 194 kB | 127/223 kB | 102/121 kB | 43 kB Progress (4): 194 kB | 131/223 kB | 102/121 kB | 43 kB Progress (4): 194 kB | 131/223 kB | 106/121 kB | 43 kB Progress (4): 194 kB | 131/223 kB | 111/121 kB | 43 kB Progress (4): 194 kB | 135/223 kB | 111/121 kB | 43 kB Progress (4): 194 kB | 135/223 kB | 115/121 kB | 43 kB Progress (4): 194 kB | 139/223 kB | 115/121 kB | 43 kB Progress (4): 194 kB | 139/223 kB | 119/121 kB | 43 kB Progress (4): 194 kB | 143/223 kB | 119/121 kB | 43 kB Progress (4): 194 kB | 143/223 kB | 121 kB | 43 kB Progress (4): 194 kB | 147/223 kB | 121 kB | 43 kB Progress (4): 194 kB | 151/223 kB | 121 kB | 43 kB Progress (4): 194 kB | 156/223 kB | 121 kB | 43 kB Progress (4): 194 kB | 160/223 kB | 121 kB | 43 kB Progress (4): 194 kB | 164/223 kB | 121 kB | 43 kB Progress (5): 194 kB | 164/223 kB | 121 kB | 43 kB | 4.1/6.8 kB Progress (5): 194 kB | 164/223 kB | 121 kB | 43 kB | 6.8 kB Progress (5): 194 kB | 168/223 kB | 121 kB | 43 kB | 6.8 kB Progress (5): 194 kB | 172/223 kB | 121 kB | 43 kB | 6.8 kB Progress (5): 194 kB | 176/223 kB | 121 kB | 43 kB | 6.8 kB Progress (5): 194 kB | 180/223 kB | 121 kB | 43 kB | 6.8 kB Progress (5): 194 kB | 184/223 kB | 121 kB | 43 kB | 6.8 kB Progress (5): 194 kB | 188/223 kB | 121 kB | 43 kB | 6.8 kB Progress (5): 194 kB | 192/223 kB | 121 kB | 43 kB | 6.8 kB Progress (5): 194 kB | 196/223 kB | 121 kB | 43 kB | 6.8 kB Progress (5): 194 kB | 201/223 kB | 121 kB | 43 kB | 6.8 kB Progress (5): 194 kB | 205/223 kB | 121 kB | 43 kB | 6.8 kB Progress (5): 194 kB | 209/223 kB | 121 kB | 43 kB | 6.8 kB Progress (5): 194 kB | 213/223 kB | 121 kB | 43 kB | 6.8 kB Progress (5): 194 kB | 217/223 kB | 121 kB | 43 kB | 6.8 kB Progress (5): 194 kB | 221/223 kB | 121 kB | 43 kB | 6.8 kB Progress (5): 194 kB | 223 kB | 121 kB | 43 kB | 6.8 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/plexus/plexus-build-api/0.0.4/plexus-build-api-0.0.4.jar (6.8 kB at 59 kB/s) Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-filtering/1.1/maven-filtering-1.1.jar (43 kB at 372 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-interpolation/1.13/plexus-interpolation-1.13.jar Downloaded from central: https://repo.maven.apache.org/maven2/junit/junit/3.8.1/junit-3.8.1.jar (121 kB at 1.0 MB/s) Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-container-default/1.0-alpha-9-stable-1/plexus-container-default-1.0-alpha-9-stable-1.jar (194 kB at 1.6 MB/s) Progress (2): 223 kB | 4.1/61 kB Progress (2): 223 kB | 8.2/61 kB Progress (2): 223 kB | 12/61 kB Progress (2): 223 kB | 16/61 kB Progress (2): 223 kB | 20/61 kB Progress (2): 223 kB | 25/61 kB Progress (2): 223 kB | 29/61 kB Progress (2): 223 kB | 33/61 kB Progress (2): 223 kB | 37/61 kB Progress (2): 223 kB | 41/61 kB Progress (2): 223 kB | 45/61 kB Progress (2): 223 kB | 49/61 kB Progress (2): 223 kB | 53/61 kB Progress (2): 223 kB | 57/61 kB Progress (2): 223 kB | 61 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/2.0.5/plexus-utils-2.0.5.jar (223 kB at 1.8 MB/s) Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-interpolation/1.13/plexus-interpolation-1.13.jar (61 kB at 446 kB/s) [WARNING] Using platform encoding (UTF-8 actually) to copy filtered resources, i.e. build is platform dependent! [INFO] skip non existing resourceDirectory /work/src/main/resources [INFO] [INFO] --- maven-compiler-plugin:3.1:compile (default-compile) @ simple-java-project --- Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-api/2.0.9/maven-plugin-api-2.0.9.pom Progress (1): 1.5 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-api/2.0.9/maven-plugin-api-2.0.9.pom (1.5 kB at 75 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven/2.0.9/maven-2.0.9.pom Progress (1): 4.1/19 kB Progress (1): 8.2/19 kB Progress (1): 12/19 kB Progress (1): 16/19 kB Progress (1): 19 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven/2.0.9/maven-2.0.9.pom (19 kB at 995 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/8/maven-parent-8.pom Progress (1): 4.1/24 kB Progress (1): 8.2/24 kB Progress (1): 12/24 kB Progress (1): 16/24 kB Progress (1): 20/24 kB Progress (1): 24 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/8/maven-parent-8.pom (24 kB at 1.1 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/apache/4/apache-4.pom Progress (1): 4.1/4.5 kB Progress (1): 4.5 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/apache/4/apache-4.pom (4.5 kB at 237 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact/2.0.9/maven-artifact-2.0.9.pom Progress (1): 1.6 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact/2.0.9/maven-artifact-2.0.9.pom (1.6 kB at 85 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/1.5.1/plexus-utils-1.5.1.pom Progress (1): 2.3 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/1.5.1/plexus-utils-1.5.1.pom (2.3 kB at 121 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-core/2.0.9/maven-core-2.0.9.pom Progress (1): 4.1/7.8 kB Progress (1): 7.8 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-core/2.0.9/maven-core-2.0.9.pom (7.8 kB at 410 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-settings/2.0.9/maven-settings-2.0.9.pom Progress (1): 2.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-settings/2.0.9/maven-settings-2.0.9.pom (2.1 kB at 103 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-model/2.0.9/maven-model-2.0.9.pom Progress (1): 3.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-model/2.0.9/maven-model-2.0.9.pom (3.1 kB at 174 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-parameter-documenter/2.0.9/maven-plugin-parameter-documenter-2.0.9.pom Progress (1): 2.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-parameter-documenter/2.0.9/maven-plugin-parameter-documenter-2.0.9.pom (2.0 kB at 109 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-profile/2.0.9/maven-profile-2.0.9.pom Progress (1): 2.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-profile/2.0.9/maven-profile-2.0.9.pom (2.0 kB at 108 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-repository-metadata/2.0.9/maven-repository-metadata-2.0.9.pom Progress (1): 1.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-repository-metadata/2.0.9/maven-repository-metadata-2.0.9.pom (1.9 kB at 41 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-error-diagnostics/2.0.9/maven-error-diagnostics-2.0.9.pom Progress (1): 1.7 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-error-diagnostics/2.0.9/maven-error-diagnostics-2.0.9.pom (1.7 kB at 92 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-project/2.0.9/maven-project-2.0.9.pom Progress (1): 2.7 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-project/2.0.9/maven-project-2.0.9.pom (2.7 kB at 143 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact-manager/2.0.9/maven-artifact-manager-2.0.9.pom Progress (1): 2.7 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact-manager/2.0.9/maven-artifact-manager-2.0.9.pom (2.7 kB at 142 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-registry/2.0.9/maven-plugin-registry-2.0.9.pom Progress (1): 2.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-registry/2.0.9/maven-plugin-registry-2.0.9.pom (2.0 kB at 99 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-descriptor/2.0.9/maven-plugin-descriptor-2.0.9.pom Progress (1): 2.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-descriptor/2.0.9/maven-plugin-descriptor-2.0.9.pom (2.1 kB at 104 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-monitor/2.0.9/maven-monitor-2.0.9.pom Progress (1): 1.3 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-monitor/2.0.9/maven-monitor-2.0.9.pom (1.3 kB at 68 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-toolchain/1.0/maven-toolchain-1.0.pom Progress (1): 3.4 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-toolchain/1.0/maven-toolchain-1.0.pom (3.4 kB at 180 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-utils/0.1/maven-shared-utils-0.1.pom Progress (1): 4.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-utils/0.1/maven-shared-utils-0.1.pom (4.0 kB at 131 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-components/18/maven-shared-components-18.pom Progress (1): 4.1/4.9 kB Progress (1): 4.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-components/18/maven-shared-components-18.pom (4.9 kB at 260 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/com/google/code/findbugs/jsr305/2.0.1/jsr305-2.0.1.pom Progress (1): 965 B Downloaded from central: https://repo.maven.apache.org/maven2/com/google/code/findbugs/jsr305/2.0.1/jsr305-2.0.1.pom (965 B at 51 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-incremental/1.1/maven-shared-incremental-1.1.pom Progress (1): 4.1/4.7 kB Progress (1): 4.7 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-incremental/1.1/maven-shared-incremental-1.1.pom (4.7 kB at 250 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-components/19/maven-shared-components-19.pom Progress (1): 4.1/6.4 kB Progress (1): 6.4 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-components/19/maven-shared-components-19.pom (6.4 kB at 335 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-api/2.2.1/maven-plugin-api-2.2.1.pom Progress (1): 1.5 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-api/2.2.1/maven-plugin-api-2.2.1.pom (1.5 kB at 77 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven/2.2.1/maven-2.2.1.pom Progress (1): 4.1/22 kB Progress (1): 8.2/22 kB Progress (1): 12/22 kB Progress (1): 16/22 kB Progress (1): 20/22 kB Progress (1): 22 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven/2.2.1/maven-2.2.1.pom (22 kB at 1.2 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/11/maven-parent-11.pom Progress (1): 4.1/32 kB Progress (1): 8.2/32 kB Progress (1): 12/32 kB Progress (1): 16/32 kB Progress (1): 20/32 kB Progress (1): 25/32 kB Progress (1): 29/32 kB Progress (1): 32 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/11/maven-parent-11.pom (32 kB at 1.7 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/apache/5/apache-5.pom Progress (1): 4.1/4.1 kB Progress (1): 4.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/apache/5/apache-5.pom (4.1 kB at 216 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-core/2.2.1/maven-core-2.2.1.pom Progress (1): 4.1/12 kB Progress (1): 8.2/12 kB Progress (1): 12 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-core/2.2.1/maven-core-2.2.1.pom (12 kB at 612 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-settings/2.2.1/maven-settings-2.2.1.pom Progress (1): 2.2 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-settings/2.2.1/maven-settings-2.2.1.pom (2.2 kB at 115 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-model/2.2.1/maven-model-2.2.1.pom Progress (1): 3.2 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-model/2.2.1/maven-model-2.2.1.pom (3.2 kB at 171 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-interpolation/1.11/plexus-interpolation-1.11.pom Progress (1): 889 B Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-interpolation/1.11/plexus-interpolation-1.11.pom (889 B at 47 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-parameter-documenter/2.2.1/maven-plugin-parameter-documenter-2.2.1.pom Progress (1): 2.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-parameter-documenter/2.2.1/maven-plugin-parameter-documenter-2.2.1.pom (2.0 kB at 98 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/slf4j/slf4j-jdk14/1.5.6/slf4j-jdk14-1.5.6.pom Progress (1): 1.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/slf4j/slf4j-jdk14/1.5.6/slf4j-jdk14-1.5.6.pom (1.9 kB at 100 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/slf4j/slf4j-parent/1.5.6/slf4j-parent-1.5.6.pom Progress (1): 4.1/7.9 kB Progress (1): 7.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/slf4j/slf4j-parent/1.5.6/slf4j-parent-1.5.6.pom (7.9 kB at 417 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/slf4j/slf4j-api/1.5.6/slf4j-api-1.5.6.pom Progress (1): 3.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/slf4j/slf4j-api/1.5.6/slf4j-api-1.5.6.pom (3.0 kB at 149 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/slf4j/jcl-over-slf4j/1.5.6/jcl-over-slf4j-1.5.6.pom Progress (1): 2.2 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/slf4j/jcl-over-slf4j/1.5.6/jcl-over-slf4j-1.5.6.pom (2.2 kB at 108 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-profile/2.2.1/maven-profile-2.2.1.pom Progress (1): 2.2 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-profile/2.2.1/maven-profile-2.2.1.pom (2.2 kB at 114 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact/2.2.1/maven-artifact-2.2.1.pom Progress (1): 1.6 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact/2.2.1/maven-artifact-2.2.1.pom (1.6 kB at 83 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-repository-metadata/2.2.1/maven-repository-metadata-2.2.1.pom Progress (1): 1.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-repository-metadata/2.2.1/maven-repository-metadata-2.2.1.pom (1.9 kB at 104 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-error-diagnostics/2.2.1/maven-error-diagnostics-2.2.1.pom Progress (1): 1.7 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-error-diagnostics/2.2.1/maven-error-diagnostics-2.2.1.pom (1.7 kB at 90 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-project/2.2.1/maven-project-2.2.1.pom Progress (1): 2.8 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-project/2.2.1/maven-project-2.2.1.pom (2.8 kB at 139 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact-manager/2.2.1/maven-artifact-manager-2.2.1.pom Progress (1): 3.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact-manager/2.2.1/maven-artifact-manager-2.2.1.pom (3.1 kB at 163 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/backport-util-concurrent/backport-util-concurrent/3.1/backport-util-concurrent-3.1.pom Progress (1): 880 B Downloaded from central: https://repo.maven.apache.org/maven2/backport-util-concurrent/backport-util-concurrent/3.1/backport-util-concurrent-3.1.pom (880 B at 46 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-registry/2.2.1/maven-plugin-registry-2.2.1.pom Progress (1): 1.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-registry/2.2.1/maven-plugin-registry-2.2.1.pom (1.9 kB at 96 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-descriptor/2.2.1/maven-plugin-descriptor-2.2.1.pom Progress (1): 2.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-descriptor/2.2.1/maven-plugin-descriptor-2.2.1.pom (2.1 kB at 109 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-monitor/2.2.1/maven-monitor-2.2.1.pom Progress (1): 1.3 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-monitor/2.2.1/maven-monitor-2.2.1.pom (1.3 kB at 70 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/plexus/plexus-sec-dispatcher/1.3/plexus-sec-dispatcher-1.3.pom Progress (1): 3.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/plexus/plexus-sec-dispatcher/1.3/plexus-sec-dispatcher-1.3.pom (3.0 kB at 156 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/spice/spice-parent/12/spice-parent-12.pom Progress (1): 4.1/6.8 kB Progress (1): 6.8 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/spice/spice-parent/12/spice-parent-12.pom (6.8 kB at 340 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/forge/forge-parent/4/forge-parent-4.pom Progress (1): 4.1/8.4 kB Progress (1): 8.2/8.4 kB Progress (1): 8.4 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/forge/forge-parent/4/forge-parent-4.pom (8.4 kB at 442 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/1.5.5/plexus-utils-1.5.5.pom Progress (1): 4.1/5.1 kB Progress (1): 5.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/1.5.5/plexus-utils-1.5.5.pom (5.1 kB at 271 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/plexus/plexus-cipher/1.4/plexus-cipher-1.4.pom Progress (1): 2.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/plexus/plexus-cipher/1.4/plexus-cipher-1.4.pom (2.1 kB at 109 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-component-annotations/1.5.5/plexus-component-annotations-1.5.5.pom Progress (1): 815 B Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-component-annotations/1.5.5/plexus-component-annotations-1.5.5.pom (815 B at 43 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-containers/1.5.5/plexus-containers-1.5.5.pom Progress (1): 4.1/4.2 kB Progress (1): 4.2 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-containers/1.5.5/plexus-containers-1.5.5.pom (4.2 kB at 223 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/2.0.7/plexus-2.0.7.pom Progress (1): 4.1/17 kB Progress (1): 8.2/17 kB Progress (1): 12/17 kB Progress (1): 16/17 kB Progress (1): 17 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/2.0.7/plexus-2.0.7.pom (17 kB at 910 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-compiler-api/2.2/plexus-compiler-api-2.2.pom Progress (1): 865 B Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-compiler-api/2.2/plexus-compiler-api-2.2.pom (865 B at 48 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-compiler/2.2/plexus-compiler-2.2.pom Progress (1): 3.6 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-compiler/2.2/plexus-compiler-2.2.pom (3.6 kB at 190 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-components/1.3.1/plexus-components-1.3.1.pom Progress (1): 3.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-components/1.3.1/plexus-components-1.3.1.pom (3.1 kB at 170 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/3.3.1/plexus-3.3.1.pom Progress (1): 4.1/20 kB Progress (1): 8.2/20 kB Progress (1): 12/20 kB Progress (1): 16/20 kB Progress (1): 20/20 kB Progress (1): 20 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/3.3.1/plexus-3.3.1.pom (20 kB at 1.0 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/spice/spice-parent/17/spice-parent-17.pom Progress (1): 4.1/6.8 kB Progress (1): 6.8 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/spice/spice-parent/17/spice-parent-17.pom (6.8 kB at 356 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/forge/forge-parent/10/forge-parent-10.pom Progress (1): 4.1/14 kB Progress (1): 8.2/14 kB Progress (1): 12/14 kB Progress (1): 14 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/forge/forge-parent/10/forge-parent-10.pom (14 kB at 714 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/3.0.8/plexus-utils-3.0.8.pom Progress (1): 3.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/3.0.8/plexus-utils-3.0.8.pom (3.1 kB at 165 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/3.2/plexus-3.2.pom Progress (1): 4.1/19 kB Progress (1): 8.2/19 kB Progress (1): 12/19 kB Progress (1): 16/19 kB Progress (1): 19 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/3.2/plexus-3.2.pom (19 kB at 937 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-compiler-manager/2.2/plexus-compiler-manager-2.2.pom Progress (1): 690 B Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-compiler-manager/2.2/plexus-compiler-manager-2.2.pom (690 B at 38 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-compiler-javac/2.2/plexus-compiler-javac-2.2.pom Progress (1): 769 B Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-compiler-javac/2.2/plexus-compiler-javac-2.2.pom (769 B at 43 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-compilers/2.2/plexus-compilers-2.2.pom Progress (1): 1.2 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-compilers/2.2/plexus-compilers-2.2.pom (1.2 kB at 65 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-container-default/1.5.5/plexus-container-default-1.5.5.pom Progress (1): 2.8 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-container-default/1.5.5/plexus-container-default-1.5.5.pom (2.8 kB at 145 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/1.4.5/plexus-utils-1.4.5.pom Progress (1): 2.3 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/1.4.5/plexus-utils-1.4.5.pom (2.3 kB at 126 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-classworlds/2.2.2/plexus-classworlds-2.2.2.pom Progress (1): 4.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-classworlds/2.2.2/plexus-classworlds-2.2.2.pom (4.0 kB at 224 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/xbean/xbean-reflect/3.4/xbean-reflect-3.4.pom Progress (1): 2.8 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/xbean/xbean-reflect/3.4/xbean-reflect-3.4.pom (2.8 kB at 148 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/xbean/xbean/3.4/xbean-3.4.pom Progress (1): 4.1/19 kB Progress (1): 8.2/19 kB Progress (1): 12/19 kB Progress (1): 16/19 kB Progress (1): 19 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/xbean/xbean/3.4/xbean-3.4.pom (19 kB at 975 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/log4j/log4j/1.2.12/log4j-1.2.12.pom Progress (1): 145 B Downloaded from central: https://repo.maven.apache.org/maven2/log4j/log4j/1.2.12/log4j-1.2.12.pom (145 B at 8.1 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/commons-logging/commons-logging-api/1.1/commons-logging-api-1.1.pom Progress (1): 4.1/5.3 kB Progress (1): 5.3 kB Downloaded from central: https://repo.maven.apache.org/maven2/commons-logging/commons-logging-api/1.1/commons-logging-api-1.1.pom (5.3 kB at 281 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/com/google/collections/google-collections/1.0/google-collections-1.0.pom Progress (1): 2.5 kB Downloaded from central: https://repo.maven.apache.org/maven2/com/google/collections/google-collections/1.0/google-collections-1.0.pom (2.5 kB at 124 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/com/google/google/1/google-1.pom Progress (1): 1.6 kB Downloaded from central: https://repo.maven.apache.org/maven2/com/google/google/1/google-1.pom (1.6 kB at 82 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/junit/junit/3.8.2/junit-3.8.2.pom Progress (1): 747 B Downloaded from central: https://repo.maven.apache.org/maven2/junit/junit/3.8.2/junit-3.8.2.pom (747 B at 39 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-api/2.0.9/maven-plugin-api-2.0.9.jar Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact/2.0.9/maven-artifact-2.0.9.jar Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/1.5.1/plexus-utils-1.5.1.jar Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-settings/2.0.9/maven-settings-2.0.9.jar Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-core/2.0.9/maven-core-2.0.9.jar Progress (1): 4.1/211 kB Progress (1): 8.2/211 kB Progress (1): 12/211 kB Progress (1): 16/211 kB Progress (1): 20/211 kB Progress (1): 25/211 kB Progress (1): 29/211 kB Progress (1): 33/211 kB Progress (2): 33/211 kB | 4.1/89 kB Progress (2): 37/211 kB | 4.1/89 kB Progress (2): 37/211 kB | 8.2/89 kB Progress (2): 41/211 kB | 8.2/89 kB Progress (2): 41/211 kB | 12/89 kB Progress (2): 45/211 kB | 12/89 kB Progress (2): 45/211 kB | 16/89 kB Progress (3): 45/211 kB | 16/89 kB | 4.1/49 kB Progress (3): 49/211 kB | 16/89 kB | 4.1/49 kB Progress (3): 49/211 kB | 16/89 kB | 8.2/49 kB Progress (3): 53/211 kB | 16/89 kB | 8.2/49 kB Progress (3): 57/211 kB | 16/89 kB | 8.2/49 kB Progress (3): 61/211 kB | 16/89 kB | 8.2/49 kB Progress (3): 65/211 kB | 16/89 kB | 8.2/49 kB Progress (4): 65/211 kB | 16/89 kB | 8.2/49 kB | 4.1/160 kB Progress (4): 69/211 kB | 16/89 kB | 8.2/49 kB | 4.1/160 kB Progress (4): 69/211 kB | 16/89 kB | 12/49 kB | 4.1/160 kB Progress (5): 69/211 kB | 16/89 kB | 12/49 kB | 4.1/160 kB | 4.1/13 kB Progress (5): 69/211 kB | 16/89 kB | 16/49 kB | 4.1/160 kB | 4.1/13 kB Progress (5): 73/211 kB | 16/89 kB | 16/49 kB | 4.1/160 kB | 4.1/13 kB Progress (5): 73/211 kB | 16/89 kB | 20/49 kB | 4.1/160 kB | 4.1/13 kB Progress (5): 73/211 kB | 16/89 kB | 20/49 kB | 8.2/160 kB | 4.1/13 kB Progress (5): 73/211 kB | 20/89 kB | 20/49 kB | 8.2/160 kB | 4.1/13 kB Progress (5): 73/211 kB | 20/89 kB | 25/49 kB | 8.2/160 kB | 4.1/13 kB Progress (5): 73/211 kB | 20/89 kB | 29/49 kB | 8.2/160 kB | 4.1/13 kB Progress (5): 73/211 kB | 20/89 kB | 33/49 kB | 8.2/160 kB | 4.1/13 kB Progress (5): 77/211 kB | 20/89 kB | 33/49 kB | 8.2/160 kB | 4.1/13 kB Progress (5): 77/211 kB | 20/89 kB | 33/49 kB | 8.2/160 kB | 8.2/13 kB Progress (5): 77/211 kB | 20/89 kB | 33/49 kB | 8.2/160 kB | 12/13 kB Progress (5): 77/211 kB | 20/89 kB | 33/49 kB | 8.2/160 kB | 13 kB Progress (5): 82/211 kB | 20/89 kB | 33/49 kB | 8.2/160 kB | 13 kB Progress (5): 82/211 kB | 20/89 kB | 37/49 kB | 8.2/160 kB | 13 kB Progress (5): 86/211 kB | 20/89 kB | 37/49 kB | 8.2/160 kB | 13 kB Progress (5): 90/211 kB | 20/89 kB | 37/49 kB | 8.2/160 kB | 13 kB Progress (5): 94/211 kB | 20/89 kB | 37/49 kB | 8.2/160 kB | 13 kB Progress (5): 98/211 kB | 20/89 kB | 37/49 kB | 8.2/160 kB | 13 kB Progress (5): 98/211 kB | 25/89 kB | 37/49 kB | 8.2/160 kB | 13 kB Progress (5): 98/211 kB | 29/89 kB | 37/49 kB | 8.2/160 kB | 13 kB Progress (5): 98/211 kB | 33/89 kB | 37/49 kB | 8.2/160 kB | 13 kB Progress (5): 98/211 kB | 33/89 kB | 37/49 kB | 12/160 kB | 13 kB Progress (5): 98/211 kB | 37/89 kB | 37/49 kB | 12/160 kB | 13 kB Progress (5): 98/211 kB | 41/89 kB | 37/49 kB | 12/160 kB | 13 kB Progress (5): 98/211 kB | 45/89 kB | 37/49 kB | 12/160 kB | 13 kB Progress (5): 98/211 kB | 49/89 kB | 37/49 kB | 12/160 kB | 13 kB Progress (5): 102/211 kB | 49/89 kB | 37/49 kB | 12/160 kB | 13 kB Progress (5): 102/211 kB | 49/89 kB | 41/49 kB | 12/160 kB | 13 kB Progress (5): 102/211 kB | 49/89 kB | 45/49 kB | 12/160 kB | 13 kB Progress (5): 102/211 kB | 49/89 kB | 49 kB | 12/160 kB | 13 kB Progress (5): 106/211 kB | 49/89 kB | 49 kB | 12/160 kB | 13 kB Progress (5): 110/211 kB | 49/89 kB | 49 kB | 12/160 kB | 13 kB Progress (5): 114/211 kB | 49/89 kB | 49 kB | 12/160 kB | 13 kB Progress (5): 114/211 kB | 49/89 kB | 49 kB | 16/160 kB | 13 kB Progress (5): 118/211 kB | 49/89 kB | 49 kB | 16/160 kB | 13 kB Progress (5): 118/211 kB | 53/89 kB | 49 kB | 16/160 kB | 13 kB Progress (5): 118/211 kB | 53/89 kB | 49 kB | 20/160 kB | 13 kB Progress (5): 122/211 kB | 53/89 kB | 49 kB | 20/160 kB | 13 kB Progress (5): 122/211 kB | 53/89 kB | 49 kB | 25/160 kB | 13 kB Progress (5): 122/211 kB | 53/89 kB | 49 kB | 29/160 kB | 13 kB Progress (5): 122/211 kB | 53/89 kB | 49 kB | 33/160 kB | 13 kB Progress (5): 122/211 kB | 57/89 kB | 49 kB | 33/160 kB | 13 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-api/2.0.9/maven-plugin-api-2.0.9.jar (13 kB at 445 kB/s) Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-settings/2.0.9/maven-settings-2.0.9.jar (49 kB at 1.8 MB/s) Progress (3): 122/211 kB | 57/89 kB | 37/160 kB Progress (3): 122/211 kB | 57/89 kB | 41/160 kB Progress (3): 122/211 kB | 57/89 kB | 45/160 kB Progress (3): 122/211 kB | 57/89 kB | 49/160 kB Progress (3): 127/211 kB | 57/89 kB | 49/160 kB Progress (3): 127/211 kB | 57/89 kB | 53/160 kB Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-profile/2.0.9/maven-profile-2.0.9.jar Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-parameter-documenter/2.0.9/maven-plugin-parameter-documenter-2.0.9.jar Progress (3): 127/211 kB | 61/89 kB | 53/160 kB Progress (3): 127/211 kB | 61/89 kB | 57/160 kB Progress (3): 127/211 kB | 66/89 kB | 57/160 kB Progress (3): 127/211 kB | 66/89 kB | 61/160 kB Progress (3): 127/211 kB | 66/89 kB | 64/160 kB Progress (3): 127/211 kB | 70/89 kB | 64/160 kB Progress (3): 127/211 kB | 74/89 kB | 64/160 kB Progress (3): 127/211 kB | 74/89 kB | 68/160 kB Progress (3): 127/211 kB | 78/89 kB | 68/160 kB Progress (3): 127/211 kB | 78/89 kB | 73/160 kB Progress (3): 127/211 kB | 82/89 kB | 73/160 kB Progress (3): 127/211 kB | 82/89 kB | 77/160 kB Progress (3): 127/211 kB | 86/89 kB | 77/160 kB Progress (3): 127/211 kB | 86/89 kB | 81/160 kB Progress (3): 127/211 kB | 89 kB | 81/160 kB Progress (3): 127/211 kB | 89 kB | 85/160 kB Progress (3): 127/211 kB | 89 kB | 89/160 kB Progress (3): 127/211 kB | 89 kB | 93/160 kB Progress (3): 127/211 kB | 89 kB | 97/160 kB Progress (3): 127/211 kB | 89 kB | 101/160 kB Progress (3): 127/211 kB | 89 kB | 105/160 kB Progress (3): 127/211 kB | 89 kB | 109/160 kB Progress (3): 127/211 kB | 89 kB | 113/160 kB Progress (3): 127/211 kB | 89 kB | 118/160 kB Progress (3): 127/211 kB | 89 kB | 122/160 kB Progress (3): 127/211 kB | 89 kB | 126/160 kB Progress (3): 127/211 kB | 89 kB | 130/160 kB Progress (3): 127/211 kB | 89 kB | 134/160 kB Progress (3): 127/211 kB | 89 kB | 138/160 kB Progress (3): 127/211 kB | 89 kB | 142/160 kB Progress (3): 127/211 kB | 89 kB | 146/160 kB Progress (3): 127/211 kB | 89 kB | 150/160 kB Progress (3): 127/211 kB | 89 kB | 154/160 kB Progress (3): 127/211 kB | 89 kB | 159/160 kB Progress (3): 127/211 kB | 89 kB | 160 kB Progress (3): 131/211 kB | 89 kB | 160 kB Progress (3): 135/211 kB | 89 kB | 160 kB Progress (3): 139/211 kB | 89 kB | 160 kB Progress (3): 143/211 kB | 89 kB | 160 kB Progress (3): 147/211 kB | 89 kB | 160 kB Progress (3): 151/211 kB | 89 kB | 160 kB Progress (3): 155/211 kB | 89 kB | 160 kB Progress (3): 159/211 kB | 89 kB | 160 kB Progress (3): 163/211 kB | 89 kB | 160 kB Progress (3): 168/211 kB | 89 kB | 160 kB Progress (3): 172/211 kB | 89 kB | 160 kB Progress (3): 176/211 kB | 89 kB | 160 kB Progress (3): 180/211 kB | 89 kB | 160 kB Progress (3): 184/211 kB | 89 kB | 160 kB Progress (3): 188/211 kB | 89 kB | 160 kB Progress (3): 192/211 kB | 89 kB | 160 kB Progress (3): 196/211 kB | 89 kB | 160 kB Progress (3): 200/211 kB | 89 kB | 160 kB Progress (3): 204/211 kB | 89 kB | 160 kB Progress (3): 208/211 kB | 89 kB | 160 kB Progress (3): 211 kB | 89 kB | 160 kB Progress (4): 211 kB | 89 kB | 160 kB | 4.1/35 kB Progress (4): 211 kB | 89 kB | 160 kB | 8.2/35 kB Progress (4): 211 kB | 89 kB | 160 kB | 12/35 kB Progress (4): 211 kB | 89 kB | 160 kB | 16/35 kB Progress (4): 211 kB | 89 kB | 160 kB | 20/35 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact/2.0.9/maven-artifact-2.0.9.jar (89 kB at 2.3 MB/s) Progress (3): 211 kB | 160 kB | 24/35 kB Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-model/2.0.9/maven-model-2.0.9.jar Progress (3): 211 kB | 160 kB | 28/35 kB Progress (3): 211 kB | 160 kB | 32/35 kB Progress (3): 211 kB | 160 kB | 35 kB Progress (4): 211 kB | 160 kB | 35 kB | 4.1/21 kB Progress (4): 211 kB | 160 kB | 35 kB | 8.2/21 kB Progress (4): 211 kB | 160 kB | 35 kB | 12/21 kB Progress (4): 211 kB | 160 kB | 35 kB | 16/21 kB Progress (4): 211 kB | 160 kB | 35 kB | 20/21 kB Progress (4): 211 kB | 160 kB | 35 kB | 21 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-core/2.0.9/maven-core-2.0.9.jar (160 kB at 3.8 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-repository-metadata/2.0.9/maven-repository-metadata-2.0.9.jar Progress (4): 211 kB | 35 kB | 21 kB | 4.1/87 kB Progress (4): 211 kB | 35 kB | 21 kB | 8.2/87 kB Progress (4): 211 kB | 35 kB | 21 kB | 12/87 kB Progress (4): 211 kB | 35 kB | 21 kB | 16/87 kB Progress (4): 211 kB | 35 kB | 21 kB | 20/87 kB Progress (4): 211 kB | 35 kB | 21 kB | 25/87 kB Progress (4): 211 kB | 35 kB | 21 kB | 29/87 kB Progress (4): 211 kB | 35 kB | 21 kB | 33/87 kB Progress (4): 211 kB | 35 kB | 21 kB | 37/87 kB Progress (4): 211 kB | 35 kB | 21 kB | 41/87 kB Progress (4): 211 kB | 35 kB | 21 kB | 45/87 kB Progress (4): 211 kB | 35 kB | 21 kB | 49/87 kB Progress (4): 211 kB | 35 kB | 21 kB | 53/87 kB Progress (4): 211 kB | 35 kB | 21 kB | 57/87 kB Progress (4): 211 kB | 35 kB | 21 kB | 61/87 kB Progress (4): 211 kB | 35 kB | 21 kB | 66/87 kB Progress (4): 211 kB | 35 kB | 21 kB | 70/87 kB Progress (4): 211 kB | 35 kB | 21 kB | 74/87 kB Progress (4): 211 kB | 35 kB | 21 kB | 78/87 kB Progress (4): 211 kB | 35 kB | 21 kB | 82/87 kB Progress (4): 211 kB | 35 kB | 21 kB | 86/87 kB Progress (4): 211 kB | 35 kB | 21 kB | 87 kB Progress (5): 211 kB | 35 kB | 21 kB | 87 kB | 4.1/25 kB Progress (5): 211 kB | 35 kB | 21 kB | 87 kB | 8.2/25 kB Progress (5): 211 kB | 35 kB | 21 kB | 87 kB | 12/25 kB Progress (5): 211 kB | 35 kB | 21 kB | 87 kB | 16/25 kB Progress (5): 211 kB | 35 kB | 21 kB | 87 kB | 20/25 kB Progress (5): 211 kB | 35 kB | 21 kB | 87 kB | 25 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-parameter-documenter/2.0.9/maven-plugin-parameter-documenter-2.0.9.jar (21 kB at 418 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-error-diagnostics/2.0.9/maven-error-diagnostics-2.0.9.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-profile/2.0.9/maven-profile-2.0.9.jar (35 kB at 693 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-project/2.0.9/maven-project-2.0.9.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/1.5.1/plexus-utils-1.5.1.jar (211 kB at 3.8 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-registry/2.0.9/maven-plugin-registry-2.0.9.jar Progress (3): 87 kB | 25 kB | 4.1/14 kB Progress (3): 87 kB | 25 kB | 8.2/14 kB Progress (3): 87 kB | 25 kB | 12/14 kB Progress (3): 87 kB | 25 kB | 14 kB Progress (4): 87 kB | 25 kB | 14 kB | 4.1/122 kB Progress (4): 87 kB | 25 kB | 14 kB | 8.2/122 kB Progress (4): 87 kB | 25 kB | 14 kB | 12/122 kB Progress (4): 87 kB | 25 kB | 14 kB | 16/122 kB Progress (4): 87 kB | 25 kB | 14 kB | 20/122 kB Progress (4): 87 kB | 25 kB | 14 kB | 25/122 kB Progress (4): 87 kB | 25 kB | 14 kB | 29/122 kB Progress (4): 87 kB | 25 kB | 14 kB | 33/122 kB Progress (4): 87 kB | 25 kB | 14 kB | 37/122 kB Progress (4): 87 kB | 25 kB | 14 kB | 41/122 kB Progress (4): 87 kB | 25 kB | 14 kB | 45/122 kB Progress (4): 87 kB | 25 kB | 14 kB | 49/122 kB Progress (4): 87 kB | 25 kB | 14 kB | 53/122 kB Progress (4): 87 kB | 25 kB | 14 kB | 57/122 kB Progress (4): 87 kB | 25 kB | 14 kB | 61/122 kB Progress (4): 87 kB | 25 kB | 14 kB | 66/122 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-repository-metadata/2.0.9/maven-repository-metadata-2.0.9.jar (25 kB at 409 kB/s) Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-model/2.0.9/maven-model-2.0.9.jar (87 kB at 1.5 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-descriptor/2.0.9/maven-plugin-descriptor-2.0.9.jar Progress (2): 14 kB | 70/122 kB Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact-manager/2.0.9/maven-artifact-manager-2.0.9.jar Progress (2): 14 kB | 74/122 kB Progress (2): 14 kB | 78/122 kB Progress (2): 14 kB | 82/122 kB Progress (2): 14 kB | 86/122 kB Progress (2): 14 kB | 90/122 kB Progress (2): 14 kB | 94/122 kB Progress (2): 14 kB | 98/122 kB Progress (2): 14 kB | 102/122 kB Progress (2): 14 kB | 106/122 kB Progress (2): 14 kB | 111/122 kB Progress (2): 14 kB | 115/122 kB Progress (2): 14 kB | 119/122 kB Progress (2): 14 kB | 122 kB Progress (3): 14 kB | 122 kB | 4.1/29 kB Progress (3): 14 kB | 122 kB | 8.2/29 kB Progress (3): 14 kB | 122 kB | 12/29 kB Progress (3): 14 kB | 122 kB | 16/29 kB Progress (3): 14 kB | 122 kB | 20/29 kB Progress (3): 14 kB | 122 kB | 25/29 kB Progress (3): 14 kB | 122 kB | 29/29 kB Progress (3): 14 kB | 122 kB | 29 kB Progress (4): 14 kB | 122 kB | 29 kB | 4.1/58 kB Progress (4): 14 kB | 122 kB | 29 kB | 8.2/58 kB Progress (4): 14 kB | 122 kB | 29 kB | 12/58 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-error-diagnostics/2.0.9/maven-error-diagnostics-2.0.9.jar (14 kB at 203 kB/s) Progress (3): 122 kB | 29 kB | 16/58 kB Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-monitor/2.0.9/maven-monitor-2.0.9.jar Progress (3): 122 kB | 29 kB | 20/58 kB Progress (3): 122 kB | 29 kB | 25/58 kB Progress (3): 122 kB | 29 kB | 29/58 kB Progress (3): 122 kB | 29 kB | 33/58 kB Progress (4): 122 kB | 29 kB | 33/58 kB | 4.1/37 kB Progress (4): 122 kB | 29 kB | 37/58 kB | 4.1/37 kB Progress (4): 122 kB | 29 kB | 37/58 kB | 8.2/37 kB Progress (4): 122 kB | 29 kB | 41/58 kB | 8.2/37 kB Progress (4): 122 kB | 29 kB | 41/58 kB | 12/37 kB Progress (4): 122 kB | 29 kB | 45/58 kB | 12/37 kB Progress (4): 122 kB | 29 kB | 45/58 kB | 16/37 kB Progress (4): 122 kB | 29 kB | 49/58 kB | 16/37 kB Progress (4): 122 kB | 29 kB | 49/58 kB | 20/37 kB Progress (4): 122 kB | 29 kB | 53/58 kB | 20/37 kB Progress (4): 122 kB | 29 kB | 53/58 kB | 25/37 kB Progress (4): 122 kB | 29 kB | 57/58 kB | 25/37 kB Progress (4): 122 kB | 29 kB | 57/58 kB | 29/37 kB Progress (4): 122 kB | 29 kB | 58 kB | 29/37 kB Progress (4): 122 kB | 29 kB | 58 kB | 33/37 kB Progress (4): 122 kB | 29 kB | 58 kB | 37/37 kB Progress (4): 122 kB | 29 kB | 58 kB | 37 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-registry/2.0.9/maven-plugin-registry-2.0.9.jar (29 kB at 409 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-toolchain/1.0/maven-toolchain-1.0.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-project/2.0.9/maven-project-2.0.9.jar (122 kB at 1.7 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-utils/0.1/maven-shared-utils-0.1.jar Progress (3): 58 kB | 37 kB | 4.1/10 kB Progress (3): 58 kB | 37 kB | 8.2/10 kB Progress (3): 58 kB | 37 kB | 10 kB Progress (4): 58 kB | 37 kB | 10 kB | 4.1/33 kB Progress (4): 58 kB | 37 kB | 10 kB | 8.2/33 kB Progress (4): 58 kB | 37 kB | 10 kB | 12/33 kB Progress (4): 58 kB | 37 kB | 10 kB | 16/33 kB Progress (4): 58 kB | 37 kB | 10 kB | 20/33 kB Progress (4): 58 kB | 37 kB | 10 kB | 25/33 kB Progress (4): 58 kB | 37 kB | 10 kB | 29/33 kB Progress (4): 58 kB | 37 kB | 10 kB | 33/33 kB Progress (4): 58 kB | 37 kB | 10 kB | 33 kB Progress (5): 58 kB | 37 kB | 10 kB | 33 kB | 4.1/155 kB Progress (5): 58 kB | 37 kB | 10 kB | 33 kB | 8.2/155 kB Progress (5): 58 kB | 37 kB | 10 kB | 33 kB | 12/155 kB Progress (5): 58 kB | 37 kB | 10 kB | 33 kB | 16/155 kB Progress (5): 58 kB | 37 kB | 10 kB | 33 kB | 20/155 kB Progress (5): 58 kB | 37 kB | 10 kB | 33 kB | 25/155 kB Progress (5): 58 kB | 37 kB | 10 kB | 33 kB | 29/155 kB Progress (5): 58 kB | 37 kB | 10 kB | 33 kB | 33/155 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-descriptor/2.0.9/maven-plugin-descriptor-2.0.9.jar (37 kB at 446 kB/s) Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact-manager/2.0.9/maven-artifact-manager-2.0.9.jar (58 kB at 697 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/com/google/code/findbugs/jsr305/2.0.1/jsr305-2.0.1.jar Progress (3): 10 kB | 33 kB | 37/155 kB Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-incremental/1.1/maven-shared-incremental-1.1.jar Progress (3): 10 kB | 33 kB | 41/155 kB Progress (3): 10 kB | 33 kB | 45/155 kB Progress (3): 10 kB | 33 kB | 49/155 kB Progress (3): 10 kB | 33 kB | 53/155 kB Progress (3): 10 kB | 33 kB | 57/155 kB Progress (3): 10 kB | 33 kB | 61/155 kB Progress (3): 10 kB | 33 kB | 64/155 kB Progress (3): 10 kB | 33 kB | 68/155 kB Progress (3): 10 kB | 33 kB | 73/155 kB Progress (3): 10 kB | 33 kB | 77/155 kB Progress (3): 10 kB | 33 kB | 81/155 kB Progress (3): 10 kB | 33 kB | 85/155 kB Progress (3): 10 kB | 33 kB | 89/155 kB Progress (3): 10 kB | 33 kB | 93/155 kB Progress (3): 10 kB | 33 kB | 97/155 kB Progress (3): 10 kB | 33 kB | 101/155 kB Progress (3): 10 kB | 33 kB | 105/155 kB Progress (3): 10 kB | 33 kB | 109/155 kB Progress (3): 10 kB | 33 kB | 113/155 kB Progress (4): 10 kB | 33 kB | 113/155 kB | 4.1/14 kB Progress (4): 10 kB | 33 kB | 113/155 kB | 8.2/14 kB Progress (4): 10 kB | 33 kB | 113/155 kB | 12/14 kB Progress (4): 10 kB | 33 kB | 113/155 kB | 14 kB Progress (5): 10 kB | 33 kB | 113/155 kB | 14 kB | 4.1/32 kB Progress (5): 10 kB | 33 kB | 118/155 kB | 14 kB | 4.1/32 kB Progress (5): 10 kB | 33 kB | 118/155 kB | 14 kB | 8.2/32 kB Progress (5): 10 kB | 33 kB | 122/155 kB | 14 kB | 8.2/32 kB Progress (5): 10 kB | 33 kB | 122/155 kB | 14 kB | 12/32 kB Progress (5): 10 kB | 33 kB | 126/155 kB | 14 kB | 12/32 kB Progress (5): 10 kB | 33 kB | 126/155 kB | 14 kB | 16/32 kB Progress (5): 10 kB | 33 kB | 130/155 kB | 14 kB | 16/32 kB Progress (5): 10 kB | 33 kB | 134/155 kB | 14 kB | 16/32 kB Progress (5): 10 kB | 33 kB | 138/155 kB | 14 kB | 16/32 kB Progress (5): 10 kB | 33 kB | 138/155 kB | 14 kB | 20/32 kB Progress (5): 10 kB | 33 kB | 142/155 kB | 14 kB | 20/32 kB Progress (5): 10 kB | 33 kB | 142/155 kB | 14 kB | 25/32 kB Progress (5): 10 kB | 33 kB | 142/155 kB | 14 kB | 29/32 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-monitor/2.0.9/maven-monitor-2.0.9.jar (10 kB at 112 kB/s) Progress (4): 33 kB | 146/155 kB | 14 kB | 29/32 kB Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-component-annotations/1.5.5/plexus-component-annotations-1.5.5.jar Progress (4): 33 kB | 146/155 kB | 14 kB | 32 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-toolchain/1.0/maven-toolchain-1.0.jar (33 kB at 354 kB/s) Progress (3): 150/155 kB | 14 kB | 32 kB Progress (3): 154/155 kB | 14 kB | 32 kB Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-compiler-api/2.2/plexus-compiler-api-2.2.jar Progress (3): 155 kB | 14 kB | 32 kB Progress (4): 155 kB | 14 kB | 32 kB | 4.1/4.2 kB Progress (4): 155 kB | 14 kB | 32 kB | 4.2 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-incremental/1.1/maven-shared-incremental-1.1.jar (14 kB at 133 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-compiler-manager/2.2/plexus-compiler-manager-2.2.jar Progress (4): 155 kB | 32 kB | 4.2 kB | 4.1/25 kB Progress (4): 155 kB | 32 kB | 4.2 kB | 8.2/25 kB Progress (4): 155 kB | 32 kB | 4.2 kB | 12/25 kB Progress (4): 155 kB | 32 kB | 4.2 kB | 16/25 kB Progress (4): 155 kB | 32 kB | 4.2 kB | 20/25 kB Progress (4): 155 kB | 32 kB | 4.2 kB | 25/25 kB Progress (4): 155 kB | 32 kB | 4.2 kB | 25 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-utils/0.1/maven-shared-utils-0.1.jar (155 kB at 1.5 MB/s) Downloaded from central: https://repo.maven.apache.org/maven2/com/google/code/findbugs/jsr305/2.0.1/jsr305-2.0.1.jar (32 kB at 303 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-container-default/1.5.5/plexus-container-default-1.5.5.jar Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-compiler-javac/2.2/plexus-compiler-javac-2.2.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-component-annotations/1.5.5/plexus-component-annotations-1.5.5.jar (4.2 kB at 39 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-classworlds/2.2.2/plexus-classworlds-2.2.2.jar Progress (2): 25 kB | 4.1/4.6 kB Progress (2): 25 kB | 4.6 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-compiler-api/2.2/plexus-compiler-api-2.2.jar (25 kB at 223 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/xbean/xbean-reflect/3.4/xbean-reflect-3.4.jar Progress (2): 4.6 kB | 4.1/217 kB Progress (2): 4.6 kB | 8.2/217 kB Progress (2): 4.6 kB | 12/217 kB Progress (2): 4.6 kB | 16/217 kB Progress (2): 4.6 kB | 20/217 kB Progress (2): 4.6 kB | 25/217 kB Progress (2): 4.6 kB | 29/217 kB Progress (2): 4.6 kB | 33/217 kB Progress (2): 4.6 kB | 37/217 kB Progress (2): 4.6 kB | 41/217 kB Progress (2): 4.6 kB | 45/217 kB Progress (2): 4.6 kB | 49/217 kB Progress (2): 4.6 kB | 53/217 kB Progress (2): 4.6 kB | 57/217 kB Progress (2): 4.6 kB | 61/217 kB Progress (2): 4.6 kB | 66/217 kB Progress (2): 4.6 kB | 70/217 kB Progress (2): 4.6 kB | 74/217 kB Progress (2): 4.6 kB | 78/217 kB Progress (2): 4.6 kB | 82/217 kB Progress (2): 4.6 kB | 86/217 kB Progress (2): 4.6 kB | 90/217 kB Progress (2): 4.6 kB | 94/217 kB Progress (2): 4.6 kB | 98/217 kB Progress (3): 4.6 kB | 98/217 kB | 4.1/19 kB Progress (3): 4.6 kB | 102/217 kB | 4.1/19 kB Progress (3): 4.6 kB | 106/217 kB | 4.1/19 kB Progress (3): 4.6 kB | 106/217 kB | 8.2/19 kB Progress (3): 4.6 kB | 111/217 kB | 8.2/19 kB Progress (4): 4.6 kB | 111/217 kB | 8.2/19 kB | 4.1/46 kB Progress (4): 4.6 kB | 115/217 kB | 8.2/19 kB | 4.1/46 kB Progress (4): 4.6 kB | 115/217 kB | 12/19 kB | 4.1/46 kB Progress (4): 4.6 kB | 119/217 kB | 12/19 kB | 4.1/46 kB Progress (4): 4.6 kB | 119/217 kB | 12/19 kB | 8.2/46 kB Progress (4): 4.6 kB | 123/217 kB | 12/19 kB | 8.2/46 kB Progress (4): 4.6 kB | 123/217 kB | 16/19 kB | 8.2/46 kB Progress (4): 4.6 kB | 127/217 kB | 16/19 kB | 8.2/46 kB Progress (4): 4.6 kB | 127/217 kB | 16/19 kB | 12/46 kB Progress (4): 4.6 kB | 127/217 kB | 19 kB | 12/46 kB Progress (4): 4.6 kB | 131/217 kB | 19 kB | 12/46 kB Progress (4): 4.6 kB | 131/217 kB | 19 kB | 16/46 kB Progress (4): 4.6 kB | 135/217 kB | 19 kB | 16/46 kB Progress (4): 4.6 kB | 139/217 kB | 19 kB | 16/46 kB Progress (4): 4.6 kB | 139/217 kB | 19 kB | 20/46 kB Progress (4): 4.6 kB | 143/217 kB | 19 kB | 20/46 kB Progress (4): 4.6 kB | 143/217 kB | 19 kB | 25/46 kB Progress (4): 4.6 kB | 147/217 kB | 19 kB | 25/46 kB Progress (4): 4.6 kB | 147/217 kB | 19 kB | 29/46 kB Progress (4): 4.6 kB | 152/217 kB | 19 kB | 29/46 kB Progress (4): 4.6 kB | 152/217 kB | 19 kB | 33/46 kB Progress (4): 4.6 kB | 156/217 kB | 19 kB | 33/46 kB Progress (4): 4.6 kB | 160/217 kB | 19 kB | 33/46 kB Progress (4): 4.6 kB | 164/217 kB | 19 kB | 33/46 kB Progress (4): 4.6 kB | 168/217 kB | 19 kB | 33/46 kB Progress (4): 4.6 kB | 168/217 kB | 19 kB | 37/46 kB Progress (4): 4.6 kB | 172/217 kB | 19 kB | 37/46 kB Progress (4): 4.6 kB | 172/217 kB | 19 kB | 41/46 kB Progress (4): 4.6 kB | 176/217 kB | 19 kB | 41/46 kB Progress (4): 4.6 kB | 176/217 kB | 19 kB | 45/46 kB Progress (4): 4.6 kB | 180/217 kB | 19 kB | 45/46 kB Progress (4): 4.6 kB | 180/217 kB | 19 kB | 46 kB Progress (4): 4.6 kB | 184/217 kB | 19 kB | 46 kB Progress (4): 4.6 kB | 188/217 kB | 19 kB | 46 kB Progress (4): 4.6 kB | 193/217 kB | 19 kB | 46 kB Progress (4): 4.6 kB | 197/217 kB | 19 kB | 46 kB Progress (4): 4.6 kB | 201/217 kB | 19 kB | 46 kB Progress (4): 4.6 kB | 205/217 kB | 19 kB | 46 kB Progress (4): 4.6 kB | 209/217 kB | 19 kB | 46 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-compiler-manager/2.2/plexus-compiler-manager-2.2.jar (4.6 kB at 39 kB/s) Progress (3): 213/217 kB | 19 kB | 46 kB Downloading from central: https://repo.maven.apache.org/maven2/log4j/log4j/1.2.12/log4j-1.2.12.jar Progress (3): 217 kB | 19 kB | 46 kB Progress (4): 217 kB | 19 kB | 46 kB | 4.1/134 kB Progress (4): 217 kB | 19 kB | 46 kB | 8.2/134 kB Progress (4): 217 kB | 19 kB | 46 kB | 12/134 kB Progress (4): 217 kB | 19 kB | 46 kB | 16/134 kB Progress (4): 217 kB | 19 kB | 46 kB | 20/134 kB Progress (4): 217 kB | 19 kB | 46 kB | 25/134 kB Progress (4): 217 kB | 19 kB | 46 kB | 29/134 kB Progress (4): 217 kB | 19 kB | 46 kB | 33/134 kB Progress (4): 217 kB | 19 kB | 46 kB | 37/134 kB Progress (4): 217 kB | 19 kB | 46 kB | 41/134 kB Progress (4): 217 kB | 19 kB | 46 kB | 45/134 kB Progress (4): 217 kB | 19 kB | 46 kB | 49/134 kB Progress (4): 217 kB | 19 kB | 46 kB | 53/134 kB Progress (4): 217 kB | 19 kB | 46 kB | 57/134 kB Progress (4): 217 kB | 19 kB | 46 kB | 61/134 kB Progress (4): 217 kB | 19 kB | 46 kB | 66/134 kB Progress (4): 217 kB | 19 kB | 46 kB | 70/134 kB Progress (4): 217 kB | 19 kB | 46 kB | 74/134 kB Progress (4): 217 kB | 19 kB | 46 kB | 78/134 kB Progress (4): 217 kB | 19 kB | 46 kB | 82/134 kB Progress (4): 217 kB | 19 kB | 46 kB | 86/134 kB Progress (4): 217 kB | 19 kB | 46 kB | 90/134 kB Progress (4): 217 kB | 19 kB | 46 kB | 94/134 kB Progress (4): 217 kB | 19 kB | 46 kB | 98/134 kB Progress (4): 217 kB | 19 kB | 46 kB | 102/134 kB Progress (4): 217 kB | 19 kB | 46 kB | 106/134 kB Progress (4): 217 kB | 19 kB | 46 kB | 111/134 kB Progress (4): 217 kB | 19 kB | 46 kB | 115/134 kB Progress (4): 217 kB | 19 kB | 46 kB | 119/134 kB Progress (4): 217 kB | 19 kB | 46 kB | 123/134 kB Progress (4): 217 kB | 19 kB | 46 kB | 127/134 kB Progress (4): 217 kB | 19 kB | 46 kB | 131/134 kB Progress (4): 217 kB | 19 kB | 46 kB | 134 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 4.1/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 8.2/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 12/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 16/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 20/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 25/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 29/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 33/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 37/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 41/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 45/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 49/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 53/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 57/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 61/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 66/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 70/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 74/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 78/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 82/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 86/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 90/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 94/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 98/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 102/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 106/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 111/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 115/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 119/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 123/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 127/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 131/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 135/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 139/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 143/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 147/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 152/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 156/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 160/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 164/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 168/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 172/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 176/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 180/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 184/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 188/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 193/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 197/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 201/358 kB Progress (5): 217 kB | 19 kB | 46 kB | 134 kB | 205/358 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-container-default/1.5.5/plexus-container-default-1.5.5.jar (217 kB at 1.7 MB/s) Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-compiler-javac/2.2/plexus-compiler-javac-2.2.jar (19 kB at 146 kB/s) Progress (3): 46 kB | 134 kB | 209/358 kB Downloading from central: https://repo.maven.apache.org/maven2/com/google/collections/google-collections/1.0/google-collections-1.0.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-classworlds/2.2.2/plexus-classworlds-2.2.2.jar (46 kB at 352 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/commons-logging/commons-logging-api/1.1/commons-logging-api-1.1.jar Downloading from central: https://repo.maven.apache.org/maven2/junit/junit/3.8.2/junit-3.8.2.jar Progress (2): 134 kB | 213/358 kB Progress (2): 134 kB | 217/358 kB Progress (2): 134 kB | 221/358 kB Progress (2): 134 kB | 225/358 kB Progress (2): 134 kB | 229/358 kB Progress (2): 134 kB | 233/358 kB Progress (2): 134 kB | 238/358 kB Progress (2): 134 kB | 242/358 kB Progress (2): 134 kB | 246/358 kB Progress (2): 134 kB | 250/358 kB Progress (2): 134 kB | 254/358 kB Progress (2): 134 kB | 258/358 kB Progress (2): 134 kB | 262/358 kB Progress (2): 134 kB | 266/358 kB Progress (2): 134 kB | 270/358 kB Progress (2): 134 kB | 274/358 kB Progress (2): 134 kB | 279/358 kB Progress (2): 134 kB | 283/358 kB Progress (2): 134 kB | 287/358 kB Progress (2): 134 kB | 291/358 kB Progress (2): 134 kB | 295/358 kB Progress (2): 134 kB | 299/358 kB Progress (2): 134 kB | 303/358 kB Progress (2): 134 kB | 307/358 kB Progress (2): 134 kB | 311/358 kB Progress (2): 134 kB | 315/358 kB Progress (2): 134 kB | 319/358 kB Progress (2): 134 kB | 324/358 kB Progress (2): 134 kB | 328/358 kB Progress (2): 134 kB | 332/358 kB Progress (2): 134 kB | 336/358 kB Progress (2): 134 kB | 340/358 kB Progress (2): 134 kB | 344/358 kB Progress (2): 134 kB | 348/358 kB Progress (2): 134 kB | 352/358 kB Progress (2): 134 kB | 356/358 kB Progress (2): 134 kB | 358 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/xbean/xbean-reflect/3.4/xbean-reflect-3.4.jar (134 kB at 999 kB/s) Progress (2): 358 kB | 4.1/45 kB Progress (2): 358 kB | 8.2/45 kB Progress (3): 358 kB | 8.2/45 kB | 4.1/640 kB Progress (4): 358 kB | 8.2/45 kB | 4.1/640 kB | 4.1/121 kB Progress (4): 358 kB | 12/45 kB | 4.1/640 kB | 4.1/121 kB Progress (4): 358 kB | 12/45 kB | 4.1/640 kB | 8.2/121 kB Progress (4): 358 kB | 12/45 kB | 8.2/640 kB | 8.2/121 kB Progress (4): 358 kB | 12/45 kB | 12/640 kB | 8.2/121 kB Progress (4): 358 kB | 12/45 kB | 16/640 kB | 8.2/121 kB Progress (4): 358 kB | 12/45 kB | 16/640 kB | 12/121 kB Progress (4): 358 kB | 16/45 kB | 16/640 kB | 12/121 kB Progress (4): 358 kB | 20/45 kB | 16/640 kB | 12/121 kB Progress (4): 358 kB | 25/45 kB | 16/640 kB | 12/121 kB Progress (4): 358 kB | 29/45 kB | 16/640 kB | 12/121 kB Progress (4): 358 kB | 33/45 kB | 16/640 kB | 12/121 kB Progress (4): 358 kB | 33/45 kB | 16/640 kB | 16/121 kB Progress (4): 358 kB | 33/45 kB | 20/640 kB | 16/121 kB Progress (4): 358 kB | 37/45 kB | 20/640 kB | 16/121 kB Progress (4): 358 kB | 37/45 kB | 20/640 kB | 20/121 kB Progress (4): 358 kB | 37/45 kB | 25/640 kB | 20/121 kB Progress (4): 358 kB | 37/45 kB | 29/640 kB | 20/121 kB Progress (4): 358 kB | 37/45 kB | 33/640 kB | 20/121 kB Progress (4): 358 kB | 37/45 kB | 33/640 kB | 25/121 kB Progress (4): 358 kB | 41/45 kB | 33/640 kB | 25/121 kB Progress (4): 358 kB | 45 kB | 33/640 kB | 25/121 kB Progress (4): 358 kB | 45 kB | 33/640 kB | 29/121 kB Progress (4): 358 kB | 45 kB | 37/640 kB | 29/121 kB Progress (4): 358 kB | 45 kB | 41/640 kB | 29/121 kB Progress (4): 358 kB | 45 kB | 45/640 kB | 29/121 kB Progress (4): 358 kB | 45 kB | 49/640 kB | 29/121 kB Progress (4): 358 kB | 45 kB | 53/640 kB | 29/121 kB Progress (4): 358 kB | 45 kB | 57/640 kB | 29/121 kB Progress (4): 358 kB | 45 kB | 61/640 kB | 29/121 kB Progress (4): 358 kB | 45 kB | 64/640 kB | 29/121 kB Progress (4): 358 kB | 45 kB | 64/640 kB | 33/121 kB Progress (4): 358 kB | 45 kB | 68/640 kB | 33/121 kB Progress (4): 358 kB | 45 kB | 72/640 kB | 33/121 kB Progress (4): 358 kB | 45 kB | 72/640 kB | 37/121 kB Progress (4): 358 kB | 45 kB | 76/640 kB | 37/121 kB Progress (4): 358 kB | 45 kB | 80/640 kB | 37/121 kB Progress (4): 358 kB | 45 kB | 84/640 kB | 37/121 kB Progress (4): 358 kB | 45 kB | 88/640 kB | 37/121 kB Progress (4): 358 kB | 45 kB | 88/640 kB | 41/121 kB Progress (4): 358 kB | 45 kB | 93/640 kB | 41/121 kB Progress (4): 358 kB | 45 kB | 93/640 kB | 45/121 kB Progress (4): 358 kB | 45 kB | 97/640 kB | 45/121 kB Progress (4): 358 kB | 45 kB | 97/640 kB | 49/121 kB Progress (4): 358 kB | 45 kB | 101/640 kB | 49/121 kB Progress (4): 358 kB | 45 kB | 105/640 kB | 49/121 kB Progress (4): 358 kB | 45 kB | 105/640 kB | 53/121 kB Progress (4): 358 kB | 45 kB | 109/640 kB | 53/121 kB Progress (4): 358 kB | 45 kB | 109/640 kB | 57/121 kB Progress (4): 358 kB | 45 kB | 113/640 kB | 57/121 kB Progress (4): 358 kB | 45 kB | 113/640 kB | 61/121 kB Progress (4): 358 kB | 45 kB | 113/640 kB | 66/121 kB Progress (4): 358 kB | 45 kB | 117/640 kB | 66/121 kB Progress (4): 358 kB | 45 kB | 117/640 kB | 70/121 kB Progress (4): 358 kB | 45 kB | 121/640 kB | 70/121 kB Progress (4): 358 kB | 45 kB | 121/640 kB | 74/121 kB Progress (4): 358 kB | 45 kB | 125/640 kB | 74/121 kB Progress (4): 358 kB | 45 kB | 125/640 kB | 78/121 kB Progress (4): 358 kB | 45 kB | 129/640 kB | 78/121 kB Progress (4): 358 kB | 45 kB | 129/640 kB | 82/121 kB Progress (4): 358 kB | 45 kB | 133/640 kB | 82/121 kB Progress (4): 358 kB | 45 kB | 133/640 kB | 86/121 kB Progress (4): 358 kB | 45 kB | 138/640 kB | 86/121 kB Progress (4): 358 kB | 45 kB | 138/640 kB | 90/121 kB Progress (4): 358 kB | 45 kB | 142/640 kB | 90/121 kB Progress (4): 358 kB | 45 kB | 142/640 kB | 94/121 kB Progress (4): 358 kB | 45 kB | 146/640 kB | 94/121 kB Progress (4): 358 kB | 45 kB | 146/640 kB | 98/121 kB Progress (4): 358 kB | 45 kB | 150/640 kB | 98/121 kB Progress (4): 358 kB | 45 kB | 150/640 kB | 102/121 kB Progress (4): 358 kB | 45 kB | 154/640 kB | 102/121 kB Progress (4): 358 kB | 45 kB | 154/640 kB | 106/121 kB Progress (4): 358 kB | 45 kB | 158/640 kB | 106/121 kB Progress (4): 358 kB | 45 kB | 158/640 kB | 111/121 kB Progress (4): 358 kB | 45 kB | 162/640 kB | 111/121 kB Progress (4): 358 kB | 45 kB | 162/640 kB | 115/121 kB Progress (4): 358 kB | 45 kB | 162/640 kB | 119/121 kB Progress (4): 358 kB | 45 kB | 162/640 kB | 121 kB Progress (4): 358 kB | 45 kB | 166/640 kB | 121 kB Progress (4): 358 kB | 45 kB | 170/640 kB | 121 kB Progress (4): 358 kB | 45 kB | 174/640 kB | 121 kB Progress (4): 358 kB | 45 kB | 179/640 kB | 121 kB Progress (4): 358 kB | 45 kB | 183/640 kB | 121 kB Progress (4): 358 kB | 45 kB | 187/640 kB | 121 kB Progress (4): 358 kB | 45 kB | 191/640 kB | 121 kB Progress (4): 358 kB | 45 kB | 195/640 kB | 121 kB Downloaded from central: https://repo.maven.apache.org/maven2/log4j/log4j/1.2.12/log4j-1.2.12.jar (358 kB at 2.4 MB/s) Progress (3): 45 kB | 199/640 kB | 121 kB Progress (3): 45 kB | 203/640 kB | 121 kB Progress (3): 45 kB | 207/640 kB | 121 kB Progress (3): 45 kB | 211/640 kB | 121 kB Progress (3): 45 kB | 215/640 kB | 121 kB Progress (3): 45 kB | 219/640 kB | 121 kB Progress (3): 45 kB | 224/640 kB | 121 kB Progress (3): 45 kB | 228/640 kB | 121 kB Downloaded from central: https://repo.maven.apache.org/maven2/commons-logging/commons-logging-api/1.1/commons-logging-api-1.1.jar (45 kB at 297 kB/s) Progress (2): 232/640 kB | 121 kB Progress (2): 236/640 kB | 121 kB Progress (2): 240/640 kB | 121 kB Progress (2): 244/640 kB | 121 kB Progress (2): 248/640 kB | 121 kB Progress (2): 252/640 kB | 121 kB Progress (2): 256/640 kB | 121 kB Progress (2): 260/640 kB | 121 kB Progress (2): 265/640 kB | 121 kB Progress (2): 269/640 kB | 121 kB Progress (2): 273/640 kB | 121 kB Progress (2): 277/640 kB | 121 kB Progress (2): 281/640 kB | 121 kB Progress (2): 285/640 kB | 121 kB Progress (2): 289/640 kB | 121 kB Progress (2): 293/640 kB | 121 kB Progress (2): 297/640 kB | 121 kB Progress (2): 301/640 kB | 121 kB Progress (2): 305/640 kB | 121 kB Progress (2): 310/640 kB | 121 kB Progress (2): 314/640 kB | 121 kB Progress (2): 318/640 kB | 121 kB Downloaded from central: https://repo.maven.apache.org/maven2/junit/junit/3.8.2/junit-3.8.2.jar (121 kB at 783 kB/s) Progress (1): 322/640 kB Progress (1): 326/640 kB Progress (1): 330/640 kB Progress (1): 334/640 kB Progress (1): 338/640 kB Progress (1): 342/640 kB Progress (1): 346/640 kB Progress (1): 351/640 kB Progress (1): 355/640 kB Progress (1): 359/640 kB Progress (1): 363/640 kB Progress (1): 367/640 kB Progress (1): 371/640 kB Progress (1): 375/640 kB Progress (1): 379/640 kB Progress (1): 383/640 kB Progress (1): 387/640 kB Progress (1): 392/640 kB Progress (1): 396/640 kB Progress (1): 400/640 kB Progress (1): 404/640 kB Progress (1): 408/640 kB Progress (1): 412/640 kB Progress (1): 416/640 kB Progress (1): 420/640 kB Progress (1): 424/640 kB Progress (1): 428/640 kB Progress (1): 432/640 kB Progress (1): 437/640 kB Progress (1): 441/640 kB Progress (1): 445/640 kB Progress (1): 449/640 kB Progress (1): 453/640 kB Progress (1): 457/640 kB Progress (1): 461/640 kB Progress (1): 465/640 kB Progress (1): 469/640 kB Progress (1): 473/640 kB Progress (1): 478/640 kB Progress (1): 482/640 kB Progress (1): 486/640 kB Progress (1): 490/640 kB Progress (1): 494/640 kB Progress (1): 498/640 kB Progress (1): 502/640 kB Progress (1): 506/640 kB Progress (1): 510/640 kB Progress (1): 514/640 kB Progress (1): 518/640 kB Progress (1): 523/640 kB Progress (1): 527/640 kB Progress (1): 531/640 kB Progress (1): 535/640 kB Progress (1): 539/640 kB Progress (1): 543/640 kB Progress (1): 547/640 kB Progress (1): 551/640 kB Progress (1): 555/640 kB Progress (1): 559/640 kB Progress (1): 564/640 kB Progress (1): 568/640 kB Progress (1): 572/640 kB Progress (1): 576/640 kB Progress (1): 580/640 kB Progress (1): 584/640 kB Progress (1): 588/640 kB Progress (1): 592/640 kB Progress (1): 596/640 kB Progress (1): 600/640 kB Progress (1): 605/640 kB Progress (1): 609/640 kB Progress (1): 613/640 kB Progress (1): 617/640 kB Progress (1): 621/640 kB Progress (1): 625/640 kB Progress (1): 629/640 kB Progress (1): 633/640 kB Progress (1): 637/640 kB Progress (1): 640 kB Downloaded from central: https://repo.maven.apache.org/maven2/com/google/collections/google-collections/1.0/google-collections-1.0.jar (640 kB at 2.7 MB/s) [INFO] Changes detected - recompiling the module! [WARNING] File encoding has not been set, using platform encoding UTF-8, i.e. build is platform dependent! [INFO] Compiling 1 source file to /work/target/classes [INFO] [INFO] --- maven-resources-plugin:2.6:testResources (default-testResources) @ simple-java-project --- [WARNING] Using platform encoding (UTF-8 actually) to copy filtered resources, i.e. build is platform dependent! [INFO] skip non existing resourceDirectory /work/src/test/resources [INFO] [INFO] --- maven-compiler-plugin:3.1:testCompile (default-testCompile) @ simple-java-project --- [INFO] No sources to compile [INFO] [INFO] --- maven-surefire-plugin:2.12.4:test (default-test) @ simple-java-project --- Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/surefire/surefire-booter/2.12.4/surefire-booter-2.12.4.pom Progress (1): 3.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/surefire/surefire-booter/2.12.4/surefire-booter-2.12.4.pom (3.0 kB at 190 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/surefire/surefire-api/2.12.4/surefire-api-2.12.4.pom Progress (1): 2.5 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/surefire/surefire-api/2.12.4/surefire-api-2.12.4.pom (2.5 kB at 156 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/surefire/maven-surefire-common/2.12.4/maven-surefire-common-2.12.4.pom Progress (1): 4.1/5.5 kB Progress (1): 5.5 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/surefire/maven-surefire-common/2.12.4/maven-surefire-common-2.12.4.pom (5.5 kB at 325 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugin-tools/maven-plugin-annotations/3.1/maven-plugin-annotations-3.1.pom Progress (1): 1.6 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugin-tools/maven-plugin-annotations/3.1/maven-plugin-annotations-3.1.pom (1.6 kB at 102 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugin-tools/maven-plugin-tools/3.1/maven-plugin-tools-3.1.pom Progress (1): 4.1/16 kB Progress (1): 8.2/16 kB Progress (1): 12/16 kB Progress (1): 16 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugin-tools/maven-plugin-tools/3.1/maven-plugin-tools-3.1.pom (16 kB at 1.0 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/reporting/maven-reporting-api/2.0.9/maven-reporting-api-2.0.9.pom Progress (1): 1.8 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/reporting/maven-reporting-api/2.0.9/maven-reporting-api-2.0.9.pom (1.8 kB at 113 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/reporting/maven-reporting/2.0.9/maven-reporting-2.0.9.pom Progress (1): 1.5 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/reporting/maven-reporting/2.0.9/maven-reporting-2.0.9.pom (1.5 kB at 92 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-toolchain/2.0.9/maven-toolchain-2.0.9.pom Progress (1): 3.5 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-toolchain/2.0.9/maven-toolchain-2.0.9.pom (3.5 kB at 217 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/commons/commons-lang3/3.1/commons-lang3-3.1.pom Progress (1): 4.1/17 kB Progress (1): 8.2/17 kB Progress (1): 12/17 kB Progress (1): 16/17 kB Progress (1): 17 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/commons/commons-lang3/3.1/commons-lang3-3.1.pom (17 kB at 983 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/commons/commons-parent/22/commons-parent-22.pom Progress (1): 4.1/42 kB Progress (1): 8.2/42 kB Progress (1): 12/42 kB Progress (1): 16/42 kB Progress (1): 20/42 kB Progress (1): 25/42 kB Progress (1): 29/42 kB Progress (1): 33/42 kB Progress (1): 37/42 kB Progress (1): 41/42 kB Progress (1): 42 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/commons/commons-parent/22/commons-parent-22.pom (42 kB at 2.6 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/apache/9/apache-9.pom Progress (1): 4.1/15 kB Progress (1): 8.2/15 kB Progress (1): 12/15 kB Progress (1): 15 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/apache/9/apache-9.pom (15 kB at 948 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-common-artifact-filters/1.3/maven-common-artifact-filters-1.3.pom Progress (1): 3.7 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-common-artifact-filters/1.3/maven-common-artifact-filters-1.3.pom (3.7 kB at 247 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-components/12/maven-shared-components-12.pom Progress (1): 4.1/9.3 kB Progress (1): 8.2/9.3 kB Progress (1): 9.3 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-components/12/maven-shared-components-12.pom (9.3 kB at 584 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/13/maven-parent-13.pom Progress (1): 4.1/23 kB Progress (1): 8.2/23 kB Progress (1): 12/23 kB Progress (1): 16/23 kB Progress (1): 20/23 kB Progress (1): 23 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/13/maven-parent-13.pom (23 kB at 1.3 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/apache/6/apache-6.pom Progress (1): 4.1/13 kB Progress (1): 8.2/13 kB Progress (1): 12/13 kB Progress (1): 13 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/apache/6/apache-6.pom (13 kB at 800 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-container-default/1.0-alpha-9/plexus-container-default-1.0-alpha-9.pom Progress (1): 1.2 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-container-default/1.0-alpha-9/plexus-container-default-1.0-alpha-9.pom (1.2 kB at 77 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/surefire/surefire-booter/2.12.4/surefire-booter-2.12.4.jar Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/surefire/surefire-api/2.12.4/surefire-api-2.12.4.jar Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/surefire/maven-surefire-common/2.12.4/maven-surefire-common-2.12.4.jar Downloading from central: https://repo.maven.apache.org/maven2/org/apache/commons/commons-lang3/3.1/commons-lang3-3.1.jar Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-common-artifact-filters/1.3/maven-common-artifact-filters-1.3.jar Progress (1): 4.1/263 kB Progress (1): 8.2/263 kB Progress (2): 8.2/263 kB | 4.1/35 kB Progress (3): 8.2/263 kB | 4.1/35 kB | 4.1/118 kB Progress (3): 12/263 kB | 4.1/35 kB | 4.1/118 kB Progress (3): 12/263 kB | 4.1/35 kB | 8.2/118 kB Progress (3): 12/263 kB | 8.2/35 kB | 8.2/118 kB Progress (3): 12/263 kB | 8.2/35 kB | 12/118 kB Progress (3): 16/263 kB | 8.2/35 kB | 12/118 kB Progress (3): 16/263 kB | 8.2/35 kB | 16/118 kB Progress (3): 16/263 kB | 12/35 kB | 16/118 kB Progress (4): 16/263 kB | 12/35 kB | 16/118 kB | 4.1/31 kB Progress (4): 20/263 kB | 12/35 kB | 16/118 kB | 4.1/31 kB Progress (4): 20/263 kB | 12/35 kB | 16/118 kB | 8.2/31 kB Progress (4): 20/263 kB | 16/35 kB | 16/118 kB | 8.2/31 kB Progress (4): 20/263 kB | 16/35 kB | 16/118 kB | 12/31 kB Progress (4): 25/263 kB | 16/35 kB | 16/118 kB | 12/31 kB Progress (4): 25/263 kB | 20/35 kB | 16/118 kB | 12/31 kB Progress (4): 25/263 kB | 20/35 kB | 16/118 kB | 16/31 kB Progress (4): 25/263 kB | 25/35 kB | 16/118 kB | 16/31 kB Progress (4): 29/263 kB | 25/35 kB | 16/118 kB | 16/31 kB Progress (4): 29/263 kB | 25/35 kB | 16/118 kB | 20/31 kB Progress (4): 29/263 kB | 29/35 kB | 16/118 kB | 20/31 kB Progress (4): 29/263 kB | 29/35 kB | 16/118 kB | 25/31 kB Progress (4): 33/263 kB | 29/35 kB | 16/118 kB | 25/31 kB Progress (4): 33/263 kB | 29/35 kB | 16/118 kB | 29/31 kB Progress (4): 33/263 kB | 33/35 kB | 16/118 kB | 29/31 kB Progress (4): 37/263 kB | 33/35 kB | 16/118 kB | 29/31 kB Progress (4): 37/263 kB | 33/35 kB | 16/118 kB | 31 kB Progress (4): 41/263 kB | 33/35 kB | 16/118 kB | 31 kB Progress (4): 41/263 kB | 35 kB | 16/118 kB | 31 kB Progress (4): 41/263 kB | 35 kB | 20/118 kB | 31 kB Progress (4): 45/263 kB | 35 kB | 20/118 kB | 31 kB Progress (5): 45/263 kB | 35 kB | 20/118 kB | 31 kB | 4.1/316 kB Progress (5): 45/263 kB | 35 kB | 25/118 kB | 31 kB | 4.1/316 kB Progress (5): 45/263 kB | 35 kB | 25/118 kB | 31 kB | 8.2/316 kB Progress (5): 49/263 kB | 35 kB | 25/118 kB | 31 kB | 8.2/316 kB Progress (5): 49/263 kB | 35 kB | 25/118 kB | 31 kB | 12/316 kB Progress (5): 49/263 kB | 35 kB | 29/118 kB | 31 kB | 12/316 kB Progress (5): 53/263 kB | 35 kB | 29/118 kB | 31 kB | 12/316 kB Progress (5): 53/263 kB | 35 kB | 29/118 kB | 31 kB | 16/316 kB Progress (5): 57/263 kB | 35 kB | 29/118 kB | 31 kB | 16/316 kB Progress (5): 57/263 kB | 35 kB | 33/118 kB | 31 kB | 16/316 kB Progress (5): 57/263 kB | 35 kB | 33/118 kB | 31 kB | 20/316 kB Progress (5): 61/263 kB | 35 kB | 33/118 kB | 31 kB | 20/316 kB Progress (5): 61/263 kB | 35 kB | 33/118 kB | 31 kB | 25/316 kB Progress (5): 61/263 kB | 35 kB | 37/118 kB | 31 kB | 25/316 kB Progress (5): 61/263 kB | 35 kB | 37/118 kB | 31 kB | 29/316 kB Progress (5): 66/263 kB | 35 kB | 37/118 kB | 31 kB | 29/316 kB Progress (5): 66/263 kB | 35 kB | 37/118 kB | 31 kB | 33/316 kB Progress (5): 66/263 kB | 35 kB | 41/118 kB | 31 kB | 33/316 kB Progress (5): 66/263 kB | 35 kB | 41/118 kB | 31 kB | 37/316 kB Progress (5): 70/263 kB | 35 kB | 41/118 kB | 31 kB | 37/316 kB Progress (5): 70/263 kB | 35 kB | 41/118 kB | 31 kB | 41/316 kB Progress (5): 70/263 kB | 35 kB | 45/118 kB | 31 kB | 41/316 kB Progress (5): 70/263 kB | 35 kB | 45/118 kB | 31 kB | 45/316 kB Progress (5): 74/263 kB | 35 kB | 45/118 kB | 31 kB | 45/316 kB Progress (5): 74/263 kB | 35 kB | 45/118 kB | 31 kB | 49/316 kB Progress (5): 74/263 kB | 35 kB | 49/118 kB | 31 kB | 49/316 kB Progress (5): 74/263 kB | 35 kB | 49/118 kB | 31 kB | 53/316 kB Progress (5): 78/263 kB | 35 kB | 49/118 kB | 31 kB | 53/316 kB Progress (5): 78/263 kB | 35 kB | 49/118 kB | 31 kB | 57/316 kB Progress (5): 82/263 kB | 35 kB | 49/118 kB | 31 kB | 57/316 kB Progress (5): 82/263 kB | 35 kB | 49/118 kB | 31 kB | 61/316 kB Progress (5): 82/263 kB | 35 kB | 49/118 kB | 31 kB | 65/316 kB Progress (5): 82/263 kB | 35 kB | 49/118 kB | 31 kB | 69/316 kB Progress (5): 82/263 kB | 35 kB | 49/118 kB | 31 kB | 73/316 kB Progress (5): 82/263 kB | 35 kB | 49/118 kB | 31 kB | 77/316 kB Progress (5): 82/263 kB | 35 kB | 49/118 kB | 31 kB | 81/316 kB Progress (5): 82/263 kB | 35 kB | 53/118 kB | 31 kB | 81/316 kB Progress (5): 86/263 kB | 35 kB | 53/118 kB | 31 kB | 81/316 kB Progress (5): 90/263 kB | 35 kB | 53/118 kB | 31 kB | 81/316 kB Progress (5): 94/263 kB | 35 kB | 53/118 kB | 31 kB | 81/316 kB Progress (5): 94/263 kB | 35 kB | 57/118 kB | 31 kB | 81/316 kB Progress (5): 94/263 kB | 35 kB | 57/118 kB | 31 kB | 85/316 kB Progress (5): 94/263 kB | 35 kB | 61/118 kB | 31 kB | 85/316 kB Progress (5): 98/263 kB | 35 kB | 61/118 kB | 31 kB | 85/316 kB Progress (5): 102/263 kB | 35 kB | 61/118 kB | 31 kB | 85/316 kB Progress (5): 106/263 kB | 35 kB | 61/118 kB | 31 kB | 85/316 kB Progress (5): 111/263 kB | 35 kB | 61/118 kB | 31 kB | 85/316 kB Progress (5): 111/263 kB | 35 kB | 66/118 kB | 31 kB | 85/316 kB Progress (5): 111/263 kB | 35 kB | 70/118 kB | 31 kB | 85/316 kB Progress (5): 111/263 kB | 35 kB | 74/118 kB | 31 kB | 85/316 kB Progress (5): 111/263 kB | 35 kB | 78/118 kB | 31 kB | 85/316 kB Progress (5): 111/263 kB | 35 kB | 82/118 kB | 31 kB | 85/316 kB Progress (5): 111/263 kB | 35 kB | 82/118 kB | 31 kB | 89/316 kB Progress (5): 115/263 kB | 35 kB | 82/118 kB | 31 kB | 89/316 kB Progress (5): 115/263 kB | 35 kB | 82/118 kB | 31 kB | 93/316 kB Progress (5): 119/263 kB | 35 kB | 82/118 kB | 31 kB | 93/316 kB Progress (5): 119/263 kB | 35 kB | 82/118 kB | 31 kB | 97/316 kB Progress (5): 123/263 kB | 35 kB | 82/118 kB | 31 kB | 97/316 kB Progress (5): 127/263 kB | 35 kB | 82/118 kB | 31 kB | 97/316 kB Progress (5): 127/263 kB | 35 kB | 86/118 kB | 31 kB | 97/316 kB Progress (5): 131/263 kB | 35 kB | 86/118 kB | 31 kB | 97/316 kB Progress (5): 131/263 kB | 35 kB | 86/118 kB | 31 kB | 101/316 kB Progress (5): 135/263 kB | 35 kB | 86/118 kB | 31 kB | 101/316 kB Progress (5): 139/263 kB | 35 kB | 86/118 kB | 31 kB | 101/316 kB Progress (5): 143/263 kB | 35 kB | 86/118 kB | 31 kB | 101/316 kB Progress (5): 143/263 kB | 35 kB | 90/118 kB | 31 kB | 101/316 kB Progress (5): 147/263 kB | 35 kB | 90/118 kB | 31 kB | 101/316 kB Progress (5): 152/263 kB | 35 kB | 90/118 kB | 31 kB | 101/316 kB Progress (5): 156/263 kB | 35 kB | 90/118 kB | 31 kB | 101/316 kB Progress (5): 160/263 kB | 35 kB | 90/118 kB | 31 kB | 101/316 kB Progress (5): 160/263 kB | 35 kB | 94/118 kB | 31 kB | 101/316 kB Progress (5): 160/263 kB | 35 kB | 98/118 kB | 31 kB | 101/316 kB Progress (5): 160/263 kB | 35 kB | 102/118 kB | 31 kB | 101/316 kB Progress (5): 160/263 kB | 35 kB | 106/118 kB | 31 kB | 101/316 kB Progress (5): 160/263 kB | 35 kB | 111/118 kB | 31 kB | 101/316 kB Progress (5): 160/263 kB | 35 kB | 115/118 kB | 31 kB | 101/316 kB Progress (5): 160/263 kB | 35 kB | 118 kB | 31 kB | 101/316 kB Progress (5): 160/263 kB | 35 kB | 118 kB | 31 kB | 106/316 kB Progress (5): 164/263 kB | 35 kB | 118 kB | 31 kB | 106/316 kB Progress (5): 164/263 kB | 35 kB | 118 kB | 31 kB | 110/316 kB Progress (5): 168/263 kB | 35 kB | 118 kB | 31 kB | 110/316 kB Progress (5): 168/263 kB | 35 kB | 118 kB | 31 kB | 114/316 kB Progress (5): 172/263 kB | 35 kB | 118 kB | 31 kB | 114/316 kB Progress (5): 176/263 kB | 35 kB | 118 kB | 31 kB | 114/316 kB Progress (5): 176/263 kB | 35 kB | 118 kB | 31 kB | 118/316 kB Progress (5): 176/263 kB | 35 kB | 118 kB | 31 kB | 122/316 kB Progress (5): 180/263 kB | 35 kB | 118 kB | 31 kB | 122/316 kB Progress (5): 180/263 kB | 35 kB | 118 kB | 31 kB | 126/316 kB Progress (5): 184/263 kB | 35 kB | 118 kB | 31 kB | 126/316 kB Progress (5): 184/263 kB | 35 kB | 118 kB | 31 kB | 130/316 kB Progress (5): 188/263 kB | 35 kB | 118 kB | 31 kB | 130/316 kB Progress (5): 193/263 kB | 35 kB | 118 kB | 31 kB | 130/316 kB Progress (5): 193/263 kB | 35 kB | 118 kB | 31 kB | 134/316 kB Progress (5): 193/263 kB | 35 kB | 118 kB | 31 kB | 138/316 kB Progress (5): 197/263 kB | 35 kB | 118 kB | 31 kB | 138/316 kB Progress (5): 197/263 kB | 35 kB | 118 kB | 31 kB | 142/316 kB Progress (5): 201/263 kB | 35 kB | 118 kB | 31 kB | 142/316 kB Progress (5): 201/263 kB | 35 kB | 118 kB | 31 kB | 147/316 kB Progress (5): 205/263 kB | 35 kB | 118 kB | 31 kB | 147/316 kB Progress (5): 205/263 kB | 35 kB | 118 kB | 31 kB | 151/316 kB Progress (5): 209/263 kB | 35 kB | 118 kB | 31 kB | 151/316 kB Progress (5): 209/263 kB | 35 kB | 118 kB | 31 kB | 155/316 kB Progress (5): 209/263 kB | 35 kB | 118 kB | 31 kB | 159/316 kB Progress (5): 213/263 kB | 35 kB | 118 kB | 31 kB | 159/316 kB Progress (5): 213/263 kB | 35 kB | 118 kB | 31 kB | 163/316 kB Progress (5): 217/263 kB | 35 kB | 118 kB | 31 kB | 163/316 kB Progress (5): 217/263 kB | 35 kB | 118 kB | 31 kB | 167/316 kB Progress (5): 221/263 kB | 35 kB | 118 kB | 31 kB | 167/316 kB Progress (5): 221/263 kB | 35 kB | 118 kB | 31 kB | 171/316 kB Progress (5): 225/263 kB | 35 kB | 118 kB | 31 kB | 171/316 kB Progress (5): 225/263 kB | 35 kB | 118 kB | 31 kB | 175/316 kB Progress (5): 229/263 kB | 35 kB | 118 kB | 31 kB | 175/316 kB Progress (5): 229/263 kB | 35 kB | 118 kB | 31 kB | 179/316 kB Progress (5): 233/263 kB | 35 kB | 118 kB | 31 kB | 179/316 kB Progress (5): 233/263 kB | 35 kB | 118 kB | 31 kB | 183/316 kB Progress (5): 238/263 kB | 35 kB | 118 kB | 31 kB | 183/316 kB Progress (5): 238/263 kB | 35 kB | 118 kB | 31 kB | 187/316 kB Progress (5): 242/263 kB | 35 kB | 118 kB | 31 kB | 187/316 kB Progress (5): 242/263 kB | 35 kB | 118 kB | 31 kB | 192/316 kB Progress (5): 246/263 kB | 35 kB | 118 kB | 31 kB | 192/316 kB Progress (5): 246/263 kB | 35 kB | 118 kB | 31 kB | 196/316 kB Progress (5): 250/263 kB | 35 kB | 118 kB | 31 kB | 196/316 kB Progress (5): 250/263 kB | 35 kB | 118 kB | 31 kB | 200/316 kB Progress (5): 250/263 kB | 35 kB | 118 kB | 31 kB | 204/316 kB Progress (5): 254/263 kB | 35 kB | 118 kB | 31 kB | 204/316 kB Progress (5): 254/263 kB | 35 kB | 118 kB | 31 kB | 208/316 kB Progress (5): 258/263 kB | 35 kB | 118 kB | 31 kB | 208/316 kB Progress (5): 258/263 kB | 35 kB | 118 kB | 31 kB | 212/316 kB Progress (5): 262/263 kB | 35 kB | 118 kB | 31 kB | 212/316 kB Progress (5): 262/263 kB | 35 kB | 118 kB | 31 kB | 216/316 kB Progress (5): 263 kB | 35 kB | 118 kB | 31 kB | 216/316 kB Progress (5): 263 kB | 35 kB | 118 kB | 31 kB | 220/316 kB Progress (5): 263 kB | 35 kB | 118 kB | 31 kB | 224/316 kB Progress (5): 263 kB | 35 kB | 118 kB | 31 kB | 228/316 kB Progress (5): 263 kB | 35 kB | 118 kB | 31 kB | 233/316 kB Progress (5): 263 kB | 35 kB | 118 kB | 31 kB | 237/316 kB Progress (5): 263 kB | 35 kB | 118 kB | 31 kB | 241/316 kB Progress (5): 263 kB | 35 kB | 118 kB | 31 kB | 245/316 kB Progress (5): 263 kB | 35 kB | 118 kB | 31 kB | 249/316 kB Progress (5): 263 kB | 35 kB | 118 kB | 31 kB | 253/316 kB Progress (5): 263 kB | 35 kB | 118 kB | 31 kB | 257/316 kB Progress (5): 263 kB | 35 kB | 118 kB | 31 kB | 261/316 kB Progress (5): 263 kB | 35 kB | 118 kB | 31 kB | 265/316 kB Progress (5): 263 kB | 35 kB | 118 kB | 31 kB | 269/316 kB Progress (5): 263 kB | 35 kB | 118 kB | 31 kB | 274/316 kB Progress (5): 263 kB | 35 kB | 118 kB | 31 kB | 278/316 kB Progress (5): 263 kB | 35 kB | 118 kB | 31 kB | 282/316 kB Progress (5): 263 kB | 35 kB | 118 kB | 31 kB | 286/316 kB Progress (5): 263 kB | 35 kB | 118 kB | 31 kB | 290/316 kB Progress (5): 263 kB | 35 kB | 118 kB | 31 kB | 294/316 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-common-artifact-filters/1.3/maven-common-artifact-filters-1.3.jar (31 kB at 1.2 MB/s) Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/surefire/surefire-booter/2.12.4/surefire-booter-2.12.4.jar (35 kB at 1.3 MB/s) Progress (3): 263 kB | 118 kB | 298/316 kB Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/reporting/maven-reporting-api/2.0.9/maven-reporting-api-2.0.9.jar Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/3.0.8/plexus-utils-3.0.8.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/surefire/surefire-api/2.12.4/surefire-api-2.12.4.jar (118 kB at 4.4 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-toolchain/2.0.9/maven-toolchain-2.0.9.jar Progress (2): 263 kB | 302/316 kB Progress (2): 263 kB | 306/316 kB Progress (2): 263 kB | 310/316 kB Progress (2): 263 kB | 314/316 kB Progress (2): 263 kB | 316 kB Progress (3): 263 kB | 316 kB | 4.1/232 kB Progress (3): 263 kB | 316 kB | 8.2/232 kB Progress (4): 263 kB | 316 kB | 8.2/232 kB | 4.1/38 kB Progress (4): 263 kB | 316 kB | 12/232 kB | 4.1/38 kB Progress (4): 263 kB | 316 kB | 12/232 kB | 8.2/38 kB Progress (4): 263 kB | 316 kB | 16/232 kB | 8.2/38 kB Progress (4): 263 kB | 316 kB | 16/232 kB | 12/38 kB Progress (4): 263 kB | 316 kB | 16/232 kB | 16/38 kB Progress (5): 263 kB | 316 kB | 16/232 kB | 16/38 kB | 4.1/10 kB Progress (5): 263 kB | 316 kB | 20/232 kB | 16/38 kB | 4.1/10 kB Progress (5): 263 kB | 316 kB | 25/232 kB | 16/38 kB | 4.1/10 kB Progress (5): 263 kB | 316 kB | 25/232 kB | 16/38 kB | 8.2/10 kB Progress (5): 263 kB | 316 kB | 25/232 kB | 20/38 kB | 8.2/10 kB Progress (5): 263 kB | 316 kB | 29/232 kB | 20/38 kB | 8.2/10 kB Progress (5): 263 kB | 316 kB | 29/232 kB | 25/38 kB | 8.2/10 kB Progress (5): 263 kB | 316 kB | 29/232 kB | 25/38 kB | 10 kB Progress (5): 263 kB | 316 kB | 29/232 kB | 29/38 kB | 10 kB Progress (5): 263 kB | 316 kB | 33/232 kB | 29/38 kB | 10 kB Progress (5): 263 kB | 316 kB | 33/232 kB | 33/38 kB | 10 kB Progress (5): 263 kB | 316 kB | 37/232 kB | 33/38 kB | 10 kB Progress (5): 263 kB | 316 kB | 41/232 kB | 33/38 kB | 10 kB Progress (5): 263 kB | 316 kB | 45/232 kB | 33/38 kB | 10 kB Progress (5): 263 kB | 316 kB | 49/232 kB | 33/38 kB | 10 kB Progress (5): 263 kB | 316 kB | 49/232 kB | 37/38 kB | 10 kB Progress (5): 263 kB | 316 kB | 53/232 kB | 37/38 kB | 10 kB Progress (5): 263 kB | 316 kB | 53/232 kB | 38 kB | 10 kB Progress (5): 263 kB | 316 kB | 57/232 kB | 38 kB | 10 kB Progress (5): 263 kB | 316 kB | 61/232 kB | 38 kB | 10 kB Progress (5): 263 kB | 316 kB | 66/232 kB | 38 kB | 10 kB Progress (5): 263 kB | 316 kB | 70/232 kB | 38 kB | 10 kB Progress (5): 263 kB | 316 kB | 74/232 kB | 38 kB | 10 kB Progress (5): 263 kB | 316 kB | 78/232 kB | 38 kB | 10 kB Progress (5): 263 kB | 316 kB | 82/232 kB | 38 kB | 10 kB Progress (5): 263 kB | 316 kB | 86/232 kB | 38 kB | 10 kB Progress (5): 263 kB | 316 kB | 90/232 kB | 38 kB | 10 kB Progress (5): 263 kB | 316 kB | 94/232 kB | 38 kB | 10 kB Progress (5): 263 kB | 316 kB | 98/232 kB | 38 kB | 10 kB Progress (5): 263 kB | 316 kB | 102/232 kB | 38 kB | 10 kB Progress (5): 263 kB | 316 kB | 106/232 kB | 38 kB | 10 kB Progress (5): 263 kB | 316 kB | 111/232 kB | 38 kB | 10 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/reporting/maven-reporting-api/2.0.9/maven-reporting-api-2.0.9.jar (10 kB at 230 kB/s) Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/surefire/maven-surefire-common/2.12.4/maven-surefire-common-2.12.4.jar (263 kB at 5.8 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugin-tools/maven-plugin-annotations/3.1/maven-plugin-annotations-3.1.jar Progress (3): 316 kB | 115/232 kB | 38 kB Progress (3): 316 kB | 119/232 kB | 38 kB Progress (3): 316 kB | 123/232 kB | 38 kB Progress (3): 316 kB | 127/232 kB | 38 kB Progress (3): 316 kB | 131/232 kB | 38 kB Progress (3): 316 kB | 135/232 kB | 38 kB Progress (3): 316 kB | 139/232 kB | 38 kB Progress (3): 316 kB | 143/232 kB | 38 kB Progress (3): 316 kB | 147/232 kB | 38 kB Progress (3): 316 kB | 152/232 kB | 38 kB Progress (3): 316 kB | 156/232 kB | 38 kB Progress (3): 316 kB | 160/232 kB | 38 kB Progress (3): 316 kB | 164/232 kB | 38 kB Progress (3): 316 kB | 168/232 kB | 38 kB Progress (3): 316 kB | 172/232 kB | 38 kB Progress (3): 316 kB | 176/232 kB | 38 kB Progress (3): 316 kB | 180/232 kB | 38 kB Progress (3): 316 kB | 184/232 kB | 38 kB Progress (3): 316 kB | 188/232 kB | 38 kB Progress (3): 316 kB | 193/232 kB | 38 kB Progress (3): 316 kB | 197/232 kB | 38 kB Progress (3): 316 kB | 201/232 kB | 38 kB Progress (3): 316 kB | 205/232 kB | 38 kB Progress (3): 316 kB | 209/232 kB | 38 kB Progress (3): 316 kB | 213/232 kB | 38 kB Progress (3): 316 kB | 217/232 kB | 38 kB Progress (3): 316 kB | 221/232 kB | 38 kB Progress (3): 316 kB | 225/232 kB | 38 kB Progress (3): 316 kB | 229/232 kB | 38 kB Progress (3): 316 kB | 232 kB | 38 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/commons/commons-lang3/3.1/commons-lang3-3.1.jar (316 kB at 6.1 MB/s) Progress (3): 232 kB | 38 kB | 4.1/14 kB Progress (3): 232 kB | 38 kB | 8.2/14 kB Progress (3): 232 kB | 38 kB | 12/14 kB Progress (3): 232 kB | 38 kB | 14 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-toolchain/2.0.9/maven-toolchain-2.0.9.jar (38 kB at 716 kB/s) Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/3.0.8/plexus-utils-3.0.8.jar (232 kB at 3.9 MB/s) Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/plugin-tools/maven-plugin-annotations/3.1/maven-plugin-annotations-3.1.jar (14 kB at 234 kB/s) [INFO] Tests are skipped. [INFO] [INFO] --- maven-jar-plugin:3.3.0:jar (default-jar) @ simple-java-project --- Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/file-management/3.1.0/file-management-3.1.0.pom Progress (1): 4.1/4.5 kB Progress (1): 4.5 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/file-management/3.1.0/file-management-3.1.0.pom (4.5 kB at 280 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-components/36/maven-shared-components-36.pom Progress (1): 4.1/4.9 kB Progress (1): 4.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-components/36/maven-shared-components-36.pom (4.9 kB at 306 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/36/maven-parent-36.pom Progress (1): 4.1/45 kB Progress (1): 8.2/45 kB Progress (1): 12/45 kB Progress (1): 16/45 kB Progress (1): 20/45 kB Progress (1): 25/45 kB Progress (1): 29/45 kB Progress (1): 33/45 kB Progress (1): 37/45 kB Progress (1): 41/45 kB Progress (1): 45/45 kB Progress (1): 45 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/36/maven-parent-36.pom (45 kB at 623 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/apache/26/apache-26.pom Progress (1): 4.1/21 kB Progress (1): 8.2/21 kB Progress (1): 12/21 kB Progress (1): 16/21 kB Progress (1): 20/21 kB Progress (1): 21 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/apache/26/apache-26.pom (21 kB at 1.3 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/slf4j/slf4j-api/1.7.36/slf4j-api-1.7.36.pom Progress (1): 2.7 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/slf4j/slf4j-api/1.7.36/slf4j-api-1.7.36.pom (2.7 kB at 161 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/slf4j/slf4j-parent/1.7.36/slf4j-parent-1.7.36.pom Progress (1): 4.1/14 kB Progress (1): 8.2/14 kB Progress (1): 12/14 kB Progress (1): 14 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/slf4j/slf4j-parent/1.7.36/slf4j-parent-1.7.36.pom (14 kB at 881 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/3.3.0/plexus-utils-3.3.0.pom Progress (1): 4.1/5.2 kB Progress (1): 5.2 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/3.3.0/plexus-utils-3.3.0.pom (5.2 kB at 324 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/5.1/plexus-5.1.pom Progress (1): 4.1/23 kB Progress (1): 8.2/23 kB Progress (1): 12/23 kB Progress (1): 16/23 kB Progress (1): 20/23 kB Progress (1): 23 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/5.1/plexus-5.1.pom (23 kB at 1.4 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/commons-io/commons-io/2.11.0/commons-io-2.11.0.pom Progress (1): 4.1/20 kB Progress (1): 8.2/20 kB Progress (1): 12/20 kB Progress (1): 16/20 kB Progress (1): 20 kB Downloaded from central: https://repo.maven.apache.org/maven2/commons-io/commons-io/2.11.0/commons-io-2.11.0.pom (20 kB at 1.2 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/commons/commons-parent/52/commons-parent-52.pom Progress (1): 4.1/79 kB Progress (1): 8.2/79 kB Progress (1): 12/79 kB Progress (1): 16/79 kB Progress (1): 20/79 kB Progress (1): 25/79 kB Progress (1): 29/79 kB Progress (1): 33/79 kB Progress (1): 37/79 kB Progress (1): 41/79 kB Progress (1): 45/79 kB Progress (1): 49/79 kB Progress (1): 53/79 kB Progress (1): 57/79 kB Progress (1): 61/79 kB Progress (1): 66/79 kB Progress (1): 70/79 kB Progress (1): 74/79 kB Progress (1): 78/79 kB Progress (1): 79 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/commons/commons-parent/52/commons-parent-52.pom (79 kB at 5.0 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/junit/junit-bom/5.7.2/junit-bom-5.7.2.pom Progress (1): 4.1/5.1 kB Progress (1): 5.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/junit/junit-bom/5.7.2/junit-bom-5.7.2.pom (5.1 kB at 340 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-archiver/3.6.0/maven-archiver-3.6.0.pom Progress (1): 3.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-archiver/3.6.0/maven-archiver-3.6.0.pom (3.9 kB at 261 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-io/3.4.0/plexus-io-3.4.0.pom Progress (1): 4.1/6.0 kB Progress (1): 6.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-io/3.4.0/plexus-io-3.4.0.pom (6.0 kB at 376 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/10/plexus-10.pom Progress (1): 4.1/25 kB Progress (1): 8.2/25 kB Progress (1): 12/25 kB Progress (1): 16/25 kB Progress (1): 20/25 kB Progress (1): 25/25 kB Progress (1): 25 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/10/plexus-10.pom (25 kB at 1.5 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/javax/inject/javax.inject/1/javax.inject-1.pom Progress (1): 612 B Downloaded from central: https://repo.maven.apache.org/maven2/javax/inject/javax.inject/1/javax.inject-1.pom (612 B at 38 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-archiver/4.4.0/plexus-archiver-4.4.0.pom Progress (1): 4.1/6.3 kB Progress (1): 6.3 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-archiver/4.4.0/plexus-archiver-4.4.0.pom (6.3 kB at 202 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/commons/commons-compress/1.21/commons-compress-1.21.pom Progress (1): 4.1/20 kB Progress (1): 8.2/20 kB Progress (1): 12/20 kB Progress (1): 16/20 kB Progress (1): 20 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/commons/commons-compress/1.21/commons-compress-1.21.pom (20 kB at 1.2 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/iq80/snappy/snappy/0.4/snappy-0.4.pom Progress (1): 4.1/15 kB Progress (1): 8.2/15 kB Progress (1): 12/15 kB Progress (1): 15 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/iq80/snappy/snappy/0.4/snappy-0.4.pom (15 kB at 909 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/tukaani/xz/1.9/xz-1.9.pom Progress (1): 2.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/tukaani/xz/1.9/xz-1.9.pom (2.0 kB at 136 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-interpolation/1.26/plexus-interpolation-1.26.pom Progress (1): 2.7 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-interpolation/1.26/plexus-interpolation-1.26.pom (2.7 kB at 177 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/3.4.2/plexus-utils-3.4.2.pom Progress (1): 4.1/8.2 kB Progress (1): 8.2/8.2 kB Progress (1): 8.2 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/3.4.2/plexus-utils-3.4.2.pom (8.2 kB at 548 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/8/plexus-8.pom Progress (1): 4.1/25 kB Progress (1): 8.2/25 kB Progress (1): 12/25 kB Progress (1): 16/25 kB Progress (1): 20/25 kB Progress (1): 25/25 kB Progress (1): 25 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/8/plexus-8.pom (25 kB at 1.6 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/slf4j/slf4j-api/1.7.36/slf4j-api-1.7.36.jar Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/file-management/3.1.0/file-management-3.1.0.jar Downloading from central: https://repo.maven.apache.org/maven2/commons-io/commons-io/2.11.0/commons-io-2.11.0.jar Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-archiver/3.6.0/maven-archiver-3.6.0.jar Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-io/3.4.0/plexus-io-3.4.0.jar Progress (1): 4.1/36 kB Progress (1): 8.2/36 kB Progress (1): 12/36 kB Progress (1): 16/36 kB Progress (2): 16/36 kB | 4.1/41 kB Progress (2): 16/36 kB | 8.2/41 kB Progress (2): 16/36 kB | 12/41 kB Progress (2): 16/36 kB | 16/41 kB Progress (2): 16/36 kB | 20/41 kB Progress (2): 16/36 kB | 25/41 kB Progress (2): 20/36 kB | 25/41 kB Progress (2): 20/36 kB | 29/41 kB Progress (2): 20/36 kB | 33/41 kB Progress (2): 25/36 kB | 33/41 kB Progress (2): 29/36 kB | 33/41 kB Progress (2): 29/36 kB | 37/41 kB Progress (2): 29/36 kB | 41/41 kB Progress (2): 29/36 kB | 41 kB Progress (2): 33/36 kB | 41 kB Progress (3): 33/36 kB | 41 kB | 4.1/327 kB Progress (3): 33/36 kB | 41 kB | 8.2/327 kB Progress (3): 33/36 kB | 41 kB | 12/327 kB Progress (3): 33/36 kB | 41 kB | 16/327 kB Progress (4): 33/36 kB | 41 kB | 16/327 kB | 4.1/79 kB Progress (4): 33/36 kB | 41 kB | 20/327 kB | 4.1/79 kB Progress (4): 36 kB | 41 kB | 20/327 kB | 4.1/79 kB Progress (4): 36 kB | 41 kB | 25/327 kB | 4.1/79 kB Progress (4): 36 kB | 41 kB | 25/327 kB | 8.2/79 kB Progress (4): 36 kB | 41 kB | 29/327 kB | 8.2/79 kB Progress (4): 36 kB | 41 kB | 29/327 kB | 12/79 kB Progress (4): 36 kB | 41 kB | 33/327 kB | 12/79 kB Progress (4): 36 kB | 41 kB | 33/327 kB | 16/79 kB Progress (4): 36 kB | 41 kB | 37/327 kB | 16/79 kB Progress (4): 36 kB | 41 kB | 41/327 kB | 16/79 kB Progress (4): 36 kB | 41 kB | 45/327 kB | 16/79 kB Progress (5): 36 kB | 41 kB | 45/327 kB | 16/79 kB | 4.1/26 kB Progress (5): 36 kB | 41 kB | 45/327 kB | 20/79 kB | 4.1/26 kB Progress (5): 36 kB | 41 kB | 45/327 kB | 20/79 kB | 8.2/26 kB Progress (5): 36 kB | 41 kB | 49/327 kB | 20/79 kB | 8.2/26 kB Progress (5): 36 kB | 41 kB | 49/327 kB | 20/79 kB | 12/26 kB Progress (5): 36 kB | 41 kB | 49/327 kB | 20/79 kB | 16/26 kB Progress (5): 36 kB | 41 kB | 49/327 kB | 25/79 kB | 16/26 kB Progress (5): 36 kB | 41 kB | 49/327 kB | 25/79 kB | 20/26 kB Progress (5): 36 kB | 41 kB | 53/327 kB | 25/79 kB | 20/26 kB Progress (5): 36 kB | 41 kB | 53/327 kB | 25/79 kB | 25/26 kB Progress (5): 36 kB | 41 kB | 53/327 kB | 29/79 kB | 25/26 kB Progress (5): 36 kB | 41 kB | 53/327 kB | 29/79 kB | 26 kB Progress (5): 36 kB | 41 kB | 57/327 kB | 29/79 kB | 26 kB Progress (5): 36 kB | 41 kB | 57/327 kB | 33/79 kB | 26 kB Progress (5): 36 kB | 41 kB | 61/327 kB | 33/79 kB | 26 kB Progress (5): 36 kB | 41 kB | 61/327 kB | 37/79 kB | 26 kB Progress (5): 36 kB | 41 kB | 66/327 kB | 37/79 kB | 26 kB Progress (5): 36 kB | 41 kB | 66/327 kB | 41/79 kB | 26 kB Progress (5): 36 kB | 41 kB | 70/327 kB | 41/79 kB | 26 kB Progress (5): 36 kB | 41 kB | 70/327 kB | 45/79 kB | 26 kB Progress (5): 36 kB | 41 kB | 74/327 kB | 45/79 kB | 26 kB Progress (5): 36 kB | 41 kB | 74/327 kB | 49/79 kB | 26 kB Progress (5): 36 kB | 41 kB | 78/327 kB | 49/79 kB | 26 kB Progress (5): 36 kB | 41 kB | 78/327 kB | 53/79 kB | 26 kB Progress (5): 36 kB | 41 kB | 82/327 kB | 53/79 kB | 26 kB Progress (5): 36 kB | 41 kB | 82/327 kB | 57/79 kB | 26 kB Progress (5): 36 kB | 41 kB | 86/327 kB | 57/79 kB | 26 kB Progress (5): 36 kB | 41 kB | 86/327 kB | 61/79 kB | 26 kB Progress (5): 36 kB | 41 kB | 90/327 kB | 61/79 kB | 26 kB Progress (5): 36 kB | 41 kB | 90/327 kB | 66/79 kB | 26 kB Progress (5): 36 kB | 41 kB | 94/327 kB | 66/79 kB | 26 kB Progress (5): 36 kB | 41 kB | 94/327 kB | 70/79 kB | 26 kB Progress (5): 36 kB | 41 kB | 94/327 kB | 74/79 kB | 26 kB Progress (5): 36 kB | 41 kB | 98/327 kB | 74/79 kB | 26 kB Progress (5): 36 kB | 41 kB | 98/327 kB | 78/79 kB | 26 kB Progress (5): 36 kB | 41 kB | 102/327 kB | 78/79 kB | 26 kB Progress (5): 36 kB | 41 kB | 102/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 106/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 111/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 115/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 119/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 123/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 127/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 131/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 135/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 139/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 143/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 147/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 152/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 156/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 160/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 164/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 168/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 172/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 176/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 180/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 184/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 188/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 193/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 197/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 201/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 205/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 209/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 213/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 217/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 221/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 225/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 229/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 233/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 238/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 242/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 246/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 250/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 254/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 258/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 262/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 266/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 270/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 274/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 279/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 283/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 287/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 291/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 295/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 299/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 303/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 307/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 311/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 315/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 319/327 kB | 79 kB | 26 kB Progress (5): 36 kB | 41 kB | 324/327 kB | 79 kB | 26 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/slf4j/slf4j-api/1.7.36/slf4j-api-1.7.36.jar (41 kB at 2.4 MB/s) Progress (4): 36 kB | 327 kB | 79 kB | 26 kB Downloading from central: https://repo.maven.apache.org/maven2/javax/inject/javax.inject/1/javax.inject-1.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/file-management/3.1.0/file-management-3.1.0.jar (36 kB at 2.0 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-archiver/4.4.0/plexus-archiver-4.4.0.jar Progress (4): 327 kB | 79 kB | 26 kB | 2.5 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-io/3.4.0/plexus-io-3.4.0.jar (79 kB at 3.2 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/commons/commons-compress/1.21/commons-compress-1.21.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-archiver/3.6.0/maven-archiver-3.6.0.jar (26 kB at 972 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/iq80/snappy/snappy/0.4/snappy-0.4.jar Progress (3): 327 kB | 2.5 kB | 4.1/211 kB Progress (3): 327 kB | 2.5 kB | 8.2/211 kB Progress (3): 327 kB | 2.5 kB | 12/211 kB Progress (3): 327 kB | 2.5 kB | 16/211 kB Progress (3): 327 kB | 2.5 kB | 20/211 kB Progress (3): 327 kB | 2.5 kB | 25/211 kB Progress (3): 327 kB | 2.5 kB | 29/211 kB Progress (3): 327 kB | 2.5 kB | 33/211 kB Progress (3): 327 kB | 2.5 kB | 37/211 kB Progress (3): 327 kB | 2.5 kB | 41/211 kB Progress (3): 327 kB | 2.5 kB | 45/211 kB Progress (3): 327 kB | 2.5 kB | 49/211 kB Progress (3): 327 kB | 2.5 kB | 53/211 kB Progress (3): 327 kB | 2.5 kB | 57/211 kB Progress (3): 327 kB | 2.5 kB | 61/211 kB Progress (3): 327 kB | 2.5 kB | 66/211 kB Progress (3): 327 kB | 2.5 kB | 70/211 kB Progress (3): 327 kB | 2.5 kB | 74/211 kB Progress (3): 327 kB | 2.5 kB | 78/211 kB Progress (3): 327 kB | 2.5 kB | 82/211 kB Progress (3): 327 kB | 2.5 kB | 86/211 kB Progress (3): 327 kB | 2.5 kB | 90/211 kB Progress (3): 327 kB | 2.5 kB | 94/211 kB Progress (3): 327 kB | 2.5 kB | 98/211 kB Progress (3): 327 kB | 2.5 kB | 102/211 kB Progress (3): 327 kB | 2.5 kB | 106/211 kB Progress (3): 327 kB | 2.5 kB | 111/211 kB Progress (3): 327 kB | 2.5 kB | 115/211 kB Progress (3): 327 kB | 2.5 kB | 119/211 kB Progress (3): 327 kB | 2.5 kB | 123/211 kB Progress (3): 327 kB | 2.5 kB | 127/211 kB Progress (3): 327 kB | 2.5 kB | 131/211 kB Downloaded from central: https://repo.maven.apache.org/maven2/commons-io/commons-io/2.11.0/commons-io-2.11.0.jar (327 kB at 11 MB/s) Progress (2): 2.5 kB | 135/211 kB Downloading from central: https://repo.maven.apache.org/maven2/org/tukaani/xz/1.9/xz-1.9.jar Progress (2): 2.5 kB | 139/211 kB Progress (2): 2.5 kB | 143/211 kB Progress (2): 2.5 kB | 147/211 kB Progress (2): 2.5 kB | 152/211 kB Progress (2): 2.5 kB | 156/211 kB Progress (2): 2.5 kB | 160/211 kB Progress (2): 2.5 kB | 164/211 kB Progress (2): 2.5 kB | 168/211 kB Progress (2): 2.5 kB | 172/211 kB Progress (2): 2.5 kB | 176/211 kB Progress (2): 2.5 kB | 180/211 kB Progress (2): 2.5 kB | 184/211 kB Progress (2): 2.5 kB | 188/211 kB Progress (2): 2.5 kB | 193/211 kB Progress (2): 2.5 kB | 197/211 kB Progress (2): 2.5 kB | 201/211 kB Progress (2): 2.5 kB | 205/211 kB Progress (2): 2.5 kB | 209/211 kB Progress (2): 2.5 kB | 211 kB Downloaded from central: https://repo.maven.apache.org/maven2/javax/inject/javax.inject/1/javax.inject-1.jar (2.5 kB at 78 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-interpolation/1.26/plexus-interpolation-1.26.jar Progress (2): 211 kB | 0/1.0 MB Progress (2): 211 kB | 0/1.0 MB Progress (3): 211 kB | 0/1.0 MB | 4.1/58 kB Progress (3): 211 kB | 0/1.0 MB | 4.1/58 kB Progress (3): 211 kB | 0/1.0 MB | 8.2/58 kB Progress (3): 211 kB | 0/1.0 MB | 8.2/58 kB Progress (3): 211 kB | 0/1.0 MB | 12/58 kB Progress (3): 211 kB | 0/1.0 MB | 12/58 kB Progress (3): 211 kB | 0/1.0 MB | 16/58 kB Progress (3): 211 kB | 0/1.0 MB | 16/58 kB Progress (3): 211 kB | 0/1.0 MB | 20/58 kB Progress (3): 211 kB | 0.1/1.0 MB | 20/58 kB Progress (3): 211 kB | 0.1/1.0 MB | 25/58 kB Progress (3): 211 kB | 0.1/1.0 MB | 25/58 kB Progress (3): 211 kB | 0.1/1.0 MB | 29/58 kB Progress (3): 211 kB | 0.1/1.0 MB | 29/58 kB Progress (3): 211 kB | 0.1/1.0 MB | 33/58 kB Progress (3): 211 kB | 0.1/1.0 MB | 33/58 kB Progress (3): 211 kB | 0.1/1.0 MB | 33/58 kB Progress (3): 211 kB | 0.1/1.0 MB | 37/58 kB Progress (3): 211 kB | 0.1/1.0 MB | 37/58 kB Progress (3): 211 kB | 0.1/1.0 MB | 41/58 kB Progress (3): 211 kB | 0.1/1.0 MB | 45/58 kB Progress (3): 211 kB | 0.1/1.0 MB | 45/58 kB Progress (3): 211 kB | 0.1/1.0 MB | 49/58 kB Progress (3): 211 kB | 0.1/1.0 MB | 49/58 kB Progress (3): 211 kB | 0.1/1.0 MB | 49/58 kB Progress (3): 211 kB | 0.1/1.0 MB | 49/58 kB Progress (3): 211 kB | 0.1/1.0 MB | 53/58 kB Progress (3): 211 kB | 0.1/1.0 MB | 57/58 kB Progress (3): 211 kB | 0.1/1.0 MB | 57/58 kB Progress (3): 211 kB | 0.1/1.0 MB | 58 kB Progress (3): 211 kB | 0.1/1.0 MB | 58 kB Progress (3): 211 kB | 0.2/1.0 MB | 58 kB Progress (3): 211 kB | 0.2/1.0 MB | 58 kB Progress (3): 211 kB | 0.2/1.0 MB | 58 kB Progress (3): 211 kB | 0.2/1.0 MB | 58 kB Progress (3): 211 kB | 0.2/1.0 MB | 58 kB Progress (3): 211 kB | 0.2/1.0 MB | 58 kB Progress (3): 211 kB | 0.2/1.0 MB | 58 kB Progress (3): 211 kB | 0.2/1.0 MB | 58 kB Progress (3): 211 kB | 0.2/1.0 MB | 58 kB Progress (3): 211 kB | 0.2/1.0 MB | 58 kB Progress (3): 211 kB | 0.2/1.0 MB | 58 kB Progress (3): 211 kB | 0.2/1.0 MB | 58 kB Progress (3): 211 kB | 0.2/1.0 MB | 58 kB Progress (3): 211 kB | 0.3/1.0 MB | 58 kB Progress (4): 211 kB | 0.3/1.0 MB | 58 kB | 4.1/116 kB Progress (4): 211 kB | 0.3/1.0 MB | 58 kB | 8.2/116 kB Progress (4): 211 kB | 0.3/1.0 MB | 58 kB | 12/116 kB Progress (4): 211 kB | 0.3/1.0 MB | 58 kB | 16/116 kB Progress (4): 211 kB | 0.3/1.0 MB | 58 kB | 20/116 kB Progress (4): 211 kB | 0.3/1.0 MB | 58 kB | 25/116 kB Progress (4): 211 kB | 0.3/1.0 MB | 58 kB | 29/116 kB Progress (4): 211 kB | 0.3/1.0 MB | 58 kB | 33/116 kB Progress (4): 211 kB | 0.3/1.0 MB | 58 kB | 37/116 kB Progress (4): 211 kB | 0.3/1.0 MB | 58 kB | 41/116 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 41/116 kB | 4.1/85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 45/116 kB | 4.1/85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 45/116 kB | 8.2/85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 49/116 kB | 8.2/85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 49/116 kB | 12/85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 53/116 kB | 12/85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 53/116 kB | 16/85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 57/116 kB | 16/85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 57/116 kB | 16/85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 57/116 kB | 20/85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 57/116 kB | 25/85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 57/116 kB | 29/85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 57/116 kB | 33/85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 57/116 kB | 37/85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 57/116 kB | 41/85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 61/116 kB | 41/85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 61/116 kB | 45/85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 61/116 kB | 49/85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 61/116 kB | 53/85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 61/116 kB | 57/85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 61/116 kB | 61/85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 61/116 kB | 66/85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 61/116 kB | 70/85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 61/116 kB | 74/85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 61/116 kB | 78/85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 61/116 kB | 82/85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 61/116 kB | 85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 61/116 kB | 85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 66/116 kB | 85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 66/116 kB | 85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 70/116 kB | 85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 74/116 kB | 85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 78/116 kB | 85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 82/116 kB | 85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 86/116 kB | 85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 90/116 kB | 85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 90/116 kB | 85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 94/116 kB | 85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 98/116 kB | 85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 98/116 kB | 85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 102/116 kB | 85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 102/116 kB | 85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 106/116 kB | 85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 111/116 kB | 85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 111/116 kB | 85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 115/116 kB | 85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 115/116 kB | 85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 116 kB | 85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 116 kB | 85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 116 kB | 85 kB Progress (5): 211 kB | 0.3/1.0 MB | 58 kB | 116 kB | 85 kB Progress (5): 211 kB | 0.4/1.0 MB | 58 kB | 116 kB | 85 kB Progress (5): 211 kB | 0.4/1.0 MB | 58 kB | 116 kB | 85 kB Progress (5): 211 kB | 0.4/1.0 MB | 58 kB | 116 kB | 85 kB Progress (5): 211 kB | 0.4/1.0 MB | 58 kB | 116 kB | 85 kB Progress (5): 211 kB | 0.4/1.0 MB | 58 kB | 116 kB | 85 kB Progress (5): 211 kB | 0.4/1.0 MB | 58 kB | 116 kB | 85 kB Progress (5): 211 kB | 0.4/1.0 MB | 58 kB | 116 kB | 85 kB Progress (5): 211 kB | 0.4/1.0 MB | 58 kB | 116 kB | 85 kB Progress (5): 211 kB | 0.4/1.0 MB | 58 kB | 116 kB | 85 kB Progress (5): 211 kB | 0.4/1.0 MB | 58 kB | 116 kB | 85 kB Progress (5): 211 kB | 0.4/1.0 MB | 58 kB | 116 kB | 85 kB Progress (5): 211 kB | 0.4/1.0 MB | 58 kB | 116 kB | 85 kB Progress (5): 211 kB | 0.5/1.0 MB | 58 kB | 116 kB | 85 kB Progress (5): 211 kB | 0.5/1.0 MB | 58 kB | 116 kB | 85 kB Progress (5): 211 kB | 0.5/1.0 MB | 58 kB | 116 kB | 85 kB Progress (5): 211 kB | 0.5/1.0 MB | 58 kB | 116 kB | 85 kB Progress (5): 211 kB | 0.5/1.0 MB | 58 kB | 116 kB | 85 kB Progress (5): 211 kB | 0.5/1.0 MB | 58 kB | 116 kB | 85 kB Progress (5): 211 kB | 0.5/1.0 MB | 58 kB | 116 kB | 85 kB Progress (5): 211 kB | 0.5/1.0 MB | 58 kB | 116 kB | 85 kB Progress (5): 211 kB | 0.5/1.0 MB | 58 kB | 116 kB | 85 kB Progress (5): 211 kB | 0.5/1.0 MB | 58 kB | 116 kB | 85 kB Progress (5): 211 kB | 0.5/1.0 MB | 58 kB | 116 kB | 85 kB Progress (5): 211 kB | 0.5/1.0 MB | 58 kB | 116 kB | 85 kB Progress (5): 211 kB | 0.6/1.0 MB | 58 kB | 116 kB | 85 kB Progress (5): 211 kB | 0.6/1.0 MB | 58 kB | 116 kB | 85 kB Progress (5): 211 kB | 0.6/1.0 MB | 58 kB | 116 kB | 85 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/iq80/snappy/snappy/0.4/snappy-0.4.jar (58 kB at 1.2 MB/s) Progress (4): 211 kB | 0.6/1.0 MB | 116 kB | 85 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-archiver/4.4.0/plexus-archiver-4.4.0.jar (211 kB at 4.4 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/3.4.2/plexus-utils-3.4.2.jar Progress (3): 0.6/1.0 MB | 116 kB | 85 kB Progress (3): 0.6/1.0 MB | 116 kB | 85 kB Progress (3): 0.6/1.0 MB | 116 kB | 85 kB Progress (3): 0.6/1.0 MB | 116 kB | 85 kB Progress (3): 0.6/1.0 MB | 116 kB | 85 kB Progress (3): 0.6/1.0 MB | 116 kB | 85 kB Progress (3): 0.6/1.0 MB | 116 kB | 85 kB Progress (3): 0.6/1.0 MB | 116 kB | 85 kB Progress (3): 0.7/1.0 MB | 116 kB | 85 kB Progress (3): 0.7/1.0 MB | 116 kB | 85 kB Progress (3): 0.7/1.0 MB | 116 kB | 85 kB Progress (3): 0.7/1.0 MB | 116 kB | 85 kB Progress (3): 0.7/1.0 MB | 116 kB | 85 kB Progress (3): 0.7/1.0 MB | 116 kB | 85 kB Progress (3): 0.7/1.0 MB | 116 kB | 85 kB Progress (3): 0.7/1.0 MB | 116 kB | 85 kB Progress (3): 0.7/1.0 MB | 116 kB | 85 kB Progress (3): 0.7/1.0 MB | 116 kB | 85 kB Progress (3): 0.7/1.0 MB | 116 kB | 85 kB Progress (3): 0.7/1.0 MB | 116 kB | 85 kB Progress (3): 0.7/1.0 MB | 116 kB | 85 kB Progress (3): 0.8/1.0 MB | 116 kB | 85 kB Progress (3): 0.8/1.0 MB | 116 kB | 85 kB Progress (3): 0.8/1.0 MB | 116 kB | 85 kB Progress (3): 0.8/1.0 MB | 116 kB | 85 kB Progress (3): 0.8/1.0 MB | 116 kB | 85 kB Progress (3): 0.8/1.0 MB | 116 kB | 85 kB Progress (3): 0.8/1.0 MB | 116 kB | 85 kB Progress (3): 0.8/1.0 MB | 116 kB | 85 kB Progress (3): 0.8/1.0 MB | 116 kB | 85 kB Progress (3): 0.8/1.0 MB | 116 kB | 85 kB Progress (3): 0.8/1.0 MB | 116 kB | 85 kB Progress (3): 0.8/1.0 MB | 116 kB | 85 kB Progress (3): 0.9/1.0 MB | 116 kB | 85 kB Progress (3): 0.9/1.0 MB | 116 kB | 85 kB Progress (3): 0.9/1.0 MB | 116 kB | 85 kB Progress (3): 0.9/1.0 MB | 116 kB | 85 kB Progress (3): 0.9/1.0 MB | 116 kB | 85 kB Progress (3): 0.9/1.0 MB | 116 kB | 85 kB Progress (3): 0.9/1.0 MB | 116 kB | 85 kB Progress (3): 0.9/1.0 MB | 116 kB | 85 kB Progress (3): 0.9/1.0 MB | 116 kB | 85 kB Progress (3): 0.9/1.0 MB | 116 kB | 85 kB Progress (3): 0.9/1.0 MB | 116 kB | 85 kB Progress (3): 0.9/1.0 MB | 116 kB | 85 kB Progress (3): 1.0/1.0 MB | 116 kB | 85 kB Progress (3): 1.0/1.0 MB | 116 kB | 85 kB Progress (3): 1.0/1.0 MB | 116 kB | 85 kB Progress (3): 1.0/1.0 MB | 116 kB | 85 kB Progress (3): 1.0/1.0 MB | 116 kB | 85 kB Progress (3): 1.0/1.0 MB | 116 kB | 85 kB Progress (3): 1.0/1.0 MB | 116 kB | 85 kB Progress (3): 1.0/1.0 MB | 116 kB | 85 kB Progress (3): 1.0 MB | 116 kB | 85 kB Progress (4): 1.0 MB | 116 kB | 85 kB | 4.1/267 kB Progress (4): 1.0 MB | 116 kB | 85 kB | 8.2/267 kB Progress (4): 1.0 MB | 116 kB | 85 kB | 12/267 kB Progress (4): 1.0 MB | 116 kB | 85 kB | 16/267 kB Progress (4): 1.0 MB | 116 kB | 85 kB | 20/267 kB Progress (4): 1.0 MB | 116 kB | 85 kB | 25/267 kB Progress (4): 1.0 MB | 116 kB | 85 kB | 29/267 kB Progress (4): 1.0 MB | 116 kB | 85 kB | 33/267 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-interpolation/1.26/plexus-interpolation-1.26.jar (85 kB at 1.5 MB/s) Progress (3): 1.0 MB | 116 kB | 37/267 kB Progress (3): 1.0 MB | 116 kB | 41/267 kB Progress (3): 1.0 MB | 116 kB | 45/267 kB Progress (3): 1.0 MB | 116 kB | 49/267 kB Progress (3): 1.0 MB | 116 kB | 53/267 kB Progress (3): 1.0 MB | 116 kB | 57/267 kB Progress (3): 1.0 MB | 116 kB | 61/267 kB Progress (3): 1.0 MB | 116 kB | 65/267 kB Progress (3): 1.0 MB | 116 kB | 70/267 kB Progress (3): 1.0 MB | 116 kB | 74/267 kB Progress (3): 1.0 MB | 116 kB | 78/267 kB Progress (3): 1.0 MB | 116 kB | 82/267 kB Progress (3): 1.0 MB | 116 kB | 86/267 kB Progress (3): 1.0 MB | 116 kB | 90/267 kB Progress (3): 1.0 MB | 116 kB | 94/267 kB Progress (3): 1.0 MB | 116 kB | 98/267 kB Progress (3): 1.0 MB | 116 kB | 102/267 kB Progress (3): 1.0 MB | 116 kB | 106/267 kB Progress (3): 1.0 MB | 116 kB | 111/267 kB Progress (3): 1.0 MB | 116 kB | 115/267 kB Progress (3): 1.0 MB | 116 kB | 119/267 kB Progress (3): 1.0 MB | 116 kB | 123/267 kB Progress (3): 1.0 MB | 116 kB | 127/267 kB Progress (3): 1.0 MB | 116 kB | 131/267 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/tukaani/xz/1.9/xz-1.9.jar (116 kB at 2.0 MB/s) Progress (2): 1.0 MB | 135/267 kB Progress (2): 1.0 MB | 139/267 kB Progress (2): 1.0 MB | 143/267 kB Progress (2): 1.0 MB | 147/267 kB Progress (2): 1.0 MB | 152/267 kB Progress (2): 1.0 MB | 156/267 kB Progress (2): 1.0 MB | 160/267 kB Progress (2): 1.0 MB | 164/267 kB Progress (2): 1.0 MB | 168/267 kB Progress (2): 1.0 MB | 172/267 kB Progress (2): 1.0 MB | 176/267 kB Progress (2): 1.0 MB | 180/267 kB Progress (2): 1.0 MB | 184/267 kB Progress (2): 1.0 MB | 188/267 kB Progress (2): 1.0 MB | 192/267 kB Progress (2): 1.0 MB | 197/267 kB Progress (2): 1.0 MB | 201/267 kB Progress (2): 1.0 MB | 205/267 kB Progress (2): 1.0 MB | 209/267 kB Progress (2): 1.0 MB | 213/267 kB Progress (2): 1.0 MB | 217/267 kB Progress (2): 1.0 MB | 221/267 kB Progress (2): 1.0 MB | 225/267 kB Progress (2): 1.0 MB | 229/267 kB Progress (2): 1.0 MB | 233/267 kB Progress (2): 1.0 MB | 238/267 kB Progress (2): 1.0 MB | 242/267 kB Progress (2): 1.0 MB | 246/267 kB Progress (2): 1.0 MB | 250/267 kB Progress (2): 1.0 MB | 254/267 kB Progress (2): 1.0 MB | 258/267 kB Progress (2): 1.0 MB | 262/267 kB Progress (2): 1.0 MB | 266/267 kB Progress (2): 1.0 MB | 267 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/3.4.2/plexus-utils-3.4.2.jar (267 kB at 3.1 MB/s) Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/commons/commons-compress/1.21/commons-compress-1.21.jar (1.0 MB at 11 MB/s) [INFO] Building jar: /work/target/hacbs-test.jar [INFO] [INFO] --- maven-shade-plugin:3.2.4:shade (default) @ simple-java-project --- Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-api/3.0/maven-plugin-api-3.0.pom Progress (1): 2.3 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-api/3.0/maven-plugin-api-3.0.pom (2.3 kB at 143 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven/3.0/maven-3.0.pom Progress (1): 4.1/22 kB Progress (1): 8.2/22 kB Progress (1): 12/22 kB Progress (1): 16/22 kB Progress (1): 20/22 kB Progress (1): 22 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven/3.0/maven-3.0.pom (22 kB at 1.4 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/15/maven-parent-15.pom Progress (1): 4.1/24 kB Progress (1): 8.2/24 kB Progress (1): 12/24 kB Progress (1): 16/24 kB Progress (1): 20/24 kB Progress (1): 24 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/15/maven-parent-15.pom (24 kB at 1.4 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-model/3.0/maven-model-3.0.pom Progress (1): 3.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-model/3.0/maven-model-3.0.pom (3.9 kB at 100 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/2.0.4/plexus-utils-2.0.4.pom Progress (1): 3.3 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/2.0.4/plexus-utils-2.0.4.pom (3.3 kB at 222 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact/3.0/maven-artifact-3.0.pom Progress (1): 1.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact/3.0/maven-artifact-3.0.pom (1.9 kB at 120 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/sisu/sisu-inject-plexus/1.4.2/sisu-inject-plexus-1.4.2.pom Progress (1): 4.1/5.4 kB Progress (1): 5.4 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/sisu/sisu-inject-plexus/1.4.2/sisu-inject-plexus-1.4.2.pom (5.4 kB at 336 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/sisu/inject/guice-plexus/1.4.2/guice-plexus-1.4.2.pom Progress (1): 3.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/sisu/inject/guice-plexus/1.4.2/guice-plexus-1.4.2.pom (3.1 kB at 209 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/sisu/inject/guice-bean/1.4.2/guice-bean-1.4.2.pom Progress (1): 2.6 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/sisu/inject/guice-bean/1.4.2/guice-bean-1.4.2.pom (2.6 kB at 163 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/sisu/sisu-inject/1.4.2/sisu-inject-1.4.2.pom Progress (1): 1.2 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/sisu/sisu-inject/1.4.2/sisu-inject-1.4.2.pom (1.2 kB at 78 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/sisu/sisu-parent/1.4.2/sisu-parent-1.4.2.pom Progress (1): 4.1/7.8 kB Progress (1): 7.8 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/sisu/sisu-parent/1.4.2/sisu-parent-1.4.2.pom (7.8 kB at 486 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/forge/forge-parent/6/forge-parent-6.pom Progress (1): 4.1/11 kB Progress (1): 8.2/11 kB Progress (1): 11 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/forge/forge-parent/6/forge-parent-6.pom (11 kB at 672 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-component-annotations/2.0.0/plexus-component-annotations-2.0.0.pom Progress (1): 750 B Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-component-annotations/2.0.0/plexus-component-annotations-2.0.0.pom (750 B at 50 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-containers/2.0.0/plexus-containers-2.0.0.pom Progress (1): 4.1/4.8 kB Progress (1): 4.8 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-containers/2.0.0/plexus-containers-2.0.0.pom (4.8 kB at 320 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-classworlds/2.2.3/plexus-classworlds-2.2.3.pom Progress (1): 4.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-classworlds/2.2.3/plexus-classworlds-2.2.3.pom (4.0 kB at 250 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/sisu/sisu-inject-bean/1.4.2/sisu-inject-bean-1.4.2.pom Progress (1): 4.1/5.5 kB Progress (1): 5.5 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/sisu/sisu-inject-bean/1.4.2/sisu-inject-bean-1.4.2.pom (5.5 kB at 364 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/sisu/sisu-guice/2.1.7/sisu-guice-2.1.7.pom Progress (1): 4.1/11 kB Progress (1): 8.2/11 kB Progress (1): 11 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/sisu/sisu-guice/2.1.7/sisu-guice-2.1.7.pom (11 kB at 737 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-core/3.0/maven-core-3.0.pom Progress (1): 4.1/6.6 kB Progress (1): 6.6 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-core/3.0/maven-core-3.0.pom (6.6 kB at 442 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-settings/3.0/maven-settings-3.0.pom Progress (1): 1.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-settings/3.0/maven-settings-3.0.pom (1.9 kB at 125 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-settings-builder/3.0/maven-settings-builder-3.0.pom Progress (1): 2.2 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-settings-builder/3.0/maven-settings-builder-3.0.pom (2.2 kB at 139 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-interpolation/1.14/plexus-interpolation-1.14.pom Progress (1): 910 B Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-interpolation/1.14/plexus-interpolation-1.14.pom (910 B at 61 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-components/1.1.18/plexus-components-1.1.18.pom Progress (1): 4.1/5.4 kB Progress (1): 5.4 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-components/1.1.18/plexus-components-1.1.18.pom (5.4 kB at 357 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-repository-metadata/3.0/maven-repository-metadata-3.0.pom Progress (1): 1.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-repository-metadata/3.0/maven-repository-metadata-3.0.pom (1.9 kB at 129 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-model-builder/3.0/maven-model-builder-3.0.pom Progress (1): 2.2 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-model-builder/3.0/maven-model-builder-3.0.pom (2.2 kB at 47 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-aether-provider/3.0/maven-aether-provider-3.0.pom Progress (1): 2.5 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-aether-provider/3.0/maven-aether-provider-3.0.pom (2.5 kB at 165 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/aether/aether-api/1.7/aether-api-1.7.pom Progress (1): 1.7 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/aether/aether-api/1.7/aether-api-1.7.pom (1.7 kB at 112 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/aether/aether-parent/1.7/aether-parent-1.7.pom Progress (1): 4.1/7.7 kB Progress (1): 7.7 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/aether/aether-parent/1.7/aether-parent-1.7.pom (7.7 kB at 515 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/aether/aether-util/1.7/aether-util-1.7.pom Progress (1): 2.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/aether/aether-util/1.7/aether-util-1.7.pom (2.1 kB at 137 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/aether/aether-impl/1.7/aether-impl-1.7.pom Progress (1): 3.7 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/aether/aether-impl/1.7/aether-impl-1.7.pom (3.7 kB at 246 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/aether/aether-spi/1.7/aether-spi-1.7.pom Progress (1): 1.7 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/aether/aether-spi/1.7/aether-spi-1.7.pom (1.7 kB at 116 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-artifact-transfer/0.12.0/maven-artifact-transfer-0.12.0.pom Progress (1): 4.1/11 kB Progress (1): 8.2/11 kB Progress (1): 11 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-artifact-transfer/0.12.0/maven-artifact-transfer-0.12.0.pom (11 kB at 750 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-components/33/maven-shared-components-33.pom Progress (1): 4.1/5.1 kB Progress (1): 5.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-components/33/maven-shared-components-33.pom (5.1 kB at 93 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/33/maven-parent-33.pom Progress (1): 4.1/44 kB Progress (1): 8.2/44 kB Progress (1): 12/44 kB Progress (1): 16/44 kB Progress (1): 20/44 kB Progress (1): 24/44 kB Progress (1): 28/44 kB Progress (1): 32/44 kB Progress (1): 36/44 kB Progress (1): 40/44 kB Progress (1): 44 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/33/maven-parent-33.pom (44 kB at 2.8 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/apache/21/apache-21.pom Progress (1): 4.1/17 kB Progress (1): 8.2/17 kB Progress (1): 12/17 kB Progress (1): 16/17 kB Progress (1): 17 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/apache/21/apache-21.pom (17 kB at 1.1 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-common-artifact-filters/3.0.1/maven-common-artifact-filters-3.0.1.pom Progress (1): 4.1/4.8 kB Progress (1): 4.8 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-common-artifact-filters/3.0.1/maven-common-artifact-filters-3.0.1.pom (4.8 kB at 322 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-components/30/maven-shared-components-30.pom Progress (1): 4.1/4.6 kB Progress (1): 4.6 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-components/30/maven-shared-components-30.pom (4.6 kB at 286 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/30/maven-parent-30.pom Progress (1): 4.1/41 kB Progress (1): 8.2/41 kB Progress (1): 12/41 kB Progress (1): 16/41 kB Progress (1): 20/41 kB Progress (1): 25/41 kB Progress (1): 29/41 kB Progress (1): 33/41 kB Progress (1): 37/41 kB Progress (1): 41/41 kB Progress (1): 41 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/30/maven-parent-30.pom (41 kB at 2.6 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/apache/18/apache-18.pom Progress (1): 4.1/16 kB Progress (1): 8.2/16 kB Progress (1): 12/16 kB Progress (1): 16 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/apache/18/apache-18.pom (16 kB at 979 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-utils/3.1.0/maven-shared-utils-3.1.0.pom Progress (1): 4.1/5.0 kB Progress (1): 5.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-utils/3.1.0/maven-shared-utils-3.1.0.pom (5.0 kB at 98 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/commons-io/commons-io/2.5/commons-io-2.5.pom Progress (1): 4.1/13 kB Progress (1): 8.2/13 kB Progress (1): 12/13 kB Progress (1): 13 kB Downloaded from central: https://repo.maven.apache.org/maven2/commons-io/commons-io/2.5/commons-io-2.5.pom (13 kB at 831 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/commons/commons-parent/39/commons-parent-39.pom Progress (1): 4.1/62 kB Progress (1): 8.2/62 kB Progress (1): 12/62 kB Progress (1): 16/62 kB Progress (1): 20/62 kB Progress (1): 24/62 kB Progress (1): 28/62 kB Progress (1): 32/62 kB Progress (1): 36/62 kB Progress (1): 40/62 kB Progress (1): 44/62 kB Progress (1): 49/62 kB Progress (1): 53/62 kB Progress (1): 57/62 kB Progress (1): 61/62 kB Progress (1): 62 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/commons/commons-parent/39/commons-parent-39.pom (62 kB at 3.6 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/apache/16/apache-16.pom Progress (1): 4.1/15 kB Progress (1): 8.2/15 kB Progress (1): 12/15 kB Progress (1): 15 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/apache/16/apache-16.pom (15 kB at 962 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/3.1.1/plexus-utils-3.1.1.pom Progress (1): 4.1/5.1 kB Progress (1): 5.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/3.1.1/plexus-utils-3.1.1.pom (5.1 kB at 338 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/4.0/plexus-4.0.pom Progress (1): 4.1/22 kB Progress (1): 8.2/22 kB Progress (1): 12/22 kB Progress (1): 16/22 kB Progress (1): 20/22 kB Progress (1): 22 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus/4.0/plexus-4.0.pom (22 kB at 1.3 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/commons-codec/commons-codec/1.11/commons-codec-1.11.pom Progress (1): 4.1/14 kB Progress (1): 8.2/14 kB Progress (1): 12/14 kB Progress (1): 14 kB Downloaded from central: https://repo.maven.apache.org/maven2/commons-codec/commons-codec/1.11/commons-codec-1.11.pom (14 kB at 873 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/commons/commons-parent/42/commons-parent-42.pom Progress (1): 4.1/68 kB Progress (1): 8.2/68 kB Progress (1): 12/68 kB Progress (1): 16/68 kB Progress (1): 20/68 kB Progress (1): 25/68 kB Progress (1): 29/68 kB Progress (1): 33/68 kB Progress (1): 37/68 kB Progress (1): 41/68 kB Progress (1): 45/68 kB Progress (1): 49/68 kB Progress (1): 53/68 kB Progress (1): 57/68 kB Progress (1): 61/68 kB Progress (1): 66/68 kB Progress (1): 68 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/commons/commons-parent/42/commons-parent-42.pom (68 kB at 4.2 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/slf4j/slf4j-api/1.7.5/slf4j-api-1.7.5.pom Progress (1): 2.7 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/slf4j/slf4j-api/1.7.5/slf4j-api-1.7.5.pom (2.7 kB at 179 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/slf4j/slf4j-parent/1.7.5/slf4j-parent-1.7.5.pom Progress (1): 4.1/12 kB Progress (1): 8.2/12 kB Progress (1): 12 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/slf4j/slf4j-parent/1.7.5/slf4j-parent-1.7.5.pom (12 kB at 787 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/ow2/asm/asm/8.0/asm-8.0.pom Progress (1): 2.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/ow2/asm/asm/8.0/asm-8.0.pom (2.9 kB at 196 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/ow2/ow2/1.5/ow2-1.5.pom Progress (1): 4.1/11 kB Progress (1): 8.2/11 kB Progress (1): 11 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/ow2/ow2/1.5/ow2-1.5.pom (11 kB at 702 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/ow2/asm/asm-commons/8.0/asm-commons-8.0.pom Progress (1): 3.7 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/ow2/asm/asm-commons/8.0/asm-commons-8.0.pom (3.7 kB at 229 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/ow2/asm/asm-tree/8.0/asm-tree-8.0.pom Progress (1): 3.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/ow2/asm/asm-tree/8.0/asm-tree-8.0.pom (3.1 kB at 209 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/ow2/asm/asm-analysis/8.0/asm-analysis-8.0.pom Progress (1): 3.2 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/ow2/asm/asm-analysis/8.0/asm-analysis-8.0.pom (3.2 kB at 211 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/jdom/jdom2/2.0.6/jdom2-2.0.6.pom Progress (1): 4.1/4.6 kB Progress (1): 4.6 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/jdom/jdom2/2.0.6/jdom2-2.0.6.pom (4.6 kB at 109 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-dependency-tree/3.0.1/maven-dependency-tree-3.0.1.pom Progress (1): 4.1/7.5 kB Progress (1): 7.5 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-dependency-tree/3.0.1/maven-dependency-tree-3.0.1.pom (7.5 kB at 500 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/eclipse/aether/aether-util/0.9.0.M2/aether-util-0.9.0.M2.pom Progress (1): 2.0 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/eclipse/aether/aether-util/0.9.0.M2/aether-util-0.9.0.M2.pom (2.0 kB at 127 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/eclipse/aether/aether/0.9.0.M2/aether-0.9.0.M2.pom Progress (1): 4.1/28 kB Progress (1): 8.2/28 kB Progress (1): 12/28 kB Progress (1): 16/28 kB Progress (1): 20/28 kB Progress (1): 25/28 kB Progress (1): 28 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/eclipse/aether/aether/0.9.0.M2/aether-0.9.0.M2.pom (28 kB at 1.7 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/commons-io/commons-io/2.6/commons-io-2.6.pom Progress (1): 4.1/14 kB Progress (1): 8.2/14 kB Progress (1): 12/14 kB Progress (1): 14 kB Downloaded from central: https://repo.maven.apache.org/maven2/commons-io/commons-io/2.6/commons-io-2.6.pom (14 kB at 891 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/vafer/jdependency/2.4.0/jdependency-2.4.0.pom Progress (1): 4.1/15 kB Progress (1): 8.2/15 kB Progress (1): 12/15 kB Progress (1): 15 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/vafer/jdependency/2.4.0/jdependency-2.4.0.pom (15 kB at 942 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/ow2/asm/asm-util/8.0/asm-util-8.0.pom Progress (1): 3.7 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/ow2/asm/asm-util/8.0/asm-util-8.0.pom (3.7 kB at 228 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/com/google/guava/guava/28.2-android/guava-28.2-android.pom Progress (1): 4.1/11 kB Progress (1): 8.2/11 kB Progress (1): 11 kB Downloaded from central: https://repo.maven.apache.org/maven2/com/google/guava/guava/28.2-android/guava-28.2-android.pom (11 kB at 729 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/com/google/guava/guava-parent/28.2-android/guava-parent-28.2-android.pom Progress (1): 4.1/13 kB Progress (1): 8.2/13 kB Progress (1): 12/13 kB Progress (1): 13 kB Downloaded from central: https://repo.maven.apache.org/maven2/com/google/guava/guava-parent/28.2-android/guava-parent-28.2-android.pom (13 kB at 516 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/com/google/guava/failureaccess/1.0.1/failureaccess-1.0.1.pom Progress (1): 2.4 kB Downloaded from central: https://repo.maven.apache.org/maven2/com/google/guava/failureaccess/1.0.1/failureaccess-1.0.1.pom (2.4 kB at 161 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/com/google/guava/guava-parent/26.0-android/guava-parent-26.0-android.pom Progress (1): 4.1/10 kB Progress (1): 8.2/10 kB Progress (1): 10 kB Downloaded from central: https://repo.maven.apache.org/maven2/com/google/guava/guava-parent/26.0-android/guava-parent-26.0-android.pom (10 kB at 679 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/oss/oss-parent/9/oss-parent-9.pom Progress (1): 4.1/6.6 kB Progress (1): 6.6 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/oss/oss-parent/9/oss-parent-9.pom (6.6 kB at 438 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/com/google/guava/listenablefuture/9999.0-empty-to-avoid-conflict-with-guava/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.pom Progress (1): 2.3 kB Downloaded from central: https://repo.maven.apache.org/maven2/com/google/guava/listenablefuture/9999.0-empty-to-avoid-conflict-with-guava/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.pom (2.3 kB at 152 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/com/google/code/findbugs/jsr305/3.0.2/jsr305-3.0.2.pom Progress (1): 4.1/4.3 kB Progress (1): 4.3 kB Downloaded from central: https://repo.maven.apache.org/maven2/com/google/code/findbugs/jsr305/3.0.2/jsr305-3.0.2.pom (4.3 kB at 286 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/oss/oss-parent/7/oss-parent-7.pom Progress (1): 4.1/4.8 kB Progress (1): 4.8 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/oss/oss-parent/7/oss-parent-7.pom (4.8 kB at 322 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/checkerframework/checker-compat-qual/2.5.5/checker-compat-qual-2.5.5.pom Progress (1): 2.7 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/checkerframework/checker-compat-qual/2.5.5/checker-compat-qual-2.5.5.pom (2.7 kB at 183 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/com/google/errorprone/error_prone_annotations/2.3.4/error_prone_annotations-2.3.4.pom Progress (1): 2.1 kB Downloaded from central: https://repo.maven.apache.org/maven2/com/google/errorprone/error_prone_annotations/2.3.4/error_prone_annotations-2.3.4.pom (2.1 kB at 141 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/com/google/errorprone/error_prone_parent/2.3.4/error_prone_parent-2.3.4.pom Progress (1): 4.1/5.4 kB Progress (1): 5.4 kB Downloaded from central: https://repo.maven.apache.org/maven2/com/google/errorprone/error_prone_parent/2.3.4/error_prone_parent-2.3.4.pom (5.4 kB at 362 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/com/google/j2objc/j2objc-annotations/1.3/j2objc-annotations-1.3.pom Progress (1): 2.8 kB Downloaded from central: https://repo.maven.apache.org/maven2/com/google/j2objc/j2objc-annotations/1.3/j2objc-annotations-1.3.pom (2.8 kB at 184 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/commons/commons-lang3/3.7/commons-lang3-3.7.pom Progress (1): 4.1/28 kB Progress (1): 8.2/28 kB Progress (1): 12/28 kB Progress (1): 16/28 kB Progress (1): 20/28 kB Progress (1): 25/28 kB Progress (1): 28 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/commons/commons-lang3/3.7/commons-lang3-3.7.pom (28 kB at 1.7 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-api/3.0/maven-plugin-api-3.0.jar Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/sisu/sisu-inject-plexus/1.4.2/sisu-inject-plexus-1.4.2.jar Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/sisu/sisu-inject-bean/1.4.2/sisu-inject-bean-1.4.2.jar Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/sisu/sisu-guice/2.1.7/sisu-guice-2.1.7-noaop.jar Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-model/3.0/maven-model-3.0.jar Progress (1): 4.1/49 kB Progress (1): 8.2/49 kB Progress (1): 12/49 kB Progress (1): 16/49 kB Progress (1): 20/49 kB Progress (1): 25/49 kB Progress (1): 29/49 kB Progress (1): 33/49 kB Progress (2): 33/49 kB | 4.1/472 kB Progress (2): 37/49 kB | 4.1/472 kB Progress (2): 41/49 kB | 4.1/472 kB Progress (2): 41/49 kB | 8.2/472 kB Progress (2): 45/49 kB | 8.2/472 kB Progress (2): 45/49 kB | 12/472 kB Progress (3): 45/49 kB | 12/472 kB | 4.1/165 kB Progress (4): 45/49 kB | 12/472 kB | 4.1/165 kB | 4.1/153 kB Progress (4): 45/49 kB | 12/472 kB | 8.2/165 kB | 4.1/153 kB Progress (4): 45/49 kB | 16/472 kB | 8.2/165 kB | 4.1/153 kB Progress (4): 49 kB | 16/472 kB | 8.2/165 kB | 4.1/153 kB Progress (4): 49 kB | 16/472 kB | 12/165 kB | 4.1/153 kB Progress (4): 49 kB | 16/472 kB | 16/165 kB | 4.1/153 kB Progress (4): 49 kB | 16/472 kB | 16/165 kB | 8.2/153 kB Progress (4): 49 kB | 16/472 kB | 20/165 kB | 8.2/153 kB Progress (4): 49 kB | 20/472 kB | 20/165 kB | 8.2/153 kB Progress (4): 49 kB | 20/472 kB | 25/165 kB | 8.2/153 kB Progress (4): 49 kB | 20/472 kB | 25/165 kB | 12/153 kB Progress (4): 49 kB | 20/472 kB | 29/165 kB | 12/153 kB Progress (4): 49 kB | 25/472 kB | 29/165 kB | 12/153 kB Progress (4): 49 kB | 29/472 kB | 29/165 kB | 12/153 kB Progress (5): 49 kB | 29/472 kB | 29/165 kB | 12/153 kB | 4.1/202 kB Progress (5): 49 kB | 33/472 kB | 29/165 kB | 12/153 kB | 4.1/202 kB Progress (5): 49 kB | 33/472 kB | 33/165 kB | 12/153 kB | 4.1/202 kB Progress (5): 49 kB | 33/472 kB | 33/165 kB | 16/153 kB | 4.1/202 kB Progress (5): 49 kB | 33/472 kB | 37/165 kB | 16/153 kB | 4.1/202 kB Progress (5): 49 kB | 33/472 kB | 41/165 kB | 16/153 kB | 4.1/202 kB Progress (5): 49 kB | 37/472 kB | 41/165 kB | 16/153 kB | 4.1/202 kB Progress (5): 49 kB | 37/472 kB | 41/165 kB | 16/153 kB | 8.2/202 kB Progress (5): 49 kB | 41/472 kB | 41/165 kB | 16/153 kB | 8.2/202 kB Progress (5): 49 kB | 41/472 kB | 45/165 kB | 16/153 kB | 8.2/202 kB Progress (5): 49 kB | 41/472 kB | 45/165 kB | 20/153 kB | 8.2/202 kB Progress (5): 49 kB | 41/472 kB | 49/165 kB | 20/153 kB | 8.2/202 kB Progress (5): 49 kB | 45/472 kB | 49/165 kB | 20/153 kB | 8.2/202 kB Progress (5): 49 kB | 45/472 kB | 49/165 kB | 20/153 kB | 12/202 kB Progress (5): 49 kB | 49/472 kB | 49/165 kB | 20/153 kB | 12/202 kB Progress (5): 49 kB | 49/472 kB | 53/165 kB | 20/153 kB | 12/202 kB Progress (5): 49 kB | 53/472 kB | 53/165 kB | 20/153 kB | 12/202 kB Progress (5): 49 kB | 53/472 kB | 53/165 kB | 25/153 kB | 12/202 kB Progress (5): 49 kB | 57/472 kB | 53/165 kB | 25/153 kB | 12/202 kB Progress (5): 49 kB | 57/472 kB | 57/165 kB | 25/153 kB | 12/202 kB Progress (5): 49 kB | 57/472 kB | 57/165 kB | 25/153 kB | 16/202 kB Progress (5): 49 kB | 57/472 kB | 61/165 kB | 25/153 kB | 16/202 kB Progress (5): 49 kB | 61/472 kB | 61/165 kB | 25/153 kB | 16/202 kB Progress (5): 49 kB | 61/472 kB | 66/165 kB | 25/153 kB | 16/202 kB Progress (5): 49 kB | 61/472 kB | 66/165 kB | 29/153 kB | 16/202 kB Progress (5): 49 kB | 61/472 kB | 70/165 kB | 29/153 kB | 16/202 kB Progress (5): 49 kB | 65/472 kB | 70/165 kB | 29/153 kB | 16/202 kB Progress (5): 49 kB | 65/472 kB | 70/165 kB | 29/153 kB | 20/202 kB Progress (5): 49 kB | 65/472 kB | 74/165 kB | 29/153 kB | 20/202 kB Progress (5): 49 kB | 65/472 kB | 74/165 kB | 33/153 kB | 20/202 kB Progress (5): 49 kB | 65/472 kB | 78/165 kB | 33/153 kB | 20/202 kB Progress (5): 49 kB | 65/472 kB | 78/165 kB | 33/153 kB | 25/202 kB Progress (5): 49 kB | 65/472 kB | 82/165 kB | 33/153 kB | 25/202 kB Progress (5): 49 kB | 69/472 kB | 82/165 kB | 33/153 kB | 25/202 kB Progress (5): 49 kB | 69/472 kB | 86/165 kB | 33/153 kB | 25/202 kB Progress (5): 49 kB | 69/472 kB | 86/165 kB | 33/153 kB | 29/202 kB Progress (5): 49 kB | 69/472 kB | 86/165 kB | 37/153 kB | 29/202 kB Progress (5): 49 kB | 69/472 kB | 86/165 kB | 37/153 kB | 33/202 kB Progress (5): 49 kB | 69/472 kB | 90/165 kB | 37/153 kB | 33/202 kB Progress (5): 49 kB | 73/472 kB | 90/165 kB | 37/153 kB | 33/202 kB Progress (5): 49 kB | 73/472 kB | 94/165 kB | 37/153 kB | 33/202 kB Progress (5): 49 kB | 73/472 kB | 94/165 kB | 37/153 kB | 37/202 kB Progress (5): 49 kB | 73/472 kB | 98/165 kB | 37/153 kB | 37/202 kB Progress (5): 49 kB | 73/472 kB | 98/165 kB | 41/153 kB | 37/202 kB Progress (5): 49 kB | 73/472 kB | 98/165 kB | 45/153 kB | 37/202 kB Progress (5): 49 kB | 73/472 kB | 102/165 kB | 45/153 kB | 37/202 kB Progress (5): 49 kB | 73/472 kB | 102/165 kB | 45/153 kB | 41/202 kB Progress (5): 49 kB | 77/472 kB | 102/165 kB | 45/153 kB | 41/202 kB Progress (5): 49 kB | 77/472 kB | 102/165 kB | 45/153 kB | 45/202 kB Progress (5): 49 kB | 77/472 kB | 106/165 kB | 45/153 kB | 45/202 kB Progress (5): 49 kB | 77/472 kB | 106/165 kB | 49/153 kB | 45/202 kB Progress (5): 49 kB | 77/472 kB | 111/165 kB | 49/153 kB | 45/202 kB Progress (5): 49 kB | 77/472 kB | 111/165 kB | 49/153 kB | 49/202 kB Progress (5): 49 kB | 77/472 kB | 115/165 kB | 49/153 kB | 49/202 kB Progress (5): 49 kB | 77/472 kB | 115/165 kB | 49/153 kB | 53/202 kB Progress (5): 49 kB | 81/472 kB | 115/165 kB | 49/153 kB | 53/202 kB Progress (5): 49 kB | 81/472 kB | 115/165 kB | 49/153 kB | 57/202 kB Progress (5): 49 kB | 81/472 kB | 119/165 kB | 49/153 kB | 57/202 kB Progress (5): 49 kB | 81/472 kB | 119/165 kB | 53/153 kB | 57/202 kB Progress (5): 49 kB | 81/472 kB | 123/165 kB | 53/153 kB | 57/202 kB Progress (5): 49 kB | 81/472 kB | 123/165 kB | 53/153 kB | 61/202 kB Progress (5): 49 kB | 85/472 kB | 123/165 kB | 53/153 kB | 61/202 kB Progress (5): 49 kB | 85/472 kB | 123/165 kB | 53/153 kB | 66/202 kB Progress (5): 49 kB | 85/472 kB | 127/165 kB | 53/153 kB | 66/202 kB Progress (5): 49 kB | 85/472 kB | 127/165 kB | 57/153 kB | 66/202 kB Progress (5): 49 kB | 85/472 kB | 127/165 kB | 57/153 kB | 70/202 kB Progress (5): 49 kB | 90/472 kB | 127/165 kB | 57/153 kB | 70/202 kB Progress (5): 49 kB | 90/472 kB | 127/165 kB | 57/153 kB | 74/202 kB Progress (5): 49 kB | 90/472 kB | 131/165 kB | 57/153 kB | 74/202 kB Progress (5): 49 kB | 90/472 kB | 131/165 kB | 61/153 kB | 74/202 kB Progress (5): 49 kB | 90/472 kB | 135/165 kB | 61/153 kB | 74/202 kB Progress (5): 49 kB | 90/472 kB | 135/165 kB | 61/153 kB | 78/202 kB Progress (5): 49 kB | 94/472 kB | 135/165 kB | 61/153 kB | 78/202 kB Progress (5): 49 kB | 94/472 kB | 135/165 kB | 61/153 kB | 82/202 kB Progress (5): 49 kB | 94/472 kB | 139/165 kB | 61/153 kB | 82/202 kB Progress (5): 49 kB | 94/472 kB | 139/165 kB | 64/153 kB | 82/202 kB Progress (5): 49 kB | 94/472 kB | 143/165 kB | 64/153 kB | 82/202 kB Progress (5): 49 kB | 94/472 kB | 143/165 kB | 68/153 kB | 82/202 kB Progress (5): 49 kB | 94/472 kB | 147/165 kB | 68/153 kB | 82/202 kB Progress (5): 49 kB | 94/472 kB | 147/165 kB | 68/153 kB | 86/202 kB Progress (5): 49 kB | 94/472 kB | 147/165 kB | 68/153 kB | 90/202 kB Progress (5): 49 kB | 94/472 kB | 147/165 kB | 68/153 kB | 94/202 kB Progress (5): 49 kB | 98/472 kB | 147/165 kB | 68/153 kB | 94/202 kB Progress (5): 49 kB | 98/472 kB | 147/165 kB | 68/153 kB | 98/202 kB Progress (5): 49 kB | 98/472 kB | 152/165 kB | 68/153 kB | 98/202 kB Progress (5): 49 kB | 98/472 kB | 152/165 kB | 72/153 kB | 98/202 kB Progress (5): 49 kB | 98/472 kB | 156/165 kB | 72/153 kB | 98/202 kB Progress (5): 49 kB | 98/472 kB | 160/165 kB | 72/153 kB | 98/202 kB Progress (5): 49 kB | 98/472 kB | 164/165 kB | 72/153 kB | 98/202 kB Progress (5): 49 kB | 98/472 kB | 165 kB | 72/153 kB | 98/202 kB Progress (5): 49 kB | 102/472 kB | 165 kB | 72/153 kB | 98/202 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-api/3.0/maven-plugin-api-3.0.jar (49 kB at 2.9 MB/s) Progress (4): 102/472 kB | 165 kB | 72/153 kB | 102/202 kB Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-core/3.0/maven-core-3.0.jar Progress (4): 106/472 kB | 165 kB | 72/153 kB | 102/202 kB Progress (4): 106/472 kB | 165 kB | 76/153 kB | 102/202 kB Progress (4): 110/472 kB | 165 kB | 76/153 kB | 102/202 kB Progress (4): 110/472 kB | 165 kB | 76/153 kB | 106/202 kB Progress (4): 114/472 kB | 165 kB | 76/153 kB | 106/202 kB Progress (4): 114/472 kB | 165 kB | 80/153 kB | 106/202 kB Progress (4): 118/472 kB | 165 kB | 80/153 kB | 106/202 kB Progress (4): 118/472 kB | 165 kB | 84/153 kB | 106/202 kB Progress (4): 118/472 kB | 165 kB | 84/153 kB | 111/202 kB Progress (4): 118/472 kB | 165 kB | 88/153 kB | 111/202 kB Progress (4): 122/472 kB | 165 kB | 88/153 kB | 111/202 kB Progress (4): 122/472 kB | 165 kB | 88/153 kB | 115/202 kB Progress (4): 122/472 kB | 165 kB | 92/153 kB | 115/202 kB Progress (4): 122/472 kB | 165 kB | 92/153 kB | 119/202 kB Progress (4): 126/472 kB | 165 kB | 92/153 kB | 119/202 kB Progress (4): 126/472 kB | 165 kB | 92/153 kB | 123/202 kB Progress (4): 126/472 kB | 165 kB | 96/153 kB | 123/202 kB Progress (4): 126/472 kB | 165 kB | 96/153 kB | 127/202 kB Progress (4): 130/472 kB | 165 kB | 96/153 kB | 127/202 kB Progress (4): 130/472 kB | 165 kB | 100/153 kB | 127/202 kB Progress (4): 130/472 kB | 165 kB | 100/153 kB | 131/202 kB Progress (4): 135/472 kB | 165 kB | 100/153 kB | 131/202 kB Progress (4): 135/472 kB | 165 kB | 104/153 kB | 131/202 kB Progress (4): 139/472 kB | 165 kB | 104/153 kB | 131/202 kB Progress (4): 139/472 kB | 165 kB | 104/153 kB | 135/202 kB Progress (4): 143/472 kB | 165 kB | 104/153 kB | 135/202 kB Progress (4): 143/472 kB | 165 kB | 109/153 kB | 135/202 kB Progress (4): 147/472 kB | 165 kB | 109/153 kB | 135/202 kB Progress (4): 147/472 kB | 165 kB | 109/153 kB | 139/202 kB Progress (4): 151/472 kB | 165 kB | 109/153 kB | 139/202 kB Progress (4): 151/472 kB | 165 kB | 113/153 kB | 139/202 kB Progress (4): 155/472 kB | 165 kB | 113/153 kB | 139/202 kB Progress (4): 155/472 kB | 165 kB | 113/153 kB | 143/202 kB Progress (4): 155/472 kB | 165 kB | 117/153 kB | 143/202 kB Progress (4): 159/472 kB | 165 kB | 117/153 kB | 143/202 kB Progress (4): 159/472 kB | 165 kB | 121/153 kB | 143/202 kB Progress (4): 159/472 kB | 165 kB | 121/153 kB | 147/202 kB Progress (4): 159/472 kB | 165 kB | 125/153 kB | 147/202 kB Progress (4): 163/472 kB | 165 kB | 125/153 kB | 147/202 kB Progress (4): 163/472 kB | 165 kB | 129/153 kB | 147/202 kB Progress (4): 163/472 kB | 165 kB | 129/153 kB | 152/202 kB Progress (4): 167/472 kB | 165 kB | 129/153 kB | 152/202 kB Progress (4): 167/472 kB | 165 kB | 129/153 kB | 156/202 kB Progress (4): 167/472 kB | 165 kB | 133/153 kB | 156/202 kB Progress (4): 167/472 kB | 165 kB | 133/153 kB | 160/202 kB Progress (4): 171/472 kB | 165 kB | 133/153 kB | 160/202 kB Progress (4): 171/472 kB | 165 kB | 137/153 kB | 160/202 kB Progress (4): 171/472 kB | 165 kB | 137/153 kB | 164/202 kB Progress (4): 176/472 kB | 165 kB | 137/153 kB | 164/202 kB Progress (4): 176/472 kB | 165 kB | 137/153 kB | 168/202 kB Progress (4): 176/472 kB | 165 kB | 137/153 kB | 172/202 kB Progress (4): 176/472 kB | 165 kB | 141/153 kB | 172/202 kB Progress (4): 176/472 kB | 165 kB | 141/153 kB | 176/202 kB Progress (4): 180/472 kB | 165 kB | 141/153 kB | 176/202 kB Progress (4): 180/472 kB | 165 kB | 141/153 kB | 180/202 kB Progress (4): 180/472 kB | 165 kB | 145/153 kB | 180/202 kB Progress (4): 180/472 kB | 165 kB | 145/153 kB | 184/202 kB Progress (4): 184/472 kB | 165 kB | 145/153 kB | 184/202 kB Progress (4): 188/472 kB | 165 kB | 145/153 kB | 184/202 kB Progress (4): 192/472 kB | 165 kB | 145/153 kB | 184/202 kB Progress (4): 196/472 kB | 165 kB | 145/153 kB | 184/202 kB Progress (4): 200/472 kB | 165 kB | 145/153 kB | 184/202 kB Progress (4): 204/472 kB | 165 kB | 145/153 kB | 184/202 kB Progress (4): 208/472 kB | 165 kB | 145/153 kB | 184/202 kB Progress (4): 212/472 kB | 165 kB | 145/153 kB | 184/202 kB Progress (4): 212/472 kB | 165 kB | 145/153 kB | 188/202 kB Progress (4): 212/472 kB | 165 kB | 150/153 kB | 188/202 kB Progress (4): 212/472 kB | 165 kB | 153 kB | 188/202 kB Progress (4): 212/472 kB | 165 kB | 153 kB | 193/202 kB Progress (4): 216/472 kB | 165 kB | 153 kB | 193/202 kB Progress (4): 221/472 kB | 165 kB | 153 kB | 193/202 kB Progress (4): 221/472 kB | 165 kB | 153 kB | 197/202 kB Progress (4): 225/472 kB | 165 kB | 153 kB | 197/202 kB Progress (4): 225/472 kB | 165 kB | 153 kB | 201/202 kB Progress (4): 229/472 kB | 165 kB | 153 kB | 201/202 kB Progress (4): 229/472 kB | 165 kB | 153 kB | 202 kB Progress (4): 233/472 kB | 165 kB | 153 kB | 202 kB Progress (4): 237/472 kB | 165 kB | 153 kB | 202 kB Progress (4): 241/472 kB | 165 kB | 153 kB | 202 kB Progress (4): 245/472 kB | 165 kB | 153 kB | 202 kB Progress (4): 249/472 kB | 165 kB | 153 kB | 202 kB Progress (4): 253/472 kB | 165 kB | 153 kB | 202 kB Progress (4): 257/472 kB | 165 kB | 153 kB | 202 kB Progress (4): 262/472 kB | 165 kB | 153 kB | 202 kB Progress (4): 266/472 kB | 165 kB | 153 kB | 202 kB Progress (4): 270/472 kB | 165 kB | 153 kB | 202 kB Progress (4): 274/472 kB | 165 kB | 153 kB | 202 kB Progress (4): 278/472 kB | 165 kB | 153 kB | 202 kB Progress (4): 282/472 kB | 165 kB | 153 kB | 202 kB Progress (4): 286/472 kB | 165 kB | 153 kB | 202 kB Progress (4): 290/472 kB | 165 kB | 153 kB | 202 kB Progress (4): 294/472 kB | 165 kB | 153 kB | 202 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-model/3.0/maven-model-3.0.jar (165 kB at 6.6 MB/s) Progress (3): 298/472 kB | 153 kB | 202 kB Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-settings/3.0/maven-settings-3.0.jar Progress (3): 302/472 kB | 153 kB | 202 kB Progress (3): 307/472 kB | 153 kB | 202 kB Progress (3): 311/472 kB | 153 kB | 202 kB Progress (4): 311/472 kB | 153 kB | 202 kB | 4.1/527 kB Progress (4): 315/472 kB | 153 kB | 202 kB | 4.1/527 kB Progress (4): 315/472 kB | 153 kB | 202 kB | 8.2/527 kB Progress (4): 319/472 kB | 153 kB | 202 kB | 8.2/527 kB Progress (4): 319/472 kB | 153 kB | 202 kB | 12/527 kB Progress (4): 323/472 kB | 153 kB | 202 kB | 12/527 kB Progress (4): 323/472 kB | 153 kB | 202 kB | 16/527 kB Progress (4): 327/472 kB | 153 kB | 202 kB | 16/527 kB Progress (4): 327/472 kB | 153 kB | 202 kB | 20/527 kB Progress (4): 331/472 kB | 153 kB | 202 kB | 20/527 kB Progress (4): 331/472 kB | 153 kB | 202 kB | 25/527 kB Progress (4): 335/472 kB | 153 kB | 202 kB | 25/527 kB Progress (4): 335/472 kB | 153 kB | 202 kB | 29/527 kB Progress (4): 339/472 kB | 153 kB | 202 kB | 29/527 kB Progress (4): 339/472 kB | 153 kB | 202 kB | 33/527 kB Progress (4): 343/472 kB | 153 kB | 202 kB | 33/527 kB Progress (4): 343/472 kB | 153 kB | 202 kB | 37/527 kB Progress (4): 348/472 kB | 153 kB | 202 kB | 37/527 kB Progress (4): 348/472 kB | 153 kB | 202 kB | 41/527 kB Progress (4): 352/472 kB | 153 kB | 202 kB | 41/527 kB Progress (4): 352/472 kB | 153 kB | 202 kB | 45/527 kB Progress (4): 356/472 kB | 153 kB | 202 kB | 45/527 kB Progress (4): 356/472 kB | 153 kB | 202 kB | 49/527 kB Progress (4): 360/472 kB | 153 kB | 202 kB | 49/527 kB Progress (4): 360/472 kB | 153 kB | 202 kB | 53/527 kB Progress (4): 364/472 kB | 153 kB | 202 kB | 53/527 kB Progress (4): 364/472 kB | 153 kB | 202 kB | 57/527 kB Progress (4): 368/472 kB | 153 kB | 202 kB | 57/527 kB Progress (4): 368/472 kB | 153 kB | 202 kB | 61/527 kB Progress (4): 372/472 kB | 153 kB | 202 kB | 61/527 kB Progress (4): 376/472 kB | 153 kB | 202 kB | 61/527 kB Progress (4): 376/472 kB | 153 kB | 202 kB | 66/527 kB Progress (4): 380/472 kB | 153 kB | 202 kB | 66/527 kB Progress (4): 380/472 kB | 153 kB | 202 kB | 70/527 kB Progress (4): 384/472 kB | 153 kB | 202 kB | 70/527 kB Progress (4): 384/472 kB | 153 kB | 202 kB | 74/527 kB Progress (4): 389/472 kB | 153 kB | 202 kB | 74/527 kB Progress (4): 389/472 kB | 153 kB | 202 kB | 78/527 kB Progress (4): 393/472 kB | 153 kB | 202 kB | 78/527 kB Progress (4): 393/472 kB | 153 kB | 202 kB | 82/527 kB Progress (4): 397/472 kB | 153 kB | 202 kB | 82/527 kB Progress (4): 397/472 kB | 153 kB | 202 kB | 86/527 kB Progress (4): 401/472 kB | 153 kB | 202 kB | 86/527 kB Progress (4): 401/472 kB | 153 kB | 202 kB | 90/527 kB Progress (4): 405/472 kB | 153 kB | 202 kB | 90/527 kB Progress (4): 405/472 kB | 153 kB | 202 kB | 94/527 kB Progress (4): 409/472 kB | 153 kB | 202 kB | 94/527 kB Progress (4): 409/472 kB | 153 kB | 202 kB | 98/527 kB Progress (4): 413/472 kB | 153 kB | 202 kB | 98/527 kB Progress (4): 413/472 kB | 153 kB | 202 kB | 102/527 kB Progress (4): 417/472 kB | 153 kB | 202 kB | 102/527 kB Progress (4): 417/472 kB | 153 kB | 202 kB | 106/527 kB Progress (4): 421/472 kB | 153 kB | 202 kB | 106/527 kB Progress (4): 421/472 kB | 153 kB | 202 kB | 111/527 kB Progress (4): 425/472 kB | 153 kB | 202 kB | 111/527 kB Progress (4): 425/472 kB | 153 kB | 202 kB | 115/527 kB Progress (4): 429/472 kB | 153 kB | 202 kB | 115/527 kB Progress (4): 429/472 kB | 153 kB | 202 kB | 119/527 kB Progress (4): 434/472 kB | 153 kB | 202 kB | 119/527 kB Progress (4): 434/472 kB | 153 kB | 202 kB | 123/527 kB Progress (4): 438/472 kB | 153 kB | 202 kB | 123/527 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/sisu/sisu-inject-bean/1.4.2/sisu-inject-bean-1.4.2.jar (153 kB at 5.1 MB/s) Progress (3): 438/472 kB | 202 kB | 127/527 kB Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-settings-builder/3.0/maven-settings-builder-3.0.jar Progress (3): 442/472 kB | 202 kB | 127/527 kB Progress (3): 442/472 kB | 202 kB | 131/527 kB Progress (3): 442/472 kB | 202 kB | 135/527 kB Progress (3): 446/472 kB | 202 kB | 135/527 kB Progress (3): 446/472 kB | 202 kB | 139/527 kB Progress (3): 450/472 kB | 202 kB | 139/527 kB Progress (3): 450/472 kB | 202 kB | 143/527 kB Progress (3): 454/472 kB | 202 kB | 143/527 kB Progress (3): 458/472 kB | 202 kB | 143/527 kB Progress (3): 458/472 kB | 202 kB | 147/527 kB Progress (3): 458/472 kB | 202 kB | 152/527 kB Progress (3): 462/472 kB | 202 kB | 152/527 kB Progress (3): 462/472 kB | 202 kB | 156/527 kB Progress (3): 466/472 kB | 202 kB | 156/527 kB Progress (3): 466/472 kB | 202 kB | 160/527 kB Progress (3): 470/472 kB | 202 kB | 160/527 kB Progress (3): 472 kB | 202 kB | 160/527 kB Progress (3): 472 kB | 202 kB | 164/527 kB Progress (3): 472 kB | 202 kB | 168/527 kB Progress (3): 472 kB | 202 kB | 172/527 kB Progress (3): 472 kB | 202 kB | 176/527 kB Progress (3): 472 kB | 202 kB | 180/527 kB Progress (3): 472 kB | 202 kB | 184/527 kB Progress (3): 472 kB | 202 kB | 188/527 kB Progress (3): 472 kB | 202 kB | 193/527 kB Progress (3): 472 kB | 202 kB | 197/527 kB Progress (3): 472 kB | 202 kB | 201/527 kB Progress (3): 472 kB | 202 kB | 205/527 kB Progress (3): 472 kB | 202 kB | 209/527 kB Progress (4): 472 kB | 202 kB | 209/527 kB | 4.1/47 kB Progress (4): 472 kB | 202 kB | 213/527 kB | 4.1/47 kB Progress (4): 472 kB | 202 kB | 213/527 kB | 8.2/47 kB Progress (4): 472 kB | 202 kB | 217/527 kB | 8.2/47 kB Progress (4): 472 kB | 202 kB | 217/527 kB | 12/47 kB Progress (4): 472 kB | 202 kB | 221/527 kB | 12/47 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/sisu/sisu-inject-plexus/1.4.2/sisu-inject-plexus-1.4.2.jar (202 kB at 6.1 MB/s) Progress (3): 472 kB | 221/527 kB | 16/47 kB Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-repository-metadata/3.0/maven-repository-metadata-3.0.jar Progress (3): 472 kB | 225/527 kB | 16/47 kB Progress (3): 472 kB | 225/527 kB | 20/47 kB Progress (3): 472 kB | 225/527 kB | 25/47 kB Progress (3): 472 kB | 229/527 kB | 25/47 kB Progress (3): 472 kB | 229/527 kB | 29/47 kB Progress (3): 472 kB | 233/527 kB | 29/47 kB Progress (3): 472 kB | 233/527 kB | 33/47 kB Progress (3): 472 kB | 238/527 kB | 33/47 kB Progress (3): 472 kB | 242/527 kB | 33/47 kB Progress (3): 472 kB | 242/527 kB | 37/47 kB Progress (3): 472 kB | 242/527 kB | 41/47 kB Progress (3): 472 kB | 246/527 kB | 41/47 kB Progress (3): 472 kB | 246/527 kB | 45/47 kB Progress (3): 472 kB | 250/527 kB | 45/47 kB Progress (3): 472 kB | 250/527 kB | 47 kB Progress (3): 472 kB | 254/527 kB | 47 kB Progress (3): 472 kB | 258/527 kB | 47 kB Progress (3): 472 kB | 262/527 kB | 47 kB Progress (3): 472 kB | 266/527 kB | 47 kB Progress (3): 472 kB | 270/527 kB | 47 kB Progress (3): 472 kB | 274/527 kB | 47 kB Progress (3): 472 kB | 279/527 kB | 47 kB Progress (3): 472 kB | 283/527 kB | 47 kB Progress (3): 472 kB | 287/527 kB | 47 kB Progress (3): 472 kB | 291/527 kB | 47 kB Progress (3): 472 kB | 295/527 kB | 47 kB Progress (3): 472 kB | 299/527 kB | 47 kB Progress (3): 472 kB | 303/527 kB | 47 kB Progress (3): 472 kB | 307/527 kB | 47 kB Progress (3): 472 kB | 311/527 kB | 47 kB Progress (3): 472 kB | 315/527 kB | 47 kB Progress (3): 472 kB | 319/527 kB | 47 kB Progress (3): 472 kB | 324/527 kB | 47 kB Progress (3): 472 kB | 328/527 kB | 47 kB Progress (3): 472 kB | 332/527 kB | 47 kB Progress (3): 472 kB | 336/527 kB | 47 kB Progress (3): 472 kB | 340/527 kB | 47 kB Progress (3): 472 kB | 344/527 kB | 47 kB Progress (3): 472 kB | 348/527 kB | 47 kB Progress (3): 472 kB | 352/527 kB | 47 kB Progress (3): 472 kB | 356/527 kB | 47 kB Progress (3): 472 kB | 360/527 kB | 47 kB Progress (3): 472 kB | 365/527 kB | 47 kB Progress (3): 472 kB | 369/527 kB | 47 kB Progress (3): 472 kB | 373/527 kB | 47 kB Progress (3): 472 kB | 377/527 kB | 47 kB Progress (3): 472 kB | 381/527 kB | 47 kB Progress (3): 472 kB | 385/527 kB | 47 kB Progress (3): 472 kB | 389/527 kB | 47 kB Progress (3): 472 kB | 393/527 kB | 47 kB Progress (3): 472 kB | 397/527 kB | 47 kB Progress (3): 472 kB | 401/527 kB | 47 kB Progress (3): 472 kB | 406/527 kB | 47 kB Progress (3): 472 kB | 410/527 kB | 47 kB Progress (3): 472 kB | 414/527 kB | 47 kB Progress (3): 472 kB | 418/527 kB | 47 kB Progress (3): 472 kB | 422/527 kB | 47 kB Progress (3): 472 kB | 426/527 kB | 47 kB Progress (3): 472 kB | 430/527 kB | 47 kB Progress (3): 472 kB | 434/527 kB | 47 kB Progress (3): 472 kB | 438/527 kB | 47 kB Progress (3): 472 kB | 442/527 kB | 47 kB Progress (3): 472 kB | 446/527 kB | 47 kB Progress (3): 472 kB | 451/527 kB | 47 kB Progress (4): 472 kB | 451/527 kB | 47 kB | 4.1/38 kB Progress (4): 472 kB | 455/527 kB | 47 kB | 4.1/38 kB Progress (4): 472 kB | 455/527 kB | 47 kB | 8.2/38 kB Progress (4): 472 kB | 455/527 kB | 47 kB | 12/38 kB Progress (4): 472 kB | 459/527 kB | 47 kB | 12/38 kB Progress (4): 472 kB | 459/527 kB | 47 kB | 16/38 kB Progress (4): 472 kB | 463/527 kB | 47 kB | 16/38 kB Progress (4): 472 kB | 467/527 kB | 47 kB | 16/38 kB Progress (4): 472 kB | 471/527 kB | 47 kB | 16/38 kB Progress (4): 472 kB | 475/527 kB | 47 kB | 16/38 kB Progress (4): 472 kB | 475/527 kB | 47 kB | 20/38 kB Progress (4): 472 kB | 479/527 kB | 47 kB | 20/38 kB Progress (4): 472 kB | 479/527 kB | 47 kB | 25/38 kB Progress (4): 472 kB | 483/527 kB | 47 kB | 25/38 kB Progress (4): 472 kB | 483/527 kB | 47 kB | 29/38 kB Progress (4): 472 kB | 483/527 kB | 47 kB | 33/38 kB Progress (4): 472 kB | 487/527 kB | 47 kB | 33/38 kB Progress (4): 472 kB | 487/527 kB | 47 kB | 37/38 kB Progress (4): 472 kB | 487/527 kB | 47 kB | 38 kB Progress (4): 472 kB | 492/527 kB | 47 kB | 38 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/sisu/sisu-guice/2.1.7/sisu-guice-2.1.7-noaop.jar (472 kB at 12 MB/s) Progress (3): 496/527 kB | 47 kB | 38 kB Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-model-builder/3.0/maven-model-builder-3.0.jar Progress (3): 500/527 kB | 47 kB | 38 kB Progress (3): 504/527 kB | 47 kB | 38 kB Progress (3): 508/527 kB | 47 kB | 38 kB Progress (3): 512/527 kB | 47 kB | 38 kB Progress (3): 516/527 kB | 47 kB | 38 kB Progress (3): 520/527 kB | 47 kB | 38 kB Progress (3): 524/527 kB | 47 kB | 38 kB Progress (3): 527 kB | 47 kB | 38 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-settings/3.0/maven-settings-3.0.jar (47 kB at 1.1 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-aether-provider/3.0/maven-aether-provider-3.0.jar Progress (3): 527 kB | 38 kB | 4.1/30 kB Progress (3): 527 kB | 38 kB | 8.2/30 kB Progress (3): 527 kB | 38 kB | 12/30 kB Progress (3): 527 kB | 38 kB | 16/30 kB Progress (3): 527 kB | 38 kB | 20/30 kB Progress (3): 527 kB | 38 kB | 25/30 kB Progress (3): 527 kB | 38 kB | 29/30 kB Progress (3): 527 kB | 38 kB | 30 kB Progress (4): 527 kB | 38 kB | 30 kB | 4.1/148 kB Progress (4): 527 kB | 38 kB | 30 kB | 8.2/148 kB Progress (4): 527 kB | 38 kB | 30 kB | 12/148 kB Progress (4): 527 kB | 38 kB | 30 kB | 16/148 kB Progress (4): 527 kB | 38 kB | 30 kB | 20/148 kB Progress (4): 527 kB | 38 kB | 30 kB | 25/148 kB Progress (4): 527 kB | 38 kB | 30 kB | 29/148 kB Progress (4): 527 kB | 38 kB | 30 kB | 33/148 kB Progress (4): 527 kB | 38 kB | 30 kB | 37/148 kB Progress (4): 527 kB | 38 kB | 30 kB | 41/148 kB Progress (4): 527 kB | 38 kB | 30 kB | 45/148 kB Progress (4): 527 kB | 38 kB | 30 kB | 49/148 kB Progress (4): 527 kB | 38 kB | 30 kB | 53/148 kB Progress (4): 527 kB | 38 kB | 30 kB | 57/148 kB Progress (4): 527 kB | 38 kB | 30 kB | 61/148 kB Progress (4): 527 kB | 38 kB | 30 kB | 64/148 kB Progress (4): 527 kB | 38 kB | 30 kB | 68/148 kB Progress (4): 527 kB | 38 kB | 30 kB | 72/148 kB Progress (4): 527 kB | 38 kB | 30 kB | 76/148 kB Progress (4): 527 kB | 38 kB | 30 kB | 81/148 kB Progress (4): 527 kB | 38 kB | 30 kB | 85/148 kB Progress (4): 527 kB | 38 kB | 30 kB | 89/148 kB Progress (4): 527 kB | 38 kB | 30 kB | 93/148 kB Progress (4): 527 kB | 38 kB | 30 kB | 97/148 kB Progress (4): 527 kB | 38 kB | 30 kB | 101/148 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-settings-builder/3.0/maven-settings-builder-3.0.jar (38 kB at 787 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/aether/aether-impl/1.7/aether-impl-1.7.jar Progress (3): 527 kB | 30 kB | 105/148 kB Progress (4): 527 kB | 30 kB | 105/148 kB | 4.1/51 kB Progress (4): 527 kB | 30 kB | 109/148 kB | 4.1/51 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-core/3.0/maven-core-3.0.jar (527 kB at 11 MB/s) Progress (3): 30 kB | 113/148 kB | 4.1/51 kB Progress (3): 30 kB | 117/148 kB | 4.1/51 kB Progress (3): 30 kB | 121/148 kB | 4.1/51 kB Progress (3): 30 kB | 126/148 kB | 4.1/51 kB Progress (3): 30 kB | 130/148 kB | 4.1/51 kB Progress (3): 30 kB | 130/148 kB | 8.2/51 kB Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/aether/aether-spi/1.7/aether-spi-1.7.jar Progress (3): 30 kB | 134/148 kB | 8.2/51 kB Progress (3): 30 kB | 134/148 kB | 12/51 kB Progress (3): 30 kB | 138/148 kB | 12/51 kB Progress (3): 30 kB | 138/148 kB | 16/51 kB Progress (3): 30 kB | 142/148 kB | 16/51 kB Progress (3): 30 kB | 146/148 kB | 16/51 kB Progress (3): 30 kB | 146/148 kB | 20/51 kB Progress (3): 30 kB | 148 kB | 20/51 kB Progress (3): 30 kB | 148 kB | 25/51 kB Progress (3): 30 kB | 148 kB | 29/51 kB Progress (3): 30 kB | 148 kB | 33/51 kB Progress (3): 30 kB | 148 kB | 37/51 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-repository-metadata/3.0/maven-repository-metadata-3.0.jar (30 kB at 590 kB/s) Progress (2): 148 kB | 41/51 kB Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/aether/aether-api/1.7/aether-api-1.7.jar Progress (2): 148 kB | 45/51 kB Progress (2): 148 kB | 49/51 kB Progress (2): 148 kB | 51 kB Progress (3): 148 kB | 51 kB | 4.1/106 kB Progress (3): 148 kB | 51 kB | 8.2/106 kB Progress (3): 148 kB | 51 kB | 12/106 kB Progress (3): 148 kB | 51 kB | 16/106 kB Progress (3): 148 kB | 51 kB | 20/106 kB Progress (4): 148 kB | 51 kB | 20/106 kB | 4.1/14 kB Progress (4): 148 kB | 51 kB | 25/106 kB | 4.1/14 kB Progress (4): 148 kB | 51 kB | 25/106 kB | 8.2/14 kB Progress (4): 148 kB | 51 kB | 29/106 kB | 8.2/14 kB Progress (4): 148 kB | 51 kB | 29/106 kB | 12/14 kB Progress (4): 148 kB | 51 kB | 33/106 kB | 12/14 kB Progress (4): 148 kB | 51 kB | 33/106 kB | 14 kB Progress (4): 148 kB | 51 kB | 37/106 kB | 14 kB Progress (4): 148 kB | 51 kB | 41/106 kB | 14 kB Progress (4): 148 kB | 51 kB | 45/106 kB | 14 kB Progress (4): 148 kB | 51 kB | 49/106 kB | 14 kB Progress (4): 148 kB | 51 kB | 53/106 kB | 14 kB Progress (4): 148 kB | 51 kB | 57/106 kB | 14 kB Progress (4): 148 kB | 51 kB | 61/106 kB | 14 kB Progress (4): 148 kB | 51 kB | 66/106 kB | 14 kB Progress (4): 148 kB | 51 kB | 70/106 kB | 14 kB Progress (4): 148 kB | 51 kB | 74/106 kB | 14 kB Progress (4): 148 kB | 51 kB | 78/106 kB | 14 kB Progress (4): 148 kB | 51 kB | 82/106 kB | 14 kB Progress (4): 148 kB | 51 kB | 86/106 kB | 14 kB Progress (4): 148 kB | 51 kB | 90/106 kB | 14 kB Progress (4): 148 kB | 51 kB | 94/106 kB | 14 kB Progress (5): 148 kB | 51 kB | 94/106 kB | 14 kB | 4.1/74 kB Progress (5): 148 kB | 51 kB | 98/106 kB | 14 kB | 4.1/74 kB Progress (5): 148 kB | 51 kB | 98/106 kB | 14 kB | 8.2/74 kB Progress (5): 148 kB | 51 kB | 102/106 kB | 14 kB | 8.2/74 kB Progress (5): 148 kB | 51 kB | 102/106 kB | 14 kB | 12/74 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-aether-provider/3.0/maven-aether-provider-3.0.jar (51 kB at 868 kB/s) Progress (4): 148 kB | 106 kB | 14 kB | 12/74 kB Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/aether/aether-util/1.7/aether-util-1.7.jar Progress (4): 148 kB | 106 kB | 14 kB | 16/74 kB Progress (4): 148 kB | 106 kB | 14 kB | 20/74 kB Progress (4): 148 kB | 106 kB | 14 kB | 25/74 kB Progress (4): 148 kB | 106 kB | 14 kB | 29/74 kB Progress (4): 148 kB | 106 kB | 14 kB | 33/74 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-model-builder/3.0/maven-model-builder-3.0.jar (148 kB at 2.5 MB/s) Progress (3): 106 kB | 14 kB | 37/74 kB Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-interpolation/1.14/plexus-interpolation-1.14.jar Progress (3): 106 kB | 14 kB | 41/74 kB Progress (3): 106 kB | 14 kB | 45/74 kB Progress (3): 106 kB | 14 kB | 49/74 kB Progress (3): 106 kB | 14 kB | 53/74 kB Progress (3): 106 kB | 14 kB | 57/74 kB Progress (3): 106 kB | 14 kB | 61/74 kB Progress (3): 106 kB | 14 kB | 66/74 kB Progress (3): 106 kB | 14 kB | 70/74 kB Progress (3): 106 kB | 14 kB | 74/74 kB Progress (3): 106 kB | 14 kB | 74 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/aether/aether-spi/1.7/aether-spi-1.7.jar (14 kB at 208 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-classworlds/2.2.3/plexus-classworlds-2.2.3.jar Progress (3): 106 kB | 74 kB | 4.1/108 kB Progress (3): 106 kB | 74 kB | 8.2/108 kB Progress (3): 106 kB | 74 kB | 12/108 kB Progress (3): 106 kB | 74 kB | 16/108 kB Progress (3): 106 kB | 74 kB | 20/108 kB Progress (3): 106 kB | 74 kB | 25/108 kB Progress (3): 106 kB | 74 kB | 29/108 kB Progress (3): 106 kB | 74 kB | 33/108 kB Progress (4): 106 kB | 74 kB | 33/108 kB | 4.1/61 kB Progress (4): 106 kB | 74 kB | 37/108 kB | 4.1/61 kB Progress (4): 106 kB | 74 kB | 37/108 kB | 8.2/61 kB Progress (4): 106 kB | 74 kB | 41/108 kB | 8.2/61 kB Progress (4): 106 kB | 74 kB | 41/108 kB | 12/61 kB Progress (4): 106 kB | 74 kB | 45/108 kB | 12/61 kB Progress (4): 106 kB | 74 kB | 45/108 kB | 16/61 kB Progress (4): 106 kB | 74 kB | 49/108 kB | 16/61 kB Progress (4): 106 kB | 74 kB | 49/108 kB | 20/61 kB Progress (4): 106 kB | 74 kB | 49/108 kB | 25/61 kB Progress (4): 106 kB | 74 kB | 53/108 kB | 25/61 kB Progress (4): 106 kB | 74 kB | 53/108 kB | 29/61 kB Progress (4): 106 kB | 74 kB | 57/108 kB | 29/61 kB Progress (4): 106 kB | 74 kB | 57/108 kB | 33/61 kB Progress (4): 106 kB | 74 kB | 61/108 kB | 33/61 kB Progress (4): 106 kB | 74 kB | 66/108 kB | 33/61 kB Progress (4): 106 kB | 74 kB | 66/108 kB | 37/61 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/aether/aether-impl/1.7/aether-impl-1.7.jar (106 kB at 1.6 MB/s) Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/aether/aether-api/1.7/aether-api-1.7.jar (74 kB at 1.1 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-component-annotations/2.0.0/plexus-component-annotations-2.0.0.jar Progress (2): 70/108 kB | 37/61 kB Progress (2): 70/108 kB | 41/61 kB Progress (2): 74/108 kB | 41/61 kB Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/plexus/plexus-sec-dispatcher/1.3/plexus-sec-dispatcher-1.3.jar Progress (2): 78/108 kB | 41/61 kB Progress (2): 78/108 kB | 45/61 kB Progress (2): 82/108 kB | 45/61 kB Progress (2): 82/108 kB | 49/61 kB Progress (2): 86/108 kB | 49/61 kB Progress (2): 86/108 kB | 53/61 kB Progress (2): 90/108 kB | 53/61 kB Progress (2): 90/108 kB | 57/61 kB Progress (2): 94/108 kB | 57/61 kB Progress (2): 94/108 kB | 61 kB Progress (2): 98/108 kB | 61 kB Progress (2): 102/108 kB | 61 kB Progress (2): 106/108 kB | 61 kB Progress (2): 108 kB | 61 kB Progress (3): 108 kB | 61 kB | 4.1/46 kB Progress (3): 108 kB | 61 kB | 8.2/46 kB Progress (3): 108 kB | 61 kB | 12/46 kB Progress (3): 108 kB | 61 kB | 16/46 kB Progress (3): 108 kB | 61 kB | 20/46 kB Progress (3): 108 kB | 61 kB | 25/46 kB Progress (3): 108 kB | 61 kB | 29/46 kB Progress (3): 108 kB | 61 kB | 33/46 kB Progress (3): 108 kB | 61 kB | 37/46 kB Progress (3): 108 kB | 61 kB | 41/46 kB Progress (3): 108 kB | 61 kB | 45/46 kB Progress (3): 108 kB | 61 kB | 46 kB Progress (4): 108 kB | 61 kB | 46 kB | 4.1/29 kB Progress (4): 108 kB | 61 kB | 46 kB | 8.2/29 kB Progress (4): 108 kB | 61 kB | 46 kB | 12/29 kB Progress (4): 108 kB | 61 kB | 46 kB | 16/29 kB Progress (4): 108 kB | 61 kB | 46 kB | 20/29 kB Progress (4): 108 kB | 61 kB | 46 kB | 25/29 kB Progress (4): 108 kB | 61 kB | 46 kB | 29 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-interpolation/1.14/plexus-interpolation-1.14.jar (61 kB at 793 kB/s) Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/aether/aether-util/1.7/aether-util-1.7.jar (108 kB at 1.4 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/plexus/plexus-cipher/1.4/plexus-cipher-1.4.jar Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact/3.0/maven-artifact-3.0.jar Progress (3): 46 kB | 29 kB | 4.1/4.2 kB Progress (3): 46 kB | 29 kB | 4.2 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-classworlds/2.2.3/plexus-classworlds-2.2.3.jar (46 kB at 569 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/3.3.0/plexus-utils-3.3.0.jar Progress (3): 29 kB | 4.2 kB | 4.1/52 kB Progress (4): 29 kB | 4.2 kB | 4.1/52 kB | 4.1/13 kB Progress (4): 29 kB | 4.2 kB | 8.2/52 kB | 4.1/13 kB Progress (4): 29 kB | 4.2 kB | 8.2/52 kB | 8.2/13 kB Progress (4): 29 kB | 4.2 kB | 12/52 kB | 8.2/13 kB Progress (4): 29 kB | 4.2 kB | 12/52 kB | 12/13 kB Progress (4): 29 kB | 4.2 kB | 16/52 kB | 12/13 kB Progress (4): 29 kB | 4.2 kB | 16/52 kB | 13 kB Progress (4): 29 kB | 4.2 kB | 20/52 kB | 13 kB Progress (4): 29 kB | 4.2 kB | 25/52 kB | 13 kB Progress (4): 29 kB | 4.2 kB | 29/52 kB | 13 kB Progress (4): 29 kB | 4.2 kB | 33/52 kB | 13 kB Progress (4): 29 kB | 4.2 kB | 37/52 kB | 13 kB Progress (4): 29 kB | 4.2 kB | 41/52 kB | 13 kB Progress (4): 29 kB | 4.2 kB | 45/52 kB | 13 kB Progress (4): 29 kB | 4.2 kB | 49/52 kB | 13 kB Progress (4): 29 kB | 4.2 kB | 52 kB | 13 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-component-annotations/2.0.0/plexus-component-annotations-2.0.0.jar (4.2 kB at 49 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-artifact-transfer/0.12.0/maven-artifact-transfer-0.12.0.jar Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/plexus/plexus-sec-dispatcher/1.3/plexus-sec-dispatcher-1.3.jar (29 kB at 324 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-common-artifact-filters/3.0.1/maven-common-artifact-filters-3.0.1.jar Progress (3): 52 kB | 13 kB | 4.1/263 kB Progress (3): 52 kB | 13 kB | 8.2/263 kB Progress (3): 52 kB | 13 kB | 12/263 kB Progress (3): 52 kB | 13 kB | 16/263 kB Progress (3): 52 kB | 13 kB | 20/263 kB Progress (3): 52 kB | 13 kB | 25/263 kB Progress (3): 52 kB | 13 kB | 29/263 kB Progress (3): 52 kB | 13 kB | 33/263 kB Progress (3): 52 kB | 13 kB | 37/263 kB Progress (3): 52 kB | 13 kB | 41/263 kB Progress (3): 52 kB | 13 kB | 45/263 kB Progress (3): 52 kB | 13 kB | 49/263 kB Progress (3): 52 kB | 13 kB | 53/263 kB Progress (3): 52 kB | 13 kB | 57/263 kB Progress (3): 52 kB | 13 kB | 61/263 kB Progress (3): 52 kB | 13 kB | 66/263 kB Progress (3): 52 kB | 13 kB | 70/263 kB Progress (3): 52 kB | 13 kB | 74/263 kB Progress (3): 52 kB | 13 kB | 78/263 kB Progress (3): 52 kB | 13 kB | 82/263 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/sonatype/plexus/plexus-cipher/1.4/plexus-cipher-1.4.jar (13 kB at 145 kB/s) Progress (2): 52 kB | 86/263 kB Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-utils/3.1.0/maven-shared-utils-3.1.0.jar Progress (2): 52 kB | 90/263 kB Progress (2): 52 kB | 94/263 kB Progress (2): 52 kB | 98/263 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact/3.0/maven-artifact-3.0.jar (52 kB at 558 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/commons-codec/commons-codec/1.11/commons-codec-1.11.jar Progress (2): 98/263 kB | 4.1/120 kB Progress (2): 102/263 kB | 4.1/120 kB Progress (2): 102/263 kB | 8.2/120 kB Progress (2): 106/263 kB | 8.2/120 kB Progress (2): 111/263 kB | 8.2/120 kB Progress (2): 111/263 kB | 12/120 kB Progress (2): 115/263 kB | 12/120 kB Progress (2): 115/263 kB | 16/120 kB Progress (2): 119/263 kB | 16/120 kB Progress (2): 123/263 kB | 16/120 kB Progress (2): 123/263 kB | 20/120 kB Progress (2): 127/263 kB | 20/120 kB Progress (2): 127/263 kB | 25/120 kB Progress (2): 131/263 kB | 25/120 kB Progress (2): 131/263 kB | 29/120 kB Progress (2): 131/263 kB | 33/120 kB Progress (2): 131/263 kB | 37/120 kB Progress (2): 131/263 kB | 41/120 kB Progress (2): 131/263 kB | 45/120 kB Progress (2): 131/263 kB | 49/120 kB Progress (2): 131/263 kB | 53/120 kB Progress (2): 131/263 kB | 57/120 kB Progress (2): 131/263 kB | 61/120 kB Progress (2): 131/263 kB | 66/120 kB Progress (2): 131/263 kB | 70/120 kB Progress (2): 131/263 kB | 74/120 kB Progress (2): 131/263 kB | 78/120 kB Progress (2): 131/263 kB | 82/120 kB Progress (2): 135/263 kB | 82/120 kB Progress (2): 135/263 kB | 86/120 kB Progress (2): 139/263 kB | 86/120 kB Progress (2): 139/263 kB | 90/120 kB Progress (2): 143/263 kB | 90/120 kB Progress (2): 143/263 kB | 94/120 kB Progress (2): 147/263 kB | 94/120 kB Progress (2): 147/263 kB | 98/120 kB Progress (2): 152/263 kB | 98/120 kB Progress (2): 152/263 kB | 102/120 kB Progress (2): 156/263 kB | 102/120 kB Progress (2): 156/263 kB | 106/120 kB Progress (2): 160/263 kB | 106/120 kB Progress (3): 160/263 kB | 106/120 kB | 4.1/61 kB Progress (3): 160/263 kB | 111/120 kB | 4.1/61 kB Progress (3): 160/263 kB | 111/120 kB | 8.2/61 kB Progress (3): 164/263 kB | 111/120 kB | 8.2/61 kB Progress (3): 164/263 kB | 111/120 kB | 12/61 kB Progress (3): 164/263 kB | 115/120 kB | 12/61 kB Progress (3): 168/263 kB | 115/120 kB | 12/61 kB Progress (3): 168/263 kB | 115/120 kB | 16/61 kB Progress (3): 172/263 kB | 115/120 kB | 16/61 kB Progress (3): 172/263 kB | 119/120 kB | 16/61 kB Progress (3): 172/263 kB | 119/120 kB | 20/61 kB Progress (3): 176/263 kB | 119/120 kB | 20/61 kB Progress (3): 176/263 kB | 119/120 kB | 25/61 kB Progress (3): 176/263 kB | 120 kB | 25/61 kB Progress (3): 176/263 kB | 120 kB | 29/61 kB Progress (3): 180/263 kB | 120 kB | 29/61 kB Progress (3): 180/263 kB | 120 kB | 33/61 kB Progress (3): 184/263 kB | 120 kB | 33/61 kB Progress (3): 184/263 kB | 120 kB | 37/61 kB Progress (3): 188/263 kB | 120 kB | 37/61 kB Progress (3): 188/263 kB | 120 kB | 41/61 kB Progress (3): 193/263 kB | 120 kB | 41/61 kB Progress (3): 193/263 kB | 120 kB | 45/61 kB Progress (3): 197/263 kB | 120 kB | 45/61 kB Progress (3): 197/263 kB | 120 kB | 49/61 kB Progress (3): 197/263 kB | 120 kB | 53/61 kB Progress (3): 197/263 kB | 120 kB | 57/61 kB Progress (3): 197/263 kB | 120 kB | 61/61 kB Progress (3): 197/263 kB | 120 kB | 61 kB Progress (3): 201/263 kB | 120 kB | 61 kB Progress (3): 205/263 kB | 120 kB | 61 kB Progress (3): 209/263 kB | 120 kB | 61 kB Progress (3): 213/263 kB | 120 kB | 61 kB Progress (3): 217/263 kB | 120 kB | 61 kB Progress (3): 221/263 kB | 120 kB | 61 kB Progress (3): 225/263 kB | 120 kB | 61 kB Progress (3): 229/263 kB | 120 kB | 61 kB Progress (4): 229/263 kB | 120 kB | 61 kB | 4.1/164 kB Progress (4): 229/263 kB | 120 kB | 61 kB | 8.2/164 kB Progress (4): 229/263 kB | 120 kB | 61 kB | 12/164 kB Progress (4): 229/263 kB | 120 kB | 61 kB | 16/164 kB Progress (4): 229/263 kB | 120 kB | 61 kB | 20/164 kB Progress (4): 229/263 kB | 120 kB | 61 kB | 25/164 kB Progress (4): 229/263 kB | 120 kB | 61 kB | 29/164 kB Progress (4): 229/263 kB | 120 kB | 61 kB | 33/164 kB Progress (5): 229/263 kB | 120 kB | 61 kB | 33/164 kB | 4.1/335 kB Progress (5): 233/263 kB | 120 kB | 61 kB | 33/164 kB | 4.1/335 kB Progress (5): 233/263 kB | 120 kB | 61 kB | 37/164 kB | 4.1/335 kB Progress (5): 238/263 kB | 120 kB | 61 kB | 37/164 kB | 4.1/335 kB Progress (5): 238/263 kB | 120 kB | 61 kB | 37/164 kB | 8.2/335 kB Progress (5): 238/263 kB | 120 kB | 61 kB | 37/164 kB | 12/335 kB Progress (5): 242/263 kB | 120 kB | 61 kB | 37/164 kB | 12/335 kB Progress (5): 242/263 kB | 120 kB | 61 kB | 41/164 kB | 12/335 kB Progress (5): 246/263 kB | 120 kB | 61 kB | 41/164 kB | 12/335 kB Progress (5): 246/263 kB | 120 kB | 61 kB | 41/164 kB | 16/335 kB Progress (5): 246/263 kB | 120 kB | 61 kB | 45/164 kB | 16/335 kB Progress (5): 246/263 kB | 120 kB | 61 kB | 49/164 kB | 16/335 kB Progress (5): 246/263 kB | 120 kB | 61 kB | 49/164 kB | 20/335 kB Progress (5): 246/263 kB | 120 kB | 61 kB | 49/164 kB | 25/335 kB Progress (5): 246/263 kB | 120 kB | 61 kB | 53/164 kB | 25/335 kB Progress (5): 246/263 kB | 120 kB | 61 kB | 53/164 kB | 29/335 kB Progress (5): 246/263 kB | 120 kB | 61 kB | 57/164 kB | 29/335 kB Progress (5): 246/263 kB | 120 kB | 61 kB | 57/164 kB | 33/335 kB Progress (5): 246/263 kB | 120 kB | 61 kB | 61/164 kB | 33/335 kB Progress (5): 246/263 kB | 120 kB | 61 kB | 66/164 kB | 33/335 kB Progress (5): 246/263 kB | 120 kB | 61 kB | 66/164 kB | 37/335 kB Progress (5): 250/263 kB | 120 kB | 61 kB | 66/164 kB | 37/335 kB Progress (5): 250/263 kB | 120 kB | 61 kB | 66/164 kB | 41/335 kB Progress (5): 250/263 kB | 120 kB | 61 kB | 70/164 kB | 41/335 kB Progress (5): 250/263 kB | 120 kB | 61 kB | 70/164 kB | 45/335 kB Progress (5): 254/263 kB | 120 kB | 61 kB | 70/164 kB | 45/335 kB Progress (5): 254/263 kB | 120 kB | 61 kB | 70/164 kB | 49/335 kB Progress (5): 254/263 kB | 120 kB | 61 kB | 74/164 kB | 49/335 kB Progress (5): 254/263 kB | 120 kB | 61 kB | 74/164 kB | 53/335 kB Progress (5): 258/263 kB | 120 kB | 61 kB | 74/164 kB | 53/335 kB Progress (5): 258/263 kB | 120 kB | 61 kB | 74/164 kB | 57/335 kB Progress (5): 258/263 kB | 120 kB | 61 kB | 78/164 kB | 57/335 kB Progress (5): 258/263 kB | 120 kB | 61 kB | 78/164 kB | 61/335 kB Progress (5): 262/263 kB | 120 kB | 61 kB | 78/164 kB | 61/335 kB Progress (5): 262/263 kB | 120 kB | 61 kB | 78/164 kB | 64/335 kB Progress (5): 262/263 kB | 120 kB | 61 kB | 82/164 kB | 64/335 kB Progress (5): 263 kB | 120 kB | 61 kB | 82/164 kB | 64/335 kB Progress (5): 263 kB | 120 kB | 61 kB | 86/164 kB | 64/335 kB Progress (5): 263 kB | 120 kB | 61 kB | 86/164 kB | 68/335 kB Progress (5): 263 kB | 120 kB | 61 kB | 90/164 kB | 68/335 kB Progress (5): 263 kB | 120 kB | 61 kB | 90/164 kB | 72/335 kB Progress (5): 263 kB | 120 kB | 61 kB | 94/164 kB | 72/335 kB Progress (5): 263 kB | 120 kB | 61 kB | 94/164 kB | 76/335 kB Progress (5): 263 kB | 120 kB | 61 kB | 98/164 kB | 76/335 kB Progress (5): 263 kB | 120 kB | 61 kB | 98/164 kB | 80/335 kB Progress (5): 263 kB | 120 kB | 61 kB | 102/164 kB | 80/335 kB Progress (5): 263 kB | 120 kB | 61 kB | 102/164 kB | 84/335 kB Progress (5): 263 kB | 120 kB | 61 kB | 106/164 kB | 84/335 kB Progress (5): 263 kB | 120 kB | 61 kB | 106/164 kB | 88/335 kB Progress (5): 263 kB | 120 kB | 61 kB | 111/164 kB | 88/335 kB Progress (5): 263 kB | 120 kB | 61 kB | 111/164 kB | 92/335 kB Progress (5): 263 kB | 120 kB | 61 kB | 115/164 kB | 92/335 kB Progress (5): 263 kB | 120 kB | 61 kB | 115/164 kB | 96/335 kB Progress (5): 263 kB | 120 kB | 61 kB | 119/164 kB | 96/335 kB Progress (5): 263 kB | 120 kB | 61 kB | 123/164 kB | 96/335 kB Progress (5): 263 kB | 120 kB | 61 kB | 123/164 kB | 100/335 kB Progress (5): 263 kB | 120 kB | 61 kB | 127/164 kB | 100/335 kB Progress (5): 263 kB | 120 kB | 61 kB | 127/164 kB | 105/335 kB Progress (5): 263 kB | 120 kB | 61 kB | 131/164 kB | 105/335 kB Progress (5): 263 kB | 120 kB | 61 kB | 131/164 kB | 109/335 kB Progress (5): 263 kB | 120 kB | 61 kB | 135/164 kB | 109/335 kB Progress (5): 263 kB | 120 kB | 61 kB | 135/164 kB | 113/335 kB Progress (5): 263 kB | 120 kB | 61 kB | 139/164 kB | 113/335 kB Progress (5): 263 kB | 120 kB | 61 kB | 143/164 kB | 113/335 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-artifact-transfer/0.12.0/maven-artifact-transfer-0.12.0.jar (120 kB at 1.1 MB/s) Progress (4): 263 kB | 61 kB | 143/164 kB | 117/335 kB Downloading from central: https://repo.maven.apache.org/maven2/org/slf4j/slf4j-api/1.7.5/slf4j-api-1.7.5.jar Progress (4): 263 kB | 61 kB | 147/164 kB | 117/335 kB Progress (4): 263 kB | 61 kB | 147/164 kB | 121/335 kB Progress (4): 263 kB | 61 kB | 152/164 kB | 121/335 kB Progress (4): 263 kB | 61 kB | 152/164 kB | 125/335 kB Progress (4): 263 kB | 61 kB | 156/164 kB | 125/335 kB Progress (4): 263 kB | 61 kB | 156/164 kB | 129/335 kB Progress (4): 263 kB | 61 kB | 160/164 kB | 129/335 kB Progress (4): 263 kB | 61 kB | 164 kB | 129/335 kB Progress (4): 263 kB | 61 kB | 164 kB | 133/335 kB Progress (4): 263 kB | 61 kB | 164 kB | 137/335 kB Progress (4): 263 kB | 61 kB | 164 kB | 141/335 kB Progress (4): 263 kB | 61 kB | 164 kB | 146/335 kB Progress (4): 263 kB | 61 kB | 164 kB | 150/335 kB Progress (4): 263 kB | 61 kB | 164 kB | 154/335 kB Progress (4): 263 kB | 61 kB | 164 kB | 158/335 kB Progress (4): 263 kB | 61 kB | 164 kB | 162/335 kB Progress (4): 263 kB | 61 kB | 164 kB | 166/335 kB Progress (4): 263 kB | 61 kB | 164 kB | 170/335 kB Progress (4): 263 kB | 61 kB | 164 kB | 174/335 kB Progress (4): 263 kB | 61 kB | 164 kB | 178/335 kB Progress (4): 263 kB | 61 kB | 164 kB | 182/335 kB Progress (4): 263 kB | 61 kB | 164 kB | 186/335 kB Progress (4): 263 kB | 61 kB | 164 kB | 191/335 kB Progress (4): 263 kB | 61 kB | 164 kB | 195/335 kB Progress (4): 263 kB | 61 kB | 164 kB | 199/335 kB Progress (4): 263 kB | 61 kB | 164 kB | 203/335 kB Progress (4): 263 kB | 61 kB | 164 kB | 207/335 kB Progress (4): 263 kB | 61 kB | 164 kB | 211/335 kB Progress (4): 263 kB | 61 kB | 164 kB | 215/335 kB Progress (4): 263 kB | 61 kB | 164 kB | 219/335 kB Progress (4): 263 kB | 61 kB | 164 kB | 223/335 kB Progress (4): 263 kB | 61 kB | 164 kB | 227/335 kB Progress (4): 263 kB | 61 kB | 164 kB | 232/335 kB Progress (4): 263 kB | 61 kB | 164 kB | 236/335 kB Progress (4): 263 kB | 61 kB | 164 kB | 240/335 kB Progress (4): 263 kB | 61 kB | 164 kB | 244/335 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-common-artifact-filters/3.0.1/maven-common-artifact-filters-3.0.1.jar (61 kB at 569 kB/s) Progress (3): 263 kB | 164 kB | 248/335 kB Downloading from central: https://repo.maven.apache.org/maven2/org/ow2/asm/asm/8.0/asm-8.0.jar Progress (3): 263 kB | 164 kB | 252/335 kB Progress (3): 263 kB | 164 kB | 256/335 kB Progress (3): 263 kB | 164 kB | 260/335 kB Progress (3): 263 kB | 164 kB | 264/335 kB Progress (3): 263 kB | 164 kB | 268/335 kB Progress (3): 263 kB | 164 kB | 273/335 kB Progress (3): 263 kB | 164 kB | 277/335 kB Progress (3): 263 kB | 164 kB | 281/335 kB Progress (3): 263 kB | 164 kB | 285/335 kB Progress (3): 263 kB | 164 kB | 289/335 kB Progress (3): 263 kB | 164 kB | 293/335 kB Progress (3): 263 kB | 164 kB | 297/335 kB Progress (3): 263 kB | 164 kB | 301/335 kB Progress (3): 263 kB | 164 kB | 305/335 kB Progress (3): 263 kB | 164 kB | 309/335 kB Progress (3): 263 kB | 164 kB | 313/335 kB Progress (3): 263 kB | 164 kB | 318/335 kB Progress (3): 263 kB | 164 kB | 322/335 kB Progress (3): 263 kB | 164 kB | 326/335 kB Progress (3): 263 kB | 164 kB | 330/335 kB Progress (3): 263 kB | 164 kB | 334/335 kB Progress (3): 263 kB | 164 kB | 335 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/3.3.0/plexus-utils-3.3.0.jar (263 kB at 2.4 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/ow2/asm/asm-commons/8.0/asm-commons-8.0.jar Progress (3): 164 kB | 335 kB | 4.1/26 kB Progress (3): 164 kB | 335 kB | 8.2/26 kB Progress (3): 164 kB | 335 kB | 12/26 kB Progress (3): 164 kB | 335 kB | 16/26 kB Progress (3): 164 kB | 335 kB | 20/26 kB Progress (3): 164 kB | 335 kB | 25/26 kB Progress (3): 164 kB | 335 kB | 26 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-utils/3.1.0/maven-shared-utils-3.1.0.jar (164 kB at 1.4 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/ow2/asm/asm-tree/8.0/asm-tree-8.0.jar Downloaded from central: https://repo.maven.apache.org/maven2/commons-codec/commons-codec/1.11/commons-codec-1.11.jar (335 kB at 2.9 MB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/ow2/asm/asm-analysis/8.0/asm-analysis-8.0.jar Progress (2): 26 kB | 4.1/122 kB Progress (2): 26 kB | 8.2/122 kB Progress (2): 26 kB | 12/122 kB Progress (2): 26 kB | 16/122 kB Progress (2): 26 kB | 20/122 kB Progress (2): 26 kB | 25/122 kB Progress (2): 26 kB | 29/122 kB Progress (2): 26 kB | 33/122 kB Progress (3): 26 kB | 33/122 kB | 4.1/72 kB Progress (3): 26 kB | 37/122 kB | 4.1/72 kB Progress (3): 26 kB | 37/122 kB | 8.2/72 kB Progress (3): 26 kB | 41/122 kB | 8.2/72 kB Progress (3): 26 kB | 41/122 kB | 12/72 kB Progress (3): 26 kB | 45/122 kB | 12/72 kB Progress (3): 26 kB | 45/122 kB | 16/72 kB Progress (3): 26 kB | 49/122 kB | 16/72 kB Progress (3): 26 kB | 49/122 kB | 20/72 kB Progress (3): 26 kB | 53/122 kB | 20/72 kB Progress (3): 26 kB | 53/122 kB | 25/72 kB Progress (3): 26 kB | 57/122 kB | 25/72 kB Progress (3): 26 kB | 57/122 kB | 29/72 kB Progress (3): 26 kB | 61/122 kB | 29/72 kB Progress (3): 26 kB | 61/122 kB | 33/72 kB Progress (3): 26 kB | 66/122 kB | 33/72 kB Progress (3): 26 kB | 66/122 kB | 37/72 kB Progress (3): 26 kB | 70/122 kB | 37/72 kB Progress (3): 26 kB | 70/122 kB | 41/72 kB Progress (3): 26 kB | 74/122 kB | 41/72 kB Progress (3): 26 kB | 74/122 kB | 45/72 kB Progress (3): 26 kB | 78/122 kB | 45/72 kB Progress (3): 26 kB | 78/122 kB | 49/72 kB Progress (3): 26 kB | 82/122 kB | 49/72 kB Progress (3): 26 kB | 82/122 kB | 53/72 kB Progress (3): 26 kB | 86/122 kB | 53/72 kB Progress (3): 26 kB | 86/122 kB | 57/72 kB Progress (3): 26 kB | 90/122 kB | 57/72 kB Progress (3): 26 kB | 90/122 kB | 61/72 kB Progress (3): 26 kB | 94/122 kB | 61/72 kB Progress (3): 26 kB | 94/122 kB | 66/72 kB Progress (3): 26 kB | 98/122 kB | 66/72 kB Progress (3): 26 kB | 98/122 kB | 70/72 kB Progress (3): 26 kB | 98/122 kB | 72 kB Progress (3): 26 kB | 102/122 kB | 72 kB Progress (3): 26 kB | 106/122 kB | 72 kB Progress (3): 26 kB | 111/122 kB | 72 kB Progress (3): 26 kB | 115/122 kB | 72 kB Progress (3): 26 kB | 119/122 kB | 72 kB Progress (3): 26 kB | 122 kB | 72 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/slf4j/slf4j-api/1.7.5/slf4j-api-1.7.5.jar (26 kB at 216 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/jdom/jdom2/2.0.6/jdom2-2.0.6.jar Progress (3): 122 kB | 72 kB | 4.1/53 kB Progress (3): 122 kB | 72 kB | 8.2/53 kB Progress (3): 122 kB | 72 kB | 12/53 kB Progress (3): 122 kB | 72 kB | 16/53 kB Progress (3): 122 kB | 72 kB | 20/53 kB Progress (3): 122 kB | 72 kB | 25/53 kB Progress (3): 122 kB | 72 kB | 29/53 kB Progress (3): 122 kB | 72 kB | 33/53 kB Progress (3): 122 kB | 72 kB | 37/53 kB Progress (3): 122 kB | 72 kB | 41/53 kB Progress (3): 122 kB | 72 kB | 45/53 kB Progress (3): 122 kB | 72 kB | 49/53 kB Progress (3): 122 kB | 72 kB | 53 kB Progress (4): 122 kB | 72 kB | 53 kB | 4.1/33 kB Progress (4): 122 kB | 72 kB | 53 kB | 8.2/33 kB Progress (4): 122 kB | 72 kB | 53 kB | 12/33 kB Progress (4): 122 kB | 72 kB | 53 kB | 16/33 kB Progress (4): 122 kB | 72 kB | 53 kB | 20/33 kB Progress (4): 122 kB | 72 kB | 53 kB | 25/33 kB Progress (4): 122 kB | 72 kB | 53 kB | 29/33 kB Progress (4): 122 kB | 72 kB | 53 kB | 33/33 kB Progress (4): 122 kB | 72 kB | 53 kB | 33 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/ow2/asm/asm-commons/8.0/asm-commons-8.0.jar (72 kB at 559 kB/s) Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-dependency-tree/3.0.1/maven-dependency-tree-3.0.1.jar Progress (4): 122 kB | 53 kB | 33 kB | 4.1/305 kB Progress (4): 122 kB | 53 kB | 33 kB | 8.2/305 kB Progress (4): 122 kB | 53 kB | 33 kB | 12/305 kB Progress (4): 122 kB | 53 kB | 33 kB | 16/305 kB Progress (4): 122 kB | 53 kB | 33 kB | 20/305 kB Progress (4): 122 kB | 53 kB | 33 kB | 25/305 kB Progress (4): 122 kB | 53 kB | 33 kB | 29/305 kB Progress (4): 122 kB | 53 kB | 33 kB | 33/305 kB Progress (4): 122 kB | 53 kB | 33 kB | 37/305 kB Progress (4): 122 kB | 53 kB | 33 kB | 41/305 kB Progress (4): 122 kB | 53 kB | 33 kB | 45/305 kB Progress (4): 122 kB | 53 kB | 33 kB | 49/305 kB Progress (4): 122 kB | 53 kB | 33 kB | 53/305 kB Progress (4): 122 kB | 53 kB | 33 kB | 57/305 kB Progress (4): 122 kB | 53 kB | 33 kB | 61/305 kB Progress (4): 122 kB | 53 kB | 33 kB | 66/305 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/ow2/asm/asm-tree/8.0/asm-tree-8.0.jar (53 kB at 405 kB/s) Downloaded from central: https://repo.maven.apache.org/maven2/org/ow2/asm/asm/8.0/asm-8.0.jar (122 kB at 936 kB/s) Progress (2): 33 kB | 70/305 kB Progress (2): 33 kB | 74/305 kB Progress (2): 33 kB | 78/305 kB Downloading from central: https://repo.maven.apache.org/maven2/org/eclipse/aether/aether-util/0.9.0.M2/aether-util-0.9.0.M2.jar Progress (2): 33 kB | 82/305 kB Downloading from central: https://repo.maven.apache.org/maven2/commons-io/commons-io/2.6/commons-io-2.6.jar Progress (2): 33 kB | 86/305 kB Progress (2): 33 kB | 90/305 kB Progress (2): 33 kB | 94/305 kB Progress (2): 33 kB | 98/305 kB Progress (2): 33 kB | 102/305 kB Progress (2): 33 kB | 106/305 kB Progress (2): 33 kB | 111/305 kB Progress (2): 33 kB | 115/305 kB Progress (2): 33 kB | 119/305 kB Progress (2): 33 kB | 123/305 kB Progress (2): 33 kB | 127/305 kB Progress (2): 33 kB | 131/305 kB Progress (2): 33 kB | 135/305 kB Progress (2): 33 kB | 139/305 kB Progress (2): 33 kB | 143/305 kB Progress (2): 33 kB | 147/305 kB Progress (2): 33 kB | 152/305 kB Progress (2): 33 kB | 156/305 kB Progress (2): 33 kB | 160/305 kB Progress (2): 33 kB | 164/305 kB Progress (2): 33 kB | 168/305 kB Progress (2): 33 kB | 172/305 kB Progress (2): 33 kB | 176/305 kB Progress (2): 33 kB | 180/305 kB Progress (2): 33 kB | 184/305 kB Progress (2): 33 kB | 188/305 kB Progress (2): 33 kB | 193/305 kB Progress (2): 33 kB | 197/305 kB Progress (2): 33 kB | 201/305 kB Progress (2): 33 kB | 205/305 kB Progress (2): 33 kB | 209/305 kB Progress (2): 33 kB | 213/305 kB Progress (2): 33 kB | 217/305 kB Progress (2): 33 kB | 221/305 kB Progress (2): 33 kB | 225/305 kB Progress (2): 33 kB | 229/305 kB Progress (2): 33 kB | 233/305 kB Progress (2): 33 kB | 238/305 kB Progress (2): 33 kB | 242/305 kB Progress (2): 33 kB | 246/305 kB Progress (2): 33 kB | 250/305 kB Progress (2): 33 kB | 254/305 kB Progress (2): 33 kB | 258/305 kB Progress (2): 33 kB | 262/305 kB Progress (2): 33 kB | 266/305 kB Progress (2): 33 kB | 270/305 kB Progress (2): 33 kB | 274/305 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/ow2/asm/asm-analysis/8.0/asm-analysis-8.0.jar (33 kB at 251 kB/s) Progress (1): 279/305 kB Progress (1): 283/305 kB Downloading from central: https://repo.maven.apache.org/maven2/org/vafer/jdependency/2.4.0/jdependency-2.4.0.jar Progress (1): 287/305 kB Progress (1): 291/305 kB Progress (1): 295/305 kB Progress (1): 299/305 kB Progress (1): 303/305 kB Progress (1): 305 kB Progress (2): 305 kB | 4.1/37 kB Progress (2): 305 kB | 8.2/37 kB Progress (2): 305 kB | 12/37 kB Progress (2): 305 kB | 16/37 kB Progress (2): 305 kB | 20/37 kB Progress (2): 305 kB | 25/37 kB Progress (2): 305 kB | 29/37 kB Progress (2): 305 kB | 33/37 kB Progress (2): 305 kB | 37 kB Progress (3): 305 kB | 37 kB | 4.1/134 kB Progress (3): 305 kB | 37 kB | 8.2/134 kB Progress (3): 305 kB | 37 kB | 12/134 kB Progress (3): 305 kB | 37 kB | 16/134 kB Progress (3): 305 kB | 37 kB | 20/134 kB Progress (3): 305 kB | 37 kB | 25/134 kB Progress (3): 305 kB | 37 kB | 29/134 kB Progress (3): 305 kB | 37 kB | 33/134 kB Progress (3): 305 kB | 37 kB | 37/134 kB Progress (3): 305 kB | 37 kB | 41/134 kB Progress (3): 305 kB | 37 kB | 45/134 kB Progress (3): 305 kB | 37 kB | 49/134 kB Progress (3): 305 kB | 37 kB | 53/134 kB Progress (3): 305 kB | 37 kB | 57/134 kB Progress (3): 305 kB | 37 kB | 61/134 kB Progress (3): 305 kB | 37 kB | 66/134 kB Progress (3): 305 kB | 37 kB | 70/134 kB Progress (3): 305 kB | 37 kB | 74/134 kB Progress (3): 305 kB | 37 kB | 78/134 kB Progress (3): 305 kB | 37 kB | 82/134 kB Progress (3): 305 kB | 37 kB | 86/134 kB Progress (3): 305 kB | 37 kB | 90/134 kB Progress (3): 305 kB | 37 kB | 94/134 kB Progress (3): 305 kB | 37 kB | 98/134 kB Progress (3): 305 kB | 37 kB | 102/134 kB Progress (3): 305 kB | 37 kB | 106/134 kB Progress (4): 305 kB | 37 kB | 106/134 kB | 4.1/215 kB Progress (4): 305 kB | 37 kB | 111/134 kB | 4.1/215 kB Progress (4): 305 kB | 37 kB | 111/134 kB | 8.2/215 kB Progress (4): 305 kB | 37 kB | 115/134 kB | 8.2/215 kB Progress (4): 305 kB | 37 kB | 115/134 kB | 12/215 kB Progress (4): 305 kB | 37 kB | 119/134 kB | 12/215 kB Progress (4): 305 kB | 37 kB | 119/134 kB | 16/215 kB Progress (4): 305 kB | 37 kB | 123/134 kB | 16/215 kB Progress (4): 305 kB | 37 kB | 127/134 kB | 16/215 kB Progress (4): 305 kB | 37 kB | 127/134 kB | 20/215 kB Progress (4): 305 kB | 37 kB | 131/134 kB | 20/215 kB Progress (4): 305 kB | 37 kB | 131/134 kB | 25/215 kB Progress (4): 305 kB | 37 kB | 134 kB | 25/215 kB Progress (4): 305 kB | 37 kB | 134 kB | 29/215 kB Progress (4): 305 kB | 37 kB | 134 kB | 33/215 kB Progress (4): 305 kB | 37 kB | 134 kB | 37/215 kB Progress (4): 305 kB | 37 kB | 134 kB | 41/215 kB Progress (4): 305 kB | 37 kB | 134 kB | 45/215 kB Progress (4): 305 kB | 37 kB | 134 kB | 49/215 kB Progress (5): 305 kB | 37 kB | 134 kB | 49/215 kB | 4.1/180 kB Progress (5): 305 kB | 37 kB | 134 kB | 53/215 kB | 4.1/180 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/jdom/jdom2/2.0.6/jdom2-2.0.6.jar (305 kB at 2.2 MB/s) Progress (4): 37 kB | 134 kB | 57/215 kB | 4.1/180 kB Progress (4): 37 kB | 134 kB | 57/215 kB | 8.2/180 kB Progress (4): 37 kB | 134 kB | 61/215 kB | 8.2/180 kB Downloading from central: https://repo.maven.apache.org/maven2/org/ow2/asm/asm-util/8.0/asm-util-8.0.jar Progress (4): 37 kB | 134 kB | 66/215 kB | 8.2/180 kB Progress (4): 37 kB | 134 kB | 66/215 kB | 12/180 kB Progress (4): 37 kB | 134 kB | 70/215 kB | 12/180 kB Progress (4): 37 kB | 134 kB | 70/215 kB | 16/180 kB Progress (4): 37 kB | 134 kB | 74/215 kB | 16/180 kB Progress (4): 37 kB | 134 kB | 78/215 kB | 16/180 kB Progress (4): 37 kB | 134 kB | 78/215 kB | 20/180 kB Progress (4): 37 kB | 134 kB | 78/215 kB | 25/180 kB Progress (4): 37 kB | 134 kB | 82/215 kB | 25/180 kB Progress (4): 37 kB | 134 kB | 82/215 kB | 29/180 kB Progress (4): 37 kB | 134 kB | 86/215 kB | 29/180 kB Progress (4): 37 kB | 134 kB | 86/215 kB | 33/180 kB Progress (4): 37 kB | 134 kB | 90/215 kB | 33/180 kB Progress (4): 37 kB | 134 kB | 94/215 kB | 33/180 kB Progress (4): 37 kB | 134 kB | 94/215 kB | 37/180 kB Progress (4): 37 kB | 134 kB | 94/215 kB | 41/180 kB Progress (4): 37 kB | 134 kB | 98/215 kB | 41/180 kB Progress (4): 37 kB | 134 kB | 98/215 kB | 45/180 kB Progress (4): 37 kB | 134 kB | 102/215 kB | 45/180 kB Progress (4): 37 kB | 134 kB | 102/215 kB | 49/180 kB Progress (4): 37 kB | 134 kB | 106/215 kB | 49/180 kB Progress (4): 37 kB | 134 kB | 106/215 kB | 53/180 kB Progress (4): 37 kB | 134 kB | 111/215 kB | 53/180 kB Progress (4): 37 kB | 134 kB | 111/215 kB | 57/180 kB Progress (4): 37 kB | 134 kB | 111/215 kB | 61/180 kB Progress (4): 37 kB | 134 kB | 115/215 kB | 61/180 kB Progress (4): 37 kB | 134 kB | 119/215 kB | 61/180 kB Progress (4): 37 kB | 134 kB | 119/215 kB | 66/180 kB Progress (4): 37 kB | 134 kB | 123/215 kB | 66/180 kB Progress (4): 37 kB | 134 kB | 123/215 kB | 70/180 kB Progress (4): 37 kB | 134 kB | 127/215 kB | 70/180 kB Progress (4): 37 kB | 134 kB | 127/215 kB | 74/180 kB Progress (4): 37 kB | 134 kB | 127/215 kB | 78/180 kB Progress (4): 37 kB | 134 kB | 131/215 kB | 78/180 kB Progress (4): 37 kB | 134 kB | 135/215 kB | 78/180 kB Progress (4): 37 kB | 134 kB | 135/215 kB | 82/180 kB Progress (4): 37 kB | 134 kB | 139/215 kB | 82/180 kB Progress (4): 37 kB | 134 kB | 143/215 kB | 82/180 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-dependency-tree/3.0.1/maven-dependency-tree-3.0.1.jar (37 kB at 255 kB/s) Progress (3): 134 kB | 143/215 kB | 86/180 kB Downloading from central: https://repo.maven.apache.org/maven2/com/google/guava/guava/28.2-android/guava-28.2-android.jar Progress (3): 134 kB | 147/215 kB | 86/180 kB Progress (3): 134 kB | 147/215 kB | 90/180 kB Progress (3): 134 kB | 152/215 kB | 90/180 kB Progress (3): 134 kB | 152/215 kB | 94/180 kB Progress (3): 134 kB | 156/215 kB | 94/180 kB Progress (3): 134 kB | 160/215 kB | 94/180 kB Progress (3): 134 kB | 160/215 kB | 98/180 kB Progress (3): 134 kB | 160/215 kB | 102/180 kB Progress (3): 134 kB | 164/215 kB | 102/180 kB Progress (3): 134 kB | 164/215 kB | 106/180 kB Progress (3): 134 kB | 168/215 kB | 106/180 kB Progress (3): 134 kB | 168/215 kB | 111/180 kB Progress (3): 134 kB | 172/215 kB | 111/180 kB Progress (3): 134 kB | 176/215 kB | 111/180 kB Progress (3): 134 kB | 176/215 kB | 115/180 kB Progress (3): 134 kB | 176/215 kB | 119/180 kB Progress (3): 134 kB | 180/215 kB | 119/180 kB Progress (3): 134 kB | 180/215 kB | 123/180 kB Progress (3): 134 kB | 184/215 kB | 123/180 kB Progress (3): 134 kB | 184/215 kB | 127/180 kB Progress (3): 134 kB | 188/215 kB | 127/180 kB Progress (3): 134 kB | 193/215 kB | 127/180 kB Progress (3): 134 kB | 193/215 kB | 131/180 kB Progress (3): 134 kB | 193/215 kB | 135/180 kB Progress (3): 134 kB | 197/215 kB | 135/180 kB Progress (3): 134 kB | 197/215 kB | 139/180 kB Progress (3): 134 kB | 201/215 kB | 139/180 kB Progress (3): 134 kB | 201/215 kB | 143/180 kB Progress (3): 134 kB | 205/215 kB | 143/180 kB Progress (3): 134 kB | 209/215 kB | 143/180 kB Progress (3): 134 kB | 209/215 kB | 147/180 kB Progress (3): 134 kB | 213/215 kB | 147/180 kB Progress (3): 134 kB | 213/215 kB | 152/180 kB Progress (3): 134 kB | 215 kB | 152/180 kB Progress (3): 134 kB | 215 kB | 156/180 kB Progress (3): 134 kB | 215 kB | 160/180 kB Progress (3): 134 kB | 215 kB | 164/180 kB Progress (3): 134 kB | 215 kB | 168/180 kB Progress (3): 134 kB | 215 kB | 172/180 kB Progress (3): 134 kB | 215 kB | 176/180 kB Progress (3): 134 kB | 215 kB | 180 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/eclipse/aether/aether-util/0.9.0.M2/aether-util-0.9.0.M2.jar (134 kB at 897 kB/s) Progress (3): 215 kB | 180 kB | 4.1/85 kB Downloading from central: https://repo.maven.apache.org/maven2/com/google/guava/failureaccess/1.0.1/failureaccess-1.0.1.jar Progress (3): 215 kB | 180 kB | 8.2/85 kB Progress (3): 215 kB | 180 kB | 12/85 kB Progress (3): 215 kB | 180 kB | 16/85 kB Progress (3): 215 kB | 180 kB | 20/85 kB Progress (3): 215 kB | 180 kB | 25/85 kB Progress (3): 215 kB | 180 kB | 29/85 kB Progress (3): 215 kB | 180 kB | 33/85 kB Progress (3): 215 kB | 180 kB | 37/85 kB Progress (3): 215 kB | 180 kB | 41/85 kB Progress (3): 215 kB | 180 kB | 45/85 kB Progress (3): 215 kB | 180 kB | 49/85 kB Progress (3): 215 kB | 180 kB | 53/85 kB Progress (3): 215 kB | 180 kB | 57/85 kB Progress (3): 215 kB | 180 kB | 61/85 kB Progress (3): 215 kB | 180 kB | 66/85 kB Progress (3): 215 kB | 180 kB | 70/85 kB Progress (3): 215 kB | 180 kB | 74/85 kB Progress (3): 215 kB | 180 kB | 78/85 kB Progress (3): 215 kB | 180 kB | 82/85 kB Progress (3): 215 kB | 180 kB | 85 kB Progress (4): 215 kB | 180 kB | 85 kB | 0/2.6 MB Progress (4): 215 kB | 180 kB | 85 kB | 0/2.6 MB Progress (4): 215 kB | 180 kB | 85 kB | 0/2.6 MB Progress (4): 215 kB | 180 kB | 85 kB | 0.1/2.6 MB Progress (4): 215 kB | 180 kB | 85 kB | 0.1/2.6 MB Progress (4): 215 kB | 180 kB | 85 kB | 0.1/2.6 MB Progress (4): 215 kB | 180 kB | 85 kB | 0.1/2.6 MB Progress (4): 215 kB | 180 kB | 85 kB | 0.1/2.6 MB Progress (4): 215 kB | 180 kB | 85 kB | 0.1/2.6 MB Progress (4): 215 kB | 180 kB | 85 kB | 0.2/2.6 MB Progress (4): 215 kB | 180 kB | 85 kB | 0.2/2.6 MB Progress (4): 215 kB | 180 kB | 85 kB | 0.2/2.6 MB Progress (4): 215 kB | 180 kB | 85 kB | 0.2/2.6 MB Progress (4): 215 kB | 180 kB | 85 kB | 0.2/2.6 MB Progress (4): 215 kB | 180 kB | 85 kB | 0.2/2.6 MB Downloaded from central: https://repo.maven.apache.org/maven2/org/vafer/jdependency/2.4.0/jdependency-2.4.0.jar (180 kB at 1.2 MB/s) Progress (3): 215 kB | 85 kB | 0.3/2.6 MB Downloading from central: https://repo.maven.apache.org/maven2/com/google/guava/listenablefuture/9999.0-empty-to-avoid-conflict-with-guava/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar Progress (3): 215 kB | 85 kB | 0.3/2.6 MB Progress (3): 215 kB | 85 kB | 0.3/2.6 MB Progress (3): 215 kB | 85 kB | 0.3/2.6 MB Progress (3): 215 kB | 85 kB | 0.3/2.6 MB Downloaded from central: https://repo.maven.apache.org/maven2/commons-io/commons-io/2.6/commons-io-2.6.jar (215 kB at 1.4 MB/s) Progress (2): 85 kB | 0.3/2.6 MB Progress (3): 85 kB | 0.3/2.6 MB | 4.1/4.6 kB Downloading from central: https://repo.maven.apache.org/maven2/com/google/code/findbugs/jsr305/3.0.2/jsr305-3.0.2.jar Progress (3): 85 kB | 0.3/2.6 MB | 4.6 kB Progress (3): 85 kB | 0.4/2.6 MB | 4.6 kB Progress (3): 85 kB | 0.4/2.6 MB | 4.6 kB Progress (3): 85 kB | 0.4/2.6 MB | 4.6 kB Progress (3): 85 kB | 0.4/2.6 MB | 4.6 kB Progress (3): 85 kB | 0.4/2.6 MB | 4.6 kB Progress (3): 85 kB | 0.4/2.6 MB | 4.6 kB Progress (3): 85 kB | 0.5/2.6 MB | 4.6 kB Progress (3): 85 kB | 0.5/2.6 MB | 4.6 kB Progress (3): 85 kB | 0.5/2.6 MB | 4.6 kB Progress (3): 85 kB | 0.5/2.6 MB | 4.6 kB Progress (3): 85 kB | 0.5/2.6 MB | 4.6 kB Progress (3): 85 kB | 0.5/2.6 MB | 4.6 kB Progress (3): 85 kB | 0.6/2.6 MB | 4.6 kB Progress (3): 85 kB | 0.6/2.6 MB | 4.6 kB Progress (3): 85 kB | 0.6/2.6 MB | 4.6 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/ow2/asm/asm-util/8.0/asm-util-8.0.jar (85 kB at 536 kB/s) Progress (2): 0.6/2.6 MB | 4.6 kB Downloading from central: https://repo.maven.apache.org/maven2/org/checkerframework/checker-compat-qual/2.5.5/checker-compat-qual-2.5.5.jar Progress (2): 0.6/2.6 MB | 4.6 kB Progress (2): 0.6/2.6 MB | 4.6 kB Progress (2): 0.7/2.6 MB | 4.6 kB Progress (2): 0.7/2.6 MB | 4.6 kB Progress (2): 0.7/2.6 MB | 4.6 kB Progress (2): 0.7/2.6 MB | 4.6 kB Progress (2): 0.7/2.6 MB | 4.6 kB Progress (2): 0.7/2.6 MB | 4.6 kB Progress (2): 0.8/2.6 MB | 4.6 kB Progress (2): 0.8/2.6 MB | 4.6 kB Progress (2): 0.8/2.6 MB | 4.6 kB Progress (2): 0.8/2.6 MB | 4.6 kB Progress (2): 0.8/2.6 MB | 4.6 kB Progress (2): 0.8/2.6 MB | 4.6 kB Progress (2): 0.8/2.6 MB | 4.6 kB Progress (2): 0.9/2.6 MB | 4.6 kB Progress (2): 0.9/2.6 MB | 4.6 kB Progress (2): 0.9/2.6 MB | 4.6 kB Progress (2): 0.9/2.6 MB | 4.6 kB Progress (3): 0.9/2.6 MB | 4.6 kB | 2.2 kB Progress (4): 0.9/2.6 MB | 4.6 kB | 2.2 kB | 4.1/20 kB Progress (4): 0.9/2.6 MB | 4.6 kB | 2.2 kB | 8.2/20 kB Progress (4): 0.9/2.6 MB | 4.6 kB | 2.2 kB | 12/20 kB Progress (4): 0.9/2.6 MB | 4.6 kB | 2.2 kB | 12/20 kB Progress (4): 0.9/2.6 MB | 4.6 kB | 2.2 kB | 16/20 kB Progress (4): 0.9/2.6 MB | 4.6 kB | 2.2 kB | 16/20 kB Progress (4): 0.9/2.6 MB | 4.6 kB | 2.2 kB | 20 kB Progress (4): 1.0/2.6 MB | 4.6 kB | 2.2 kB | 20 kB Progress (4): 1.0/2.6 MB | 4.6 kB | 2.2 kB | 20 kB Progress (4): 1.0/2.6 MB | 4.6 kB | 2.2 kB | 20 kB Progress (4): 1.0/2.6 MB | 4.6 kB | 2.2 kB | 20 kB Progress (4): 1.0/2.6 MB | 4.6 kB | 2.2 kB | 20 kB Progress (4): 1.0/2.6 MB | 4.6 kB | 2.2 kB | 20 kB Progress (4): 1.1/2.6 MB | 4.6 kB | 2.2 kB | 20 kB Progress (4): 1.1/2.6 MB | 4.6 kB | 2.2 kB | 20 kB Progress (4): 1.1/2.6 MB | 4.6 kB | 2.2 kB | 20 kB Progress (4): 1.1/2.6 MB | 4.6 kB | 2.2 kB | 20 kB Progress (4): 1.1/2.6 MB | 4.6 kB | 2.2 kB | 20 kB Downloaded from central: https://repo.maven.apache.org/maven2/com/google/guava/failureaccess/1.0.1/failureaccess-1.0.1.jar (4.6 kB at 28 kB/s) Progress (3): 1.1/2.6 MB | 2.2 kB | 20 kB Downloading from central: https://repo.maven.apache.org/maven2/com/google/errorprone/error_prone_annotations/2.3.4/error_prone_annotations-2.3.4.jar Progress (4): 1.1/2.6 MB | 2.2 kB | 20 kB | 4.1/5.9 kB Progress (4): 1.1/2.6 MB | 2.2 kB | 20 kB | 5.9 kB Progress (4): 1.2/2.6 MB | 2.2 kB | 20 kB | 5.9 kB Progress (4): 1.2/2.6 MB | 2.2 kB | 20 kB | 5.9 kB Progress (4): 1.2/2.6 MB | 2.2 kB | 20 kB | 5.9 kB Progress (4): 1.2/2.6 MB | 2.2 kB | 20 kB | 5.9 kB Progress (4): 1.2/2.6 MB | 2.2 kB | 20 kB | 5.9 kB Progress (4): 1.2/2.6 MB | 2.2 kB | 20 kB | 5.9 kB Progress (4): 1.3/2.6 MB | 2.2 kB | 20 kB | 5.9 kB Progress (4): 1.3/2.6 MB | 2.2 kB | 20 kB | 5.9 kB Progress (4): 1.3/2.6 MB | 2.2 kB | 20 kB | 5.9 kB Progress (4): 1.3/2.6 MB | 2.2 kB | 20 kB | 5.9 kB Progress (4): 1.3/2.6 MB | 2.2 kB | 20 kB | 5.9 kB Progress (4): 1.3/2.6 MB | 2.2 kB | 20 kB | 5.9 kB Progress (4): 1.4/2.6 MB | 2.2 kB | 20 kB | 5.9 kB Progress (4): 1.4/2.6 MB | 2.2 kB | 20 kB | 5.9 kB Progress (4): 1.4/2.6 MB | 2.2 kB | 20 kB | 5.9 kB Progress (4): 1.4/2.6 MB | 2.2 kB | 20 kB | 5.9 kB Progress (4): 1.4/2.6 MB | 2.2 kB | 20 kB | 5.9 kB Progress (4): 1.4/2.6 MB | 2.2 kB | 20 kB | 5.9 kB Progress (4): 1.5/2.6 MB | 2.2 kB | 20 kB | 5.9 kB Progress (4): 1.5/2.6 MB | 2.2 kB | 20 kB | 5.9 kB Progress (4): 1.5/2.6 MB | 2.2 kB | 20 kB | 5.9 kB Progress (4): 1.5/2.6 MB | 2.2 kB | 20 kB | 5.9 kB Progress (4): 1.5/2.6 MB | 2.2 kB | 20 kB | 5.9 kB Progress (4): 1.5/2.6 MB | 2.2 kB | 20 kB | 5.9 kB Progress (4): 1.6/2.6 MB | 2.2 kB | 20 kB | 5.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/com/google/guava/listenablefuture/9999.0-empty-to-avoid-conflict-with-guava/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar (2.2 kB at 13 kB/s) Progress (3): 1.6/2.6 MB | 20 kB | 5.9 kB Downloading from central: https://repo.maven.apache.org/maven2/com/google/j2objc/j2objc-annotations/1.3/j2objc-annotations-1.3.jar Progress (3): 1.6/2.6 MB | 20 kB | 5.9 kB Progress (3): 1.6/2.6 MB | 20 kB | 5.9 kB Progress (3): 1.6/2.6 MB | 20 kB | 5.9 kB Downloaded from central: https://repo.maven.apache.org/maven2/com/google/code/findbugs/jsr305/3.0.2/jsr305-3.0.2.jar (20 kB at 117 kB/s) Progress (2): 1.6/2.6 MB | 5.9 kB Downloading from central: https://repo.maven.apache.org/maven2/org/apache/commons/commons-lang3/3.7/commons-lang3-3.7.jar Progress (2): 1.7/2.6 MB | 5.9 kB Progress (2): 1.7/2.6 MB | 5.9 kB Progress (2): 1.7/2.6 MB | 5.9 kB Progress (2): 1.7/2.6 MB | 5.9 kB Progress (3): 1.7/2.6 MB | 5.9 kB | 4.1/14 kB Progress (3): 1.7/2.6 MB | 5.9 kB | 4.1/14 kB Progress (3): 1.7/2.6 MB | 5.9 kB | 8.2/14 kB Progress (3): 1.7/2.6 MB | 5.9 kB | 12/14 kB Progress (3): 1.7/2.6 MB | 5.9 kB | 12/14 kB Progress (3): 1.7/2.6 MB | 5.9 kB | 14 kB Progress (3): 1.8/2.6 MB | 5.9 kB | 14 kB Progress (3): 1.8/2.6 MB | 5.9 kB | 14 kB Progress (3): 1.8/2.6 MB | 5.9 kB | 14 kB Progress (3): 1.8/2.6 MB | 5.9 kB | 14 kB Progress (3): 1.8/2.6 MB | 5.9 kB | 14 kB Progress (3): 1.8/2.6 MB | 5.9 kB | 14 kB Progress (3): 1.8/2.6 MB | 5.9 kB | 14 kB Progress (3): 1.9/2.6 MB | 5.9 kB | 14 kB Progress (3): 1.9/2.6 MB | 5.9 kB | 14 kB Progress (3): 1.9/2.6 MB | 5.9 kB | 14 kB Progress (3): 1.9/2.6 MB | 5.9 kB | 14 kB Progress (3): 1.9/2.6 MB | 5.9 kB | 14 kB Downloaded from central: https://repo.maven.apache.org/maven2/org/checkerframework/checker-compat-qual/2.5.5/checker-compat-qual-2.5.5.jar (5.9 kB at 33 kB/s) Progress (2): 1.9/2.6 MB | 14 kB Progress (2): 2.0/2.6 MB | 14 kB Progress (2): 2.0/2.6 MB | 14 kB Progress (2): 2.0/2.6 MB | 14 kB Progress (2): 2.0/2.6 MB | 14 kB Progress (2): 2.0/2.6 MB | 14 kB Progress (2): 2.0/2.6 MB | 14 kB Progress (2): 2.1/2.6 MB | 14 kB Progress (2): 2.1/2.6 MB | 14 kB Progress (2): 2.1/2.6 MB | 14 kB Progress (2): 2.1/2.6 MB | 14 kB Progress (2): 2.1/2.6 MB | 14 kB Progress (2): 2.1/2.6 MB | 14 kB Progress (2): 2.2/2.6 MB | 14 kB Progress (2): 2.2/2.6 MB | 14 kB Progress (3): 2.2/2.6 MB | 14 kB | 4.1/8.8 kB Progress (3): 2.2/2.6 MB | 14 kB | 8.2/8.8 kB Progress (3): 2.2/2.6 MB | 14 kB | 8.8 kB Progress (3): 2.2/2.6 MB | 14 kB | 8.8 kB Progress (3): 2.2/2.6 MB | 14 kB | 8.8 kB Progress (3): 2.2/2.6 MB | 14 kB | 8.8 kB Progress (3): 2.2/2.6 MB | 14 kB | 8.8 kB Progress (4): 2.2/2.6 MB | 14 kB | 8.8 kB | 4.1/500 kB Progress (4): 2.3/2.6 MB | 14 kB | 8.8 kB | 4.1/500 kB Progress (4): 2.3/2.6 MB | 14 kB | 8.8 kB | 8.2/500 kB Progress (4): 2.3/2.6 MB | 14 kB | 8.8 kB | 12/500 kB Progress (4): 2.3/2.6 MB | 14 kB | 8.8 kB | 16/500 kB Progress (4): 2.3/2.6 MB | 14 kB | 8.8 kB | 16/500 kB Progress (4): 2.3/2.6 MB | 14 kB | 8.8 kB | 20/500 kB Progress (4): 2.3/2.6 MB | 14 kB | 8.8 kB | 25/500 kB Progress (4): 2.3/2.6 MB | 14 kB | 8.8 kB | 25/500 kB Progress (4): 2.3/2.6 MB | 14 kB | 8.8 kB | 29/500 kB Progress (4): 2.3/2.6 MB | 14 kB | 8.8 kB | 33/500 kB Progress (4): 2.3/2.6 MB | 14 kB | 8.8 kB | 33/500 kB Progress (4): 2.3/2.6 MB | 14 kB | 8.8 kB | 37/500 kB Progress (4): 2.3/2.6 MB | 14 kB | 8.8 kB | 41/500 kB Progress (4): 2.3/2.6 MB | 14 kB | 8.8 kB | 41/500 kB Progress (4): 2.3/2.6 MB | 14 kB | 8.8 kB | 41/500 kB Progress (4): 2.3/2.6 MB | 14 kB | 8.8 kB | 45/500 kB Progress (4): 2.4/2.6 MB | 14 kB | 8.8 kB | 45/500 kB Progress (4): 2.4/2.6 MB | 14 kB | 8.8 kB | 49/500 kB Progress (4): 2.4/2.6 MB | 14 kB | 8.8 kB | 49/500 kB Progress (4): 2.4/2.6 MB | 14 kB | 8.8 kB | 53/500 kB Progress (4): 2.4/2.6 MB | 14 kB | 8.8 kB | 57/500 kB Progress (4): 2.4/2.6 MB | 14 kB | 8.8 kB | 57/500 kB Progress (4): 2.4/2.6 MB | 14 kB | 8.8 kB | 61/500 kB Progress (4): 2.4/2.6 MB | 14 kB | 8.8 kB | 61/500 kB Progress (4): 2.4/2.6 MB | 14 kB | 8.8 kB | 66/500 kB Downloaded from central: https://repo.maven.apache.org/maven2/com/google/errorprone/error_prone_annotations/2.3.4/error_prone_annotations-2.3.4.jar (14 kB at 77 kB/s) Progress (3): 2.4/2.6 MB | 8.8 kB | 66/500 kB Progress (3): 2.4/2.6 MB | 8.8 kB | 70/500 kB Progress (3): 2.4/2.6 MB | 8.8 kB | 74/500 kB Progress (3): 2.4/2.6 MB | 8.8 kB | 74/500 kB Progress (3): 2.4/2.6 MB | 8.8 kB | 78/500 kB Progress (3): 2.4/2.6 MB | 8.8 kB | 82/500 kB Progress (3): 2.4/2.6 MB | 8.8 kB | 86/500 kB Progress (3): 2.4/2.6 MB | 8.8 kB | 90/500 kB Progress (3): 2.4/2.6 MB | 8.8 kB | 94/500 kB Progress (3): 2.4/2.6 MB | 8.8 kB | 98/500 kB Progress (3): 2.4/2.6 MB | 8.8 kB | 102/500 kB Progress (3): 2.4/2.6 MB | 8.8 kB | 106/500 kB Progress (3): 2.4/2.6 MB | 8.8 kB | 111/500 kB Progress (3): 2.5/2.6 MB | 8.8 kB | 111/500 kB Progress (3): 2.5/2.6 MB | 8.8 kB | 115/500 kB Progress (3): 2.5/2.6 MB | 8.8 kB | 119/500 kB Progress (3): 2.5/2.6 MB | 8.8 kB | 123/500 kB Progress (3): 2.5/2.6 MB | 8.8 kB | 123/500 kB Progress (3): 2.5/2.6 MB | 8.8 kB | 127/500 kB Progress (3): 2.5/2.6 MB | 8.8 kB | 131/500 kB Progress (3): 2.5/2.6 MB | 8.8 kB | 131/500 kB Progress (3): 2.5/2.6 MB | 8.8 kB | 135/500 kB Progress (3): 2.5/2.6 MB | 8.8 kB | 139/500 kB Progress (3): 2.5/2.6 MB | 8.8 kB | 139/500 kB Progress (3): 2.5/2.6 MB | 8.8 kB | 143/500 kB Progress (3): 2.5/2.6 MB | 8.8 kB | 143/500 kB Progress (3): 2.5/2.6 MB | 8.8 kB | 147/500 kB Progress (3): 2.5/2.6 MB | 8.8 kB | 152/500 kB Progress (3): 2.5/2.6 MB | 8.8 kB | 156/500 kB Progress (3): 2.5/2.6 MB | 8.8 kB | 156/500 kB Progress (3): 2.5/2.6 MB | 8.8 kB | 160/500 kB Progress (3): 2.6/2.6 MB | 8.8 kB | 160/500 kB Progress (3): 2.6/2.6 MB | 8.8 kB | 164/500 kB Progress (3): 2.6/2.6 MB | 8.8 kB | 168/500 kB Progress (3): 2.6/2.6 MB | 8.8 kB | 172/500 kB Progress (3): 2.6/2.6 MB | 8.8 kB | 172/500 kB Progress (3): 2.6/2.6 MB | 8.8 kB | 176/500 kB Progress (3): 2.6/2.6 MB | 8.8 kB | 176/500 kB Progress (3): 2.6/2.6 MB | 8.8 kB | 180/500 kB Progress (3): 2.6/2.6 MB | 8.8 kB | 184/500 kB Progress (3): 2.6/2.6 MB | 8.8 kB | 188/500 kB Progress (3): 2.6/2.6 MB | 8.8 kB | 188/500 kB Progress (3): 2.6/2.6 MB | 8.8 kB | 193/500 kB Progress (3): 2.6/2.6 MB | 8.8 kB | 193/500 kB Progress (3): 2.6/2.6 MB | 8.8 kB | 197/500 kB Progress (3): 2.6/2.6 MB | 8.8 kB | 201/500 kB Progress (3): 2.6 MB | 8.8 kB | 201/500 kB Progress (3): 2.6 MB | 8.8 kB | 205/500 kB Progress (3): 2.6 MB | 8.8 kB | 209/500 kB Progress (3): 2.6 MB | 8.8 kB | 213/500 kB Progress (3): 2.6 MB | 8.8 kB | 217/500 kB Progress (3): 2.6 MB | 8.8 kB | 221/500 kB Progress (3): 2.6 MB | 8.8 kB | 225/500 kB Progress (3): 2.6 MB | 8.8 kB | 229/500 kB Progress (3): 2.6 MB | 8.8 kB | 233/500 kB Progress (3): 2.6 MB | 8.8 kB | 238/500 kB Progress (3): 2.6 MB | 8.8 kB | 242/500 kB Progress (3): 2.6 MB | 8.8 kB | 246/500 kB Progress (3): 2.6 MB | 8.8 kB | 250/500 kB Progress (3): 2.6 MB | 8.8 kB | 254/500 kB Downloaded from central: https://repo.maven.apache.org/maven2/com/google/j2objc/j2objc-annotations/1.3/j2objc-annotations-1.3.jar (8.8 kB at 47 kB/s) Progress (2): 2.6 MB | 258/500 kB Progress (2): 2.6 MB | 262/500 kB Progress (2): 2.6 MB | 266/500 kB Progress (2): 2.6 MB | 270/500 kB Progress (2): 2.6 MB | 274/500 kB Progress (2): 2.6 MB | 279/500 kB Progress (2): 2.6 MB | 283/500 kB Progress (2): 2.6 MB | 287/500 kB Progress (2): 2.6 MB | 291/500 kB Progress (2): 2.6 MB | 295/500 kB Progress (2): 2.6 MB | 299/500 kB Progress (2): 2.6 MB | 303/500 kB Progress (2): 2.6 MB | 307/500 kB Progress (2): 2.6 MB | 311/500 kB Progress (2): 2.6 MB | 315/500 kB Progress (2): 2.6 MB | 319/500 kB Progress (2): 2.6 MB | 324/500 kB Progress (2): 2.6 MB | 328/500 kB Progress (2): 2.6 MB | 332/500 kB Progress (2): 2.6 MB | 336/500 kB Progress (2): 2.6 MB | 340/500 kB Progress (2): 2.6 MB | 344/500 kB Progress (2): 2.6 MB | 348/500 kB Progress (2): 2.6 MB | 352/500 kB Progress (2): 2.6 MB | 356/500 kB Progress (2): 2.6 MB | 360/500 kB Progress (2): 2.6 MB | 365/500 kB Progress (2): 2.6 MB | 369/500 kB Progress (2): 2.6 MB | 373/500 kB Progress (2): 2.6 MB | 377/500 kB Progress (2): 2.6 MB | 381/500 kB Progress (2): 2.6 MB | 385/500 kB Progress (2): 2.6 MB | 389/500 kB Progress (2): 2.6 MB | 393/500 kB Progress (2): 2.6 MB | 397/500 kB Progress (2): 2.6 MB | 401/500 kB Progress (2): 2.6 MB | 406/500 kB Progress (2): 2.6 MB | 410/500 kB Progress (2): 2.6 MB | 414/500 kB Progress (2): 2.6 MB | 418/500 kB Progress (2): 2.6 MB | 422/500 kB Progress (2): 2.6 MB | 426/500 kB Progress (2): 2.6 MB | 430/500 kB Progress (2): 2.6 MB | 434/500 kB Progress (2): 2.6 MB | 438/500 kB Progress (2): 2.6 MB | 442/500 kB Progress (2): 2.6 MB | 446/500 kB Progress (2): 2.6 MB | 451/500 kB Progress (2): 2.6 MB | 455/500 kB Progress (2): 2.6 MB | 459/500 kB Progress (2): 2.6 MB | 463/500 kB Progress (2): 2.6 MB | 467/500 kB Progress (2): 2.6 MB | 471/500 kB Progress (2): 2.6 MB | 475/500 kB Progress (2): 2.6 MB | 479/500 kB Progress (2): 2.6 MB | 483/500 kB Progress (2): 2.6 MB | 487/500 kB Progress (2): 2.6 MB | 492/500 kB Progress (2): 2.6 MB | 496/500 kB Progress (2): 2.6 MB | 500 kB Downloaded from central: https://repo.maven.apache.org/maven2/com/google/guava/guava/28.2-android/guava-28.2-android.jar (2.6 MB at 14 MB/s) Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/commons/commons-lang3/3.7/commons-lang3-3.7.jar (500 kB at 2.5 MB/s) [INFO] Including io.github.stuartwdouglas.hacbs-test.simple:simple-jdk17:jar:0.1.2 in the shaded jar. [INFO] Including io.github.stuartwdouglas.hacbs-test.shaded:shaded-jdk11:jar:1.9 in the shaded jar. [INFO] Including io.github.stuartwdouglas.hacbs-test.simple:simple-jdk8:jar:1.2.4 in the shaded jar. [INFO] Including io.github.stuartwdouglas.hacbs-test.gradle:hacbs-test-simple-gradle-jdk8:jar:1.1 in the shaded jar. [WARNING] hacbs-test-simple-gradle-jdk8-1.1.jar, hacbs-test.jar, shaded-jdk11-1.9.jar, simple-jdk17-0.1.2.jar, simple-jdk8-1.2.4.jar define 1 overlapping resource: [WARNING] - META-INF/MANIFEST.MF [WARNING] shaded-jdk11-1.9.jar, simple-jdk8-1.2.4.jar define 3 overlapping classes and resources: [WARNING] - META-INF/maven/io.github.stuartwdouglas.hacbs-test.simple/simple-jdk8/pom.properties [WARNING] - META-INF/maven/io.github.stuartwdouglas.hacbs-test.simple/simple-jdk8/pom.xml [WARNING] - io.github.stuartwdouglas.hacbstest.simple.simplejdk8.Placeholder [WARNING] maven-shade-plugin has detected that some class files are [WARNING] present in two or more JARs. When this happens, only one [WARNING] single version of the class is copied to the uber jar. [WARNING] Usually this is not harmful and you can skip these warnings, [WARNING] otherwise try to manually exclude artifacts based on [WARNING] mvn dependency:tree -Ddetail=true and the above output. [WARNING] See http://maven.apache.org/plugins/maven-shade-plugin/ [INFO] Replacing original artifact with shaded artifact. [INFO] Replacing /work/target/hacbs-test.jar with /work/target/simple-java-project-1.0-SNAPSHOT-shaded.jar [INFO] ------------------------------------------------------------------------ [INFO] BUILD SUCCESS [INFO] ------------------------------------------------------------------------ [INFO] Total time: 7.551 s [INFO] Finished at: 2025-09-12T13:28:53Z [INFO] ------------------------------------------------------------------------ [2/2] STEP 1/9: FROM registry.access.redhat.com/ubi8/openjdk-17-runtime:1.13 [2/2] STEP 2/9: USER 185 [2/2] STEP 3/9: WORKDIR /work/ [2/2] STEP 4/9: COPY --from=builder /work/target/hacbs-test.jar /deployments [2/2] STEP 5/9: EXPOSE 8081 [2/2] STEP 6/9: ENV AB_JOLOKIA_OFF="" [2/2] STEP 7/9: ENV JAVA_APP_JAR="/deployments/hacbs-test.jar" [2/2] STEP 8/9: COPY labels.json /root/buildinfo/labels.json [2/2] STEP 9/9: LABEL "architecture"="x86_64" "vcs-type"="git" "vcs-ref"="5317705287d427a5b8ea6186aaebec2fce6ccb89" "quay.expires-after"="5d" "build-date"="2025-09-12T13:28:20Z" [2/2] COMMIT quay.io/redhat-appstudio-qe/integration2-knlu/test-component-pac-vrbmoe:on-pr-5317705287d427a5b8ea6186aaebec2fce6ccb89 --> 264dc285dc2a Successfully tagged quay.io/redhat-appstudio-qe/integration2-knlu/test-component-pac-vrbmoe:on-pr-5317705287d427a5b8ea6186aaebec2fce6ccb89 264dc285dc2a9f1830a26f085bb4bf1801239c95487d1ce20a94ad7cbd3eda0f [2025-09-12T13:29:01,275881004+00:00] Unsetting proxy [2025-09-12T13:29:01,276958463+00:00] Add metadata Recording base image digests used registry.access.redhat.com/ubi8/openjdk-17:1.13 registry.access.redhat.com/ubi8/openjdk-17:1.13@sha256:774fc45231657c73ada4d22d1f12bbf88206da2d49d982404bd8fd95db8482b7 registry.access.redhat.com/ubi8/openjdk-17-runtime:1.13 registry.access.redhat.com/ubi8/openjdk-17-runtime:1.13@sha256:335cbd019538a8a1f5e70e7a32fad2928fb9e6c2bef47bea7d506c0b779946e2 Getting image source signatures Copying blob sha256:ec672bd9d6b4c01b243d156df5e6956596efcc1a9a5c04d5adb5e0f84b6e7e85 Copying blob sha256:dff9f8de74c048baca326e1d79db28e7615e8e96497c630177c53e61bbd2f906 Copying blob sha256:e34e3bdec2768c1b351fdcc47094e9e345a7e1c2115d667549e76a02ed282d3c Copying blob sha256:7cda6ce113beb1259d6bfcc07aec67b8bfe7bde8dba632c478befb5ff9c3f49a Copying config sha256:264dc285dc2a9f1830a26f085bb4bf1801239c95487d1ce20a94ad7cbd3eda0f Writing manifest to image destination [2025-09-12T13:29:07,651735495+00:00] End build pod: test-component-pac-vrbmoe-o03297d3c2217afc553582eb4e4ef9857-pod | container step-push: [2025-09-12T13:29:08,517546227+00:00] Update CA trust INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' [2025-09-12T13:29:11,168773459+00:00] Convert image [2025-09-12T13:29:11,169714897+00:00] Push image with unique tag Pushing to quay.io/redhat-appstudio-qe/integration2-knlu/test-component-pac-vrbmoe:test-component-pac-vrbmoe-on-pull-request-z4gzf-build-container Executing: buildah push --format=oci --retry 3 --tls-verify=true quay.io/redhat-appstudio-qe/integration2-knlu/test-component-pac-vrbmoe:on-pr-5317705287d427a5b8ea6186aaebec2fce6ccb89 docker://quay.io/redhat-appstudio-qe/integration2-knlu/test-component-pac-vrbmoe:test-component-pac-vrbmoe-on-pull-request-z4gzf-build-container [2025-09-12T13:30:07,387380893+00:00] Push image with git revision Pushing to quay.io/redhat-appstudio-qe/integration2-knlu/test-component-pac-vrbmoe:on-pr-5317705287d427a5b8ea6186aaebec2fce6ccb89 Executing: buildah push --format=oci --retry 3 --tls-verify=true --digestfile /workspace/source/image-digest quay.io/redhat-appstudio-qe/integration2-knlu/test-component-pac-vrbmoe:on-pr-5317705287d427a5b8ea6186aaebec2fce6ccb89 docker://quay.io/redhat-appstudio-qe/integration2-knlu/test-component-pac-vrbmoe:on-pr-5317705287d427a5b8ea6186aaebec2fce6ccb89 sha256:565c0f7a8659c55322b310383b140ba2a7c72a624fb84acf305d7af04c891072quay.io/redhat-appstudio-qe/integration2-knlu/test-component-pac-vrbmoe:on-pr-5317705287d427a5b8ea6186aaebec2fce6ccb89 [2025-09-12T13:30:08,765499815+00:00] End push pod: test-component-pac-vrbmoe-o03297d3c2217afc553582eb4e4ef9857-pod | container step-sbom-syft-generate: [2025-09-12T13:30:09,190526177+00:00] Generate SBOM Running syft on the source directory [0000] WARN no explicit name and version provided for directory source, deriving artifact ID from the given path (which is not ideal) Running syft on the image [2025-09-12T13:30:15,264742690+00:00] End sbom-syft-generate pod: test-component-pac-vrbmoe-o03297d3c2217afc553582eb4e4ef9857-pod | container step-prepare-sboms: [2025-09-12T13:30:15,320607750+00:00] Prepare SBOM [2025-09-12T13:30:15,325219617+00:00] Generate SBOM with mobster 2025-09-12 13:30:16,598 [INFO] mobster.log: Logging level set to 20 2025-09-12 13:30:16,692 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-LGPLv2-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-LGPLv2-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-alsa-lib-9d77ba396df35e84', element_type=, full_element=LicenseSymbol('LicenseRef-LGPLv2-', is_exception=False))) 2025-09-12 13:30:16,693 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-LGPLv2-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-LGPLv2-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-audit-libs-613112d87e762c39', element_type=, full_element=LicenseSymbol('LicenseRef-LGPLv2-', is_exception=False))) 2025-09-12 13:30:16,693 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-LGPLv2-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-LGPLv2-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-avahi-libs-3febfbbce2b89edc', element_type=, full_element=LicenseSymbol('LicenseRef-LGPLv2-', is_exception=False))) 2025-09-12 13:30:16,693 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-Public-Domain. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-Public-Domain', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-basesystem-a566ed9debd00cc2', element_type=, full_element=LicenseSymbol('LicenseRef-Public-Domain', is_exception=False))) 2025-09-12 13:30:16,693 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-GPLv3-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-GPLv3-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-bash-f8c0737ab04347d2', element_type=, full_element=LicenseSymbol('LicenseRef-GPLv3-', is_exception=False))) 2025-09-12 13:30:16,693 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-BSD. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-BSD', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-bzip2-libs-8e2251ccb4e65cc7', element_type=, full_element=LicenseSymbol('LicenseRef-BSD', is_exception=False))) 2025-09-12 13:30:16,693 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-Public-Domain. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-Public-Domain', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-ca-certificates-3997b1fee080fe09', element_type=, full_element=LicenseSymbol('LicenseRef-Public-Domain', is_exception=False))) 2025-09-12 13:30:16,693 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-GPLv2. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-GPLv2', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-chkconfig-7be58b3ac5ca739b', element_type=, full_element=LicenseSymbol('LicenseRef-GPLv2', is_exception=False))) 2025-09-12 13:30:16,693 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-BSD. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-BSD', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-copy-jdk-configs-3e014a7012c53701', element_type=, full_element=LicenseSymbol('LicenseRef-BSD', is_exception=False))) 2025-09-12 13:30:16,693 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-GPLv3-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-GPLv3-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-coreutils-single-02ee1f3bb7661cd4', element_type=, full_element=LicenseSymbol('LicenseRef-GPLv3-', is_exception=False))) 2025-09-12 13:30:16,693 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-LGPLv2-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-LGPLv2-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-crypto-policies-7558551f237a46fb', element_type=, full_element=LicenseSymbol('LicenseRef-LGPLv2-', is_exception=False))) 2025-09-12 13:30:16,693 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-LGPLv2-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-LGPLv2-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-crypto-policies-scripts-bac04ea2d7fe6533', element_type=, full_element=LicenseSymbol('LicenseRef-LGPLv2-', is_exception=False))) 2025-09-12 13:30:16,693 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-LGPLv2-and-zlib. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-LGPLv2-and-zlib', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-cups-libs-e05ea1209e50a10e', element_type=, full_element=LicenseSymbol('LicenseRef-LGPLv2-and-zlib', is_exception=False))) 2025-09-12 13:30:16,693 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-BSD-with-advertising. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-BSD-with-advertising', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-cyrus-sasl-lib-b62be623a0a6b6c8', element_type=, full_element=LicenseSymbol('LicenseRef-BSD-with-advertising', is_exception=False))) 2025-09-12 13:30:16,693 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef--GPLv2--or-AFL--and-GPLv2-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef--GPLv2--or-AFL--and-GPLv2-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-dbus-libs-da53d086e727c9af', element_type=, full_element=LicenseSymbol('LicenseRef--GPLv2--or-AFL--and-GPLv2-', is_exception=False))) 2025-09-12 13:30:16,693 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-GPLv2--or-LGPLv3-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-GPLv2--or-LGPLv3-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-elfutils-libelf-5332e6624d30a063', element_type=, full_element=LicenseSymbol('LicenseRef-GPLv2--or-LGPLv3-', is_exception=False))) 2025-09-12 13:30:16,693 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-BSD. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-BSD', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-file-libs-b2b1e90074e174bb', element_type=, full_element=LicenseSymbol('LicenseRef-BSD', is_exception=False))) 2025-09-12 13:30:16,693 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-Public-Domain. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-Public-Domain', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-filesystem-9a702baa1d7ccc3c', element_type=, full_element=LicenseSymbol('LicenseRef-Public-Domain', is_exception=False))) 2025-09-12 13:30:16,693 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-GPLv3-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-GPLv3-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-findutils-23ed2a56866c95e1', element_type=, full_element=LicenseSymbol('LicenseRef-GPLv3-', is_exception=False))) 2025-09-12 13:30:16,693 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef--FTL-or-GPLv2---and-BSD-and-MIT-and-Public-Domain-and-zlib-with-acknowledgement. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef--FTL-or-GPLv2---and-BSD-and-MIT-and-Public-Domain-and-zlib-with-acknowledgement', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-freetype-7db4aa0cad1ed160', element_type=, full_element=LicenseSymbol('LicenseRef--FTL-or-GPLv2---and-BSD-and-MIT-and-Public-Domain-and-zlib-with-acknowledgement', is_exception=False))) 2025-09-12 13:30:16,693 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-GPLv3--and-GPLv2--and-LGPLv2--and-BSD. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-GPLv3--and-GPLv2--and-LGPLv2--and-BSD', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-gawk-b136a6b20e37bb61', element_type=, full_element=LicenseSymbol('LicenseRef-GPLv3--and-GPLv2--and-LGPLv2--and-BSD', is_exception=False))) 2025-09-12 13:30:16,693 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-GPLv3-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-GPLv3-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-gdbm-171e2223568efd8c', element_type=, full_element=LicenseSymbol('LicenseRef-GPLv3-', is_exception=False))) 2025-09-12 13:30:16,693 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-GPLv3-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-GPLv3-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-gdbm-libs-30ffa54c80024397', element_type=, full_element=LicenseSymbol('LicenseRef-GPLv3-', is_exception=False))) 2025-09-12 13:30:16,693 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-LGPLv2-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-LGPLv2-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-glib2-b52e89f0bda92bce', element_type=, full_element=LicenseSymbol('LicenseRef-LGPLv2-', is_exception=False))) 2025-09-12 13:30:16,693 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-LGPLv2--and-LGPLv2--with-exceptions-and-GPLv2--and-GPLv2--with-exceptions-and-BSD-and-Inner-Net-and-ISC-and-Public-Domain-and-GFDL. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-LGPLv2--and-LGPLv2--with-exceptions-and-GPLv2--and-GPLv2--with-exceptions-and-BSD-and-Inner-Net-and-ISC-and-Public-Domain-and-GFDL', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-glibc-06514ebcdadf613c', element_type=, full_element=LicenseSymbol('LicenseRef-LGPLv2--and-LGPLv2--with-exceptions-and-GPLv2--and-GPLv2--with-exceptions-and-BSD-and-Inner-Net-and-ISC-and-Public-Domain-and-GFDL', is_exception=False))) 2025-09-12 13:30:16,693 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-LGPLv2--and-LGPLv2--with-exceptions-and-GPLv2--and-GPLv2--with-exceptions-and-BSD-and-Inner-Net-and-ISC-and-Public-Domain-and-GFDL. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-LGPLv2--and-LGPLv2--with-exceptions-and-GPLv2--and-GPLv2--with-exceptions-and-BSD-and-Inner-Net-and-ISC-and-Public-Domain-and-GFDL', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-glibc-common-ceb0e80a78c03fce', element_type=, full_element=LicenseSymbol('LicenseRef-LGPLv2--and-LGPLv2--with-exceptions-and-GPLv2--and-GPLv2--with-exceptions-and-BSD-and-Inner-Net-and-ISC-and-Public-Domain-and-GFDL', is_exception=False))) 2025-09-12 13:30:16,693 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-LGPLv2--and-LGPLv2--with-exceptions-and-GPLv2--and-GPLv2--with-exceptions-and-BSD-and-Inner-Net-and-ISC-and-Public-Domain-and-GFDL. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-LGPLv2--and-LGPLv2--with-exceptions-and-GPLv2--and-GPLv2--with-exceptions-and-BSD-and-Inner-Net-and-ISC-and-Public-Domain-and-GFDL', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-glibc-minimal-langpack-44644ae9d06e21e4', element_type=, full_element=LicenseSymbol('LicenseRef-LGPLv2--and-LGPLv2--with-exceptions-and-GPLv2--and-GPLv2--with-exceptions-and-BSD-and-Inner-Net-and-ISC-and-Public-Domain-and-GFDL', is_exception=False))) 2025-09-12 13:30:16,693 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-LGPLv3--or-GPLv2-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-LGPLv3--or-GPLv2-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-gmp-e5d88b6bc229304a', element_type=, full_element=LicenseSymbol('LicenseRef-LGPLv3--or-GPLv2-', is_exception=False))) 2025-09-12 13:30:16,693 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-GPLv3-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-GPLv3-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-gnupg2-f6bf1d265992db14', element_type=, full_element=LicenseSymbol('LicenseRef-GPLv3-', is_exception=False))) 2025-09-12 13:30:16,693 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-GPLv3--and-LGPLv2-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-GPLv3--and-LGPLv2-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-gnutls-d804e74a3c9e74f4', element_type=, full_element=LicenseSymbol('LicenseRef-GPLv3--and-LGPLv2-', is_exception=False))) 2025-09-12 13:30:16,693 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-GPLv2---LGPLv2---MIT. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-GPLv2---LGPLv2---MIT', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-gobject-introspection-ba8b5797748d28ee', element_type=, full_element=LicenseSymbol('LicenseRef-GPLv2---LGPLv2---MIT', is_exception=False))) 2025-09-12 13:30:16,693 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-pubkey. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-pubkey', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-gpg-pubkey-f5c8d56c75754b5f', element_type=, full_element=LicenseSymbol('LicenseRef-pubkey', is_exception=False))) 2025-09-12 13:30:16,693 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-pubkey. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-pubkey', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-gpg-pubkey-5e92656c47f48ecf', element_type=, full_element=LicenseSymbol('LicenseRef-pubkey', is_exception=False))) 2025-09-12 13:30:16,693 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-LGPLv2--and-GPLv3-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-LGPLv2--and-GPLv3-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-gpgme-4c577ac790f6c4ca', element_type=, full_element=LicenseSymbol('LicenseRef-LGPLv2--and-GPLv3-', is_exception=False))) 2025-09-12 13:30:16,693 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef--LGPLv2--or-GPLv2--or-MPL--and--Netscape-or-GPLv2--or-LGPLv2--. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef--LGPLv2--or-GPLv2--or-MPL--and--Netscape-or-GPLv2--or-LGPLv2--', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-graphite2-6a95c8d364afa3b1', element_type=, full_element=LicenseSymbol('LicenseRef--LGPLv2--or-GPLv2--or-MPL--and--Netscape-or-GPLv2--or-LGPLv2--', is_exception=False))) 2025-09-12 13:30:16,693 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-GPLv3-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-GPLv3-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-grep-62748f1cf59e78e0', element_type=, full_element=LicenseSymbol('LicenseRef-GPLv3-', is_exception=False))) 2025-09-12 13:30:16,693 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-GPLv3-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-GPLv3-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-info-0c240782403012b9', element_type=, full_element=LicenseSymbol('LicenseRef-GPLv3-', is_exception=False))) 2025-09-12 13:30:16,693 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-ASL-1.1-and-ASL-2.0-and-BSD-and-BSD-with-advertising-and-GPL--and-GPLv2-and-GPLv2-with-exceptions-and-IJG-and-LGPLv2--and-MIT-and-MPLv2.0-and-Public-Domain-and-W3C-and-zlib-and-ISC-and-FTL-and-RSA. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-ASL-1.1-and-ASL-2.0-and-BSD-and-BSD-with-advertising-and-GPL--and-GPLv2-and-GPLv2-with-exceptions-and-IJG-and-LGPLv2--and-MIT-and-MPLv2.0-and-Public-Domain-and-W3C-and-zlib-and-ISC-and-FTL-and-RSA', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-java-17-openjdk-headless-0b824029d8e1d4b4', element_type=, full_element=LicenseSymbol('LicenseRef-ASL-1.1-and-ASL-2.0-and-BSD-and-BSD-with-advertising-and-GPL--and-GPLv2-and-GPLv2-with-exceptions-and-IJG-and-LGPLv2--and-MIT-and-MPLv2.0-and-Public-Domain-and-W3C-and-zlib-and-ISC-and-FTL-and-RSA', is_exception=False))) 2025-09-12 13:30:16,693 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-BSD. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-BSD', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-javapackages-filesystem-bf9dfedb10f8c056', element_type=, full_element=LicenseSymbol('LicenseRef-BSD', is_exception=False))) 2025-09-12 13:30:16,693 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-LGPLv2-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-LGPLv2-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-json-glib-c268f72ac3a7ab82', element_type=, full_element=LicenseSymbol('LicenseRef-LGPLv2-', is_exception=False))) 2025-09-12 13:30:16,693 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-GPLv2--and-LGPLv2-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-GPLv2--and-LGPLv2-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-keyutils-libs-fb339dfb8f3e27ca', element_type=, full_element=LicenseSymbol('LicenseRef-GPLv2--and-LGPLv2-', is_exception=False))) 2025-09-12 13:30:16,693 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-GPLv2-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-GPLv2-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-langpacks-en-7f497674d4f61708', element_type=, full_element=LicenseSymbol('LicenseRef-GPLv2-', is_exception=False))) 2025-09-12 13:30:16,693 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-LGPLv2-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-LGPLv2-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-libacl-d9b2f355148105f9', element_type=, full_element=LicenseSymbol('LicenseRef-LGPLv2-', is_exception=False))) 2025-09-12 13:30:16,693 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-BSD. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-BSD', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-libarchive-32edcfc0b90b8038', element_type=, full_element=LicenseSymbol('LicenseRef-BSD', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-LGPLv2--and-GPLv3-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-LGPLv2--and-GPLv3-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-libassuan-910cdaee48cf27ae', element_type=, full_element=LicenseSymbol('LicenseRef-LGPLv2--and-GPLv3-', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-LGPLv2-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-LGPLv2-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-libattr-8bc69a810e8f2b1b', element_type=, full_element=LicenseSymbol('LicenseRef-LGPLv2-', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-LGPLv2-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-LGPLv2-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-libblkid-7da9986d693e5d75', element_type=, full_element=LicenseSymbol('LicenseRef-LGPLv2-', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-BSD-or-GPLv2. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-BSD-or-GPLv2', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-libcap-2af481b3224ee864', element_type=, full_element=LicenseSymbol('LicenseRef-BSD-or-GPLv2', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-LGPLv2-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-LGPLv2-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-libcap-ng-6cda48dc144381c6', element_type=, full_element=LicenseSymbol('LicenseRef-LGPLv2-', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-BSD-and-LGPLv2-and-Sleepycat. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-BSD-and-LGPLv2-and-Sleepycat', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-libdb-52cca3419957fd34', element_type=, full_element=LicenseSymbol('LicenseRef-BSD-and-LGPLv2-and-Sleepycat', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-BSD-and-LGPLv2-and-Sleepycat. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-BSD-and-LGPLv2-and-Sleepycat', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-libdb-utils-45fc3af425104573', element_type=, full_element=LicenseSymbol('LicenseRef-BSD-and-LGPLv2-and-Sleepycat', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-LGPLv2-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-LGPLv2-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-libdnf-ccae69a8f1bf26b4', element_type=, full_element=LicenseSymbol('LicenseRef-LGPLv2-', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-GPLv3--and-GPLv3--with-exceptions-and-GPLv2--with-exceptions-and-LGPLv2--and-BSD. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-GPLv3--and-GPLv3--with-exceptions-and-GPLv2--with-exceptions-and-LGPLv2--and-BSD', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-libgcc-ba5d65a6c060f2a4', element_type=, full_element=LicenseSymbol('LicenseRef-GPLv3--and-GPLv3--with-exceptions-and-GPLv2--with-exceptions-and-LGPLv2--and-BSD', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-LGPLv2-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-LGPLv2-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-libgcrypt-e14cd65dc8caf2e1', element_type=, full_element=LicenseSymbol('LicenseRef-LGPLv2-', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-LGPLv2-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-LGPLv2-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-libgpg-error-f6401be289a29951', element_type=, full_element=LicenseSymbol('LicenseRef-LGPLv2-', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef--GPLv2--or-LGPLv3---and-GPLv3-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef--GPLv2--or-LGPLv3---and-GPLv3-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-libidn2-e9cc720df2ba47f6', element_type=, full_element=LicenseSymbol('LicenseRef--GPLv2--or-LGPLv3---and-GPLv3-', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef--LGPLv3--or-GPLv2---and-GPLv3-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef--LGPLv3--or-GPLv2---and-GPLv3-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-libksba-c458c69039ddf9a9', element_type=, full_element=LicenseSymbol('LicenseRef--LGPLv3--or-GPLv2---and-GPLv3-', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-LGPLv2-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-LGPLv2-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-libmount-b2602aa040563c45', element_type=, full_element=LicenseSymbol('LicenseRef-LGPLv2-', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-BSD-and-LGPLv2-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-BSD-and-LGPLv2-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-libnsl2-974a9a618fb001f2', element_type=, full_element=LicenseSymbol('LicenseRef-BSD-and-LGPLv2-', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-LGPLv2-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-LGPLv2-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-libpeas-392f0a5fcadeebb2', element_type=, full_element=LicenseSymbol('LicenseRef-LGPLv2-', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-LGPLv2-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-LGPLv2-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-librepo-1edd83592cb43f21', element_type=, full_element=LicenseSymbol('LicenseRef-LGPLv2-', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-LGPLv2-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-LGPLv2-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-librhsm-0e43b0ba87052b0c', element_type=, full_element=LicenseSymbol('LicenseRef-LGPLv2-', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-Public-Domain. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-Public-Domain', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-libselinux-741765cd1a185d2d', element_type=, full_element=LicenseSymbol('LicenseRef-Public-Domain', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-LGPLv2-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-LGPLv2-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-libsemanage-a43082f978972d87', element_type=, full_element=LicenseSymbol('LicenseRef-LGPLv2-', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-LGPLv2-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-LGPLv2-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-libsepol-eaf59e7be20c7d3e', element_type=, full_element=LicenseSymbol('LicenseRef-LGPLv2-', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-GPLv2-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-GPLv2-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-libsigsegv-d10251040527a1d2', element_type=, full_element=LicenseSymbol('LicenseRef-GPLv2-', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-LGPLv2-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-LGPLv2-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-libsmartcols-3a88de361adcb22b', element_type=, full_element=LicenseSymbol('LicenseRef-LGPLv2-', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-BSD. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-BSD', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-libsolv-21f244cf9f97047c', element_type=, full_element=LicenseSymbol('LicenseRef-BSD', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-LGPLv2-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-LGPLv2-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-libssh-2a822b50c08c6dbc', element_type=, full_element=LicenseSymbol('LicenseRef-LGPLv2-', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-LGPLv2-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-LGPLv2-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-libssh-config-7242e01e7ce6f34c', element_type=, full_element=LicenseSymbol('LicenseRef-LGPLv2-', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-GPLv3--and-GPLv3--with-exceptions-and-GPLv2--with-exceptions-and-LGPLv2--and-BSD. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-GPLv3--and-GPLv3--with-exceptions-and-GPLv2--with-exceptions-and-LGPLv2--and-BSD', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-libstdc---42c2775b99d995f0', element_type=, full_element=LicenseSymbol('LicenseRef-GPLv3--and-GPLv3--with-exceptions-and-GPLv2--with-exceptions-and-LGPLv2--and-BSD', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-GPLv3--and-LGPLv2-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-GPLv3--and-LGPLv2-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-libtasn1-bc7e0f562ad0af38', element_type=, full_element=LicenseSymbol('LicenseRef-GPLv3--and-LGPLv2-', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-SISSL-and-BSD. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-SISSL-and-BSD', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-libtirpc-45c08f330b57c72c', element_type=, full_element=LicenseSymbol('LicenseRef-SISSL-and-BSD', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-GPLv2--or-LGPLv3-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-GPLv2--or-LGPLv3-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-libunistring-15d0b38d72c007b5', element_type=, full_element=LicenseSymbol('LicenseRef-GPLv2--or-LGPLv3-', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-LGPLv2-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-LGPLv2-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-libusbx-2f4c2ad8310540ef', element_type=, full_element=LicenseSymbol('LicenseRef-LGPLv2-', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-BSD. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-BSD', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-libuuid-f027380152a9ab5d', element_type=, full_element=LicenseSymbol('LicenseRef-BSD', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-LGPLv2--and-BSD-and-Public-Domain. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-LGPLv2--and-BSD-and-Public-Domain', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-libxcrypt-b9df6c919c8ec343', element_type=, full_element=LicenseSymbol('LicenseRef-LGPLv2--and-BSD-and-Public-Domain', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-BSD-and-GPLv2. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-BSD-and-GPLv2', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-libzstd-1ed86a8e00e9ac03', element_type=, full_element=LicenseSymbol('LicenseRef-BSD-and-GPLv2', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-GPLv2-and-GPLv2--and-LGPLv2-and-MIT. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-GPLv2-and-GPLv2--and-LGPLv2-and-MIT', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-lksctp-tools-a9940d3a6246983b', element_type=, full_element=LicenseSymbol('LicenseRef-GPLv2-and-GPLv2--and-LGPLv2-and-MIT', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-GPLv2--and-BSD. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-GPLv2--and-BSD', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-lz4-libs-3a9e7d2273c9bbfb', element_type=, full_element=LicenseSymbol('LicenseRef-GPLv2--and-BSD', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-GPLv2-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-GPLv2-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-microdnf-ca0883d7a6cb4e50', element_type=, full_element=LicenseSymbol('LicenseRef-GPLv2-', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-LGPLv3--and-GPLv3--and-GFDL. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-LGPLv3--and-GPLv3--and-GFDL', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-mpfr-175ae5bab65df163', element_type=, full_element=LicenseSymbol('LicenseRef-LGPLv3--and-GPLv3--and-GFDL', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-LGPLv3--or-GPLv2-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-LGPLv3--or-GPLv2-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-nettle-3e6d10a0bd45cd13', element_type=, full_element=LicenseSymbol('LicenseRef-LGPLv3--or-GPLv2-', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-LGPLv2-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-LGPLv2-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-npth-49e61fbd0ece437a', element_type=, full_element=LicenseSymbol('LicenseRef-LGPLv2-', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-MPLv2.0. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-MPLv2.0', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-nspr-495ca63cbb5d2da8', element_type=, full_element=LicenseSymbol('LicenseRef-MPLv2.0', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-MPLv2.0. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-MPLv2.0', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-nss-99732969244796ee', element_type=, full_element=LicenseSymbol('LicenseRef-MPLv2.0', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-MPLv2.0. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-MPLv2.0', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-nss-softokn-5d5585da8d6d7b5b', element_type=, full_element=LicenseSymbol('LicenseRef-MPLv2.0', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-MPLv2.0. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-MPLv2.0', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-nss-softokn-freebl-8a795f2d88fba428', element_type=, full_element=LicenseSymbol('LicenseRef-MPLv2.0', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-MPLv2.0. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-MPLv2.0', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-nss-sysinit-95eddc7ee1ffcc88', element_type=, full_element=LicenseSymbol('LicenseRef-MPLv2.0', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-MPLv2.0. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-MPLv2.0', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-nss-util-06368e0fd4fc989a', element_type=, full_element=LicenseSymbol('LicenseRef-MPLv2.0', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-OpenLDAP. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-OpenLDAP', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-openldap-6604d79f06e6a6ea', element_type=, full_element=LicenseSymbol('LicenseRef-OpenLDAP', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-OpenSSL-and-ASL-2.0. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-OpenSSL-and-ASL-2.0', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-openssl-libs-9c2496b95b339aa1', element_type=, full_element=LicenseSymbol('LicenseRef-OpenSSL-and-ASL-2.0', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-BSD. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-BSD', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-p11-kit-02fdbe376d7ff60e', element_type=, full_element=LicenseSymbol('LicenseRef-BSD', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-BSD. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-BSD', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-p11-kit-trust-6f36c2fb68f0d025', element_type=, full_element=LicenseSymbol('LicenseRef-BSD', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-BSD. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-BSD', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-pcre-b69f47803eba9ba3', element_type=, full_element=LicenseSymbol('LicenseRef-BSD', is_exception=False))) 2025-09-12 13:30:16,694 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-BSD. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-BSD', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-pcre2-94338f073bbafec3', element_type=, full_element=LicenseSymbol('LicenseRef-BSD', is_exception=False))) 2025-09-12 13:30:16,695 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-Python. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-Python', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-platform-python-1d506ef7d1cf0ec1', element_type=, full_element=LicenseSymbol('LicenseRef-Python', is_exception=False))) 2025-09-12 13:30:16,695 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-MPLv2.0. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-MPLv2.0', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-publicsuffix-list-dafsa-1dd4b2b010fd6827', element_type=, full_element=LicenseSymbol('LicenseRef-MPLv2.0', is_exception=False))) 2025-09-12 13:30:16,695 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-Python. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-Python', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-python3-libs-ba1fca08c50385c8', element_type=, full_element=LicenseSymbol('LicenseRef-Python', is_exception=False))) 2025-09-12 13:30:16,695 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-MIT-and-Python-and-ASL-2.0-and-BSD-and-ISC-and-LGPLv2-and-MPLv2.0-and--ASL-2.0-or-BSD-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-MIT-and-Python-and-ASL-2.0-and-BSD-and-ISC-and-LGPLv2-and-MPLv2.0-and--ASL-2.0-or-BSD-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-python3-pip-wheel-b96891273d3abf6c', element_type=, full_element=LicenseSymbol('LicenseRef-MIT-and-Python-and-ASL-2.0-and-BSD-and-ISC-and-LGPLv2-and-MPLv2.0-and--ASL-2.0-or-BSD-', is_exception=False))) 2025-09-12 13:30:16,695 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-GPLv3-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-GPLv3-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-readline-896d39f632606396', element_type=, full_element=LicenseSymbol('LicenseRef-GPLv3-', is_exception=False))) 2025-09-12 13:30:16,695 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-GPLv2. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-GPLv2', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-redhat-release-7d59ee0a93ee89c5', element_type=, full_element=LicenseSymbol('LicenseRef-GPLv2', is_exception=False))) 2025-09-12 13:30:16,695 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-Public-Domain. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-Public-Domain', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-rootfiles-a1463735fcbe5d88', element_type=, full_element=LicenseSymbol('LicenseRef-Public-Domain', is_exception=False))) 2025-09-12 13:30:16,695 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-GPLv2-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-GPLv2-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-rpm-2f9cf95da4a08874', element_type=, full_element=LicenseSymbol('LicenseRef-GPLv2-', is_exception=False))) 2025-09-12 13:30:16,695 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-GPLv2--and-LGPLv2--with-exceptions. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-GPLv2--and-LGPLv2--with-exceptions', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-rpm-libs-37c981540b240e5c', element_type=, full_element=LicenseSymbol('LicenseRef-GPLv2--and-LGPLv2--with-exceptions', is_exception=False))) 2025-09-12 13:30:16,695 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-GPLv3-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-GPLv3-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-rsync-1311e1dbd1b331f6', element_type=, full_element=LicenseSymbol('LicenseRef-GPLv3-', is_exception=False))) 2025-09-12 13:30:16,695 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-GPLv3-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-GPLv3-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-sed-a7c3ddd7a84ee0a5', element_type=, full_element=LicenseSymbol('LicenseRef-GPLv3-', is_exception=False))) 2025-09-12 13:30:16,695 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-Public-Domain. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-Public-Domain', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-setup-6029852eadf262c8', element_type=, full_element=LicenseSymbol('LicenseRef-Public-Domain', is_exception=False))) 2025-09-12 13:30:16,695 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-UNKNOWN. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-UNKNOWN', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-python-setuptools-6ba7a1875f9b0bd8', element_type=, full_element=LicenseSymbol('LicenseRef-UNKNOWN', is_exception=False))) 2025-09-12 13:30:16,695 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-BSD-and-GPLv2-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-BSD-and-GPLv2-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-shadow-utils-b3f10928bc4724c5', element_type=, full_element=LicenseSymbol('LicenseRef-BSD-and-GPLv2-', is_exception=False))) 2025-09-12 13:30:16,695 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-The-Apache-Software-License--Version-2.0. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-The-Apache-Software-License--Version-2.0', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-java-archive-simple-jdk8-a780a92ccbcbd91a', element_type=, full_element=LicenseSymbol('LicenseRef-The-Apache-Software-License--Version-2.0', is_exception=False))) 2025-09-12 13:30:16,695 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-Public-Domain. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-Public-Domain', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-sqlite-libs-a9b26c5c64fb3721', element_type=, full_element=LicenseSymbol('LicenseRef-Public-Domain', is_exception=False))) 2025-09-12 13:30:16,695 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-LGPLv2--and-MIT. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-LGPLv2--and-MIT', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-systemd-libs-e2fb44fa2a503830', element_type=, full_element=LicenseSymbol('LicenseRef-LGPLv2--and-MIT', is_exception=False))) 2025-09-12 13:30:16,695 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-GPLv3-. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-GPLv3-', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-tar-abe2e7d85476bfe0', element_type=, full_element=LicenseSymbol('LicenseRef-GPLv3-', is_exception=False))) 2025-09-12 13:30:16,695 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-Public-Domain. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-Public-Domain', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-tzdata-31c5f3c5f60c20b0', element_type=, full_element=LicenseSymbol('LicenseRef-Public-Domain', is_exception=False))) 2025-09-12 13:30:16,695 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-Public-Domain. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-Public-Domain', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-tzdata-java-a9f248ba25a315c4', element_type=, full_element=LicenseSymbol('LicenseRef-Public-Domain', is_exception=False))) 2025-09-12 13:30:16,695 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-BSD. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-BSD', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-unzip-d8a1209f702b5011', element_type=, full_element=LicenseSymbol('LicenseRef-BSD', is_exception=False))) 2025-09-12 13:30:16,695 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-Public-Domain. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-Public-Domain', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-xz-libs-e91578fe83af8db0', element_type=, full_element=LicenseSymbol('LicenseRef-Public-Domain', is_exception=False))) 2025-09-12 13:30:16,695 [WARNING] mobster.cmd.generate.oci_image: ValidationMessage(validation_message='Unrecognized license reference: LicenseRef-zlib-and-Boost. license_expression must only use IDs from the license list or extracted licensing info, but is: LicenseRef-zlib-and-Boost', context=ValidationContext(spdx_id=None, parent_id='SPDXRef-Package-rpm-zlib-cddb82e3b97b6765', element_type=, full_element=LicenseSymbol('LicenseRef-zlib-and-Boost', is_exception=False))) 2025-09-12 13:30:16,717 [INFO] mobster.main: Exiting with code 0. [2025-09-12T13:30:16,783957225+00:00] End prepare-sboms pod: test-component-pac-vrbmoe-o03297d3c2217afc553582eb4e4ef9857-pod | container step-upload-sbom: [2025-09-12T13:30:17,273148128+00:00] Upload SBOM INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' Using token for quay.io/redhat-appstudio-qe/integration2-knlu/test-component-pac-vrbmoe Pushing sbom to registry Executing: cosign attach sbom --sbom sbom.json --type spdx quay.io/redhat-appstudio-qe/integration2-knlu/test-component-pac-vrbmoe:on-pr-5317705287d427a5b8ea6186aaebec2fce6ccb89@sha256:565c0f7a8659c55322b310383b140ba2a7c72a624fb84acf305d7af04c891072 quay.io/redhat-appstudio-qe/integration2-knlu/test-component-pac-vrbmoe@sha256:22c66b51f49ee66d17e1e1019469da8effd4f1947c759486e92814fc659e4ed7 [2025-09-12T13:30:20,192930671+00:00] End upload-sbom pod: test-component-pac-vrbmoe-o5d0d9c5bc2986b2e0574eee2b442f115-pod | init container: prepare 2025/09/12 13:30:58 Entrypoint initialization pod: test-component-pac-vrbmoe-o5d0d9c5bc2986b2e0574eee2b442f115-pod | init container: place-scripts 2025/09/12 13:31:01 Decoded script /tekton/scripts/script-0-qcjfm pod: test-component-pac-vrbmoe-o5d0d9c5bc2986b2e0574eee2b442f115-pod | init container: working-dir-initializer pod: test-component-pac-vrbmoe-o5d0d9c5bc2986b2e0574eee2b442f115-pod | container step-push: [2025-09-12T13:31:07,438772865+00:00] Validate context path Selecting auth for quay.io/redhat-appstudio-qe/integration2-knlu/test-component-pac-vrbmoe:on-pr-5317705287d427a5b8ea6186aaebec2fce6ccb89 Using token for quay.io/redhat-appstudio-qe/integration2-knlu/test-component-pac-vrbmoe Pushing Dockerfile to registry Executing: oras push --no-tty --format json --registry-config /tmp/tmp.NmDLyXwD8w --artifact-type application/vnd.konflux.dockerfile quay.io/redhat-appstudio-qe/integration2-knlu/test-component-pac-vrbmoe:sha256-565c0f7a8659c55322b310383b140ba2a7c72a624fb84acf305d7af04c891072.dockerfile Dockerfile pod: test-component-pac-vrbmoe-o769ad1f3d72612b4303148ec2132fc25-pod | init container: prepare 2025/09/12 13:30:36 Entrypoint initialization pod: test-component-pac-vrbmoe-o769ad1f3d72612b4303148ec2132fc25-pod | init container: place-scripts 2025/09/12 13:30:37 Decoded script /tekton/scripts/script-0-rvwsb 2025/09/12 13:30:37 Decoded script /tekton/scripts/script-1-cnddf pod: test-component-pac-vrbmoe-o769ad1f3d72612b4303148ec2132fc25-pod | init container: working-dir-initializer pod: test-component-pac-vrbmoe-o769ad1f3d72612b4303148ec2132fc25-pod | container step-sast-snyk-check: INFO: The PROJECT_NAME used is: test-component-pac-vrbmoe INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt '/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt' {"result":"SKIPPED","timestamp":"2025-09-12T13:31:01+00:00","note":"Task sast-snyk-check skipped: If you wish to use the Snyk code SAST task, please create a secret name snyk-secret with the key 'snyk_token' containing the Snyk token by following the steps given [here](https://konflux-ci.dev/docs/testing/build/snyk/)","namespace":"default","successes":0,"failures":0,"warnings":0} pod: test-component-pac-vrbmoe-o769ad1f3d72612b4303148ec2132fc25-pod | container step-upload: No sast_snyk_check_out.sarif exists. Skipping upload. No excluded-findings.json exists. Skipping upload. pod: test-component-pac-vrbmoe-o9678abce1994eae9f92f623a1a524dea-pod | init container: prepare 2025/09/12 13:31:40 Entrypoint initialization pod: test-component-pac-vrbmoe-o9678abce1994eae9f92f623a1a524dea-pod | init container: place-scripts 2025/09/12 13:31:40 Decoded script /tekton/scripts/script-0-pcst2 pod: test-component-pac-vrbmoe-o9678abce1994eae9f92f623a1a524dea-pod | container step-appstudio-summary: Build Summary: Build repository: https://github.com/redhat-appstudio-qe/konflux-test-integration?rev=5317705287d427a5b8ea6186aaebec2fce6ccb89 Generated Image is in : quay.io/redhat-appstudio-qe/integration2-knlu/test-component-pac-vrbmoe:on-pr-5317705287d427a5b8ea6186aaebec2fce6ccb89 End Summary pod: test-component-pac-vrbmoe-oa82c7cb3a97508eaa9033b8d07cae725-pod | init container: prepare 2025/09/12 13:30:36 Entrypoint initialization pod: test-component-pac-vrbmoe-oa82c7cb3a97508eaa9033b8d07cae725-pod | init container: place-scripts 2025/09/12 13:30:37 Decoded script /tekton/scripts/script-0-9pw8s 2025/09/12 13:30:37 Decoded script /tekton/scripts/script-1-k6s9x 2025/09/12 13:30:37 Decoded script /tekton/scripts/script-2-wz2pw 2025/09/12 13:30:37 Decoded script /tekton/scripts/script-3-ddj2q 2025/09/12 13:30:37 Decoded script /tekton/scripts/script-4-lrfd4 2025/09/12 13:30:37 Decoded script /tekton/scripts/script-5-ndshw pod: test-component-pac-vrbmoe-oa82c7cb3a97508eaa9033b8d07cae725-pod | container step-introspect: Artifact type will be determined by introspection. Checking the media type of the OCI artifact... Executing: skopeo inspect --raw --retry-times 3 docker://quay.io/redhat-appstudio-qe/integration2-knlu/test-component-pac-vrbmoe:on-pr-5317705287d427a5b8ea6186aaebec2fce6ccb89 The media type of the OCI artifact is application/vnd.oci.image.manifest.v1+json. Looking for image labels that indicate this might be an operator bundle... Executing: skopeo inspect --retry-times 3 docker://quay.io/redhat-appstudio-qe/integration2-knlu/test-component-pac-vrbmoe:on-pr-5317705287d427a5b8ea6186aaebec2fce6ccb89 Found 0 matching labels. Expecting 3 or more to identify this image as an operator bundle. Introspection concludes that this artifact is of type "application". pod: test-component-pac-vrbmoe-oa82c7cb3a97508eaa9033b8d07cae725-pod | container step-generate-container-auth: Selecting auth for quay.io/redhat-appstudio-qe/integration2-knlu/test-component-pac-vrbmoe:on-pr-5317705287d427a5b8ea6186aaebec2fce6ccb89 Using token for quay.io/redhat-appstudio-qe/integration2-knlu/test-component-pac-vrbmoe Auth json written to "/auth/auth.json". pod: test-component-pac-vrbmoe-oa82c7cb3a97508eaa9033b8d07cae725-pod | container step-set-skip-for-bundles: 2025/09/12 13:30:52 INFO Step was skipped due to when expressions were evaluated to false. pod: test-component-pac-vrbmoe-oa82c7cb3a97508eaa9033b8d07cae725-pod | container step-app-check: time="2025-09-12T13:30:53Z" level=info msg="certification library version" version="1.14.1 " time="2025-09-12T13:30:53Z" level=info msg="running checks for quay.io/redhat-appstudio-qe/integration2-knlu/test-component-pac-vrbmoe:on-pr-5317705287d427a5b8ea6186aaebec2fce6ccb89 for platform amd64" time="2025-09-12T13:30:53Z" level=info msg="target image" image="quay.io/redhat-appstudio-qe/integration2-knlu/test-component-pac-vrbmoe:on-pr-5317705287d427a5b8ea6186aaebec2fce6ccb89" time="2025-09-12T13:31:01Z" level=info msg="check completed" check=HasLicense result=FAILED time="2025-09-12T13:31:01Z" level=info msg="check completed" check=HasUniqueTag result=PASSED time="2025-09-12T13:31:01Z" level=info msg="check completed" check=LayerCountAcceptable result=PASSED time="2025-09-12T13:31:01Z" level=info msg="check completed" check=HasNoProhibitedPackages result=PASSED time="2025-09-12T13:31:01Z" level=info msg="check completed" check=HasRequiredLabel result=PASSED time="2025-09-12T13:31:01Z" level=info msg="USER 185 specified that is non-root" check=RunAsNonRoot time="2025-09-12T13:31:01Z" level=info msg="check completed" check=RunAsNonRoot result=PASSED time="2025-09-12T13:31:08Z" level=info msg="check completed" check=HasModifiedFiles result=PASSED time="2025-09-12T13:31:10Z" level=info msg="check completed" check=BasedOnUbi result=PASSED time="2025-09-12T13:31:10Z" level=info msg="This image's tag on-pr-5317705287d427a5b8ea6186aaebec2fce6ccb89 will be paired with digest sha256:565c0f7a8659c55322b310383b140ba2a7c72a624fb84acf305d7af04c891072 once this image has been published in accordance with Red Hat Certification policy. You may then add or remove any supplemental tags through your Red Hat Connect portal as you see fit." { "image": "quay.io/redhat-appstudio-qe/integration2-knlu/test-component-pac-vrbmoe:on-pr-5317705287d427a5b8ea6186aaebec2fce6ccb89", time="2025-09-12T13:31:10Z" level=info msg="Preflight result: FAILED" "passed": false, "test_library": { "name": "github.com/redhat-openshift-ecosystem/openshift-preflight", "version": "1.14.1", "commit": "436b6cd740f4144eba59ad1378be00383c7b0269" }, "results": { "passed": [ { "name": "HasUniqueTag", "elapsed_time": 0, "description": "Checking if container has a tag other than 'latest', so that the image can be uniquely identified." }, { "name": "LayerCountAcceptable", "elapsed_time": 0, "description": "Checking if container has less than 40 layers. Too many layers within the container images can degrade container performance." }, { "name": "HasNoProhibitedPackages", "elapsed_time": 39, "description": "Checks to ensure that the image in use does not include prohibited packages, such as Red Hat Enterprise Linux (RHEL) kernel packages." }, { "name": "HasRequiredLabel", "elapsed_time": 0, "description": "Checking if the required labels (name, vendor, version, release, summary, description, maintainer) are present in the container metadata" }, { "name": "RunAsNonRoot", "elapsed_time": 0, "description": "Checking if container runs as the root user because a container that does not specify a non-root user will fail the automatic certification, and will be subject to a manual review before the container can be approved for publication" }, { "name": "HasModifiedFiles", "elapsed_time": 7022, "description": "Checks that no files installed via RPM in the base Red Hat layer have been modified" }, { "name": "BasedOnUbi", "elapsed_time": 1271, "description": "Checking if the container's base image is based upon the Red Hat Universal Base Image (UBI)" } ], "failed": [ { "name": "HasLicense", "elapsed_time": 0, "description": "Checking if terms and conditions applicable to the software including open source licensing information are present. The license must be at /licenses", "help": "Check HasLicense encountered an error. Please review the preflight.log file for more information.", "suggestion": "Create a directory named /licenses and include all relevant licensing and/or terms and conditions as text file(s) in that directory.", "knowledgebase_url": "https://access.redhat.com/documentation/en-us/red_hat_software_certification/2024/html-single/red_hat_openshift_software_certification_policy_guide/index#assembly-requirements-for-container-images_openshift-sw-cert-policy-introduction", "check_url": "https://access.redhat.com/documentation/en-us/red_hat_software_certification/2024/html-single/red_hat_openshift_software_certification_policy_guide/index#assembly-requirements-for-container-images_openshift-sw-cert-policy-introduction" } ], "errors": [] } } pod: test-component-pac-vrbmoe-oa82c7cb3a97508eaa9033b8d07cae725-pod | container step-app-set-outcome: {"result":"FAILURE","timestamp":"1757683870","note":"Task preflight is a FAILURE: Refer to Tekton task logs for more information","successes":7,"failures":1,"warnings":0} pod: test-component-pac-vrbmoe-oa82c7cb3a97508eaa9033b8d07cae725-pod | container step-final-outcome: + [[ ! -f /mount/konflux.results.json ]] + tee /tekton/steps/step-final-outcome/results/test-output {"result":"FAILURE","timestamp":"1757683870","note":"Task preflight is a FAILURE: Refer to Tekton task logs for more information","successes":7,"failures":1,"warnings":0} pod: test-component-pac-vrbmoe-on-pull-request-z4gzf-apply-tags-pod | init container: prepare 2025/09/12 13:30:56 Entrypoint initialization pod: test-component-pac-vrbmoe-on-pull-request-z4gzf-apply-tags-pod | init container: place-scripts 2025/09/12 13:31:01 Decoded script /tekton/scripts/script-0-v4tw9 2025/09/12 13:31:01 Decoded script /tekton/scripts/script-1-tm8kj pod: test-component-pac-vrbmoe-on-pull-request-z4gzf-apply-tags-pod | container step-apply-additional-tags-from-parameter: No additional tags parameter specified pod: test-component-pac-vrbmoe-on-pull-request-z4gzf-apply-tags-pod | container step-apply-additional-tags-from-image-label: No additional tags specified in the image labels pod: test-component-pac-vrbmoe-on-pull-request-z4gzf-clair-scan-pod | init container: prepare 2025/09/12 13:30:35 Entrypoint initialization pod: test-component-pac-vrbmoe-on-pull-request-z4gzf-clair-scan-pod | init container: place-scripts 2025/09/12 13:30:36 Decoded script /tekton/scripts/script-0-cbmq4 2025/09/12 13:30:36 Decoded script /tekton/scripts/script-1-jrhc7 2025/09/12 13:30:36 Decoded script /tekton/scripts/script-2-xh46g 2025/09/12 13:30:36 Decoded script /tekton/scripts/script-3-9d2kw pod: test-component-pac-vrbmoe-on-pull-request-z4gzf-clair-scan-pod | container step-get-image-manifests: Inspecting raw image manifest quay.io/redhat-appstudio-qe/integration2-knlu/test-component-pac-vrbmoe@sha256:565c0f7a8659c55322b310383b140ba2a7c72a624fb84acf305d7af04c891072. pod: test-component-pac-vrbmoe-on-pull-request-z4gzf-clair-scan-pod | container step-get-vulnerabilities: Running clair-action on amd64 image manifest... 2025-09-12T13:30:51Z INF matchers created component=libvuln/New matchers=[{"docs":"https://pkg.go.dev/github.com/quay/claircore/ruby","name":"ruby-gem"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/debian","name":"debian-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/gobin","name":"gobin"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/photon","name":"photon"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/rhel","name":"rhel"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/java","name":"java-maven"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/aws","name":"aws-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/python","name":"python"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/oracle","name":"oracle"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/rhel/rhcc","name":"rhel-container-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/ubuntu","name":"ubuntu-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/suse","name":"suse"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/alpine","name":"alpine-matcher"}] 2025-09-12T13:30:51Z INF libvuln initialized component=libvuln/New 2025-09-12T13:30:53Z INF registered configured scanners component=libindex/New 2025-09-12T13:30:53Z INF NewLayerScanner: constructing a new layer-scanner component=indexer.NewLayerScanner 2025-09-12T13:30:53Z INF index request start component=libindex/Libindex.Index manifest=sha256:565c0f7a8659c55322b310383b140ba2a7c72a624fb84acf305d7af04c891072 2025-09-12T13:30:53Z INF starting scan component=indexer/controller/Controller.Index manifest=sha256:565c0f7a8659c55322b310383b140ba2a7c72a624fb84acf305d7af04c891072 2025-09-12T13:30:53Z INF manifest to be scanned component=indexer/controller/Controller.Index manifest=sha256:565c0f7a8659c55322b310383b140ba2a7c72a624fb84acf305d7af04c891072 state=CheckManifest 2025-09-12T13:30:53Z INF layers fetch start component=indexer/controller/Controller.Index manifest=sha256:565c0f7a8659c55322b310383b140ba2a7c72a624fb84acf305d7af04c891072 state=FetchLayers 2025-09-12T13:30:54Z INF layers fetch success component=indexer/controller/Controller.Index manifest=sha256:565c0f7a8659c55322b310383b140ba2a7c72a624fb84acf305d7af04c891072 state=FetchLayers 2025-09-12T13:30:54Z INF layers fetch done component=indexer/controller/Controller.Index manifest=sha256:565c0f7a8659c55322b310383b140ba2a7c72a624fb84acf305d7af04c891072 state=FetchLayers 2025-09-12T13:30:54Z INF layers scan start component=indexer/controller/Controller.Index manifest=sha256:565c0f7a8659c55322b310383b140ba2a7c72a624fb84acf305d7af04c891072 state=ScanLayers 2025-09-12T13:30:54Z INF found buildinfo Dockerfile component=rhel/rhcc/scanner.Scan kind=package layer=sha256:8ca21e5fedc58b98be949cf3ddc647cb6a00cfc555df1bbfe6431ce4b7599730 manifest=sha256:565c0f7a8659c55322b310383b140ba2a7c72a624fb84acf305d7af04c891072 path=root/buildinfo/Dockerfile-ubi8-minimal-8.6-751 scanner=rhel_containerscanner state=ScanLayers 2025-09-12T13:30:54Z INF found buildinfo Dockerfile component=rhel/rhcc/scanner.Scan kind=package layer=sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192 manifest=sha256:565c0f7a8659c55322b310383b140ba2a7c72a624fb84acf305d7af04c891072 path=root/buildinfo/Dockerfile-ubi8-openjdk-17-runtime-1.13-1.1655306380 scanner=rhel_containerscanner state=ScanLayers 2025-09-12T13:30:54Z INF skipping jar component=java/Scanner.Scan file=usr/lib/jvm/java-17-openjdk-17.0.3.0.7-2.el8_6.x86_64/lib/jrt-fs.jar kind=package layer=sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192 manifest=sha256:565c0f7a8659c55322b310383b140ba2a7c72a624fb84acf305d7af04c891072 reason="jar: unidentified jar: jrt-fs.jar" scanner=java state=ScanLayers version=6 2025-09-12T13:30:55Z INF layers scan done component=indexer/controller/Controller.Index manifest=sha256:565c0f7a8659c55322b310383b140ba2a7c72a624fb84acf305d7af04c891072 state=ScanLayers 2025-09-12T13:30:55Z INF starting index manifest component=indexer/controller/Controller.Index manifest=sha256:565c0f7a8659c55322b310383b140ba2a7c72a624fb84acf305d7af04c891072 state=IndexManifest 2025-09-12T13:30:55Z INF finishing scan component=indexer/controller/Controller.Index manifest=sha256:565c0f7a8659c55322b310383b140ba2a7c72a624fb84acf305d7af04c891072 state=IndexFinished 2025-09-12T13:30:55Z INF manifest successfully scanned component=indexer/controller/Controller.Index manifest=sha256:565c0f7a8659c55322b310383b140ba2a7c72a624fb84acf305d7af04c891072 state=IndexFinished 2025-09-12T13:30:55Z INF index request done component=libindex/Libindex.Index manifest=sha256:565c0f7a8659c55322b310383b140ba2a7c72a624fb84acf305d7af04c891072 { "manifest_hash": "sha256:565c0f7a8659c55322b310383b140ba2a7c72a624fb84acf305d7af04c891072", "packages": { "+FFDF1L07rB99e4UL9WB+A==": { "id": "+FFDF1L07rB99e4UL9WB+A==", "name": "java-17-openjdk-headless", "version": "1:17.0.3.0.7-2.el8_6", "kind": "binary", "source": { "id": "", "name": "java-17-openjdk", "version": "17.0.3.0.7-2.el8_6", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "+TWRS5lpqtsI5jIjRZP70w==": { "id": "+TWRS5lpqtsI5jIjRZP70w==", "name": "alsa-lib", "version": "1.2.6.1-3.el8", "kind": "binary", "source": { "id": "", "name": "alsa-lib", "version": "1.2.6.1-3.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "+XM+s3niWaEk1U5jnR5DpA==": { "id": "+XM+s3niWaEk1U5jnR5DpA==", "name": "libyaml", "version": "0.1.7-5.el8", "kind": "binary", "source": { "id": "", "name": "libyaml", "version": "0.1.7-5.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "+Xr7HyTxXf0c8jLaUyo3xA==": { "id": "+Xr7HyTxXf0c8jLaUyo3xA==", "name": "libidn2", "version": "2.2.0-1.el8", "kind": "binary", "source": { "id": "", "name": "libidn2", "version": "2.2.0-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "+oTt3EDPSdSzupH3D6G0BA==": { "id": "+oTt3EDPSdSzupH3D6G0BA==", "name": "lz4-libs", "version": "1.8.3-3.el8_4", "kind": "binary", "source": { "id": "", "name": "lz4", "version": "1.8.3-3.el8_4", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "/hlOG6wgqZ0r/gMNh7kyZQ==": { "id": "/hlOG6wgqZ0r/gMNh7kyZQ==", "name": "dbus-libs", "version": "1:1.12.8-18.el8", "kind": "binary", "source": { "id": "", "name": "dbus", "version": "1.12.8-18.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "/nOgP+HpRWzSY9fEcmr6JQ==": { "id": "/nOgP+HpRWzSY9fEcmr6JQ==", "name": "python3-pip-wheel", "version": "9.0.3-22.el8", "kind": "binary", "source": { "id": "", "name": "python-pip", "version": "9.0.3-22.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "/uiu4k91jQyip2jGTInzAg==": { "id": "/uiu4k91jQyip2jGTInzAg==", "name": "gdbm-libs", "version": "1:1.18-1.el8", "kind": "binary", "source": { "id": "", "name": "gdbm", "version": "1.18-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "0x/GRqZgisb/k2Y9co6i/Q==": { "id": "0x/GRqZgisb/k2Y9co6i/Q==", "name": "setup", "version": "2.12.2-6.el8", "kind": "binary", "source": { "id": "", "name": "setup", "version": "2.12.2-6.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "1gormAsAjMuks2JveQRd0Q==": { "id": "1gormAsAjMuks2JveQRd0Q==", "name": "gobject-introspection", "version": "1.56.1-1.el8", "kind": "binary", "source": { "id": "", "name": "gobject-introspection", "version": "1.56.1-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "2k8BSFOOZ2ndA++n5wl4TA==": { "id": "2k8BSFOOZ2ndA++n5wl4TA==", "name": "glibc-common", "version": "2.28-189.1.el8", "kind": "binary", "source": { "id": "", "name": "glibc", "version": "2.28-189.1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "2w5sZgHYUcx7+6n/wISUjw==": { "id": "2w5sZgHYUcx7+6n/wISUjw==", "name": "tzdata", "version": "2022a-1.el8", "kind": "binary", "source": { "id": "", "name": "tzdata", "version": "2022a-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "3OVNevSm98h4f1fmX4IZwQ==": { "id": "3OVNevSm98h4f1fmX4IZwQ==", "name": "org.example:simple-java-project", "version": "1.0-SNAPSHOT", "kind": "binary", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "", "cpe": "" }, "3uSX4NgBxQvC8LEk48QoOQ==": { "id": "3uSX4NgBxQvC8LEk48QoOQ==", "name": "cyrus-sasl-lib", "version": "2.1.27-6.el8_5", "kind": "binary", "source": { "id": "", "name": "cyrus-sasl", "version": "2.1.27-6.el8_5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "45rvgYmy022Tx6fVWfking==": { "id": "45rvgYmy022Tx6fVWfking==", "name": "publicsuffix-list-dafsa", "version": "20180723-1.el8", "kind": "binary", "source": { "id": "", "name": "publicsuffix-list", "version": "20180723-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "47OMpR7yEmE4lttsyWq3fw==": { "id": "47OMpR7yEmE4lttsyWq3fw==", "name": "libusbx", "version": "1.0.23-4.el8", "kind": "binary", "source": { "id": "", "name": "libusbx", "version": "1.0.23-4.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "4sG4bBloak5Sz907ZDRs6Q==": { "id": "4sG4bBloak5Sz907ZDRs6Q==", "name": "libnsl2", "version": "1.2.0-2.20180605git4a062cf.el8", "kind": "binary", "source": { "id": "", "name": "libnsl2", "version": "1.2.0-2.20180605git4a062cf.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "5Mcqv1rmwAoEs983fcq1cg==": { "id": "5Mcqv1rmwAoEs983fcq1cg==", "name": "glibc", "version": "2.28-189.1.el8", "kind": "binary", "source": { "id": "", "name": "glibc", "version": "2.28-189.1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "67DLnC895xbDFuD3MGhCtQ==": { "id": "67DLnC895xbDFuD3MGhCtQ==", "name": "io.github.stuartwdouglas.hacbs-test.simple:simple-jdk8", "version": "1.2.4", "kind": "binary", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "", "cpe": "" }, "6KnijwRsfeerWmf5Zl8NWw==": { "id": "6KnijwRsfeerWmf5Zl8NWw==", "name": "sed", "version": "4.5-5.el8", "kind": "binary", "source": { "id": "", "name": "sed", "version": "4.5-5.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "6NQw1cV8s7CyqFCaiHFA6g==": { "id": "6NQw1cV8s7CyqFCaiHFA6g==", "name": "libtirpc", "version": "1.1.4-6.el8", "kind": "binary", "source": { "id": "", "name": "libtirpc", "version": "1.1.4-6.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "6Tp9WGakxVaQJ9rGhrsxpw==": { "id": "6Tp9WGakxVaQJ9rGhrsxpw==", "name": "krb5-libs", "version": "1.18.2-14.el8", "kind": "binary", "source": { "id": "", "name": "krb5", "version": "1.18.2-14.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "6dlkQEp2PtZPvC6f+1oBaA==": { "id": "6dlkQEp2PtZPvC6f+1oBaA==", "name": "bzip2-libs", "version": "1.0.6-26.el8", "kind": "binary", "source": { "id": "", "name": "bzip2", "version": "1.0.6-26.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "6mY62Fou7cJqqLJXm9hzXg==": { "id": "6mY62Fou7cJqqLJXm9hzXg==", "name": "gnupg2", "version": "2.2.20-2.el8", "kind": "binary", "source": { "id": "", "name": "gnupg2", "version": "2.2.20-2.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "8vRmB+Moiz+Kt6edi4cSYw==": { "id": "8vRmB+Moiz+Kt6edi4cSYw==", "name": "libpng", "version": "2:1.6.34-5.el8", "kind": "binary", "source": { "id": "", "name": "libpng", "version": "1.6.34-5.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "9CuK4fRE5gzOSWH5fqWZJw==": { "id": "9CuK4fRE5gzOSWH5fqWZJw==", "name": "sqlite-libs", "version": "3.26.0-15.el8", "kind": "binary", "source": { "id": "", "name": "sqlite", "version": "3.26.0-15.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "9c4B7Edcs6gS7zy4kBT4Jw==": { "id": "9c4B7Edcs6gS7zy4kBT4Jw==", "name": "libarchive", "version": "3.3.3-3.el8_5", "kind": "binary", "source": { "id": "", "name": "libarchive", "version": "3.3.3-3.el8_5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "ANDgSqQGzia2s5Evfohfng==": { "id": "ANDgSqQGzia2s5Evfohfng==", "name": "crypto-policies-scripts", "version": "20211116-1.gitae470d6.el8", "kind": "binary", "source": { "id": "", "name": "crypto-policies", "version": "20211116-1.gitae470d6.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "BPD4nm0V1xem9/HmmAnFiA==": { "id": "BPD4nm0V1xem9/HmmAnFiA==", "name": "libcom_err", "version": "1.45.6-4.el8", "kind": "binary", "source": { "id": "", "name": "e2fsprogs", "version": "1.45.6-4.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "BmK1zIjr5KsuOODCYwxRCw==": { "id": "BmK1zIjr5KsuOODCYwxRCw==", "name": "libpsl", "version": "0.20.2-6.el8", "kind": "binary", "source": { "id": "", "name": "libpsl", "version": "0.20.2-6.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "BrxW5JNpEdvbkoGRXbVirw==": { "id": "BrxW5JNpEdvbkoGRXbVirw==", "name": "libssh-config", "version": "0.9.6-3.el8", "kind": "binary", "source": { "id": "", "name": "libssh", "version": "0.9.6-3.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "Bt7v/jLkw1CWEjQhzP+6Ew==": { "id": "Bt7v/jLkw1CWEjQhzP+6Ew==", "name": "openldap", "version": "2.4.46-18.el8", "kind": "binary", "source": { "id": "", "name": "openldap", "version": "2.4.46-18.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "CbI8d0OI9wvrtddD/Wg0GA==": { "id": "CbI8d0OI9wvrtddD/Wg0GA==", "name": "libblkid", "version": "2.32.1-35.el8", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.32.1-35.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "Ce3Eu6RmZkiUW2to8Kec/w==": { "id": "Ce3Eu6RmZkiUW2to8Kec/w==", "name": "libtasn1", "version": "4.13-3.el8", "kind": "binary", "source": { "id": "", "name": "libtasn1", "version": "4.13-3.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "D/ASdBsgxLNlG5Q8U7UPsQ==": { "id": "D/ASdBsgxLNlG5Q8U7UPsQ==", "name": "rootfiles", "version": "8.1-22.el8", "kind": "binary", "source": { "id": "", "name": "rootfiles", "version": "8.1-22.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "DDTkLjNbJ/V2uz310z/fuw==": { "id": "DDTkLjNbJ/V2uz310z/fuw==", "name": "lcms2", "version": "2.9-2.el8", "kind": "binary", "source": { "id": "", "name": "lcms2", "version": "2.9-2.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "DS3vpAOaY4vfiIx/udLZRg==": { "id": "DS3vpAOaY4vfiIx/udLZRg==", "name": "shadow-utils", "version": "2:4.6-16.el8", "kind": "binary", "source": { "id": "", "name": "shadow-utils", "version": "4.6-16.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "DYJh4BkqJxquwUlC97bMfg==": { "id": "DYJh4BkqJxquwUlC97bMfg==", "name": "nss-sysinit", "version": "3.67.0-7.el8_5", "kind": "binary", "source": { "id": "", "name": "nss", "version": "3.67.0-7.el8_5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "DmuZx55zNhnDgvsTT5yVYw==": { "id": "DmuZx55zNhnDgvsTT5yVYw==", "name": "platform-python-setuptools", "version": "39.2.0-6.el8", "kind": "binary", "source": { "id": "", "name": "python-setuptools", "version": "39.2.0-6.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "EhXwf9CihVVBNVLvlss3Vg==": { "id": "EhXwf9CihVVBNVLvlss3Vg==", "name": "gpgme", "version": "1.13.1-11.el8", "kind": "binary", "source": { "id": "", "name": "gpgme", "version": "1.13.1-11.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "F7AOP7tK5AfUXV1g9iTzFA==": { "id": "F7AOP7tK5AfUXV1g9iTzFA==", "name": "mpfr", "version": "3.1.6-1.el8", "kind": "binary", "source": { "id": "", "name": "mpfr", "version": "3.1.6-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "F8J7f4sv3sY7BmdP80pHcQ==": { "id": "F8J7f4sv3sY7BmdP80pHcQ==", "name": "redhat-release", "version": "8.6-0.1.el8", "kind": "binary", "source": { "id": "", "name": "redhat-release", "version": "8.6-0.1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "FTEArHfNxv8mTCM/rtN+pw==": { "id": "FTEArHfNxv8mTCM/rtN+pw==", "name": "libverto", "version": "0.3.0-5.el8", "kind": "binary", "source": { "id": "", "name": "libverto", "version": "0.3.0-5.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "FdB9K1+1CEpzAW4zwkaAGw==": { "id": "FdB9K1+1CEpzAW4zwkaAGw==", "name": "libcurl", "version": "7.61.1-22.el8", "kind": "binary", "source": { "id": "", "name": "curl", "version": "7.61.1-22.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "GLKhGblbPbPbtDKwfpCv5A==": { "id": "GLKhGblbPbPbtDKwfpCv5A==", "name": "filesystem", "version": "3.8-6.el8", "kind": "binary", "source": { "id": "", "name": "filesystem", "version": "3.8-6.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "Gg1Q6hponuT1eSJHwaJ83w==": { "id": "Gg1Q6hponuT1eSJHwaJ83w==", "name": "libcap-ng", "version": "0.7.11-1.el8", "kind": "binary", "source": { "id": "", "name": "libcap-ng", "version": "0.7.11-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "HDZVD0RFqjZqw94CAmDsAg==": { "id": "HDZVD0RFqjZqw94CAmDsAg==", "name": "tar", "version": "2:1.30-5.el8", "kind": "binary", "source": { "id": "", "name": "tar", "version": "1.30-5.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "HMIoZ/TKrKhxI1rD26qmpw==": { "id": "HMIoZ/TKrKhxI1rD26qmpw==", "name": "json-c", "version": "0.13.1-3.el8", "kind": "binary", "source": { "id": "", "name": "json-c", "version": "0.13.1-3.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "HkH7JOZ7zVk8ggpmKHnMxg==": { "id": "HkH7JOZ7zVk8ggpmKHnMxg==", "name": "rpm-libs", "version": "4.14.3-23.el8", "kind": "binary", "source": { "id": "", "name": "rpm", "version": "4.14.3-23.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "Hr1TetfTnCbToWK+Q1/NLw==": { "id": "Hr1TetfTnCbToWK+Q1/NLw==", "name": "rpm", "version": "4.14.3-23.el8", "kind": "binary", "source": { "id": "", "name": "rpm", "version": "4.14.3-23.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "I+kjs7Yx80eRSvYzDMDQwg==": { "id": "I+kjs7Yx80eRSvYzDMDQwg==", "name": "librepo", "version": "1.14.2-1.el8", "kind": "binary", "source": { "id": "", "name": "librepo", "version": "1.14.2-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "IViyNgpFkLysfz2oNJCQ6A==": { "id": "IViyNgpFkLysfz2oNJCQ6A==", "name": "nss", "version": "3.67.0-7.el8_5", "kind": "binary", "source": { "id": "", "name": "nss", "version": "3.67.0-7.el8_5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "IdaeQutkPjfv4bTMEkXWog==": { "id": "IdaeQutkPjfv4bTMEkXWog==", "name": "libgcrypt", "version": "1.8.5-6.el8", "kind": "binary", "source": { "id": "", "name": "libgcrypt", "version": "1.8.5-6.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "IzLcxZDtcvtJR5Gwdq9HDg==": { "id": "IzLcxZDtcvtJR5Gwdq9HDg==", "name": "libattr", "version": "2.4.48-3.el8", "kind": "binary", "source": { "id": "", "name": "attr", "version": "2.4.48-3.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "JC8eNzSj6tieJqNqASET1Q==": { "id": "JC8eNzSj6tieJqNqASET1Q==", "name": "p11-kit", "version": "0.23.22-1.el8", "kind": "binary", "source": { "id": "", "name": "p11-kit", "version": "0.23.22-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "KEv35rCgD9zHEYNaQPCB6A==": { "id": "KEv35rCgD9zHEYNaQPCB6A==", "name": "libjpeg-turbo", "version": "1.5.3-12.el8", "kind": "binary", "source": { "id": "", "name": "libjpeg-turbo", "version": "1.5.3-12.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "N1RbIRo2SyHosQefv+skDw==": { "id": "N1RbIRo2SyHosQefv+skDw==", "name": "gawk", "version": "4.2.1-4.el8", "kind": "binary", "source": { "id": "", "name": "gawk", "version": "4.2.1-4.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "NJbhst8VIOwst++ZzRP6tA==": { "id": "NJbhst8VIOwst++ZzRP6tA==", "name": "libpeas", "version": "1.22.0-6.el8", "kind": "binary", "source": { "id": "", "name": "libpeas", "version": "1.22.0-6.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "NiBHWU1yEG8qOzVkqfsy6A==": { "id": "NiBHWU1yEG8qOzVkqfsy6A==", "name": "ubi8-minimal-container", "version": "8.6-751", "kind": "source", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "rhctag:8.6.0.0.0.0.0.0.0.0", "arch": "x86_64", "cpe": "" }, "O63QX7+X9KEjj9ex/GG2aA==": { "id": "O63QX7+X9KEjj9ex/GG2aA==", "name": "libuuid", "version": "2.32.1-35.el8", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.32.1-35.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "P5Se4zJpr8ZUwZNUojfuzA==": { "id": "P5Se4zJpr8ZUwZNUojfuzA==", "name": "libxcrypt", "version": "4.1.1-6.el8", "kind": "binary", "source": { "id": "", "name": "libxcrypt", "version": "4.1.1-6.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "PQXz0EQWi7hqoFdjFxre5A==": { "id": "PQXz0EQWi7hqoFdjFxre5A==", "name": "ubi8/openjdk-17-runtime", "version": "1.13-1.1655306380", "kind": "binary", "source": { "id": "isr6jfWrcZNA6lh/jzia7Q==", "name": "openjdk-17-runtime-ubi8-container", "version": "1.13-1.1655306380", "kind": "source", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "rhctag:1.13.0.0.0.0.0.0.0.0", "arch": "x86_64", "cpe": "" }, "normalized_version": "rhctag:1.13.0.0.0.0.0.0.0.0", "arch": "x86_64", "cpe": "" }, "QHV4EMODNNJmbNjIaJf1bg==": { "id": "QHV4EMODNNJmbNjIaJf1bg==", "name": "expat", "version": "2.2.5-8.el8", "kind": "binary", "source": { "id": "", "name": "expat", "version": "2.2.5-8.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "QHy7W1tPAY2DhSRMJYfyhA==": { "id": "QHy7W1tPAY2DhSRMJYfyhA==", "name": "tzdata-java", "version": "2022a-1.el8", "kind": "binary", "source": { "id": "", "name": "tzdata", "version": "2022a-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "QudMKkcOe80heCvOb+0deQ==": { "id": "QudMKkcOe80heCvOb+0deQ==", "name": "crypto-policies", "version": "20211116-1.gitae470d6.el8", "kind": "binary", "source": { "id": "", "name": "crypto-policies", "version": "20211116-1.gitae470d6.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "RKXYZTbYgViwzC05uqeDSg==": { "id": "RKXYZTbYgViwzC05uqeDSg==", "name": "io.github.stuartwdouglas.hacbs-test.simple:simple-jdk17", "version": "0.1.2", "kind": "binary", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "", "cpe": "" }, "RtrzwDgrQgu9S5B72s2sww==": { "id": "RtrzwDgrQgu9S5B72s2sww==", "name": "libunistring", "version": "0.9.9-3.el8", "kind": "binary", "source": { "id": "", "name": "libunistring", "version": "0.9.9-3.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "Saan3FOrTRBoLj3w1k+cpw==": { "id": "Saan3FOrTRBoLj3w1k+cpw==", "name": "ubi8-minimal", "version": "8.6-751", "kind": "binary", "source": { "id": "NiBHWU1yEG8qOzVkqfsy6A==", "name": "ubi8-minimal-container", "version": "8.6-751", "kind": "source", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "rhctag:8.6.0.0.0.0.0.0.0.0", "arch": "x86_64", "cpe": "" }, "normalized_version": "rhctag:8.6.0.0.0.0.0.0.0.0", "arch": "x86_64", "cpe": "" }, "Sg7WHD/cpWdFZ7MyPqITSQ==": { "id": "Sg7WHD/cpWdFZ7MyPqITSQ==", "name": "gmp", "version": "1:6.1.2-10.el8", "kind": "binary", "source": { "id": "", "name": "gmp", "version": "6.1.2-10.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "UKxtVVWEN0LXB/lFG1+5oA==": { "id": "UKxtVVWEN0LXB/lFG1+5oA==", "name": "libsolv", "version": "0.7.20-1.el8", "kind": "binary", "source": { "id": "", "name": "libsolv", "version": "0.7.20-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "USWNn71p+k059dbiu5HDEA==": { "id": "USWNn71p+k059dbiu5HDEA==", "name": "libassuan", "version": "2.5.1-3.el8", "kind": "binary", "source": { "id": "", "name": "libassuan", "version": "2.5.1-3.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "W66WOQ3v6r7mSn6+o7gaew==": { "id": "W66WOQ3v6r7mSn6+o7gaew==", "name": "popt", "version": "1.18-1.el8", "kind": "binary", "source": { "id": "", "name": "popt", "version": "1.18-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "Wnakr8JK5dF9B7cFuYj+LA==": { "id": "Wnakr8JK5dF9B7cFuYj+LA==", "name": "bash", "version": "4.4.20-3.el8", "kind": "binary", "source": { "id": "", "name": "bash", "version": "4.4.20-3.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "WrV+rIJLRk8b24xMew9Hkg==": { "id": "WrV+rIJLRk8b24xMew9Hkg==", "name": "libksba", "version": "1.3.5-7.el8", "kind": "binary", "source": { "id": "", "name": "libksba", "version": "1.3.5-7.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "XKq3fjedO7d4LSKzSLDcMw==": { "id": "XKq3fjedO7d4LSKzSLDcMw==", "name": "glibc-minimal-langpack", "version": "2.28-189.1.el8", "kind": "binary", "source": { "id": "", "name": "glibc", "version": "2.28-189.1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "XKv+fGQhqJZl6x7NNqqaaQ==": { "id": "XKv+fGQhqJZl6x7NNqqaaQ==", "name": "libsmartcols", "version": "2.32.1-35.el8", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.32.1-35.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "XRQoUUwhqBcAJ1b8F4oXFg==": { "id": "XRQoUUwhqBcAJ1b8F4oXFg==", "name": "unzip", "version": "6.0-46.el8", "kind": "binary", "source": { "id": "", "name": "unzip", "version": "6.0-46.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "XVupnfoSG9GJwKd6FSNK8Q==": { "id": "XVupnfoSG9GJwKd6FSNK8Q==", "name": "chkconfig", "version": "1.19.1-1.el8", "kind": "binary", "source": { "id": "", "name": "chkconfig", "version": "1.19.1-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "Ye1maZsk2KLsKtarENVJag==": { "id": "Ye1maZsk2KLsKtarENVJag==", "name": "nspr", "version": "4.32.0-1.el8_4", "kind": "binary", "source": { "id": "", "name": "nspr", "version": "4.32.0-1.el8_4", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "ZRpVwDgK9rS2HJv/RQ5Gkg==": { "id": "ZRpVwDgK9rS2HJv/RQ5Gkg==", "name": "libgcc", "version": "8.5.0-10.el8", "kind": "binary", "source": { "id": "", "name": "gcc", "version": "8.5.0-10.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "a/C1LgCuivE/bMfk0e2Ybw==": { "id": "a/C1LgCuivE/bMfk0e2Ybw==", "name": "nss-softokn-freebl", "version": "3.67.0-7.el8_5", "kind": "binary", "source": { "id": "", "name": "nss", "version": "3.67.0-7.el8_5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "aTfPDP7oJqFwbwjiDbCnWA==": { "id": "aTfPDP7oJqFwbwjiDbCnWA==", "name": "ca-certificates", "version": "2021.2.50-80.0.el8_4", "kind": "binary", "source": { "id": "", "name": "ca-certificates", "version": "2021.2.50-80.0.el8_4", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "aaqgZLnMiT6K6puliSe4vA==": { "id": "aaqgZLnMiT6K6puliSe4vA==", "name": "cups-libs", "version": "1:2.2.6-45.el8_6.2", "kind": "binary", "source": { "id": "", "name": "cups", "version": "2.2.6-45.el8_6.2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "bcw2EOFjnx1wB4M400Jpew==": { "id": "bcw2EOFjnx1wB4M400Jpew==", "name": "gnutls", "version": "3.6.16-4.el8", "kind": "binary", "source": { "id": "", "name": "gnutls", "version": "3.6.16-4.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "bfF0cEWD49u6W/lExfuSww==": { "id": "bfF0cEWD49u6W/lExfuSww==", "name": "openssl-libs", "version": "1:1.1.1k-6.el8_5", "kind": "binary", "source": { "id": "", "name": "openssl", "version": "1.1.1k-6.el8_5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "bmxL3lydQy0yU8g1iBgovg==": { "id": "bmxL3lydQy0yU8g1iBgovg==", "name": "libsepol", "version": "2.9-3.el8", "kind": "binary", "source": { "id": "", "name": "libsepol", "version": "2.9-3.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "dFKSSJF5WrKg9VsNZqM98g==": { "id": "dFKSSJF5WrKg9VsNZqM98g==", "name": "elfutils-libelf", "version": "0.186-1.el8", "kind": "binary", "source": { "id": "", "name": "elfutils", "version": "0.186-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "dOBT1Qffq44NOVuk9chDyg==": { "id": "dOBT1Qffq44NOVuk9chDyg==", "name": "readline", "version": "7.0-10.el8", "kind": "binary", "source": { "id": "", "name": "readline", "version": "7.0-10.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "eFLULNLLXzpYwmFsV83Z2A==": { "id": "eFLULNLLXzpYwmFsV83Z2A==", "name": "python3-libs", "version": "3.6.8-45.el8", "kind": "binary", "source": { "id": "", "name": "python3", "version": "3.6.8-45.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "eZ7CwFvwDCQu4vzKyuIZgA==": { "id": "eZ7CwFvwDCQu4vzKyuIZgA==", "name": "basesystem", "version": "11-5.el8", "kind": "binary", "source": { "id": "", "name": "basesystem", "version": "11-5.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "eiOy5bizxjO/psTcJ5Gh+g==": { "id": "eiOy5bizxjO/psTcJ5Gh+g==", "name": "libcap", "version": "2.48-2.el8", "kind": "binary", "source": { "id": "", "name": "libcap", "version": "2.48-2.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "eiYWF89tQpN/umjL2Ljluw==": { "id": "eiYWF89tQpN/umjL2Ljluw==", "name": "audit-libs", "version": "3.0.7-2.el8.2", "kind": "binary", "source": { "id": "", "name": "audit", "version": "3.0.7-2.el8.2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "ev1iPKY2UXha+ggKYJjsaQ==": { "id": "ev1iPKY2UXha+ggKYJjsaQ==", "name": "libxml2", "version": "2.9.7-13.el8", "kind": "binary", "source": { "id": "", "name": "libxml2", "version": "2.9.7-13.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "g146nKetkX1f4hfH1b5RWA==": { "id": "g146nKetkX1f4hfH1b5RWA==", "name": "libdb", "version": "5.3.28-42.el8_4", "kind": "binary", "source": { "id": "", "name": "libdb", "version": "5.3.28-42.el8_4", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "gHqedlJKvlfFUaKLCsSx5w==": { "id": "gHqedlJKvlfFUaKLCsSx5w==", "name": "platform-python", "version": "3.6.8-45.el8", "kind": "binary", "source": { "id": "", "name": "python3", "version": "3.6.8-45.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "gOaN4treTmKK7tU+N6AZ1w==": { "id": "gOaN4treTmKK7tU+N6AZ1w==", "name": "pcre", "version": "8.42-6.el8", "kind": "binary", "source": { "id": "", "name": "pcre", "version": "8.42-6.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "gm9BPVKEWWFxtqQJPXyfHQ==": { "id": "gm9BPVKEWWFxtqQJPXyfHQ==", "name": "python3-setuptools-wheel", "version": "39.2.0-6.el8", "kind": "binary", "source": { "id": "", "name": "python-setuptools", "version": "39.2.0-6.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "hcJqCsCpWm+XI9JT6ImS5g==": { "id": "hcJqCsCpWm+XI9JT6ImS5g==", "name": "nettle", "version": "3.4.1-7.el8", "kind": "binary", "source": { "id": "", "name": "nettle", "version": "3.4.1-7.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "hqd/9D+OkW729P80H901pQ==": { "id": "hqd/9D+OkW729P80H901pQ==", "name": "zlib", "version": "1.2.11-18.el8_5", "kind": "binary", "source": { "id": "", "name": "zlib", "version": "1.2.11-18.el8_5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "isr6jfWrcZNA6lh/jzia7Q==": { "id": "isr6jfWrcZNA6lh/jzia7Q==", "name": "openjdk-17-runtime-ubi8-container", "version": "1.13-1.1655306380", "kind": "source", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "rhctag:1.13.0.0.0.0.0.0.0.0", "arch": "x86_64", "cpe": "" }, "jMyXitPOUCEtLfcUNdw6Zg==": { "id": "jMyXitPOUCEtLfcUNdw6Zg==", "name": "harfbuzz", "version": "1.7.5-3.el8", "kind": "binary", "source": { "id": "", "name": "harfbuzz", "version": "1.7.5-3.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "jYaqI4DO/pU8eppVudGvPg==": { "id": "jYaqI4DO/pU8eppVudGvPg==", "name": "nss-softokn", "version": "3.67.0-7.el8_5", "kind": "binary", "source": { "id": "", "name": "nss", "version": "3.67.0-7.el8_5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "jtdCxL/eH5JTPcKstKunJg==": { "id": "jtdCxL/eH5JTPcKstKunJg==", "name": "grep", "version": "3.1-6.el8", "kind": "binary", "source": { "id": "", "name": "grep", "version": "3.1-6.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "k4gCNgIfg7MM/e42ThRx2w==": { "id": "k4gCNgIfg7MM/e42ThRx2w==", "name": "libzstd", "version": "1.4.4-1.el8", "kind": "binary", "source": { "id": "", "name": "zstd", "version": "1.4.4-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "kjVZfo8JzLBxs/TQW7gjCA==": { "id": "kjVZfo8JzLBxs/TQW7gjCA==", "name": "rsync", "version": "3.1.3-14.el8_6.2", "kind": "binary", "source": { "id": "", "name": "rsync", "version": "3.1.3-14.el8_6.2", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "lU0MYRg2dg5wynl2dMGsgA==": { "id": "lU0MYRg2dg5wynl2dMGsgA==", "name": "xz-libs", "version": "5.2.4-4.el8_6", "kind": "binary", "source": { "id": "", "name": "xz", "version": "5.2.4-4.el8_6", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "lqQ3rJzPTM4e3pH+ravEcw==": { "id": "lqQ3rJzPTM4e3pH+ravEcw==", "name": "brotli", "version": "1.0.6-3.el8", "kind": "binary", "source": { "id": "", "name": "brotli", "version": "1.0.6-3.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "mAmp7BtGrfzV0HnAKw9sTw==": { "id": "mAmp7BtGrfzV0HnAKw9sTw==", "name": "libsigsegv", "version": "2.11-5.el8", "kind": "binary", "source": { "id": "", "name": "libsigsegv", "version": "2.11-5.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "mLwCNKs2wEtLWAiibtR4BQ==": { "id": "mLwCNKs2wEtLWAiibtR4BQ==", "name": "microdnf", "version": "3.8.0-2.el8", "kind": "binary", "source": { "id": "", "name": "microdnf", "version": "3.8.0-2.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "mkd+V76Xxq5AfXbSoR0DMg==": { "id": "mkd+V76Xxq5AfXbSoR0DMg==", "name": "libselinux", "version": "2.9-5.el8", "kind": "binary", "source": { "id": "", "name": "libselinux", "version": "2.9-5.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "mkledqgVtELsBjGkaINRAg==": { "id": "mkledqgVtELsBjGkaINRAg==", "name": "librhsm", "version": "0.0.3-4.el8", "kind": "binary", "source": { "id": "", "name": "librhsm", "version": "0.0.3-4.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "o4tvrO4Cuc2PXep4Fk53sA==": { "id": "o4tvrO4Cuc2PXep4Fk53sA==", "name": "file-libs", "version": "5.33-20.el8", "kind": "binary", "source": { "id": "", "name": "file", "version": "5.33-20.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "o4v1nyEgxKUJdf78CSzLEg==": { "id": "o4v1nyEgxKUJdf78CSzLEg==", "name": "libgpg-error", "version": "1.31-1.el8", "kind": "binary", "source": { "id": "", "name": "libgpg-error", "version": "1.31-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "oJIAHlP0pGe97iAzAFF0xA==": { "id": "oJIAHlP0pGe97iAzAFF0xA==", "name": "curl", "version": "7.61.1-22.el8", "kind": "binary", "source": { "id": "", "name": "curl", "version": "7.61.1-22.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "orJQMhY2lL1xO+CQTsHU3g==": { "id": "orJQMhY2lL1xO+CQTsHU3g==", "name": "graphite2", "version": "1.3.10-10.el8", "kind": "binary", "source": { "id": "", "name": "graphite2", "version": "1.3.10-10.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "p75sU/+cD5K1Jv37jjSsxQ==": { "id": "p75sU/+cD5K1Jv37jjSsxQ==", "name": "ncurses-libs", "version": "6.1-9.20180224.el8", "kind": "binary", "source": { "id": "", "name": "ncurses", "version": "6.1-9.20180224.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "p9tXHgTBVU/b3sTnwfubzg==": { "id": "p9tXHgTBVU/b3sTnwfubzg==", "name": "libdb-utils", "version": "5.3.28-42.el8_4", "kind": "binary", "source": { "id": "", "name": "libdb", "version": "5.3.28-42.el8_4", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "pKEOaN2eCFIneHzHE7HYug==": { "id": "pKEOaN2eCFIneHzHE7HYug==", "name": "ncurses-base", "version": "6.1-9.20180224.el8", "kind": "binary", "source": { "id": "", "name": "ncurses", "version": "6.1-9.20180224.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "pY2NT/GP1UxyOuAl2rKgCw==": { "id": "pY2NT/GP1UxyOuAl2rKgCw==", "name": "npth", "version": "1.5-4.el8", "kind": "binary", "source": { "id": "", "name": "npth", "version": "1.5-4.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "qN2fZ3YQPh6iZsfkdV7bIg==": { "id": "qN2fZ3YQPh6iZsfkdV7bIg==", "name": "libdnf", "version": "0.63.0-8.el8", "kind": "binary", "source": { "id": "", "name": "libdnf", "version": "0.63.0-8.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "rFsA2fU/SFo3JGOkxRURTQ==": { "id": "rFsA2fU/SFo3JGOkxRURTQ==", "name": "keyutils-libs", "version": "1.5.10-9.el8", "kind": "binary", "source": { "id": "", "name": "keyutils", "version": "1.5.10-9.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "riulbh7DNxLvW7j4IHJ1VA==": { "id": "riulbh7DNxLvW7j4IHJ1VA==", "name": "libnghttp2", "version": "1.33.0-3.el8_2.1", "kind": "binary", "source": { "id": "", "name": "nghttp2", "version": "1.33.0-3.el8_2.1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "roJZvIVMt4WjSq7FlFoG3A==": { "id": "roJZvIVMt4WjSq7FlFoG3A==", "name": "nss-util", "version": "3.67.0-7.el8_5", "kind": "binary", "source": { "id": "", "name": "nss", "version": "3.67.0-7.el8_5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "rrdnE/YLwpAII45HQiOssw==": { "id": "rrdnE/YLwpAII45HQiOssw==", "name": "libssh", "version": "0.9.6-3.el8", "kind": "binary", "source": { "id": "", "name": "libssh", "version": "0.9.6-3.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "sMrsZHOrW8FfprPHZo6Jww==": { "id": "sMrsZHOrW8FfprPHZo6Jww==", "name": "libmodulemd", "version": "2.13.0-1.el8", "kind": "binary", "source": { "id": "", "name": "libmodulemd", "version": "2.13.0-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "sm5sCuXecubhzEqZduLhHA==": { "id": "sm5sCuXecubhzEqZduLhHA==", "name": "systemd-libs", "version": "239-58.el8", "kind": "binary", "source": { "id": "", "name": "systemd", "version": "239-58.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "tD550emtLUl2wRNyHrPi+w==": { "id": "tD550emtLUl2wRNyHrPi+w==", "name": "pcre2", "version": "10.32-2.el8", "kind": "binary", "source": { "id": "", "name": "pcre2", "version": "10.32-2.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "tZGL9mxj2GlW/wc3qvG9ag==": { "id": "tZGL9mxj2GlW/wc3qvG9ag==", "name": "findutils", "version": "1:4.6.0-20.el8", "kind": "binary", "source": { "id": "", "name": "findutils", "version": "4.6.0-20.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "u25cfo+Wn6RpzVY/kgcoGQ==": { "id": "u25cfo+Wn6RpzVY/kgcoGQ==", "name": "lksctp-tools", "version": "1.0.18-3.el8", "kind": "binary", "source": { "id": "", "name": "lksctp-tools", "version": "1.0.18-3.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "uAJuv5cA4XPhcDfjrdFI9w==": { "id": "uAJuv5cA4XPhcDfjrdFI9w==", "name": "javapackages-filesystem", "version": "5.3.0-1.module+el8+2447+6f56d9a6", "kind": "binary", "source": { "id": "", "name": "javapackages-tools", "version": "5.3.0-1.module+el8+2447+6f56d9a6", "kind": "source", "normalized_version": "", "module": "javapackages-runtime:201801", "cpe": "" }, "normalized_version": "", "module": "javapackages-runtime:201801", "arch": "noarch", "cpe": "" }, "uC7d+TJ+SSl/a1e/alHSPg==": { "id": "uC7d+TJ+SSl/a1e/alHSPg==", "name": "coreutils-single", "version": "8.30-12.el8", "kind": "binary", "source": { "id": "", "name": "coreutils", "version": "8.30-12.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "ucwDNO54HBA/m5Prl5y8uA==": { "id": "ucwDNO54HBA/m5Prl5y8uA==", "name": "freetype", "version": "2.9.1-4.el8_3.1", "kind": "binary", "source": { "id": "", "name": "freetype", "version": "2.9.1-4.el8_3.1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "v/KoDsdxOHqLHd7du8yyWQ==": { "id": "v/KoDsdxOHqLHd7du8yyWQ==", "name": "lua-libs", "version": "5.3.4-12.el8", "kind": "binary", "source": { "id": "", "name": "lua", "version": "5.3.4-12.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "vQtjn4H9BmPSTQWBlhOhfQ==": { "id": "vQtjn4H9BmPSTQWBlhOhfQ==", "name": "glib2", "version": "2.56.4-158.el8", "kind": "binary", "source": { "id": "", "name": "glib2", "version": "2.56.4-158.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "w2a7M1Nt0S+yraYT84IoTA==": { "id": "w2a7M1Nt0S+yraYT84IoTA==", "name": "gdbm", "version": "1:1.18-1.el8", "kind": "binary", "source": { "id": "", "name": "gdbm", "version": "1.18-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "wE436RbDo1t5UIcLXo90zw==": { "id": "wE436RbDo1t5UIcLXo90zw==", "name": "p11-kit-trust", "version": "0.23.22-1.el8", "kind": "binary", "source": { "id": "", "name": "p11-kit", "version": "0.23.22-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "wQToP4WURQ4/A8LQU1k5kA==": { "id": "wQToP4WURQ4/A8LQU1k5kA==", "name": "langpacks-en", "version": "1.0-12.el8", "kind": "binary", "source": { "id": "", "name": "langpacks", "version": "1.0-12.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "wiX2z3C4urSDsP+bIajgNg==": { "id": "wiX2z3C4urSDsP+bIajgNg==", "name": "io.github.stuartwdouglas.hacbs-test.shaded:shaded-jdk11", "version": "1.9", "kind": "binary", "source": { "id": "", "name": "", "version": "", "normalized_version": "", "cpe": "" }, "normalized_version": "", "cpe": "" }, "wpJmhjYJz5TYuh0mbRPs4Q==": { "id": "wpJmhjYJz5TYuh0mbRPs4Q==", "name": "info", "version": "6.5-7.el8", "kind": "binary", "source": { "id": "", "name": "texinfo", "version": "6.5-7.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "xDLbw0lNdZ2pSj9R8k9t6A==": { "id": "xDLbw0lNdZ2pSj9R8k9t6A==", "name": "copy-jdk-configs", "version": "4.0-2.el8", "kind": "binary", "source": { "id": "", "name": "copy-jdk-configs", "version": "4.0-2.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "xTF9l16G3x26txeCsO9Bug==": { "id": "xTF9l16G3x26txeCsO9Bug==", "name": "json-glib", "version": "1.4.4-1.el8", "kind": "binary", "source": { "id": "", "name": "json-glib", "version": "1.4.4-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "xvIYCTeML23osZxD1kFItQ==": { "id": "xvIYCTeML23osZxD1kFItQ==", "name": "lua", "version": "5.3.4-12.el8", "kind": "binary", "source": { "id": "", "name": "lua", "version": "5.3.4-12.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "ynndm9TtMuqu+s8sVkbLwA==": { "id": "ynndm9TtMuqu+s8sVkbLwA==", "name": "libsemanage", "version": "2.9-8.el8", "kind": "binary", "source": { "id": "", "name": "libsemanage", "version": "2.9-8.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "yrF61rYEIIm8W+nUWOL4pw==": { "id": "yrF61rYEIIm8W+nUWOL4pw==", "name": "avahi-libs", "version": "0.7-20.el8", "kind": "binary", "source": { "id": "", "name": "avahi", "version": "0.7-20.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "z4fnEFpWc1E2kVtgPcyZxA==": { "id": "z4fnEFpWc1E2kVtgPcyZxA==", "name": "libstdc++", "version": "8.5.0-10.el8", "kind": "binary", "source": { "id": "", "name": "gcc", "version": "8.5.0-10.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "z5qQdcrRCAH7EdqVwJ79ww==": { "id": "z5qQdcrRCAH7EdqVwJ79ww==", "name": "libacl", "version": "2.2.53-1.el8", "kind": "binary", "source": { "id": "", "name": "acl", "version": "2.2.53-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "zbALRizc8CWcgSofeiuhLg==": { "id": "zbALRizc8CWcgSofeiuhLg==", "name": "libmount", "version": "2.32.1-35.el8", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.32.1-35.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "znJMhwylZjXG9XIrMaiHzw==": { "id": "znJMhwylZjXG9XIrMaiHzw==", "name": "libffi", "version": "3.1-23.el8", "kind": "binary", "source": { "id": "", "name": "libffi", "version": "3.1-23.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" } }, "distributions": { "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9": { "id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "did": "rhel", "name": "Red Hat Enterprise Linux Server", "version": "8", "version_code_name": "", "version_id": "8", "arch": "", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "pretty_name": "Red Hat Enterprise Linux Server 8" } }, "repository": { "1da07a33-28c6-4568-b706-063e2335b8e8": { "id": "1da07a33-28c6-4568-b706-063e2335b8e8", "name": "cpe:/a:redhat:enterprise_linux:8::appstream", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "3c46b2a7-8a26-4077-9544-44d863393116": { "id": "3c46b2a7-8a26-4077-9544-44d863393116", "name": "Red Hat Container Catalog", "uri": "https://catalog.redhat.com/software/containers/explore", "cpe": "" }, "676a4d40-c50b-4b3b-bc9a-0b81aff674ba": { "id": "676a4d40-c50b-4b3b-bc9a-0b81aff674ba", "name": "maven", "uri": "https://repo1.maven.apache.org/maven2", "cpe": "" }, "a4d2b923-a62b-47db-b7eb-8cd4b31d337b": { "id": "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "name": "cpe:/o:redhat:enterprise_linux:8::baseos", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "daad51d8-f3f9-446d-9629-39bc034825a4": { "id": "daad51d8-f3f9-446d-9629-39bc034825a4", "name": "cpe:/a:redhat:enterprise_linux:8::appstream", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "e5884055-b3b0-4c92-8ae5-371681538d79": { "id": "e5884055-b3b0-4c92-8ae5-371681538d79", "name": "cpe:/o:redhat:enterprise_linux:8::baseos", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" } }, "environments": { "+FFDF1L07rB99e4UL9WB+A==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "e5884055-b3b0-4c92-8ae5-371681538d79", "1da07a33-28c6-4568-b706-063e2335b8e8" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "", "repository_ids": null } ], "+TWRS5lpqtsI5jIjRZP70w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "e5884055-b3b0-4c92-8ae5-371681538d79", "1da07a33-28c6-4568-b706-063e2335b8e8" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "", "repository_ids": null } ], "+XM+s3niWaEk1U5jnR5DpA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "+Xr7HyTxXf0c8jLaUyo3xA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "+oTt3EDPSdSzupH3D6G0BA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "/hlOG6wgqZ0r/gMNh7kyZQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "e5884055-b3b0-4c92-8ae5-371681538d79", "1da07a33-28c6-4568-b706-063e2335b8e8" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "", "repository_ids": null } ], "/nOgP+HpRWzSY9fEcmr6JQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "e5884055-b3b0-4c92-8ae5-371681538d79", "1da07a33-28c6-4568-b706-063e2335b8e8" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "", "repository_ids": null } ], "/uiu4k91jQyip2jGTInzAg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "e5884055-b3b0-4c92-8ae5-371681538d79", "1da07a33-28c6-4568-b706-063e2335b8e8" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "", "repository_ids": null } ], "0x/GRqZgisb/k2Y9co6i/Q==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "1gormAsAjMuks2JveQRd0Q==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "2k8BSFOOZ2ndA++n5wl4TA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "2w5sZgHYUcx7+6n/wISUjw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "3OVNevSm98h4f1fmX4IZwQ==": [ { "package_db": "maven:deployments/hacbs-test.jar", "introduced_in": "sha256:32e05039f89e58b9a8504f065aeb6e1d5fd3a705152f00f92052a5c88d241d10", "distribution_id": "", "repository_ids": [ "676a4d40-c50b-4b3b-bc9a-0b81aff674ba" ] } ], "3uSX4NgBxQvC8LEk48QoOQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "45rvgYmy022Tx6fVWfking==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "47OMpR7yEmE4lttsyWq3fw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "4sG4bBloak5Sz907ZDRs6Q==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "e5884055-b3b0-4c92-8ae5-371681538d79", "1da07a33-28c6-4568-b706-063e2335b8e8" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "", "repository_ids": null } ], "5Mcqv1rmwAoEs983fcq1cg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "67DLnC895xbDFuD3MGhCtQ==": [ { "package_db": "maven:deployments/hacbs-test.jar", "introduced_in": "sha256:32e05039f89e58b9a8504f065aeb6e1d5fd3a705152f00f92052a5c88d241d10", "distribution_id": "", "repository_ids": [ "676a4d40-c50b-4b3b-bc9a-0b81aff674ba" ] } ], "6KnijwRsfeerWmf5Zl8NWw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "6NQw1cV8s7CyqFCaiHFA6g==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "e5884055-b3b0-4c92-8ae5-371681538d79", "1da07a33-28c6-4568-b706-063e2335b8e8" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "", "repository_ids": null } ], "6Tp9WGakxVaQJ9rGhrsxpw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "6dlkQEp2PtZPvC6f+1oBaA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "6mY62Fou7cJqqLJXm9hzXg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "8vRmB+Moiz+Kt6edi4cSYw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "e5884055-b3b0-4c92-8ae5-371681538d79", "1da07a33-28c6-4568-b706-063e2335b8e8" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "", "repository_ids": null } ], "9CuK4fRE5gzOSWH5fqWZJw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "9c4B7Edcs6gS7zy4kBT4Jw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "ANDgSqQGzia2s5Evfohfng==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "e5884055-b3b0-4c92-8ae5-371681538d79", "1da07a33-28c6-4568-b706-063e2335b8e8" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "", "repository_ids": null } ], "BPD4nm0V1xem9/HmmAnFiA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "BmK1zIjr5KsuOODCYwxRCw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "BrxW5JNpEdvbkoGRXbVirw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "Bt7v/jLkw1CWEjQhzP+6Ew==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "CbI8d0OI9wvrtddD/Wg0GA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "Ce3Eu6RmZkiUW2to8Kec/w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "D/ASdBsgxLNlG5Q8U7UPsQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "DDTkLjNbJ/V2uz310z/fuw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "e5884055-b3b0-4c92-8ae5-371681538d79", "1da07a33-28c6-4568-b706-063e2335b8e8" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "", "repository_ids": null } ], "DS3vpAOaY4vfiIx/udLZRg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "e5884055-b3b0-4c92-8ae5-371681538d79", "1da07a33-28c6-4568-b706-063e2335b8e8" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "", "repository_ids": null } ], "DYJh4BkqJxquwUlC97bMfg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "e5884055-b3b0-4c92-8ae5-371681538d79", "1da07a33-28c6-4568-b706-063e2335b8e8" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "", "repository_ids": null } ], "DmuZx55zNhnDgvsTT5yVYw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "e5884055-b3b0-4c92-8ae5-371681538d79", "1da07a33-28c6-4568-b706-063e2335b8e8" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "", "repository_ids": null } ], "EhXwf9CihVVBNVLvlss3Vg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "F7AOP7tK5AfUXV1g9iTzFA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "F8J7f4sv3sY7BmdP80pHcQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "FTEArHfNxv8mTCM/rtN+pw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "FdB9K1+1CEpzAW4zwkaAGw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "GLKhGblbPbPbtDKwfpCv5A==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "Gg1Q6hponuT1eSJHwaJ83w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "HDZVD0RFqjZqw94CAmDsAg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "e5884055-b3b0-4c92-8ae5-371681538d79", "1da07a33-28c6-4568-b706-063e2335b8e8" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "", "repository_ids": null } ], "HMIoZ/TKrKhxI1rD26qmpw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "HkH7JOZ7zVk8ggpmKHnMxg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "Hr1TetfTnCbToWK+Q1/NLw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "I+kjs7Yx80eRSvYzDMDQwg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "IViyNgpFkLysfz2oNJCQ6A==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "e5884055-b3b0-4c92-8ae5-371681538d79", "1da07a33-28c6-4568-b706-063e2335b8e8" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "", "repository_ids": null } ], "IdaeQutkPjfv4bTMEkXWog==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "IzLcxZDtcvtJR5Gwdq9HDg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "JC8eNzSj6tieJqNqASET1Q==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "KEv35rCgD9zHEYNaQPCB6A==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "e5884055-b3b0-4c92-8ae5-371681538d79", "1da07a33-28c6-4568-b706-063e2335b8e8" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "", "repository_ids": null } ], "N1RbIRo2SyHosQefv+skDw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "NJbhst8VIOwst++ZzRP6tA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "NiBHWU1yEG8qOzVkqfsy6A==": [ { "package_db": "root/buildinfo/Dockerfile-ubi8-minimal-8.6-751", "introduced_in": "sha256:8ca21e5fedc58b98be949cf3ddc647cb6a00cfc555df1bbfe6431ce4b7599730", "distribution_id": "", "repository_ids": [ "3c46b2a7-8a26-4077-9544-44d863393116", "3c46b2a7-8a26-4077-9544-44d863393116" ] } ], "O63QX7+X9KEjj9ex/GG2aA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "P5Se4zJpr8ZUwZNUojfuzA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "PQXz0EQWi7hqoFdjFxre5A==": [ { "package_db": "root/buildinfo/Dockerfile-ubi8-openjdk-17-runtime-1.13-1.1655306380", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "", "repository_ids": [ "3c46b2a7-8a26-4077-9544-44d863393116", "3c46b2a7-8a26-4077-9544-44d863393116" ] } ], "QHV4EMODNNJmbNjIaJf1bg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "e5884055-b3b0-4c92-8ae5-371681538d79", "1da07a33-28c6-4568-b706-063e2335b8e8" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "", "repository_ids": null } ], "QHy7W1tPAY2DhSRMJYfyhA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "e5884055-b3b0-4c92-8ae5-371681538d79", "1da07a33-28c6-4568-b706-063e2335b8e8" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "", "repository_ids": null } ], "QudMKkcOe80heCvOb+0deQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "RKXYZTbYgViwzC05uqeDSg==": [ { "package_db": "maven:deployments/hacbs-test.jar", "introduced_in": "sha256:32e05039f89e58b9a8504f065aeb6e1d5fd3a705152f00f92052a5c88d241d10", "distribution_id": "", "repository_ids": [ "676a4d40-c50b-4b3b-bc9a-0b81aff674ba" ] } ], "RtrzwDgrQgu9S5B72s2sww==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "Saan3FOrTRBoLj3w1k+cpw==": [ { "package_db": "root/buildinfo/Dockerfile-ubi8-minimal-8.6-751", "introduced_in": "sha256:8ca21e5fedc58b98be949cf3ddc647cb6a00cfc555df1bbfe6431ce4b7599730", "distribution_id": "", "repository_ids": [ "3c46b2a7-8a26-4077-9544-44d863393116", "3c46b2a7-8a26-4077-9544-44d863393116" ] } ], "Sg7WHD/cpWdFZ7MyPqITSQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "UKxtVVWEN0LXB/lFG1+5oA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "USWNn71p+k059dbiu5HDEA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "W66WOQ3v6r7mSn6+o7gaew==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "Wnakr8JK5dF9B7cFuYj+LA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "WrV+rIJLRk8b24xMew9Hkg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "XKq3fjedO7d4LSKzSLDcMw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "XKv+fGQhqJZl6x7NNqqaaQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "XRQoUUwhqBcAJ1b8F4oXFg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "e5884055-b3b0-4c92-8ae5-371681538d79", "1da07a33-28c6-4568-b706-063e2335b8e8" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "", "repository_ids": null } ], "XVupnfoSG9GJwKd6FSNK8Q==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "Ye1maZsk2KLsKtarENVJag==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "e5884055-b3b0-4c92-8ae5-371681538d79", "1da07a33-28c6-4568-b706-063e2335b8e8" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "", "repository_ids": null } ], "ZRpVwDgK9rS2HJv/RQ5Gkg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "a/C1LgCuivE/bMfk0e2Ybw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "e5884055-b3b0-4c92-8ae5-371681538d79", "1da07a33-28c6-4568-b706-063e2335b8e8" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "", "repository_ids": null } ], "aTfPDP7oJqFwbwjiDbCnWA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "aaqgZLnMiT6K6puliSe4vA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "e5884055-b3b0-4c92-8ae5-371681538d79", "1da07a33-28c6-4568-b706-063e2335b8e8" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "", "repository_ids": null } ], "bcw2EOFjnx1wB4M400Jpew==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "bfF0cEWD49u6W/lExfuSww==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "bmxL3lydQy0yU8g1iBgovg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "dFKSSJF5WrKg9VsNZqM98g==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "dOBT1Qffq44NOVuk9chDyg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "eFLULNLLXzpYwmFsV83Z2A==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "e5884055-b3b0-4c92-8ae5-371681538d79", "1da07a33-28c6-4568-b706-063e2335b8e8" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "", "repository_ids": null } ], "eZ7CwFvwDCQu4vzKyuIZgA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "eiOy5bizxjO/psTcJ5Gh+g==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "eiYWF89tQpN/umjL2Ljluw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "ev1iPKY2UXha+ggKYJjsaQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "g146nKetkX1f4hfH1b5RWA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "gHqedlJKvlfFUaKLCsSx5w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "e5884055-b3b0-4c92-8ae5-371681538d79", "1da07a33-28c6-4568-b706-063e2335b8e8" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "", "repository_ids": null } ], "gOaN4treTmKK7tU+N6AZ1w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "gm9BPVKEWWFxtqQJPXyfHQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "e5884055-b3b0-4c92-8ae5-371681538d79", "1da07a33-28c6-4568-b706-063e2335b8e8" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "", "repository_ids": null } ], "hcJqCsCpWm+XI9JT6ImS5g==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "hqd/9D+OkW729P80H901pQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "isr6jfWrcZNA6lh/jzia7Q==": [ { "package_db": "root/buildinfo/Dockerfile-ubi8-openjdk-17-runtime-1.13-1.1655306380", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "", "repository_ids": [ "3c46b2a7-8a26-4077-9544-44d863393116", "3c46b2a7-8a26-4077-9544-44d863393116" ] } ], "jMyXitPOUCEtLfcUNdw6Zg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "e5884055-b3b0-4c92-8ae5-371681538d79", "1da07a33-28c6-4568-b706-063e2335b8e8" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "", "repository_ids": null } ], "jYaqI4DO/pU8eppVudGvPg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "e5884055-b3b0-4c92-8ae5-371681538d79", "1da07a33-28c6-4568-b706-063e2335b8e8" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "", "repository_ids": null } ], "jtdCxL/eH5JTPcKstKunJg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "k4gCNgIfg7MM/e42ThRx2w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "kjVZfo8JzLBxs/TQW7gjCA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "e5884055-b3b0-4c92-8ae5-371681538d79", "1da07a33-28c6-4568-b706-063e2335b8e8" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "", "repository_ids": null } ], "lU0MYRg2dg5wynl2dMGsgA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "e5884055-b3b0-4c92-8ae5-371681538d79", "1da07a33-28c6-4568-b706-063e2335b8e8" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "", "repository_ids": null } ], "lqQ3rJzPTM4e3pH+ravEcw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "mAmp7BtGrfzV0HnAKw9sTw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "mLwCNKs2wEtLWAiibtR4BQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "mkd+V76Xxq5AfXbSoR0DMg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "mkledqgVtELsBjGkaINRAg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "o4tvrO4Cuc2PXep4Fk53sA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "o4v1nyEgxKUJdf78CSzLEg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "oJIAHlP0pGe97iAzAFF0xA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "orJQMhY2lL1xO+CQTsHU3g==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "e5884055-b3b0-4c92-8ae5-371681538d79", "1da07a33-28c6-4568-b706-063e2335b8e8" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "", "repository_ids": null } ], "p75sU/+cD5K1Jv37jjSsxQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "p9tXHgTBVU/b3sTnwfubzg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "pKEOaN2eCFIneHzHE7HYug==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "pY2NT/GP1UxyOuAl2rKgCw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "qN2fZ3YQPh6iZsfkdV7bIg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "rFsA2fU/SFo3JGOkxRURTQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "riulbh7DNxLvW7j4IHJ1VA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "roJZvIVMt4WjSq7FlFoG3A==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "e5884055-b3b0-4c92-8ae5-371681538d79", "1da07a33-28c6-4568-b706-063e2335b8e8" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "", "repository_ids": null } ], "rrdnE/YLwpAII45HQiOssw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "sMrsZHOrW8FfprPHZo6Jww==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "sm5sCuXecubhzEqZduLhHA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "tD550emtLUl2wRNyHrPi+w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "tZGL9mxj2GlW/wc3qvG9ag==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "e5884055-b3b0-4c92-8ae5-371681538d79", "1da07a33-28c6-4568-b706-063e2335b8e8" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "", "repository_ids": null } ], "u25cfo+Wn6RpzVY/kgcoGQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "e5884055-b3b0-4c92-8ae5-371681538d79", "1da07a33-28c6-4568-b706-063e2335b8e8" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "", "repository_ids": null } ], "uAJuv5cA4XPhcDfjrdFI9w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "e5884055-b3b0-4c92-8ae5-371681538d79", "1da07a33-28c6-4568-b706-063e2335b8e8" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "", "repository_ids": null } ], "uC7d+TJ+SSl/a1e/alHSPg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "ucwDNO54HBA/m5Prl5y8uA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "e5884055-b3b0-4c92-8ae5-371681538d79", "1da07a33-28c6-4568-b706-063e2335b8e8" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "", "repository_ids": null } ], "v/KoDsdxOHqLHd7du8yyWQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "vQtjn4H9BmPSTQWBlhOhfQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "w2a7M1Nt0S+yraYT84IoTA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "e5884055-b3b0-4c92-8ae5-371681538d79", "1da07a33-28c6-4568-b706-063e2335b8e8" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "", "repository_ids": null } ], "wE436RbDo1t5UIcLXo90zw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "wQToP4WURQ4/A8LQU1k5kA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "wiX2z3C4urSDsP+bIajgNg==": [ { "package_db": "maven:deployments/hacbs-test.jar", "introduced_in": "sha256:32e05039f89e58b9a8504f065aeb6e1d5fd3a705152f00f92052a5c88d241d10", "distribution_id": "", "repository_ids": [ "676a4d40-c50b-4b3b-bc9a-0b81aff674ba" ] } ], "wpJmhjYJz5TYuh0mbRPs4Q==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "xDLbw0lNdZ2pSj9R8k9t6A==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "e5884055-b3b0-4c92-8ae5-371681538d79", "1da07a33-28c6-4568-b706-063e2335b8e8" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "", "repository_ids": null } ], "xTF9l16G3x26txeCsO9Bug==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "xvIYCTeML23osZxD1kFItQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "e5884055-b3b0-4c92-8ae5-371681538d79", "1da07a33-28c6-4568-b706-063e2335b8e8" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "", "repository_ids": null } ], "ynndm9TtMuqu+s8sVkbLwA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "e5884055-b3b0-4c92-8ae5-371681538d79", "1da07a33-28c6-4568-b706-063e2335b8e8" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "", "repository_ids": null } ], "yrF61rYEIIm8W+nUWOL4pw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "e5884055-b3b0-4c92-8ae5-371681538d79", "1da07a33-28c6-4568-b706-063e2335b8e8" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:bb428133673478cd6e2210c4efa841ed24f5ab172e22f6e0737ae0348cb80192", "distribution_id": "", "repository_ids": null } ], "z4fnEFpWc1E2kVtgPcyZxA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "z5qQdcrRCAH7EdqVwJ79ww==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "zbALRizc8CWcgSofeiuhLg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ], "znJMhwylZjXG9XIrMaiHzw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "bcba0a5f-76e9-4837-9b8c-f418e74cd1d9", "repository_ids": [ "a4d2b923-a62b-47db-b7eb-8cd4b31d337b", "daad51d8-f3f9-446d-9629-39bc034825a4" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:441b00ca2a4e42a72dfb72b33cfada02e8e324c5702d0fa1c782e6a9815bb42d", "distribution_id": "", "repository_ids": null } ] }, "vulnerabilities": { "+8Es4zGqyVDOkBuJhwt5Bg==": { "id": "+8Es4zGqyVDOkBuJhwt5Bg==", "updater": "rhel-vex", "name": "CVE-2024-20932", "description": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator).", "issued": "2024-01-16T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-20932 https://bugzilla.redhat.com/show_bug.cgi?id=2257720 https://www.cve.org/CVERecord?id=CVE-2024-20932 https://nvd.nist.gov/vuln/detail/CVE-2024-20932 https://www.oracle.com/security-alerts/cpujan2024.html#AppendixJAVA https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-20932.json https://access.redhat.com/errata/RHSA-2024:0267", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "normalized_severity": "High", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.10.0.7-2.el8", "arch_op": "pattern match" }, "+Df9kg8EJvjq71n3LXbaeQ==": { "id": "+Df9kg8EJvjq71n3LXbaeQ==", "updater": "rhel-vex", "name": "CVE-2023-38472", "description": "A vulnerability was found in Avahi. A reachable assertion exists in the avahi_rdata_parse() function.", "issued": "2023-04-26T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-38472 https://bugzilla.redhat.com/show_bug.cgi?id=2191692 https://www.cve.org/CVERecord?id=CVE-2023-38472 https://nvd.nist.gov/vuln/detail/CVE-2023-38472 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-38472.json https://access.redhat.com/errata/RHSA-2023:7836", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "avahi-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:0.7-21.el8_9.1", "arch_op": "pattern match" }, "+XQB7XrU7erMfJQg1chJSw==": { "id": "+XQB7XrU7erMfJQg1chJSw==", "updater": "rhel-vex", "name": "CVE-2024-2961", "description": "An out-of-bounds write flaw was found in the ISO-2022-CN-EXT plugin for glibc's iconv library. When converting from UCS4 charset, adding certain escape charterers is required to indicate where the charset was changed to the library. During this process, iconv improperly checks the boundaries of internal buffers, leading to a buffer overflow, which allows writing up to 3 bytes outside the desired memory location. This issue may allow an attacker to craft a malicious characters sequence that will trigger the out-of-bounds write and perform remote code execution, presenting a high impact to the Integrity, Confidentiality, and Availability triad.", "issued": "2024-04-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-2961 https://bugzilla.redhat.com/show_bug.cgi?id=2273404 https://www.cve.org/CVERecord?id=CVE-2024-2961 https://nvd.nist.gov/vuln/detail/CVE-2024-2961 https://www.openwall.com/lists/oss-security/2024/04/17/9 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-2961.json https://access.redhat.com/errata/RHSA-2024:2722", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "glibc-common", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.28-236.el8_9.13", "arch_op": "pattern match" }, "+YxXQhrTILcT9YhxMK+sgQ==": { "id": "+YxXQhrTILcT9YhxMK+sgQ==", "updater": "rhel-vex", "name": "CVE-2022-29154", "description": "A flaw was found in rsync that is triggered by a victim rsync user/client connecting to a malicious rsync server. The server can copy and overwrite arbitrary files in the client's rsync target directory and subdirectories. This flaw allows a malicious server, or in some cases, another attacker who performs a man-in-the-middle attack, to potentially overwrite sensitive files on the client machine, resulting in further exploitation.", "issued": "2022-08-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-29154 https://bugzilla.redhat.com/show_bug.cgi?id=2110928 https://www.cve.org/CVERecord?id=CVE-2022-29154 https://nvd.nist.gov/vuln/detail/CVE-2022-29154 https://www.openwall.com/lists/oss-security/2022/08/02/1 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-29154.json https://access.redhat.com/errata/RHSA-2022:6180", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "rsync", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.1.3-14.el8_6.3", "arch_op": "pattern match" }, "+aBBge+GaHuGkuNbilZwZQ==": { "id": "+aBBge+GaHuGkuNbilZwZQ==", "updater": "rhel-vex", "name": "CVE-2025-0938", "description": "A flaw was found in Python. The Python standard library functions `urllib.parse.urlsplit` and `urlparse` accept domain names that included square brackets, which isn't valid according to RFC 3986. Square brackets are only meant to be used as delimiters for specifying IPv6 and IPvFuture hosts in URLs. This could result in differential parsing across the Python URL parser and other specification-compliant URL parsers.", "issued": "2025-01-31T17:51:35Z", "links": "https://access.redhat.com/security/cve/CVE-2025-0938 https://bugzilla.redhat.com/show_bug.cgi?id=2343237 https://www.cve.org/CVERecord?id=CVE-2025-0938 https://nvd.nist.gov/vuln/detail/CVE-2025-0938 https://github.com/python/cpython/issues/105704 https://github.com/python/cpython/pull/129418 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-0938.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "+aqImWW/63FSOH4OqNJDeQ==": { "id": "+aqImWW/63FSOH4OqNJDeQ==", "updater": "rhel-vex", "name": "CVE-2024-56171", "description": "A flaw was found in libxml2. This vulnerability allows a use-after-free via a crafted XML document validated against an XML schema with certain identity constraints or a crafted XML schema.", "issued": "2025-02-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-56171 https://bugzilla.redhat.com/show_bug.cgi?id=2346416 https://www.cve.org/CVERecord?id=CVE-2024-56171 https://nvd.nist.gov/vuln/detail/CVE-2024-56171 https://gitlab.gnome.org/GNOME/libxml2/-/issues/828 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-56171.json https://access.redhat.com/errata/RHSA-2025:2686", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "libxml2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.9.7-19.el8_10", "arch_op": "pattern match" }, "+eLe6KFr85wO6TEnOPTz9g==": { "id": "+eLe6KFr85wO6TEnOPTz9g==", "updater": "rhel-vex", "name": "CVE-2022-48560", "description": "A use-after-free vulnerability was found in Python via the heappushpop function in the heapq module. This flaw allows an attacker to submit a specially crafted request, causing a service disruption that leads to a denial of service attack.", "issued": "2023-08-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-48560 https://bugzilla.redhat.com/show_bug.cgi?id=2249755 https://www.cve.org/CVERecord?id=CVE-2022-48560 https://nvd.nist.gov/vuln/detail/CVE-2022-48560 https://bugs.python.org/issue39421 https://github.com/python/cpython/issues/83602 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-48560.json https://access.redhat.com/errata/RHSA-2024:0114", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "python3-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-56.el8_9.2", "arch_op": "pattern match" }, "+nHq7dak7Hkjcru/xpwzhQ==": { "id": "+nHq7dak7Hkjcru/xpwzhQ==", "updater": "rhel-vex", "name": "CVE-2020-12413", "description": "A flaw was found in Mozilla nss. A raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being able to compute the pre-master secret in connections which have used a Diffie-Hellman(DH) based ciphersuite. In such a case this would result in the attacker being able to eavesdrop on all encrypted communications sent over that TLS connection. The highest threat from this vulnerability is to data confidentiality.", "issued": "2020-09-09T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-12413 https://bugzilla.redhat.com/show_bug.cgi?id=1877557 https://www.cve.org/CVERecord?id=CVE-2020-12413 https://nvd.nist.gov/vuln/detail/CVE-2020-12413 https://raccoon-attack.com/RacoonAttack.pdf https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-12413.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "nss", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "+vMXtJSeK8g1RwnD/+b+4w==": { "id": "+vMXtJSeK8g1RwnD/+b+4w==", "updater": "rhel-vex", "name": "CVE-2024-33602", "description": "A flaw was found in the glibc netgroup cache. The buffer-resizing code in addgetnetgrentX assumes that all string pointers point into the supplied buffer. This can potentially lead to memory corruption and cause a crash.", "issued": "2024-04-24T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-33602 https://bugzilla.redhat.com/show_bug.cgi?id=2277206 https://www.cve.org/CVERecord?id=CVE-2024-33602 https://nvd.nist.gov/vuln/detail/CVE-2024-33602 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-33602.json https://access.redhat.com/errata/RHSA-2024:3344", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "glibc-minimal-langpack", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.28-251.el8_10.2", "arch_op": "pattern match" }, "/1CYFiexnJcM7p4YrI/FVg==": { "id": "/1CYFiexnJcM7p4YrI/FVg==", "updater": "rhel-vex", "name": "CVE-2023-4504", "description": "A vulnerability was found in CUPS and libppd, where a failure to validate the length provided in an attacker-crafted PPD PostScript document can lead to a heap-based buffer overflow, causing a denial of service or, in some cases, execute arbitrary code, depending on how the application processes untrusted PPD files.", "issued": "2023-09-20T12:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4504 https://bugzilla.redhat.com/show_bug.cgi?id=2238509 https://www.cve.org/CVERecord?id=CVE-2023-4504 https://nvd.nist.gov/vuln/detail/CVE-2023-4504 https://takeonme.org/cves/CVE-2023-4504.html https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4504.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "cups", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "/DAGRW0SjCjrhjUqgqTmZg==": { "id": "/DAGRW0SjCjrhjUqgqTmZg==", "updater": "rhel-vex", "name": "CVE-2023-38546", "description": "A flaw was found in the Curl package. This flaw allows an attacker to insert cookies into a running program using libcurl if the specific series of conditions are met.", "issued": "2023-10-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-38546 https://bugzilla.redhat.com/show_bug.cgi?id=2241938 https://access.redhat.com/errata/RHSA-2024:2101 https://www.cve.org/CVERecord?id=CVE-2023-38546 https://nvd.nist.gov/vuln/detail/CVE-2023-38546 https://curl.se/docs/CVE-2023-38546.html https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-38546.json https://access.redhat.com/errata/RHSA-2024:1601", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "libcurl", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:7.61.1-33.el8_9.5", "arch_op": "pattern match" }, "/WwwNIXu3P/Dl6bU2HZW1Q==": { "id": "/WwwNIXu3P/Dl6bU2HZW1Q==", "updater": "rhel-vex", "name": "CVE-2024-5535", "description": "A flaw was found in OpenSSL. Affected versions of this package are vulnerable to Information Exposure through the SSL_select_next_proto function. This flaw allows an attacker to cause unexpected application behavior or a crash by exploiting the buffer overread condition when the function is called with a zero-length client list. This issue is only exploitable if the application is misconfigured to use a zero-length server list and mishandles the 'no overlap' response in ALPN or uses the output as the opportunistic protocol in NPN.", "issued": "2024-06-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-5535 https://bugzilla.redhat.com/show_bug.cgi?id=2294581 https://www.cve.org/CVERecord?id=CVE-2024-5535 https://nvd.nist.gov/vuln/detail/CVE-2024-5535 https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixMSQL https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-5535.json https://access.redhat.com/errata/RHSA-2024:7848", "severity": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:1.1.1k-14.el8_6", "arch_op": "pattern match" }, "/XMnxvMOAeDdGbdjLczh/Q==": { "id": "/XMnxvMOAeDdGbdjLczh/Q==", "updater": "rhel-vex", "name": "CVE-2022-40897", "description": "A flaw was found in Python Setuptools due to a regular expression Denial of Service (ReDoS) present in package_index.py. This issue could allow a remote attacker to cause a denial of service via HTML in a crafted package or custom PackageIndex page.", "issued": "2022-12-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-40897 https://bugzilla.redhat.com/show_bug.cgi?id=2158559 https://www.cve.org/CVERecord?id=CVE-2022-40897 https://nvd.nist.gov/vuln/detail/CVE-2022-40897 https://pyup.io/vulnerabilities/CVE-2022-40897/52495/ https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-40897.json https://access.redhat.com/errata/RHSA-2023:0835", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "python3-setuptools-wheel", "version": "", "kind": "binary", "normalized_version": "", "arch": "noarch", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:39.2.0-6.el8_7.1", "arch_op": "pattern match" }, "/s1EALuKQUNsL6wI6P+L3Q==": { "id": "/s1EALuKQUNsL6wI6P+L3Q==", "updater": "rhel-vex", "name": "CVE-2024-28834", "description": "A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noticeable step in nonce size from 513 to 512 bits, exposing a potential timing side-channel.", "issued": "2024-03-21T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-28834 https://bugzilla.redhat.com/show_bug.cgi?id=2269228 https://www.cve.org/CVERecord?id=CVE-2024-28834 https://nvd.nist.gov/vuln/detail/CVE-2024-28834 https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.html https://minerva.crocs.fi.muni.cz/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-28834.json https://access.redhat.com/errata/RHSA-2024:1784", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "gnutls", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.6.16-8.el8_9.3", "arch_op": "pattern match" }, "/tIO7UvmYpD2rJg34Sr/Lw==": { "id": "/tIO7UvmYpD2rJg34Sr/Lw==", "updater": "rhel-vex", "name": "CVE-2025-1795", "description": "During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself is also unicode-encoded. Expected behavior is that the separating comma remains a plan comma. This can result in the address header being misinterpreted by some mail servers.", "issued": "2025-02-28T18:59:31Z", "links": "https://access.redhat.com/security/cve/CVE-2025-1795 https://bugzilla.redhat.com/show_bug.cgi?id=2349061 https://www.cve.org/CVERecord?id=CVE-2025-1795 https://nvd.nist.gov/vuln/detail/CVE-2025-1795 https://github.com/python/cpython/commit/09fab93c3d857496c0bd162797fab816c311ee48 https://github.com/python/cpython/commit/70754d21c288535e86070ca7a6e90dcb670b8593 https://github.com/python/cpython/commit/9148b77e0af91cdacaa7fe3dfac09635c3fe9a74 https://github.com/python/cpython/issues/100884 https://github.com/python/cpython/pull/100885 https://github.com/python/cpython/pull/119099 https://mail.python.org/archives/list/security-announce@python.org/thread/MB62IZMEC3UM6SGHP5LET5JX2Y7H4ZUR/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-1795.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "/zeNBSs/BEl2xiceiql1Bg==": { "id": "/zeNBSs/BEl2xiceiql1Bg==", "updater": "rhel-vex", "name": "CVE-2023-3817", "description": "A vulnerability was found in OpenSSL. This security issue occurs because the applications that use the DH_check(), DH_check_ex(), or EVP_PKEY_param_check() functions to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source may lead to a denial of service.", "issued": "2023-07-31T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-3817 https://bugzilla.redhat.com/show_bug.cgi?id=2227852 https://www.cve.org/CVERecord?id=CVE-2023-3817 https://nvd.nist.gov/vuln/detail/CVE-2023-3817 https://www.openssl.org/news/secadv/20230731.txt https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-3817.json https://access.redhat.com/errata/RHSA-2023:7877", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:1.1.1k-12.el8_9", "arch_op": "pattern match" }, "0/ObkWWwIgSVwxLb9J6Mzw==": { "id": "0/ObkWWwIgSVwxLb9J6Mzw==", "updater": "rhel-vex", "name": "CVE-2023-40217", "description": "Python ssl.SSLSocket is vulnerable to a bypass of the TLS handshake in certain instances for HTTPS servers and other server-side protocols that use TLS client authentication such as mTLS. This issue may result in a breach of integrity as its possible to modify or delete resources that are authenticated only by a TLS certificate. No breach of confidentiality is possible.", "issued": "2023-08-25T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-40217 https://bugzilla.redhat.com/show_bug.cgi?id=2235789 https://www.cve.org/CVERecord?id=CVE-2023-40217 https://nvd.nist.gov/vuln/detail/CVE-2023-40217 https://github.com/python/cpython/issues/108310 https://github.com/python/cpython/pull/108315 https://mail.python.org/archives/list/security-announce@python.org/thread/PEPLII27KYHLF4AK3ZQGKYNCRERG4YXY/ https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-40217.json https://access.redhat.com/errata/RHSA-2023:5997", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N", "normalized_severity": "High", "package": { "id": "", "name": "platform-python", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-51.el8_8.2", "arch_op": "pattern match" }, "02y47AktmLpSs7TyV8lCmA==": { "id": "02y47AktmLpSs7TyV8lCmA==", "updater": "rhel-vex", "name": "CVE-2021-28861", "description": "A vulnerability was found in python. This security flaw causes an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of the URI path. This issue may lead to information disclosure.", "issued": "2022-08-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-28861 https://bugzilla.redhat.com/show_bug.cgi?id=2120642 https://www.cve.org/CVERecord?id=CVE-2021-28861 https://nvd.nist.gov/vuln/detail/CVE-2021-28861 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-28861.json https://access.redhat.com/errata/RHSA-2023:0833", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "platform-python", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-48.el8_7.1", "arch_op": "pattern match" }, "0HVDDj50URae9KMuitnGAQ==": { "id": "0HVDDj50URae9KMuitnGAQ==", "updater": "rhel-vex", "name": "CVE-2023-4813", "description": "A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge.", "issued": "2022-03-01T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4813 https://bugzilla.redhat.com/show_bug.cgi?id=2237798 https://www.cve.org/CVERecord?id=CVE-2023-4813 https://nvd.nist.gov/vuln/detail/CVE-2023-4813 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4813.json https://access.redhat.com/errata/RHSA-2023:5455", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc-common", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.28-225.el8_8.6", "arch_op": "pattern match" }, "0Nqx1PYel2XQJNYhgqQ78A==": { "id": "0Nqx1PYel2XQJNYhgqQ78A==", "updater": "rhel-vex", "name": "CVE-2023-24329", "description": "A flaw was found in the Python package. An issue in the urllib.parse component could allow attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.This may lead to compromised Integrity.", "issued": "2023-02-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-24329 https://bugzilla.redhat.com/show_bug.cgi?id=2173917 https://www.cve.org/CVERecord?id=CVE-2023-24329 https://nvd.nist.gov/vuln/detail/CVE-2023-24329 https://pointernull.com/security/python-url-parse-problem.html https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-24329.json https://access.redhat.com/errata/RHSA-2023:3591", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "normalized_severity": "High", "package": { "id": "", "name": "python3-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-51.el8_8.1", "arch_op": "pattern match" }, "0hx3AeRTki0QKu49u2uI9A==": { "id": "0hx3AeRTki0QKu49u2uI9A==", "updater": "rhel-vex", "name": "CVE-2024-21145", "description": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).", "issued": "2024-07-16T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-21145 https://bugzilla.redhat.com/show_bug.cgi?id=2297976 https://www.cve.org/CVERecord?id=CVE-2024-21145 https://nvd.nist.gov/vuln/detail/CVE-2024-21145 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-21145.json https://access.redhat.com/errata/RHSA-2024:4568", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.12.0.7-2.el8", "arch_op": "pattern match" }, "0lVKuiEWrTiY4i1yVwl4aQ==": { "id": "0lVKuiEWrTiY4i1yVwl4aQ==", "updater": "rhel-vex", "name": "CVE-2023-4527", "description": "A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash.", "issued": "2023-09-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4527 https://bugzilla.redhat.com/show_bug.cgi?id=2234712 https://www.cve.org/CVERecord?id=CVE-2023-4527 https://nvd.nist.gov/vuln/detail/CVE-2023-4527 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4527.json https://access.redhat.com/errata/RHSA-2023:5455", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc-minimal-langpack", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.28-225.el8_8.6", "arch_op": "pattern match" }, "0nBHTK879DllWAKX/qnDtQ==": { "id": "0nBHTK879DllWAKX/qnDtQ==", "updater": "rhel-vex", "name": "CVE-2023-0215", "description": "A use-after-free vulnerability was found in OpenSSL's BIO_new_NDEF function. The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally by OpenSSL to support the SMIME, CMS, and PKCS7 streaming capabilities, but it may also be called directly by end-user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions. For example, if a CMS recipient public key is invalid, the new filter BIO is freed, and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up, and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then calls BIO_pop() on the BIO, a use-after-free will occur, possibly resulting in a crash.", "issued": "2023-02-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-0215 https://bugzilla.redhat.com/show_bug.cgi?id=2164492 https://www.cve.org/CVERecord?id=CVE-2023-0215 https://nvd.nist.gov/vuln/detail/CVE-2023-0215 https://www.openssl.org/news/secadv/20230207.txt https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-0215.json https://access.redhat.com/errata/RHSA-2023:1405", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:1.1.1k-9.el8_7", "arch_op": "pattern match" }, "0nxqdWkEMqTJy8A94osl3w==": { "id": "0nxqdWkEMqTJy8A94osl3w==", "updater": "rhel-vex", "name": "CVE-2023-2283", "description": "A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in the`pki_verify_data_signature` function in memory allocation problems. This issue may happen if there is insufficient memory or the memory usage is limited. The problem is caused by the return value `rc,` which is initialized to SSH_ERROR and later rewritten to save the return value of the function call `pki_key_check_hash_compatible.` The value of the variable is not changed between this point and the cryptographic verification. Therefore any error between them calls `goto error` returning SSH_OK.", "issued": "2023-05-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-2283 https://bugzilla.redhat.com/show_bug.cgi?id=2189736 https://www.cve.org/CVERecord?id=CVE-2023-2283 https://nvd.nist.gov/vuln/detail/CVE-2023-2283 https://www.libssh.org/security/advisories/CVE-2023-2283.txt https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-2283.json https://access.redhat.com/errata/RHSA-2023:3839", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "libssh-config", "version": "", "kind": "binary", "normalized_version": "", "arch": "noarch", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:0.9.6-10.el8_8", "arch_op": "pattern match" }, "18jvRt70rCwvPLdZK5IZgQ==": { "id": "18jvRt70rCwvPLdZK5IZgQ==", "updater": "rhel-vex", "name": "CVE-2024-6923", "description": "A vulnerability was found in the email module that uses Python language. The email module doesn't properly quote new lines in email headers. This flaw allows an attacker to inject email headers that could, among other possibilities, add hidden email destinations or inject content into the email, impacting data confidentiality and integrity.", "issued": "2024-08-01T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-6923 https://bugzilla.redhat.com/show_bug.cgi?id=2302255 https://www.cve.org/CVERecord?id=CVE-2024-6923 https://nvd.nist.gov/vuln/detail/CVE-2024-6923 https://github.com/python/cpython/issues/121650 https://github.com/python/cpython/pull/122233 https://mail.python.org/archives/list/security-announce@python.org/thread/QH3BUOE2DYQBWP7NAQ7UNHPPOELKISRW/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-6923.json https://access.redhat.com/errata/RHSA-2024:6975", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-67.el8_10", "arch_op": "pattern match" }, "1BhMfisX7wncejaTurfMmg==": { "id": "1BhMfisX7wncejaTurfMmg==", "updater": "rhel-vex", "name": "CVE-2023-7008", "description": "A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records.", "issued": "2022-12-08T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-7008 https://bugzilla.redhat.com/show_bug.cgi?id=2222672 https://www.cve.org/CVERecord?id=CVE-2023-7008 https://nvd.nist.gov/vuln/detail/CVE-2023-7008 https://bugzilla.redhat.com/show_bug.cgi?id=2222261 https://github.com/systemd/systemd/issues/25676 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-7008.json https://access.redhat.com/errata/RHSA-2024:3203", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "systemd-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:239-82.el8", "arch_op": "pattern match" }, "1UGfcYGDEJl3LBntORtAkg==": { "id": "1UGfcYGDEJl3LBntORtAkg==", "updater": "rhel-vex", "name": "CVE-2022-32206", "description": "A vulnerability was found in curl. This issue occurs because the number of acceptable \"links\" in the \"decompression chain\" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps. This flaw leads to a denial of service, either by mistake or by a malicious actor.", "issued": "2022-06-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-32206 https://bugzilla.redhat.com/show_bug.cgi?id=2099300 https://www.cve.org/CVERecord?id=CVE-2022-32206 https://nvd.nist.gov/vuln/detail/CVE-2022-32206 https://curl.se/docs/CVE-2022-32206.html https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-32206.json https://access.redhat.com/errata/RHSA-2022:6159", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libcurl", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:7.61.1-22.el8_6.4", "arch_op": "pattern match" }, "1V7EAEuZ5HF3GMIH1SqKVQ==": { "id": "1V7EAEuZ5HF3GMIH1SqKVQ==", "updater": "rhel-vex", "name": "CVE-2021-35938", "description": "A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "issued": "2021-06-30T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-35938 https://bugzilla.redhat.com/show_bug.cgi?id=1964114 https://www.cve.org/CVERecord?id=CVE-2021-35938 https://nvd.nist.gov/vuln/detail/CVE-2021-35938 https://rpm.org/wiki/Releases/4.18.0 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-35938.json https://access.redhat.com/errata/RHSA-2024:0647", "severity": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "rpm", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:4.14.3-28.el8_9", "arch_op": "pattern match" }, "1V9gvOnbc/O4GqJ9bOA+6A==": { "id": "1V9gvOnbc/O4GqJ9bOA+6A==", "updater": "rhel-vex", "name": "CVE-2022-21626", "description": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "issued": "2022-10-18T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-21626 https://bugzilla.redhat.com/show_bug.cgi?id=2133753 https://www.cve.org/CVERecord?id=CVE-2022-21626 https://nvd.nist.gov/vuln/detail/CVE-2022-21626 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-21626.json https://access.redhat.com/errata/RHSA-2022:7000", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.5.0.8-2.el8_6", "arch_op": "pattern match" }, "1cFZ9bO4226NywOWSEqpqA==": { "id": "1cFZ9bO4226NywOWSEqpqA==", "updater": "rhel-vex", "name": "CVE-2023-45918", "description": "A flaw was found in ncurses. Affected versions of this package contain a NULL pointer dereference in tgetstr in tinfo/lib_termcap.c.", "issued": "2024-01-26T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-45918 https://bugzilla.redhat.com/show_bug.cgi?id=2300290 https://www.cve.org/CVERecord?id=CVE-2023-45918 https://nvd.nist.gov/vuln/detail/CVE-2023-45918 https://lists.gnu.org/archive/html/bug-ncurses/2023-06/msg00005.html https://security.netapp.com/advisory/ntap-20240315-0006/ https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-45918.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "1djukiGPRxtxIDYdWA6nAA==": { "id": "1djukiGPRxtxIDYdWA6nAA==", "updater": "rhel-vex", "name": "CVE-2024-33599", "description": "A stack-based buffer overflow flaw was found in the glibc netgroup cache. In certain conditions, its possible to trigger a stack-based buffer overflow condition that can lead to a denial of service and potentially other malicious actions that impact confidentiality and integrity.", "issued": "2024-04-23T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-33599 https://bugzilla.redhat.com/show_bug.cgi?id=2277202 https://www.cve.org/CVERecord?id=CVE-2024-33599 https://nvd.nist.gov/vuln/detail/CVE-2024-33599 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-33599.json https://access.redhat.com/errata/RHSA-2024:3344", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "normalized_severity": "High", "package": { "id": "", "name": "glibc-minimal-langpack", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.28-251.el8_10.2", "arch_op": "pattern match" }, "1zVZTSVjPMhgdBYrxkWAlw==": { "id": "1zVZTSVjPMhgdBYrxkWAlw==", "updater": "rhel-vex", "name": "CVE-2025-50182", "description": "No description is available for this CVE.", "issued": "2025-06-19T01:42:44Z", "links": "https://access.redhat.com/security/cve/CVE-2025-50182 https://bugzilla.redhat.com/show_bug.cgi?id=2373800 https://www.cve.org/CVERecord?id=CVE-2025-50182 https://nvd.nist.gov/vuln/detail/CVE-2025-50182 https://github.com/urllib3/urllib3/commit/7eb4a2aafe49a279c29b6d1f0ed0f42e9736194f https://github.com/urllib3/urllib3/security/advisories/GHSA-48p4-8xcf-vxj5 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-50182.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-pip", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "21JEFP/1qdwwKuIXlNd6Og==": { "id": "21JEFP/1qdwwKuIXlNd6Og==", "updater": "rhel-vex", "name": "CVE-2024-21131", "description": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).", "issued": "2024-07-16T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-21131 https://bugzilla.redhat.com/show_bug.cgi?id=2297961 https://www.cve.org/CVERecord?id=CVE-2024-21131 https://nvd.nist.gov/vuln/detail/CVE-2024-21131 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-21131.json https://access.redhat.com/errata/RHSA-2024:4568", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.12.0.7-2.el8", "arch_op": "pattern match" }, "28aE+mt81+7B1o+xQFCVdg==": { "id": "28aE+mt81+7B1o+xQFCVdg==", "updater": "rhel-vex", "name": "CVE-2022-37434", "description": "A security vulnerability was found in zlib. The flaw triggered a heap-based buffer in inflate in the inflate.c function via a large gzip header extra field. This flaw is only applicable in the call inflateGetHeader.", "issued": "2022-08-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-37434 https://bugzilla.redhat.com/show_bug.cgi?id=2116639 https://www.cve.org/CVERecord?id=CVE-2022-37434 https://nvd.nist.gov/vuln/detail/CVE-2022-37434 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-37434.json https://access.redhat.com/errata/RHSA-2022:7106", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "zlib", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:1.2.11-19.el8_6", "arch_op": "pattern match" }, "2CM3BoMvZg9NWZfYqarGHA==": { "id": "2CM3BoMvZg9NWZfYqarGHA==", "updater": "rhel-vex", "name": "CVE-2015-20107", "description": "A command injection vulnerability was found in the Python mailcap module. The issue occurs due to not adding escape characters into the system mailcap file commands. This flaw allows attackers to inject shell commands into applications that call the mailcap.findmatch function with untrusted input.", "issued": "2015-08-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2015-20107 https://bugzilla.redhat.com/show_bug.cgi?id=2075390 https://www.cve.org/CVERecord?id=CVE-2015-20107 https://nvd.nist.gov/vuln/detail/CVE-2015-20107 https://python-security.readthedocs.io/vuln/mailcap-shell-injection.html https://security.access.redhat.com/data/csaf/v2/vex/2015/cve-2015-20107.json https://access.redhat.com/errata/RHSA-2022:6457", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "platform-python", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-47.el8_6", "arch_op": "pattern match" }, "2tfVYVMnFMIJmwmpg1zYLQ==": { "id": "2tfVYVMnFMIJmwmpg1zYLQ==", "updater": "rhel-vex", "name": "CVE-2025-4373", "description": "A flaw was found in GLib, which is vulnerable to an integer overflow in the g_string_insert_unichar() function. When the position at which to insert the character is large, the position will overflow, leading to a buffer underwrite.", "issued": "2025-05-06T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-4373 https://bugzilla.redhat.com/show_bug.cgi?id=2364265 https://www.cve.org/CVERecord?id=CVE-2025-4373 https://nvd.nist.gov/vuln/detail/CVE-2025-4373 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-4373.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "2ys6ySRPV45jjaqKiRi8NQ==": { "id": "2ys6ySRPV45jjaqKiRi8NQ==", "updater": "rhel-vex", "name": "CVE-2023-48795", "description": "A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.", "issued": "2023-12-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-48795 https://bugzilla.redhat.com/show_bug.cgi?id=2254210 https://www.cve.org/CVERecord?id=CVE-2023-48795 https://nvd.nist.gov/vuln/detail/CVE-2023-48795 https://access.redhat.com/solutions/7071748 https://terrapin-attack.com/ https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-48795.json https://access.redhat.com/errata/RHSA-2024:0628", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "libssh-config", "version": "", "kind": "binary", "normalized_version": "", "arch": "noarch", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:0.9.6-13.el8_9", "arch_op": "pattern match" }, "34jKZUtQbaN/dKiP+pyimg==": { "id": "34jKZUtQbaN/dKiP+pyimg==", "updater": "rhel-vex", "name": "CVE-2024-50602", "description": "A security issue was found in Expat (libexpat). A crash can be triggered in the XML_ResumeParser function due to XML_StopParser's ability to stop or suspend an unstarted parser, which can lead to a denial of service.", "issued": "2024-10-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-50602 https://bugzilla.redhat.com/show_bug.cgi?id=2321987 https://www.cve.org/CVERecord?id=CVE-2024-50602 https://nvd.nist.gov/vuln/detail/CVE-2024-50602 https://github.com/libexpat/libexpat/pull/915 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-50602.json https://access.redhat.com/errata/RHSA-2024:9502", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "expat", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.2.5-16.el8_10", "arch_op": "pattern match" }, "3BIEEZNGzCJWC2Fx4uu4xg==": { "id": "3BIEEZNGzCJWC2Fx4uu4xg==", "updater": "rhel-vex", "name": "CVE-2023-22044", "description": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u371-perf, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).", "issued": "2023-07-18T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-22044 https://bugzilla.redhat.com/show_bug.cgi?id=2221642 https://www.cve.org/CVERecord?id=CVE-2023-22044 https://nvd.nist.gov/vuln/detail/CVE-2023-22044 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-22044.json https://access.redhat.com/errata/RHSA-2023:4159", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.8.0.7-2.el8", "arch_op": "pattern match" }, "3BwRA41Fvwd3QICFweyUXA==": { "id": "3BwRA41Fvwd3QICFweyUXA==", "updater": "rhel-vex", "name": "CVE-2022-45061", "description": "A vulnerability was discovered in Python. A quadratic algorithm exists when processing inputs to the IDNA (RFC 3490) decoder, such that a crafted unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often supplied by remote servers that could be controlled by a malicious actor, which could trigger excessive CPU consumption on the client attempting to make use of an attacker-supplied hostname.", "issued": "2022-11-09T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-45061 https://bugzilla.redhat.com/show_bug.cgi?id=2144072 https://www.cve.org/CVERecord?id=CVE-2022-45061 https://nvd.nist.gov/vuln/detail/CVE-2022-45061 https://github.com/python/cpython/issues/98433 https://python-security.readthedocs.io/vuln/slow-idna-large-strings.html https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-45061.json https://access.redhat.com/errata/RHSA-2023:0833", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "python3-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-48.el8_7.1", "arch_op": "pattern match" }, "3F5EkAY1orHwJiew6BsDzw==": { "id": "3F5EkAY1orHwJiew6BsDzw==", "updater": "rhel-vex", "name": "CVE-2025-4138", "description": "A flaw was found in the Python tarfile module. This vulnerability allows attackers to bypass extraction filters, enabling symlink targets to escape the destination directory and allowing unauthorized modification of file metadata via the use of TarFile.extract() or TarFile.extractall() with the filter= parameter set to \"data\" or \"tar\".", "issued": "2025-06-03T12:59:02Z", "links": "https://access.redhat.com/security/cve/CVE-2025-4138 https://bugzilla.redhat.com/show_bug.cgi?id=2372426 https://www.cve.org/CVERecord?id=CVE-2025-4138 https://nvd.nist.gov/vuln/detail/CVE-2025-4138 https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a https://github.com/python/cpython/issues/135034 https://github.com/python/cpython/pull/135037 https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-4138.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "High", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "3IgZDz5UYkhu/U1/4kSWKg==": { "id": "3IgZDz5UYkhu/U1/4kSWKg==", "updater": "rhel-vex", "name": "CVE-2021-25317", "description": "It was found that some Linux vendors may assign the ownership of the /var/log/cups directory to the `lp` user. This could allow an attacker with such privileges to create empty files in arbitrary locations, or to force arbitrary files to be opened and closed, using a symlink attack. This has a low impact on the integrity of the system.", "issued": "2021-04-29T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-25317 https://bugzilla.redhat.com/show_bug.cgi?id=1949119 https://www.cve.org/CVERecord?id=CVE-2021-25317 https://nvd.nist.gov/vuln/detail/CVE-2021-25317 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-25317.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "cups", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "3Tb/2rNonPAx7JWdUUQ8oA==": { "id": "3Tb/2rNonPAx7JWdUUQ8oA==", "updater": "rhel-vex", "name": "CVE-2024-0553", "description": "A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK key exchange, potentially leading to the leakage of sensitive data. CVE-2024-0553 is designated as an incomplete resolution for CVE-2023-5981.", "issued": "2024-01-16T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-0553 https://bugzilla.redhat.com/show_bug.cgi?id=2258412 https://www.cve.org/CVERecord?id=CVE-2024-0553 https://nvd.nist.gov/vuln/detail/CVE-2024-0553 https://gitlab.com/gnutls/gnutls/-/issues/1522 https://lists.gnupg.org/pipermail/gnutls-help/2024-January/004841.html https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-0553.json https://access.redhat.com/errata/RHSA-2024:0627", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "gnutls", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.6.16-8.el8_9.1", "arch_op": "pattern match" }, "3UJthWOIpt1HgtQQKRlRqg==": { "id": "3UJthWOIpt1HgtQQKRlRqg==", "updater": "rhel-vex", "name": "CVE-2023-1981", "description": "A vulnerability was found in the avahi library. This flaw allows an unprivileged user to make a dbus call, causing the avahi daemon to crash.", "issued": "2022-04-26T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-1981 https://bugzilla.redhat.com/show_bug.cgi?id=2185911 https://www.cve.org/CVERecord?id=CVE-2023-1981 https://nvd.nist.gov/vuln/detail/CVE-2023-1981 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-1981.json https://access.redhat.com/errata/RHSA-2023:7190", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "avahi-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:0.7-21.el8", "arch_op": "pattern match" }, "3XJRJsGvjXpvkosCndVfHg==": { "id": "3XJRJsGvjXpvkosCndVfHg==", "updater": "rhel-vex", "name": "CVE-2024-11168", "description": "A flaw was found in Python. The `urllib.parse.urlsplit()` and `urlparse()` functions improperly validated bracketed hosts (`[]`), allowing hosts that weren't IPv6 or IPvFuture compliant. This behavior was not conformant to RFC 3986 and was potentially vulnerable to server-side request forgery (SSRF) if a URL is processed by more than one URL parser.", "issued": "2024-11-12T21:22:23Z", "links": "https://access.redhat.com/security/cve/CVE-2024-11168 https://bugzilla.redhat.com/show_bug.cgi?id=2325776 https://www.cve.org/CVERecord?id=CVE-2024-11168 https://nvd.nist.gov/vuln/detail/CVE-2024-11168 https://github.com/python/cpython/commit/29f348e232e82938ba2165843c448c2b291504c5 https://github.com/python/cpython/commit/b2171a2fd41416cf68afd67460578631d755a550 https://github.com/python/cpython/issues/103848 https://github.com/python/cpython/pull/103849 https://mail.python.org/archives/list/security-announce@python.org/thread/XPWB6XVZ5G5KGEI63M4AWLIEUF5BPH4T/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-11168.json https://access.redhat.com/errata/RHSA-2024:10779", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "platform-python", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-69.el8_10", "arch_op": "pattern match" }, "3hFva6CKHYz84/DAAl4vYQ==": { "id": "3hFva6CKHYz84/DAAl4vYQ==", "updater": "rhel-vex", "name": "CVE-2022-45061", "description": "A vulnerability was discovered in Python. A quadratic algorithm exists when processing inputs to the IDNA (RFC 3490) decoder, such that a crafted unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often supplied by remote servers that could be controlled by a malicious actor, which could trigger excessive CPU consumption on the client attempting to make use of an attacker-supplied hostname.", "issued": "2022-11-09T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-45061 https://bugzilla.redhat.com/show_bug.cgi?id=2144072 https://www.cve.org/CVERecord?id=CVE-2022-45061 https://nvd.nist.gov/vuln/detail/CVE-2022-45061 https://github.com/python/cpython/issues/98433 https://python-security.readthedocs.io/vuln/slow-idna-large-strings.html https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-45061.json https://access.redhat.com/errata/RHSA-2023:0833", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "platform-python", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-48.el8_7.1", "arch_op": "pattern match" }, "3ukaS4wFZw3C98uakRKpLA==": { "id": "3ukaS4wFZw3C98uakRKpLA==", "updater": "rhel-vex", "name": "CVE-2022-25313", "description": "A flaw was found in expat. A stack exhaustion in doctype parsing could be triggered by a file with a large number of opening braces, resulting in a denial of service.", "issued": "2022-02-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-25313 https://bugzilla.redhat.com/show_bug.cgi?id=2056350 https://www.cve.org/CVERecord?id=CVE-2022-25313 https://nvd.nist.gov/vuln/detail/CVE-2022-25313 https://blog.hartwork.org/posts/expat-2-4-5-released/ https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-25313.json https://access.redhat.com/errata/RHSA-2022:5314", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "expat", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.2.5-8.el8_6.2", "arch_op": "pattern match" }, "3wyODHpRAzZnhOjhnPd7/Q==": { "id": "3wyODHpRAzZnhOjhnPd7/Q==", "updater": "rhel-vex", "name": "CVE-2023-0286", "description": "A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled (for example, the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or cause a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, of which neither needs a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. In this case, this vulnerability is likely only to affect applications that have implemented their own functionality for retrieving CRLs over a network.", "issued": "2023-02-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-0286 https://bugzilla.redhat.com/show_bug.cgi?id=2164440 https://www.cve.org/CVERecord?id=CVE-2023-0286 https://nvd.nist.gov/vuln/detail/CVE-2023-0286 https://www.openssl.org/news/secadv/20230207.txt https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-0286.json https://access.redhat.com/errata/RHSA-2023:1405", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H", "normalized_severity": "High", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:1.1.1k-9.el8_7", "arch_op": "pattern match" }, "4/mftydHpy90Umw3G0mTuQ==": { "id": "4/mftydHpy90Umw3G0mTuQ==", "updater": "rhel-vex", "name": "CVE-2018-1000879", "description": "libarchive version commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 onwards (release v3.3.0 onwards) contains a CWE-476: NULL Pointer Dereference vulnerability in ACL parser - libarchive/archive_acl.c, archive_acl_from_text_l() that can result in Crash/DoS. This attack appear to be exploitable via the victim must open a specially crafted archive file.", "issued": "2018-11-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2018-1000879 https://bugzilla.redhat.com/show_bug.cgi?id=1663890 https://www.cve.org/CVERecord?id=CVE-2018-1000879 https://nvd.nist.gov/vuln/detail/CVE-2018-1000879 https://security.access.redhat.com/data/csaf/v2/vex/2018/cve-2018-1000879.json", "severity": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "42hcSK6smfuaC5vG4Ott/Q==": { "id": "42hcSK6smfuaC5vG4Ott/Q==", "updater": "rhel-vex", "name": "CVE-2022-29824", "description": "A flaw was found in the libxml2 library in functions used to manipulate the xmlBuf and the xmlBuffer types. A substantial input causes values to calculate buffer sizes to overflow, resulting in an out-of-bounds write.", "issued": "2022-05-03T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-29824 https://bugzilla.redhat.com/show_bug.cgi?id=2082158 https://www.cve.org/CVERecord?id=CVE-2022-29824 https://nvd.nist.gov/vuln/detail/CVE-2022-29824 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-29824.json https://access.redhat.com/errata/RHSA-2022:5317", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.9.7-13.el8_6.1", "arch_op": "pattern match" }, "4DMC2rzmr/0uqLP6PpG7JQ==": { "id": "4DMC2rzmr/0uqLP6PpG7JQ==", "updater": "rhel-vex", "name": "CVE-2022-35737", "description": "An array-bounds overflow vulnerability was discovered in SQLite. The vulnerability occurs when handling an overly large input passed as a string argument to some of the C-language APIs provided by SQLite. This flaw allows a remote attacker to pass specially crafted large input to the application and perform a denial of service (DoS) attack.", "issued": "2022-07-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-35737 https://bugzilla.redhat.com/show_bug.cgi?id=2110291 https://www.cve.org/CVERecord?id=CVE-2022-35737 https://nvd.nist.gov/vuln/detail/CVE-2022-35737 https://blog.trailofbits.com/2022/10/25/sqlite-vulnerability-july-2022-library-api/ https://www.sqlite.org/releaselog/3_39_2.html https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-35737.json https://access.redhat.com/errata/RHSA-2023:0110", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "sqlite-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.26.0-17.el8_7", "arch_op": "pattern match" }, "4cg1PtftAG9rbhLnCiy8GA==": { "id": "4cg1PtftAG9rbhLnCiy8GA==", "updater": "rhel-vex", "name": "CVE-2024-34397", "description": "A flaw was found in GNOME GLib. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based client will wrongly interpret as having been sent by the trusted system service. This issue could lead to the GDBus-based client behaving incorrectly with an application-dependent impact.", "issued": "2024-05-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-34397 https://bugzilla.redhat.com/show_bug.cgi?id=2279632 https://www.cve.org/CVERecord?id=CVE-2024-34397 https://nvd.nist.gov/vuln/detail/CVE-2024-34397 https://gitlab.gnome.org/GNOME/glib/-/issues/3268 https://www.openwall.com/lists/oss-security/2024/05/07/5 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-34397.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "4e7QYgIO+xMWFH4OQ4f9yA==": { "id": "4e7QYgIO+xMWFH4OQ4f9yA==", "updater": "rhel-vex", "name": "CVE-2022-27776", "description": "A vulnerability was found in curl. This security flaw allows leak authentication or cookie header data on HTTP redirects to the same host but another port number. Sending the same set of headers to a server on a different port number is a problem for applications that pass on custom `Authorization:` or `Cookie:`headers. Those headers often contain privacy-sensitive information or data.", "issued": "2022-04-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-27776 https://bugzilla.redhat.com/show_bug.cgi?id=2078408 https://www.cve.org/CVERecord?id=CVE-2022-27776 https://nvd.nist.gov/vuln/detail/CVE-2022-27776 https://curl.se/docs/CVE-2022-27776.html https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-27776.json https://access.redhat.com/errata/RHSA-2022:5313", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:7.61.1-22.el8_6.3", "arch_op": "pattern match" }, "4hlQKWgASyO3lo2fByu3Lg==": { "id": "4hlQKWgASyO3lo2fByu3Lg==", "updater": "rhel-vex", "name": "CVE-2022-23990", "description": "A flaw was found in expat. The vulnerability occurs due to large content in element type declarations when there is an element declaration handler present which leads to an integer overflow. This flaw allows an attacker to inject an unsigned integer, leading to a crash or a denial of service.", "issued": "2022-01-26T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-23990 https://bugzilla.redhat.com/show_bug.cgi?id=2048356 https://www.cve.org/CVERecord?id=CVE-2022-23990 https://nvd.nist.gov/vuln/detail/CVE-2022-23990 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-23990.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "4st9LD+2++7vu0j406/Xrw==": { "id": "4st9LD+2++7vu0j406/Xrw==", "updater": "rhel-vex", "name": "CVE-2023-4813", "description": "A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge.", "issued": "2022-03-01T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4813 https://bugzilla.redhat.com/show_bug.cgi?id=2237798 https://www.cve.org/CVERecord?id=CVE-2023-4813 https://nvd.nist.gov/vuln/detail/CVE-2023-4813 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4813.json https://access.redhat.com/errata/RHSA-2023:5455", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.28-225.el8_8.6", "arch_op": "pattern match" }, "4ujx/9tWXnLXiaQL8hGPMg==": { "id": "4ujx/9tWXnLXiaQL8hGPMg==", "updater": "rhel-vex", "name": "CVE-2021-35937", "description": "A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "issued": "2021-06-30T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-35937 https://bugzilla.redhat.com/show_bug.cgi?id=1964125 https://www.cve.org/CVERecord?id=CVE-2021-35937 https://nvd.nist.gov/vuln/detail/CVE-2021-35937 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-35937.json https://access.redhat.com/errata/RHSA-2024:0647", "severity": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "rpm-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:4.14.3-28.el8_9", "arch_op": "pattern match" }, "5+JKWQiYpMfyZXzO0HebRQ==": { "id": "5+JKWQiYpMfyZXzO0HebRQ==", "updater": "rhel-vex", "name": "CVE-2023-23916", "description": "A flaw was found in the Curl package. A malicious server can insert an unlimited number of compression steps. This decompression chain could result in out-of-memory errors.", "issued": "2023-02-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-23916 https://bugzilla.redhat.com/show_bug.cgi?id=2167815 https://www.cve.org/CVERecord?id=CVE-2023-23916 https://nvd.nist.gov/vuln/detail/CVE-2023-23916 https://curl.se/docs/CVE-2023-23916.html https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-23916.json https://access.redhat.com/errata/RHSA-2023:1140", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:7.61.1-25.el8_7.3", "arch_op": "pattern match" }, "53xt9ofhDspNa5exDSyxUQ==": { "id": "53xt9ofhDspNa5exDSyxUQ==", "updater": "rhel-vex", "name": "CVE-2025-30691", "description": "Vulnerability in Oracle Java SE (component: Compiler). Supported versions that are affected are Oracle Java SE: 21.0.6, 24; Oracle GraalVM for JDK: 21.0.6 and 24. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE accessible data as well as unauthorized read access to a subset of Oracle Java SE accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).", "issued": "2025-04-15T21:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-30691 https://bugzilla.redhat.com/show_bug.cgi?id=2359694 https://www.cve.org/CVERecord?id=CVE-2025-30691 https://nvd.nist.gov/vuln/detail/CVE-2025-30691 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-30691.json https://access.redhat.com/errata/RHSA-2025:3852", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.15.0.6-2.el8", "arch_op": "pattern match" }, "58CqV1nF0B/Z3xZFLRisig==": { "id": "58CqV1nF0B/Z3xZFLRisig==", "updater": "rhel-vex", "name": "CVE-2024-12718", "description": "A flaw was found in CPython's tarfile module. This vulnerability allows modification of file metadata, such as timestamps or permissions, outside the intended extraction directory via maliciously crafted tar archives using the filter=\"data\" or filter=\"tar\" extraction filters.", "issued": "2025-06-03T12:59:10Z", "links": "https://access.redhat.com/security/cve/CVE-2024-12718 https://bugzilla.redhat.com/show_bug.cgi?id=2370013 https://www.cve.org/CVERecord?id=CVE-2024-12718 https://nvd.nist.gov/vuln/detail/CVE-2024-12718 https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a https://github.com/python/cpython/issues/127987 https://github.com/python/cpython/issues/135034 https://github.com/python/cpython/pull/135037 https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-12718.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L", "normalized_severity": "High", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "5B1tQ2BK8z/YjRkYcvwqag==": { "id": "5B1tQ2BK8z/YjRkYcvwqag==", "updater": "rhel-vex", "name": "CVE-2019-19244", "description": "A flaw was found in the way SQLite handled certain types of SQL queries using DISTINCT, OVER and ORDER BY clauses. A remote attacker could exploit this flaw by providing a malicious SQL query that, when processed by an application linked to SQLite, would crash the application causing a denial of service.", "issued": "2019-11-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2019-19244 https://bugzilla.redhat.com/show_bug.cgi?id=1777945 https://www.cve.org/CVERecord?id=CVE-2019-19244 https://nvd.nist.gov/vuln/detail/CVE-2019-19244 https://security.access.redhat.com/data/csaf/v2/vex/2019/cve-2019-19244.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "sqlite", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "5TopTOe34y/XKYSNpb8vxA==": { "id": "5TopTOe34y/XKYSNpb8vxA==", "updater": "rhel-vex", "name": "CVE-2023-1667", "description": "A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of service.", "issued": "2023-04-30T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-1667 https://bugzilla.redhat.com/show_bug.cgi?id=2182199 https://www.cve.org/CVERecord?id=CVE-2023-1667 https://nvd.nist.gov/vuln/detail/CVE-2023-1667 http://www.libssh.org/security/advisories/CVE-2023-1667.txt https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-1667.json https://access.redhat.com/errata/RHSA-2023:3839", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "libssh", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:0.9.6-10.el8_8", "arch_op": "pattern match" }, "5WmkIXghmpKM9Lig9VrOxA==": { "id": "5WmkIXghmpKM9Lig9VrOxA==", "updater": "rhel-vex", "name": "CVE-2023-5678", "description": "A flaw was found in OpenSSL, which caused the generation or checking of long X9.42 DH keys or parameters to be much slower than expected. This issue could lead to a denial of service.", "issued": "2023-10-24T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-5678 https://bugzilla.redhat.com/show_bug.cgi?id=2248616 https://www.cve.org/CVERecord?id=CVE-2023-5678 https://nvd.nist.gov/vuln/detail/CVE-2023-5678 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=34efaef6c103d636ab507a0cc34dca4d3aecc055 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=710fee740904b6290fef0dd5536fbcedbc38ff0c https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db925ae2e65d0d925adef429afc37f75bd1c2017 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ddeb4b6c6d527e54ce9a99cba785c0f7776e54b6 https://www.openssl.org/news/secadv/20231106.txt https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-5678.json https://access.redhat.com/errata/RHSA-2023:7877", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:1.1.1k-12.el8_9", "arch_op": "pattern match" }, "5oBb42rSFxsRbGLiglvWag==": { "id": "5oBb42rSFxsRbGLiglvWag==", "updater": "rhel-vex", "name": "CVE-2022-32208", "description": "A vulnerability was found in curl. This issue occurs because it mishandles message verification failures when curl does FTP transfers secured by krb5. This flaw makes it possible for a Man-in-the-middle attack to go unnoticed and allows data injection into the client.", "issued": "2022-06-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-32208 https://bugzilla.redhat.com/show_bug.cgi?id=2099306 https://www.cve.org/CVERecord?id=CVE-2022-32208 https://nvd.nist.gov/vuln/detail/CVE-2022-32208 https://curl.se/docs/CVE-2022-32208.html https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-32208.json https://access.redhat.com/errata/RHSA-2022:6159", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:7.61.1-22.el8_6.4", "arch_op": "pattern match" }, "5t439uCeC/gu1OEWWSlheA==": { "id": "5t439uCeC/gu1OEWWSlheA==", "updater": "rhel-vex", "name": "CVE-2018-16435", "description": "Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile.", "issued": "2018-08-13T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2018-16435 https://bugzilla.redhat.com/show_bug.cgi?id=1628969 https://www.cve.org/CVERecord?id=CVE-2018-16435 https://nvd.nist.gov/vuln/detail/CVE-2018-16435 https://security.access.redhat.com/data/csaf/v2/vex/2018/cve-2018-16435.json", "severity": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "lcms2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "5tDBtQtoQdaGURIXIcUT2Q==": { "id": "5tDBtQtoQdaGURIXIcUT2Q==", "updater": "rhel-vex", "name": "CVE-2024-12085", "description": "A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time.", "issued": "2025-01-14T15:06:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-12085 https://bugzilla.redhat.com/show_bug.cgi?id=2330539 https://www.cve.org/CVERecord?id=CVE-2024-12085 https://nvd.nist.gov/vuln/detail/CVE-2024-12085 https://kb.cert.org/vuls/id/952657 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-12085.json https://access.redhat.com/errata/RHSA-2025:0325", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "High", "package": { "id": "", "name": "rsync", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.1.3-20.el8_10", "arch_op": "pattern match" }, "5ua2nLPHKNwa9EoB2ADuiQ==": { "id": "5ua2nLPHKNwa9EoB2ADuiQ==", "updater": "rhel-vex", "name": "CVE-2024-6923", "description": "A vulnerability was found in the email module that uses Python language. The email module doesn't properly quote new lines in email headers. This flaw allows an attacker to inject email headers that could, among other possibilities, add hidden email destinations or inject content into the email, impacting data confidentiality and integrity.", "issued": "2024-08-01T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-6923 https://bugzilla.redhat.com/show_bug.cgi?id=2302255 https://www.cve.org/CVERecord?id=CVE-2024-6923 https://nvd.nist.gov/vuln/detail/CVE-2024-6923 https://github.com/python/cpython/issues/121650 https://github.com/python/cpython/pull/122233 https://mail.python.org/archives/list/security-announce@python.org/thread/QH3BUOE2DYQBWP7NAQ7UNHPPOELKISRW/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-6923.json https://access.redhat.com/errata/RHSA-2024:6975", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "platform-python", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-67.el8_10", "arch_op": "pattern match" }, "5x/ItUQpMkFxxiO3pm1+iw==": { "id": "5x/ItUQpMkFxxiO3pm1+iw==", "updater": "rhel-vex", "name": "CVE-2023-6918", "description": "A flaw was found in the libssh implements abstract layer for message digest (MD) operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the uninitialized memory as an input for the KDF. In this case, non-matching keys will result in decryption/integrity failures, terminating the connection.", "issued": "2023-12-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-6918 https://bugzilla.redhat.com/show_bug.cgi?id=2254997 https://www.cve.org/CVERecord?id=CVE-2023-6918 https://nvd.nist.gov/vuln/detail/CVE-2023-6918 https://www.libssh.org/2023/12/18/libssh-0-10-6-and-libssh-0-9-8-security-releases/ https://www.libssh.org/security/advisories/CVE-2023-6918.txt https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-6918.json https://access.redhat.com/errata/RHSA-2024:3233", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libssh", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:0.9.6-14.el8", "arch_op": "pattern match" }, "66v0aqTJ+rWKKSw9QM/UiQ==": { "id": "66v0aqTJ+rWKKSw9QM/UiQ==", "updater": "rhel-vex", "name": "CVE-2024-6345", "description": "A flaw was found in the package_index module of pypa/setuptools. Affected versions of this package allow remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code injection. If these functions are exposed to user-controlled inputs, such as package URLs, they can execute arbitrary commands on the system.", "issued": "2024-07-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-6345 https://bugzilla.redhat.com/show_bug.cgi?id=2297771 https://www.cve.org/CVERecord?id=CVE-2024-6345 https://nvd.nist.gov/vuln/detail/CVE-2024-6345 https://github.com/pypa/setuptools/commit/88807c7062788254f654ea8c03427adc859321f0 https://huntr.com/bounties/d6362117-ad57-4e83-951f-b8141c6e7ca5 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-6345.json https://access.redhat.com/errata/RHSA-2024:5530", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "python3-setuptools-wheel", "version": "", "kind": "binary", "normalized_version": "", "arch": "noarch", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:39.2.0-8.el8_10", "arch_op": "pattern match" }, "6DLPak8GAuUaNtzh3oep9g==": { "id": "6DLPak8GAuUaNtzh3oep9g==", "updater": "rhel-vex", "name": "CVE-2023-0767", "description": "The Mozilla Foundation Security Advisory describes this flaw as:\r\n\r\nAn attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled.", "issued": "2023-02-14T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-0767 https://bugzilla.redhat.com/show_bug.cgi?id=2170377 https://www.cve.org/CVERecord?id=CVE-2023-0767 https://nvd.nist.gov/vuln/detail/CVE-2023-0767 https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-0767 https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-0767 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-0767.json https://access.redhat.com/errata/RHSA-2023:1252", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "nss-softokn-freebl", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.79.0-11.el8_7", "arch_op": "pattern match" }, "6FP4s8wPa+Gv4e3xITF6rw==": { "id": "6FP4s8wPa+Gv4e3xITF6rw==", "updater": "rhel-vex", "name": "CVE-2023-32360", "description": "A vulnerability was found in OpenPrinting CUPS. Unauthorized users are permitted to fetch documents over local or remote networks, leading to confidentiality breach.", "issued": "2022-12-06T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-32360 https://bugzilla.redhat.com/show_bug.cgi?id=2230495 https://www.cve.org/CVERecord?id=CVE-2023-32360 https://nvd.nist.gov/vuln/detail/CVE-2023-32360 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-32360.json https://access.redhat.com/errata/RHSA-2023:4864", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "High", "package": { "id": "", "name": "cups-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:2.2.6-51.el8_8.1", "arch_op": "pattern match" }, "6FQUI3OxX4C5skWXKgq80Q==": { "id": "6FQUI3OxX4C5skWXKgq80Q==", "updater": "rhel-vex", "name": "CVE-2023-0464", "description": "A security vulnerability has been identified in all supported OpenSSL versions related to verifying X.509 certificate chains that include policy constraints. This flaw allows attackers to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial of service (DoS) attack on affected systems. Policy processing is disabled by default but can be enabled by passing the -policy' argument to the command line utilities or calling the X509_VERIFY_PARAM_set1_policies()' function.", "issued": "2023-03-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-0464 https://bugzilla.redhat.com/show_bug.cgi?id=2181082 https://www.cve.org/CVERecord?id=CVE-2023-0464 https://nvd.nist.gov/vuln/detail/CVE-2023-0464 https://www.openssl.org/news/secadv/20230322.txt https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-0464.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "6d8PbxNCvsQ81JDCp+EclQ==": { "id": "6d8PbxNCvsQ81JDCp+EclQ==", "updater": "rhel-vex", "name": "CVE-2024-2961", "description": "An out-of-bounds write flaw was found in the ISO-2022-CN-EXT plugin for glibc's iconv library. When converting from UCS4 charset, adding certain escape charterers is required to indicate where the charset was changed to the library. During this process, iconv improperly checks the boundaries of internal buffers, leading to a buffer overflow, which allows writing up to 3 bytes outside the desired memory location. This issue may allow an attacker to craft a malicious characters sequence that will trigger the out-of-bounds write and perform remote code execution, presenting a high impact to the Integrity, Confidentiality, and Availability triad.", "issued": "2024-04-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-2961 https://bugzilla.redhat.com/show_bug.cgi?id=2273404 https://www.cve.org/CVERecord?id=CVE-2024-2961 https://nvd.nist.gov/vuln/detail/CVE-2024-2961 https://www.openwall.com/lists/oss-security/2024/04/17/9 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-2961.json https://access.redhat.com/errata/RHSA-2024:2722", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "glibc-minimal-langpack", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.28-236.el8_9.13", "arch_op": "pattern match" }, "6jCz/VrJ23VzfnqT5f5Srw==": { "id": "6jCz/VrJ23VzfnqT5f5Srw==", "updater": "rhel-vex", "name": "CVE-2016-3709", "description": "A Cross-site scripting (XSS) vulnerability was found in libxml2. A specially crafted input, when serialized and re-parsed by the libxml2 library, will result in a document with element attributes that did not exist in the original document.", "issued": "2016-08-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2016-3709 https://bugzilla.redhat.com/show_bug.cgi?id=2112766 https://www.cve.org/CVERecord?id=CVE-2016-3709 https://nvd.nist.gov/vuln/detail/CVE-2016-3709 https://security.access.redhat.com/data/csaf/v2/vex/2016/cve-2016-3709.json https://access.redhat.com/errata/RHSA-2022:7715", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.9.7-15.el8", "arch_op": "pattern match" }, "6miXGlAYo7AcRZhS83AtIQ==": { "id": "6miXGlAYo7AcRZhS83AtIQ==", "updater": "rhel-vex", "name": "CVE-2023-21843", "description": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Sound). Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf, 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).", "issued": "2023-01-17T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-21843 https://bugzilla.redhat.com/show_bug.cgi?id=2160475 https://www.cve.org/CVERecord?id=CVE-2023-21843 https://nvd.nist.gov/vuln/detail/CVE-2023-21843 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-21843.json https://access.redhat.com/errata/RHSA-2023:0192", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.6.0.10-3.el8_7", "arch_op": "pattern match" }, "6oX8p1ex/KW78EOzlmbqsg==": { "id": "6oX8p1ex/KW78EOzlmbqsg==", "updater": "rhel-vex", "name": "CVE-2025-27363", "description": "A flaw was found in FreeType. In affected versions, an out-of-bounds write condition may be triggered when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value, causing it to wrap around and allocate a heap buffer that is too small. The code then writes up to 6 signed long integers out of bounds relative to this buffer. This issue could result in arbitrary code execution or other undefined behavior.", "issued": "2025-03-11T13:28:31Z", "links": "https://access.redhat.com/security/cve/CVE-2025-27363 https://bugzilla.redhat.com/show_bug.cgi?id=2351357 https://www.cve.org/CVERecord?id=CVE-2025-27363 https://nvd.nist.gov/vuln/detail/CVE-2025-27363 https://www.facebook.com/security/advisories/cve-2025-27363 https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-27363.json https://access.redhat.com/errata/RHSA-2025:3421", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "freetype", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.9.1-10.el8_10", "arch_op": "pattern match" }, "73+OfODwepfBuK+I3748Fg==": { "id": "73+OfODwepfBuK+I3748Fg==", "updater": "rhel-vex", "name": "CVE-2018-19217", "description": "In ncurses, possibly a 6.x version, there is a NULL pointer dereference at the function _nc_name_match that will lead to a denial of service attack. NOTE: the original report stated version 6.1, but the issue did not reproduce for that version according to the maintainer or a reliable third-party", "issued": "2018-11-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2018-19217 https://bugzilla.redhat.com/show_bug.cgi?id=1652606 https://www.cve.org/CVERecord?id=CVE-2018-19217 https://nvd.nist.gov/vuln/detail/CVE-2018-19217 https://security.access.redhat.com/data/csaf/v2/vex/2018/cve-2018-19217.json", "severity": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "7C9fLvYVRJxFBN4CqCvk0A==": { "id": "7C9fLvYVRJxFBN4CqCvk0A==", "updater": "rhel-vex", "name": "CVE-2020-19187", "description": "A flaw was found in the ncurses library. This issue occurs when processing a crafted terminfo database, causing a heap-based buffer overflow, resulting in an application crash.", "issued": "2019-05-03T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-19187 https://bugzilla.redhat.com/show_bug.cgi?id=2234911 https://www.cve.org/CVERecord?id=CVE-2020-19187 https://nvd.nist.gov/vuln/detail/CVE-2020-19187 https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-19187.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "7MunWMtYjSZc7Cw7Vl1WRw==": { "id": "7MunWMtYjSZc7Cw7Vl1WRw==", "updater": "rhel-vex", "name": "CVE-2021-35939", "description": "It was found that the fix for CVE-2017-7500 and CVE-2017-7501 was incomplete: the check was only implemented for the parent directory of the file to be created. A local unprivileged user who owns another ancestor directory could potentially use this flaw to gain root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "issued": "2021-06-30T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-35939 https://bugzilla.redhat.com/show_bug.cgi?id=1964129 https://www.cve.org/CVERecord?id=CVE-2021-35939 https://nvd.nist.gov/vuln/detail/CVE-2021-35939 https://rpm.org/wiki/Releases/4.18.0 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-35939.json https://access.redhat.com/errata/RHSA-2024:0647", "severity": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "rpm", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:4.14.3-28.el8_9", "arch_op": "pattern match" }, "7NwS166PaZGi7M67yM58Gw==": { "id": "7NwS166PaZGi7M67yM58Gw==", "updater": "rhel-vex", "name": "CVE-2025-4802", "description": "A flaw was found in the glibc library. A statically linked setuid binary that calls dlopen(), including internal dlopen() calls after setlocale() or calls to NSS functions such as getaddrinfo(), may incorrectly search LD_LIBRARY_PATH to determine which library to load, allowing a local attacker to load malicious shared libraries, escalate privileges and execute arbitrary code.", "issued": "2025-05-16T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-4802 https://bugzilla.redhat.com/show_bug.cgi?id=2367468 https://www.cve.org/CVERecord?id=CVE-2025-4802 https://nvd.nist.gov/vuln/detail/CVE-2025-4802 https://www.openwall.com/lists/oss-security/2025/05/16/7 https://www.openwall.com/lists/oss-security/2025/05/17/2 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-4802.json https://access.redhat.com/errata/RHSA-2025:8686", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc-common", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.28-251.el8_10.22", "arch_op": "pattern match" }, "7SBwpQIypClesqN48zBoOA==": { "id": "7SBwpQIypClesqN48zBoOA==", "updater": "rhel-vex", "name": "CVE-2023-34241", "description": "A vulnerability was found in CUPS. This issue occurs due to logging data of free memory to the logging service AFTER the connection has been closed, when it should have logged the data immediately before the connection closed, resulting in a use-after-free in cupsdAcceptClient() in scheduler/client.c", "issued": "2023-06-22T11:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-34241 https://bugzilla.redhat.com/show_bug.cgi?id=2214914 https://www.cve.org/CVERecord?id=CVE-2023-34241 https://nvd.nist.gov/vuln/detail/CVE-2023-34241 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-34241.json https://access.redhat.com/errata/RHSA-2023:7165", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "cups-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:2.2.6-54.el8_9", "arch_op": "pattern match" }, "7p+Ta4Uy+VyMwzbCK/ZUSA==": { "id": "7p+Ta4Uy+VyMwzbCK/ZUSA==", "updater": "rhel-vex", "name": "CVE-2025-49794", "description": "A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the \u003csch:name path=\"...\"/\u003e schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program's crash using libxml or other possible undefined behaviors.", "issued": "2025-06-10T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-49794 https://bugzilla.redhat.com/show_bug.cgi?id=2372373 https://www.cve.org/CVERecord?id=CVE-2025-49794 https://nvd.nist.gov/vuln/detail/CVE-2025-49794 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-49794.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "81J+T1001q2+nKUZzY+w+Q==": { "id": "81J+T1001q2+nKUZzY+w+Q==", "updater": "rhel-vex", "name": "CVE-2025-0395", "description": "A flaw was found in the GNU C Library (glibc). A buffer overflow condition via the `assert()` function may be triggered due to glibc not allocating enough space for the assertion failure message string and size information. In certain conditions, a local attacker can exploit this, potentially leading to an application crash or other undefined behavior.", "issued": "2025-01-22T13:11:30Z", "links": "https://access.redhat.com/security/cve/CVE-2025-0395 https://bugzilla.redhat.com/show_bug.cgi?id=2339460 https://www.cve.org/CVERecord?id=CVE-2025-0395 https://nvd.nist.gov/vuln/detail/CVE-2025-0395 https://sourceware.org/bugzilla/show_bug.cgi?id=32582 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-0395.json https://access.redhat.com/errata/RHSA-2025:3828", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.28-251.el8_10.16", "arch_op": "pattern match" }, "86OIQgkTOTkmF1pPpJdY2g==": { "id": "86OIQgkTOTkmF1pPpJdY2g==", "updater": "rhel-vex", "name": "CVE-2024-33599", "description": "A stack-based buffer overflow flaw was found in the glibc netgroup cache. In certain conditions, its possible to trigger a stack-based buffer overflow condition that can lead to a denial of service and potentially other malicious actions that impact confidentiality and integrity.", "issued": "2024-04-23T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-33599 https://bugzilla.redhat.com/show_bug.cgi?id=2277202 https://www.cve.org/CVERecord?id=CVE-2024-33599 https://nvd.nist.gov/vuln/detail/CVE-2024-33599 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-33599.json https://access.redhat.com/errata/RHSA-2024:3344", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "normalized_severity": "High", "package": { "id": "", "name": "glibc-common", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.28-251.el8_10.2", "arch_op": "pattern match" }, "86unVXyTxdffdcXWZTYw5g==": { "id": "86unVXyTxdffdcXWZTYw5g==", "updater": "rhel-vex", "name": "CVE-2023-0465", "description": "A flaw was found in OpenSSL. Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. OpenSSL and other certificate policy checks silently ignore invalid certificate policies in leaf certificates that are skipped for that certificate. A malicious CA could use this to deliberately assert invalid certificate policies to circumvent policy checking on the certificate altogether. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function.", "issued": "2023-03-28T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-0465 https://bugzilla.redhat.com/show_bug.cgi?id=2182561 https://www.cve.org/CVERecord?id=CVE-2023-0465 https://nvd.nist.gov/vuln/detail/CVE-2023-0465 https://www.openssl.org/news/secadv/20230328.txt https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-0465.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "8I2jFG8JRR+6+eqqYlXhAg==": { "id": "8I2jFG8JRR+6+eqqYlXhAg==", "updater": "rhel-vex", "name": "CVE-2018-20225", "description": "A vulnerability was found in python-pip due to a flaw in the --extra-index-url option, where it installs the version with the highest version number, even if the user intended to obtain a private package from a private index. Exploitation requires that the package does not already exist in the public index, allowing an attacker to place the package there with an arbitrary version number.", "issued": "2020-04-28T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2018-20225 https://bugzilla.redhat.com/show_bug.cgi?id=1835736 https://www.cve.org/CVERecord?id=CVE-2018-20225 https://nvd.nist.gov/vuln/detail/CVE-2018-20225 https://cowlicks.website/posts/arbitrary-code-execution-from-pips-extra-index-url.html https://security.access.redhat.com/data/csaf/v2/vex/2018/cve-2018-20225.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "python-pip", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "8MEAnOTOISpJSkWi6WPfVw==": { "id": "8MEAnOTOISpJSkWi6WPfVw==", "updater": "rhel-vex", "name": "CVE-2024-2408", "description": "The RSA decryption implementation using PKCS#1 v1.5 padding in OpenSSL is vulnerable to a timing side-channel attack known as the Marvin Attack. This vulnerability arises because the execution time of the openssl_private_decrypt() function in PHP with OpenSSL varies based on whether a valid message is returned. This flaw allows an attacker to use these timing differences to decrypt captured ciphertexts or forge signatures, compromising the security of the encrypted data. \r\n\r\nThe vulnerability has been demonstrated through statistical analysis of execution times, confirming the presence of a side channel that can be leveraged in a Bleichenbacher-style attack.", "issued": "2024-06-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-2408 https://bugzilla.redhat.com/show_bug.cgi?id=2270358 https://www.cve.org/CVERecord?id=CVE-2024-2408 https://nvd.nist.gov/vuln/detail/CVE-2024-2408 https://github.com/php/php-src/security/advisories/GHSA-hh26-4ppw-5864 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-2408.json https://access.redhat.com/errata/RHSA-2023:7877", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:1.1.1k-12.el8_9", "arch_op": "pattern match" }, "8RhiWuvrta/hRaUfUrb/oA==": { "id": "8RhiWuvrta/hRaUfUrb/oA==", "updater": "rhel-vex", "name": "CVE-2023-5388", "description": "It was discovered that the numerical library used in NSS for RSA cryptography leaks information whether high order bits of the RSA decryption result are zero. This information can be used to mount a Bleichenbacher or Manger like attack against all RSA decryption operations. As the leak happens before any padding operations, it affects all padding modes: PKCS#1 v1.5, OAEP, and RSASVP. Both API level calls and TLS server operation are affected.", "issued": "2023-10-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-5388 https://bugzilla.redhat.com/show_bug.cgi?id=2243644 https://www.cve.org/CVERecord?id=CVE-2023-5388 https://nvd.nist.gov/vuln/detail/CVE-2023-5388 https://www.mozilla.org/en-US/security/advisories/mfsa2024-13/#CVE-2023-5388 https://www.mozilla.org/en-US/security/advisories/mfsa2024-14/#CVE-2023-5388 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-5388.json https://access.redhat.com/errata/RHSA-2024:0105", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "nss-softokn-freebl", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.90.0-4.el8_9", "arch_op": "pattern match" }, "8Sec+JvKiQWGqYCOBdZhjg==": { "id": "8Sec+JvKiQWGqYCOBdZhjg==", "updater": "rhel-vex", "name": "CVE-2025-5918", "description": "A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memory corruption, or a denial-of-service condition.", "issued": "2025-05-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5918 https://bugzilla.redhat.com/show_bug.cgi?id=2370877 https://www.cve.org/CVERecord?id=CVE-2025-5918 https://nvd.nist.gov/vuln/detail/CVE-2025-5918 https://github.com/libarchive/libarchive/pull/2584 https://github.com/libarchive/libarchive/releases/tag/v3.8.0 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5918.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "8TFgFlUtgZLpn2Ire1885g==": { "id": "8TFgFlUtgZLpn2Ire1885g==", "updater": "rhel-vex", "name": "CVE-2023-6918", "description": "A flaw was found in the libssh implements abstract layer for message digest (MD) operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the uninitialized memory as an input for the KDF. In this case, non-matching keys will result in decryption/integrity failures, terminating the connection.", "issued": "2023-12-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-6918 https://bugzilla.redhat.com/show_bug.cgi?id=2254997 https://www.cve.org/CVERecord?id=CVE-2023-6918 https://nvd.nist.gov/vuln/detail/CVE-2023-6918 https://www.libssh.org/2023/12/18/libssh-0-10-6-and-libssh-0-9-8-security-releases/ https://www.libssh.org/security/advisories/CVE-2023-6918.txt https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-6918.json https://access.redhat.com/errata/RHSA-2024:3233", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libssh-config", "version": "", "kind": "binary", "normalized_version": "", "arch": "noarch", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:0.9.6-14.el8", "arch_op": "pattern match" }, "8ZxbhBIT+9Mj99/XbMpLSQ==": { "id": "8ZxbhBIT+9Mj99/XbMpLSQ==", "updater": "rhel-vex", "name": "CVE-2024-0232", "description": "A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading to a denial of service.", "issued": "2023-10-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-0232 https://bugzilla.redhat.com/show_bug.cgi?id=2243754 https://www.cve.org/CVERecord?id=CVE-2024-0232 https://nvd.nist.gov/vuln/detail/CVE-2024-0232 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-0232.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "sqlite", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "8j1slAUDk5hMt1Yun3UG9w==": { "id": "8j1slAUDk5hMt1Yun3UG9w==", "updater": "rhel-vex", "name": "CVE-2019-12900", "description": "A data integrity error was found in the bzip2 (User-space package) functionality when decompressing. This issue occurs when a user decompresses a particular kind of .bz2 files. A local user could get unexpected results (or corrupted data) as result of decompressing these files.", "issued": "2024-11-15T10:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2019-12900 https://bugzilla.redhat.com/show_bug.cgi?id=2332075 https://www.cve.org/CVERecord?id=CVE-2019-12900 https://nvd.nist.gov/vuln/detail/CVE-2019-12900 https://security.access.redhat.com/data/csaf/v2/vex/2019/cve-2019-12900.json https://access.redhat.com/errata/RHSA-2024:8922", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "bzip2-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:1.0.6-27.el8_10", "arch_op": "pattern match" }, "8pGyaLRS1vu6mt0ZaJAg1w==": { "id": "8pGyaLRS1vu6mt0ZaJAg1w==", "updater": "rhel-vex", "name": "CVE-2021-40528", "description": "A flaw was found in libgcrypt's ElGamal implementation, where it allows plain text recovery. During the interaction between two cryptographic libraries, a certain combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP. The highest threat from this vulnerability is to confidentiality.", "issued": "2021-07-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-40528 https://bugzilla.redhat.com/show_bug.cgi?id=2002816 https://www.cve.org/CVERecord?id=CVE-2021-40528 https://nvd.nist.gov/vuln/detail/CVE-2021-40528 https://dev.gnupg.org/rCb118681ebc4c9ea4b9da79b0f9541405a64f4c13 https://eprint.iacr.org/2021/923 https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1 https://ibm.github.io/system-security-research-updates/2021/09/06/insecurity-elgamal-pt2 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-40528.json https://access.redhat.com/errata/RHSA-2022:5311", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "libgcrypt", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:1.8.5-7.el8_6", "arch_op": "pattern match" }, "8rKA8ZJ1GNONmSHAKpnyGA==": { "id": "8rKA8ZJ1GNONmSHAKpnyGA==", "updater": "rhel-vex", "name": "CVE-2023-2603", "description": "A vulnerability was found in libcap. This issue occurs in the _libcap_strdup() function and can lead to an integer overflow if the input string is close to 4GiB.", "issued": "2023-05-16T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-2603 https://bugzilla.redhat.com/show_bug.cgi?id=2209113 https://www.cve.org/CVERecord?id=CVE-2023-2603 https://nvd.nist.gov/vuln/detail/CVE-2023-2603 https://www.x41-dsec.de/static/reports/X41-libcap-Code-Review-2023-OSTIF-Final-Report.pdf https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-2603.json https://access.redhat.com/errata/RHSA-2023:4524", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libcap", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.48-5.el8_8", "arch_op": "pattern match" }, "8rlUwwauzNJj5fxec9mB0w==": { "id": "8rlUwwauzNJj5fxec9mB0w==", "updater": "rhel-vex", "name": "CVE-2022-48564", "description": "A vulnerability was found in the Python core plistlib library within the read_ints() function in the plistlib.py file. In malformed input, the implementation can be manipulated to create an argument for struct.unpack(). This issue can lead to excessive CPU and memory consumption, resulting in a MemError, as it constructs the 'format' argument for unpack(). This flaw allows an attacker to employ a binary plist input, potentially executing a denial of service (DoS) attack by exhausting CPU and RAM resources.", "issued": "2023-08-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-48564 https://bugzilla.redhat.com/show_bug.cgi?id=2249750 https://www.cve.org/CVERecord?id=CVE-2022-48564 https://nvd.nist.gov/vuln/detail/CVE-2022-48564 https://bugs.python.org/issue42103 https://github.com/python/cpython/issues/86269 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-48564.json https://access.redhat.com/errata/RHSA-2024:0114", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "platform-python", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-56.el8_9.2", "arch_op": "pattern match" }, "8rxYDEPu2XxazQ3cBUhX0Q==": { "id": "8rxYDEPu2XxazQ3cBUhX0Q==", "updater": "rhel-vex", "name": "CVE-2019-9923", "description": "pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers.", "issued": "2019-01-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2019-9923 https://bugzilla.redhat.com/show_bug.cgi?id=1691764 https://www.cve.org/CVERecord?id=CVE-2019-9923 https://nvd.nist.gov/vuln/detail/CVE-2019-9923 https://security.access.redhat.com/data/csaf/v2/vex/2019/cve-2019-9923.json", "severity": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "tar", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "9+MWAgJGmCbODfE2C76Gqg==": { "id": "9+MWAgJGmCbODfE2C76Gqg==", "updater": "rhel-vex", "name": "CVE-2024-37371", "description": "A vulnerability was found in the MIT Kerberos 5 GSS krb5 wrap token, where an attacker can modify the plaintext Extra Count field, causing the unwrapped token to appear truncated to the application, occurs when the attacker alters the token data during transmission which can lead to improper handling of authentication tokens.", "issued": "2024-06-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-37371 https://bugzilla.redhat.com/show_bug.cgi?id=2294676 https://www.cve.org/CVERecord?id=CVE-2024-37371 https://nvd.nist.gov/vuln/detail/CVE-2024-37371 https://web.mit.edu/kerberos/www/krb5-1.21/ https://www.oracle.com/security-alerts/cpujan2025.html#AppendixMSQL https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-37371.json https://access.redhat.com/errata/RHSA-2024:5312", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "krb5-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:1.18.2-29.el8_10", "arch_op": "pattern match" }, "90371rURZTzvZV3upGEFLw==": { "id": "90371rURZTzvZV3upGEFLw==", "updater": "rhel-vex", "name": "CVE-2025-4802", "description": "A flaw was found in the glibc library. A statically linked setuid binary that calls dlopen(), including internal dlopen() calls after setlocale() or calls to NSS functions such as getaddrinfo(), may incorrectly search LD_LIBRARY_PATH to determine which library to load, allowing a local attacker to load malicious shared libraries, escalate privileges and execute arbitrary code.", "issued": "2025-05-16T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-4802 https://bugzilla.redhat.com/show_bug.cgi?id=2367468 https://www.cve.org/CVERecord?id=CVE-2025-4802 https://nvd.nist.gov/vuln/detail/CVE-2025-4802 https://www.openwall.com/lists/oss-security/2025/05/16/7 https://www.openwall.com/lists/oss-security/2025/05/17/2 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-4802.json https://access.redhat.com/errata/RHSA-2025:8686", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.28-251.el8_10.22", "arch_op": "pattern match" }, "92hwasOdRT3Qwtdx3+Ymjg==": { "id": "92hwasOdRT3Qwtdx3+Ymjg==", "updater": "rhel-vex", "name": "CVE-2021-35938", "description": "A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "issued": "2021-06-30T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-35938 https://bugzilla.redhat.com/show_bug.cgi?id=1964114 https://www.cve.org/CVERecord?id=CVE-2021-35938 https://nvd.nist.gov/vuln/detail/CVE-2021-35938 https://rpm.org/wiki/Releases/4.18.0 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-35938.json https://access.redhat.com/errata/RHSA-2024:0647", "severity": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "rpm-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:4.14.3-28.el8_9", "arch_op": "pattern match" }, "9t+uB2Um3fkCqmFx87TgCA==": { "id": "9t+uB2Um3fkCqmFx87TgCA==", "updater": "rhel-vex", "name": "CVE-2023-39615", "description": "A flaw was found in Libxml2, where it contains a global buffer overflow via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a denial of service (DoS) by supplying a crafted XML file.", "issued": "2023-08-29T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-39615 https://bugzilla.redhat.com/show_bug.cgi?id=2235864 https://www.cve.org/CVERecord?id=CVE-2023-39615 https://nvd.nist.gov/vuln/detail/CVE-2023-39615 https://gitlab.gnome.org/GNOME/libxml2/-/issues/535 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-39615.json https://access.redhat.com/errata/RHSA-2024:0119", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.9.7-18.el8_9", "arch_op": "pattern match" }, "9uK7ZDYgFtqP786n0QunAg==": { "id": "9uK7ZDYgFtqP786n0QunAg==", "updater": "rhel-vex", "name": "CVE-2023-39804", "description": "A flaw was found in tar. This issue occurs when extended attributes are processed in PAX archives, and could allow an attacker to cause an application crash, resulting in a denial of service.", "issued": "2023-12-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-39804 https://bugzilla.redhat.com/show_bug.cgi?id=2254067 https://www.cve.org/CVERecord?id=CVE-2023-39804 https://nvd.nist.gov/vuln/detail/CVE-2023-39804 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-39804.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "tar", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "A0OZcibIaJ/I+PqV8GXB3w==": { "id": "A0OZcibIaJ/I+PqV8GXB3w==", "updater": "rhel-vex", "name": "CVE-2024-28182", "description": "A vulnerability was found in how nghttp2 implements the HTTP/2 protocol. There are insufficient limitations placed on the amount of CONTINUATION frames that can be sent within a single stream. This issue could allow an unauthenticated remote attacker to send packets to vulnerable servers, which could use up compute or memory resources to cause a Denial of Service.", "issued": "2024-04-03T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-28182 https://bugzilla.redhat.com/show_bug.cgi?id=2268639 https://www.cve.org/CVERecord?id=CVE-2024-28182 https://nvd.nist.gov/vuln/detail/CVE-2024-28182 https://github.com/nghttp2/nghttp2/security/advisories/GHSA-x6x3-gv8h-m57q https://nowotarski.info/http2-continuation-flood/ https://www.kb.cert.org/vuls/id/421644 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-28182.json https://access.redhat.com/errata/RHSA-2024:4252", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "libnghttp2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:1.33.0-6.el8_10.1", "arch_op": "pattern match" }, "A1D09TCsbOQVpq/+8WoQbg==": { "id": "A1D09TCsbOQVpq/+8WoQbg==", "updater": "rhel-vex", "name": "CVE-2024-52615", "description": "A flaw was found in Avahi-daemon, which relies on fixed source ports for wide-area DNS queries. This issue simplifies attacks where malicious DNS responses are injected.", "issued": "2024-11-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-52615 https://bugzilla.redhat.com/show_bug.cgi?id=2326418 https://www.cve.org/CVERecord?id=CVE-2024-52615 https://nvd.nist.gov/vuln/detail/CVE-2024-52615 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-52615.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "avahi", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "A1IysEc49jGXChmC+5b76A==": { "id": "A1IysEc49jGXChmC+5b76A==", "updater": "rhel-vex", "name": "CVE-2023-0767", "description": "The Mozilla Foundation Security Advisory describes this flaw as:\r\n\r\nAn attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled.", "issued": "2023-02-14T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-0767 https://bugzilla.redhat.com/show_bug.cgi?id=2170377 https://www.cve.org/CVERecord?id=CVE-2023-0767 https://nvd.nist.gov/vuln/detail/CVE-2023-0767 https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-0767 https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-0767 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-0767.json https://access.redhat.com/errata/RHSA-2023:1252", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "nss-util", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.79.0-11.el8_7", "arch_op": "pattern match" }, "A1bqcvx0EeeUlRO5lHUXHg==": { "id": "A1bqcvx0EeeUlRO5lHUXHg==", "updater": "rhel-vex", "name": "CVE-2023-28321", "description": "A flaw was found in the Curl package. An incorrect International Domain Name (IDN) wildcard match may lead to improper certificate validation.", "issued": "2023-05-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-28321 https://bugzilla.redhat.com/show_bug.cgi?id=2196786 https://www.cve.org/CVERecord?id=CVE-2023-28321 https://nvd.nist.gov/vuln/detail/CVE-2023-28321 https://curl.se/docs/CVE-2023-28321.html https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-28321.json https://access.redhat.com/errata/RHSA-2023:4523", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "libcurl", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:7.61.1-30.el8_8.3", "arch_op": "pattern match" }, "ABgR53RGqC9VvQwdxY9Jpg==": { "id": "ABgR53RGqC9VvQwdxY9Jpg==", "updater": "rhel-vex", "name": "CVE-2020-24736", "description": "A flaw was found in SQLite. A buffer overflow vulnerability allows a local attacker to cause a denial of service via a crafted script.", "issued": "2023-04-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-24736 https://bugzilla.redhat.com/show_bug.cgi?id=2186385 https://www.cve.org/CVERecord?id=CVE-2020-24736 https://nvd.nist.gov/vuln/detail/CVE-2020-24736 https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-24736.json https://access.redhat.com/errata/RHSA-2023:3840", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "sqlite-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.26.0-18.el8_8", "arch_op": "pattern match" }, "AE8Cp1u8I9t52OYW7oGU4w==": { "id": "AE8Cp1u8I9t52OYW7oGU4w==", "updater": "rhel-vex", "name": "CVE-2024-57970", "description": "A flaw was found in the libarchive library. A specially-crafted tar file may trigger a head-based buffer over-read condition due to incorrect handling of truncation in the middle of a long GNU linkname. This issue can cause an application crash leading to a denial of service.", "issued": "2025-02-16T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-57970 https://bugzilla.redhat.com/show_bug.cgi?id=2345954 https://www.cve.org/CVERecord?id=CVE-2024-57970 https://nvd.nist.gov/vuln/detail/CVE-2024-57970 https://github.com/libarchive/libarchive/issues/2415 https://github.com/libarchive/libarchive/pull/2422 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-57970.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "AZQ9MHTiNLYiRU7sYZlVGw==": { "id": "AZQ9MHTiNLYiRU7sYZlVGw==", "updater": "rhel-vex", "name": "CVE-2022-4899", "description": "A vulnerability was found in zstd. This flaw allows an attacker to supply an empty string as an argument to the command line tool to cause a buffer overrun.", "issued": "2022-07-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-4899 https://bugzilla.redhat.com/show_bug.cgi?id=2179864 https://www.cve.org/CVERecord?id=CVE-2022-4899 https://nvd.nist.gov/vuln/detail/CVE-2022-4899 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-4899.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "zstd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "AtFl3bqWHcHaJ9RHQ9OsXA==": { "id": "AtFl3bqWHcHaJ9RHQ9OsXA==", "updater": "rhel-vex", "name": "CVE-2025-24928", "description": "A flaw was found in libxml2. This vulnerability allows a stack-based buffer overflow via DTD validation of an untrusted document or untrusted DTD.", "issued": "2025-02-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-24928 https://bugzilla.redhat.com/show_bug.cgi?id=2346421 https://www.cve.org/CVERecord?id=CVE-2025-24928 https://nvd.nist.gov/vuln/detail/CVE-2025-24928 https://gitlab.gnome.org/GNOME/libxml2/-/issues/847 https://issues.oss-fuzz.com/issues/392687022 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-24928.json https://access.redhat.com/errata/RHSA-2025:2686", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", "normalized_severity": "High", "package": { "id": "", "name": "libxml2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.9.7-19.el8_10", "arch_op": "pattern match" }, "AtxldZcGaOo56ns2r72+MQ==": { "id": "AtxldZcGaOo56ns2r72+MQ==", "updater": "rhel-vex", "name": "CVE-2024-25062", "description": "A use-after-free flaw was found in libxml2. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free.", "issued": "2024-02-04T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-25062 https://bugzilla.redhat.com/show_bug.cgi?id=2262726 https://www.cve.org/CVERecord?id=CVE-2024-25062 https://nvd.nist.gov/vuln/detail/CVE-2024-25062 https://gitlab.gnome.org/GNOME/libxml2/-/issues/604 https://gitlab.gnome.org/GNOME/libxml2/-/tags https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-25062.json https://access.redhat.com/errata/RHSA-2024:3626", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.9.7-18.el8_10.1", "arch_op": "pattern match" }, "AwJQXoUVWSbzJ5znc4qglQ==": { "id": "AwJQXoUVWSbzJ5znc4qglQ==", "updater": "rhel-vex", "name": "CVE-2023-40217", "description": "Python ssl.SSLSocket is vulnerable to a bypass of the TLS handshake in certain instances for HTTPS servers and other server-side protocols that use TLS client authentication such as mTLS. This issue may result in a breach of integrity as its possible to modify or delete resources that are authenticated only by a TLS certificate. No breach of confidentiality is possible.", "issued": "2023-08-25T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-40217 https://bugzilla.redhat.com/show_bug.cgi?id=2235789 https://www.cve.org/CVERecord?id=CVE-2023-40217 https://nvd.nist.gov/vuln/detail/CVE-2023-40217 https://github.com/python/cpython/issues/108310 https://github.com/python/cpython/pull/108315 https://mail.python.org/archives/list/security-announce@python.org/thread/PEPLII27KYHLF4AK3ZQGKYNCRERG4YXY/ https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-40217.json https://access.redhat.com/errata/RHSA-2023:5997", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N", "normalized_severity": "High", "package": { "id": "", "name": "python3-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-51.el8_8.2", "arch_op": "pattern match" }, "B3GLjxsk0fvju/+IzG5Prg==": { "id": "B3GLjxsk0fvju/+IzG5Prg==", "updater": "rhel-vex", "name": "CVE-2023-6918", "description": "A flaw was found in the libssh implements abstract layer for message digest (MD) operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the uninitialized memory as an input for the KDF. In this case, non-matching keys will result in decryption/integrity failures, terminating the connection.", "issued": "2023-12-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-6918 https://bugzilla.redhat.com/show_bug.cgi?id=2254997 https://www.cve.org/CVERecord?id=CVE-2023-6918 https://nvd.nist.gov/vuln/detail/CVE-2023-6918 https://www.libssh.org/2023/12/18/libssh-0-10-6-and-libssh-0-9-8-security-releases/ https://www.libssh.org/security/advisories/CVE-2023-6918.txt https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-6918.json https://access.redhat.com/errata/RHSA-2024:3233", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libssh-config", "version": "", "kind": "binary", "normalized_version": "", "arch": "noarch", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:0.9.6-14.el8", "arch_op": "pattern match" }, "B793JwKYVpka9SzQJ95f0A==": { "id": "B793JwKYVpka9SzQJ95f0A==", "updater": "rhel-vex", "name": "CVE-2023-4911", "description": "A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.", "issued": "2023-10-03T17:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4911 https://bugzilla.redhat.com/show_bug.cgi?id=2238352 https://www.cve.org/CVERecord?id=CVE-2023-4911 https://nvd.nist.gov/vuln/detail/CVE-2023-4911 https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt https://www.qualys.com/cve-2023-4911/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4911.json https://access.redhat.com/errata/RHSA-2023:5455", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "glibc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.28-225.el8_8.6", "arch_op": "pattern match" }, "B8ElLRneqJ2ZPPQyvG1LJA==": { "id": "B8ElLRneqJ2ZPPQyvG1LJA==", "updater": "rhel-vex", "name": "CVE-2022-32206", "description": "A vulnerability was found in curl. This issue occurs because the number of acceptable \"links\" in the \"decompression chain\" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps. This flaw leads to a denial of service, either by mistake or by a malicious actor.", "issued": "2022-06-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-32206 https://bugzilla.redhat.com/show_bug.cgi?id=2099300 https://www.cve.org/CVERecord?id=CVE-2022-32206 https://nvd.nist.gov/vuln/detail/CVE-2022-32206 https://curl.se/docs/CVE-2022-32206.html https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-32206.json https://access.redhat.com/errata/RHSA-2022:6159", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:7.61.1-22.el8_6.4", "arch_op": "pattern match" }, "BJ3b2nevq6iK1UCd/7G48A==": { "id": "BJ3b2nevq6iK1UCd/7G48A==", "updater": "rhel-vex", "name": "CVE-2022-42011", "description": "A vulnerability found in D-bus. This flaw allows an authenticated attacker to cause dbus-daemon and other programs that use libdbus to crash when receiving a message whose array length is inconsistent with the size of the element type.", "issued": "2022-10-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-42011 https://bugzilla.redhat.com/show_bug.cgi?id=2133617 https://www.cve.org/CVERecord?id=CVE-2022-42011 https://nvd.nist.gov/vuln/detail/CVE-2022-42011 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-42011.json https://access.redhat.com/errata/RHSA-2023:0096", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "dbus-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:1.12.8-23.el8_7.1", "arch_op": "pattern match" }, "BLUjU87+rjkM4Sizx1Jxvw==": { "id": "BLUjU87+rjkM4Sizx1Jxvw==", "updater": "rhel-vex", "name": "CVE-2024-0450", "description": "A flaw was found in the Python/CPython 'zipfile' that can allow a zip-bomb type of attack. An attacker may craft a zip file format, leading to a Denial of Service when processed.", "issued": "2024-03-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-0450 https://bugzilla.redhat.com/show_bug.cgi?id=2276525 https://www.cve.org/CVERecord?id=CVE-2024-0450 https://nvd.nist.gov/vuln/detail/CVE-2024-0450 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-0450.json https://access.redhat.com/errata/RHSA-2024:3347", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "platform-python", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-62.el8_10", "arch_op": "pattern match" }, "BUzSiF4P8l2fba8+4vytIw==": { "id": "BUzSiF4P8l2fba8+4vytIw==", "updater": "rhel-vex", "name": "CVE-2023-1667", "description": "A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of service.", "issued": "2023-04-30T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-1667 https://bugzilla.redhat.com/show_bug.cgi?id=2182199 https://www.cve.org/CVERecord?id=CVE-2023-1667 https://nvd.nist.gov/vuln/detail/CVE-2023-1667 http://www.libssh.org/security/advisories/CVE-2023-1667.txt https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-1667.json https://access.redhat.com/errata/RHSA-2023:3839", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "libssh-config", "version": "", "kind": "binary", "normalized_version": "", "arch": "noarch", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:0.9.6-10.el8_8", "arch_op": "pattern match" }, "BWBAL8HBA2f4WVVXqszTNw==": { "id": "BWBAL8HBA2f4WVVXqszTNw==", "updater": "rhel-vex", "name": "CVE-2020-19188", "description": "A flaw was found in the ncurses library. This issue occurs when processing a crafted terminfo database, causing a stack-based buffer overflow, resulting in an application crash.", "issued": "2019-05-03T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-19188 https://bugzilla.redhat.com/show_bug.cgi?id=2234913 https://www.cve.org/CVERecord?id=CVE-2020-19188 https://nvd.nist.gov/vuln/detail/CVE-2020-19188 https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-19188.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Bhp1hmpBG//cJMEH3DeGGQ==": { "id": "Bhp1hmpBG//cJMEH3DeGGQ==", "updater": "rhel-vex", "name": "CVE-2024-26458", "description": "A memory leak flaw was found in krb5 in /krb5/src/lib/rpc/pmap_rmt.c. This issue can lead to a denial of service through memory exhaustion.", "issued": "2024-02-28T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-26458 https://bugzilla.redhat.com/show_bug.cgi?id=2266731 https://www.cve.org/CVERecord?id=CVE-2024-26458 https://nvd.nist.gov/vuln/detail/CVE-2024-26458 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-26458.json https://access.redhat.com/errata/RHSA-2024:3268", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "krb5-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:1.18.2-27.el8_10", "arch_op": "pattern match" }, "BooDzA4nzaDI1l3E5zAHgg==": { "id": "BooDzA4nzaDI1l3E5zAHgg==", "updater": "rhel-vex", "name": "CVE-2021-3997", "description": "A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp.", "issued": "2022-01-10T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-3997 https://bugzilla.redhat.com/show_bug.cgi?id=2024639 https://www.cve.org/CVERecord?id=CVE-2021-3997 https://nvd.nist.gov/vuln/detail/CVE-2021-3997 https://www.openwall.com/lists/oss-security/2022/01/10/2 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-3997.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "C+0ShvpHz/LJ1gnkur/F4g==": { "id": "C+0ShvpHz/LJ1gnkur/F4g==", "updater": "rhel-vex", "name": "CVE-2015-20107", "description": "A command injection vulnerability was found in the Python mailcap module. The issue occurs due to not adding escape characters into the system mailcap file commands. This flaw allows attackers to inject shell commands into applications that call the mailcap.findmatch function with untrusted input.", "issued": "2015-08-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2015-20107 https://bugzilla.redhat.com/show_bug.cgi?id=2075390 https://www.cve.org/CVERecord?id=CVE-2015-20107 https://nvd.nist.gov/vuln/detail/CVE-2015-20107 https://python-security.readthedocs.io/vuln/mailcap-shell-injection.html https://security.access.redhat.com/data/csaf/v2/vex/2015/cve-2015-20107.json https://access.redhat.com/errata/RHSA-2022:6457", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "python3-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-47.el8_6", "arch_op": "pattern match" }, "C+M5Fz7OtMa7mj9LZ6bxFw==": { "id": "C+M5Fz7OtMa7mj9LZ6bxFw==", "updater": "rhel-vex", "name": "CVE-2022-48560", "description": "A use-after-free vulnerability was found in Python via the heappushpop function in the heapq module. This flaw allows an attacker to submit a specially crafted request, causing a service disruption that leads to a denial of service attack.", "issued": "2023-08-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-48560 https://bugzilla.redhat.com/show_bug.cgi?id=2249755 https://www.cve.org/CVERecord?id=CVE-2022-48560 https://nvd.nist.gov/vuln/detail/CVE-2022-48560 https://bugs.python.org/issue39421 https://github.com/python/cpython/issues/83602 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-48560.json https://access.redhat.com/errata/RHSA-2024:0114", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "python3-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-56.el8_9.2", "arch_op": "pattern match" }, "CDirM24yx1UPPl5o027PMw==": { "id": "CDirM24yx1UPPl5o027PMw==", "updater": "rhel-vex", "name": "CVE-2024-12243", "description": "A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to send a specially crafted certificate, causing GnuTLS to become unresponsive or slow, resulting in a denial-of-service condition.", "issued": "2025-02-10T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-12243 https://bugzilla.redhat.com/show_bug.cgi?id=2344615 https://www.cve.org/CVERecord?id=CVE-2024-12243 https://nvd.nist.gov/vuln/detail/CVE-2024-12243 https://gitlab.com/gnutls/libtasn1/-/issues/52 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-12243.json https://access.redhat.com/errata/RHSA-2025:4051", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "gnutls", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.6.16-8.el8_10.3", "arch_op": "pattern match" }, "COtHtAUMk7T3/UH/P0P8Bg==": { "id": "COtHtAUMk7T3/UH/P0P8Bg==", "updater": "rhel-vex", "name": "CVE-2022-42011", "description": "A vulnerability found in D-bus. This flaw allows an authenticated attacker to cause dbus-daemon and other programs that use libdbus to crash when receiving a message whose array length is inconsistent with the size of the element type.", "issued": "2022-10-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-42011 https://bugzilla.redhat.com/show_bug.cgi?id=2133617 https://www.cve.org/CVERecord?id=CVE-2022-42011 https://nvd.nist.gov/vuln/detail/CVE-2022-42011 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-42011.json https://access.redhat.com/errata/RHSA-2023:0096", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "dbus-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:1.12.8-23.el8_7.1", "arch_op": "pattern match" }, "CXmq6PlgBV6WEbOmhzfuVg==": { "id": "CXmq6PlgBV6WEbOmhzfuVg==", "updater": "rhel-vex", "name": "CVE-2020-35525", "description": "A NULL pointer dereference flaw was found in select.c of SQLite. An out-of-memory error occurs while an early out on the INTERSECT query is processing. This flaw allows an attacker to execute a potential NULL pointer dereference.", "issued": "2020-02-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-35525 https://bugzilla.redhat.com/show_bug.cgi?id=2122324 https://www.cve.org/CVERecord?id=CVE-2020-35525 https://nvd.nist.gov/vuln/detail/CVE-2020-35525 https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-35525.json https://access.redhat.com/errata/RHSA-2022:7108", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "sqlite-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.26.0-16.el8_6", "arch_op": "pattern match" }, "Ci/HAvcdDokxp0qRBpn32g==": { "id": "Ci/HAvcdDokxp0qRBpn32g==", "updater": "rhel-vex", "name": "CVE-2023-23916", "description": "A flaw was found in the Curl package. A malicious server can insert an unlimited number of compression steps. This decompression chain could result in out-of-memory errors.", "issued": "2023-02-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-23916 https://bugzilla.redhat.com/show_bug.cgi?id=2167815 https://www.cve.org/CVERecord?id=CVE-2023-23916 https://nvd.nist.gov/vuln/detail/CVE-2023-23916 https://curl.se/docs/CVE-2023-23916.html https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-23916.json https://access.redhat.com/errata/RHSA-2023:1140", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libcurl", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:7.61.1-25.el8_7.3", "arch_op": "pattern match" }, "D9+NOlBi6FX8NJhT8oVHcA==": { "id": "D9+NOlBi6FX8NJhT8oVHcA==", "updater": "rhel-vex", "name": "CVE-2024-45490", "description": "A flaw was found in libexpat's xmlparse.c component. This vulnerability allows an attacker to cause improper handling of XML data by providing a negative length value to the XML_ParseBuffer function.", "issued": "2024-08-30T03:15:03Z", "links": "https://access.redhat.com/security/cve/CVE-2024-45490 https://bugzilla.redhat.com/show_bug.cgi?id=2308615 https://www.cve.org/CVERecord?id=CVE-2024-45490 https://nvd.nist.gov/vuln/detail/CVE-2024-45490 https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes https://github.com/libexpat/libexpat/issues/887 https://github.com/libexpat/libexpat/pull/890 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-45490.json https://access.redhat.com/errata/RHSA-2024:6989", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "expat", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.2.5-15.el8_10", "arch_op": "pattern match" }, "DHL638g8uJ4meOJCV40ygw==": { "id": "DHL638g8uJ4meOJCV40ygw==", "updater": "rhel-vex", "name": "CVE-2024-33601", "description": "A flaw was found in the glibc netgroup cache. The netgroup cache uses xmalloc/xrealloc and may terminate the process due to a memory allocation failure.", "issued": "2024-04-24T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-33601 https://bugzilla.redhat.com/show_bug.cgi?id=2277205 https://www.cve.org/CVERecord?id=CVE-2024-33601 https://nvd.nist.gov/vuln/detail/CVE-2024-33601 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-33601.json https://access.redhat.com/errata/RHSA-2024:3344", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "glibc-common", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.28-251.el8_10.2", "arch_op": "pattern match" }, "DKe3Snv9XIl2dqqQ4ty0VA==": { "id": "DKe3Snv9XIl2dqqQ4ty0VA==", "updater": "rhel-vex", "name": "CVE-2023-27043", "description": "The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python.", "issued": "2023-04-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-27043 https://bugzilla.redhat.com/show_bug.cgi?id=2196183 https://www.cve.org/CVERecord?id=CVE-2023-27043 https://nvd.nist.gov/vuln/detail/CVE-2023-27043 https://access.redhat.com/articles/7051467 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-27043.json https://access.redhat.com/errata/RHSA-2024:0256", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-56.el8_9.3", "arch_op": "pattern match" }, "Dl5IWlE36LXQNZFom7AfiA==": { "id": "Dl5IWlE36LXQNZFom7AfiA==", "updater": "rhel-vex", "name": "CVE-2023-34241", "description": "A vulnerability was found in CUPS. This issue occurs due to logging data of free memory to the logging service AFTER the connection has been closed, when it should have logged the data immediately before the connection closed, resulting in a use-after-free in cupsdAcceptClient() in scheduler/client.c", "issued": "2023-06-22T11:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-34241 https://bugzilla.redhat.com/show_bug.cgi?id=2214914 https://www.cve.org/CVERecord?id=CVE-2023-34241 https://nvd.nist.gov/vuln/detail/CVE-2023-34241 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-34241.json https://access.redhat.com/errata/RHSA-2023:7165", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "cups-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:2.2.6-54.el8_9", "arch_op": "pattern match" }, "Dn8FqzmeTA8CSJ0ia2P9gg==": { "id": "Dn8FqzmeTA8CSJ0ia2P9gg==", "updater": "rhel-vex", "name": "CVE-2022-35737", "description": "An array-bounds overflow vulnerability was discovered in SQLite. The vulnerability occurs when handling an overly large input passed as a string argument to some of the C-language APIs provided by SQLite. This flaw allows a remote attacker to pass specially crafted large input to the application and perform a denial of service (DoS) attack.", "issued": "2022-07-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-35737 https://bugzilla.redhat.com/show_bug.cgi?id=2110291 https://www.cve.org/CVERecord?id=CVE-2022-35737 https://nvd.nist.gov/vuln/detail/CVE-2022-35737 https://blog.trailofbits.com/2022/10/25/sqlite-vulnerability-july-2022-library-api/ https://www.sqlite.org/releaselog/3_39_2.html https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-35737.json https://access.redhat.com/errata/RHSA-2023:0110", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "sqlite-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.26.0-17.el8_7", "arch_op": "pattern match" }, "DwHVu3OgkuXRIoJ6gZPduA==": { "id": "DwHVu3OgkuXRIoJ6gZPduA==", "updater": "rhel-vex", "name": "CVE-2022-4415", "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", "issued": "2022-12-21T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-4415 https://bugzilla.redhat.com/show_bug.cgi?id=2155515 https://www.cve.org/CVERecord?id=CVE-2022-4415 https://nvd.nist.gov/vuln/detail/CVE-2022-4415 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-4415.json https://access.redhat.com/errata/RHSA-2023:0837", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "systemd-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:239-68.el8_7.4", "arch_op": "pattern match" }, "DxJuN04StbTZ4XMcl6OLtA==": { "id": "DxJuN04StbTZ4XMcl6OLtA==", "updater": "rhel-vex", "name": "CVE-2023-0767", "description": "The Mozilla Foundation Security Advisory describes this flaw as:\r\n\r\nAn attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled.", "issued": "2023-02-14T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-0767 https://bugzilla.redhat.com/show_bug.cgi?id=2170377 https://www.cve.org/CVERecord?id=CVE-2023-0767 https://nvd.nist.gov/vuln/detail/CVE-2023-0767 https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-0767 https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-0767 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-0767.json https://access.redhat.com/errata/RHSA-2023:1252", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "nss-softokn", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.79.0-11.el8_7", "arch_op": "pattern match" }, "EKs36DFwHVCzU/cF0Be9pQ==": { "id": "EKs36DFwHVCzU/cF0Be9pQ==", "updater": "rhel-vex", "name": "CVE-2023-29499", "description": "A flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to the expected format, leading to denial of service.", "issued": "2022-12-14T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-29499 https://bugzilla.redhat.com/show_bug.cgi?id=2211828 https://www.cve.org/CVERecord?id=CVE-2023-29499 https://nvd.nist.gov/vuln/detail/CVE-2023-29499 https://gitlab.gnome.org/GNOME/glib/-/issues/2794 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-29499.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "EQ4eP3gKo3y8JsWUiWr6+g==": { "id": "EQ4eP3gKo3y8JsWUiWr6+g==", "updater": "rhel-vex", "name": "CVE-2018-1000880", "description": "libarchive version commit 9693801580c0cf7c70e862d305270a16b52826a7 onwards (release v3.2.0 onwards) contains a CWE-20: Improper Input Validation vulnerability in WARC parser - libarchive/archive_read_support_format_warc.c, _warc_read() that can result in DoS - quasi-infinite run time and disk usage from tiny file. This attack appear to be exploitable via the victim must open a specially crafted WARC file.", "issued": "2018-11-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2018-1000880 https://bugzilla.redhat.com/show_bug.cgi?id=1663892 https://www.cve.org/CVERecord?id=CVE-2018-1000880 https://nvd.nist.gov/vuln/detail/CVE-2018-1000880 https://security.access.redhat.com/data/csaf/v2/vex/2018/cve-2018-1000880.json", "severity": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ERrMXj3isUPJ9ur1x/Fxqg==": { "id": "ERrMXj3isUPJ9ur1x/Fxqg==", "updater": "rhel-vex", "name": "CVE-2023-0361", "description": "A timing side-channel vulnerability was found in RSA ClientKeyExchange messages in GnuTLS. This side-channel may be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption, the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.", "issued": "2023-02-14T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-0361 https://bugzilla.redhat.com/show_bug.cgi?id=2162596 https://www.cve.org/CVERecord?id=CVE-2023-0361 https://nvd.nist.gov/vuln/detail/CVE-2023-0361 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-0361.json https://access.redhat.com/errata/RHSA-2023:1569", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "gnutls", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.6.16-6.el8_7", "arch_op": "pattern match" }, "ETRAxjVLst09hXUl8FldTw==": { "id": "ETRAxjVLst09hXUl8FldTw==", "updater": "rhel-vex", "name": "CVE-2023-2283", "description": "A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in the`pki_verify_data_signature` function in memory allocation problems. This issue may happen if there is insufficient memory or the memory usage is limited. The problem is caused by the return value `rc,` which is initialized to SSH_ERROR and later rewritten to save the return value of the function call `pki_key_check_hash_compatible.` The value of the variable is not changed between this point and the cryptographic verification. Therefore any error between them calls `goto error` returning SSH_OK.", "issued": "2023-05-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-2283 https://bugzilla.redhat.com/show_bug.cgi?id=2189736 https://www.cve.org/CVERecord?id=CVE-2023-2283 https://nvd.nist.gov/vuln/detail/CVE-2023-2283 https://www.libssh.org/security/advisories/CVE-2023-2283.txt https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-2283.json https://access.redhat.com/errata/RHSA-2023:3839", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "libssh", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:0.9.6-10.el8_8", "arch_op": "pattern match" }, "EZ4/6xWzQBrHyWAxzOqWog==": { "id": "EZ4/6xWzQBrHyWAxzOqWog==", "updater": "rhel-vex", "name": "CVE-2023-6004", "description": "A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue may allow an attacker to inject malicious code into the command of the features mentioned through the hostname parameter.", "issued": "2023-12-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-6004 https://bugzilla.redhat.com/show_bug.cgi?id=2251110 https://www.cve.org/CVERecord?id=CVE-2023-6004 https://nvd.nist.gov/vuln/detail/CVE-2023-6004 https://www.libssh.org/security/advisories/CVE-2023-6004.txt https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-6004.json https://access.redhat.com/errata/RHSA-2024:3233", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libssh", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:0.9.6-14.el8", "arch_op": "pattern match" }, "Ea8F2bdzmo0QmE5VcHagUQ==": { "id": "Ea8F2bdzmo0QmE5VcHagUQ==", "updater": "rhel-vex", "name": "CVE-2019-12900", "description": "A data integrity error was found in the bzip2 (User-space package) functionality when decompressing. This issue occurs when a user decompresses a particular kind of .bz2 files. A local user could get unexpected results (or corrupted data) as result of decompressing these files.", "issued": "2024-11-15T10:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2019-12900 https://bugzilla.redhat.com/show_bug.cgi?id=2332075 https://www.cve.org/CVERecord?id=CVE-2019-12900 https://nvd.nist.gov/vuln/detail/CVE-2019-12900 https://security.access.redhat.com/data/csaf/v2/vex/2019/cve-2019-12900.json https://access.redhat.com/errata/RHSA-2025:0733", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "bzip2-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:1.0.6-28.el8_10", "arch_op": "pattern match" }, "EiJx6rOT8KoLX+Wu7/N6HQ==": { "id": "EiJx6rOT8KoLX+Wu7/N6HQ==", "updater": "rhel-vex", "name": "CVE-2025-27113", "description": "A flaw was found in libxml2. This vulnerability allows a NULL pointer dereference, leading to a potential crash or denial of service via a crafted XML pattern.", "issued": "2025-02-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-27113 https://bugzilla.redhat.com/show_bug.cgi?id=2346410 https://www.cve.org/CVERecord?id=CVE-2025-27113 https://nvd.nist.gov/vuln/detail/CVE-2025-27113 https://gitlab.gnome.org/GNOME/libxml2/-/issues/861 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-27113.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "EiL50P2QSOoRA18XAAH6Pg==": { "id": "EiL50P2QSOoRA18XAAH6Pg==", "updater": "rhel-vex", "name": "CVE-2023-32665", "description": "A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service.", "issued": "2022-12-14T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-32665 https://bugzilla.redhat.com/show_bug.cgi?id=2211827 https://www.cve.org/CVERecord?id=CVE-2023-32665 https://nvd.nist.gov/vuln/detail/CVE-2023-32665 https://gitlab.gnome.org/GNOME/glib/-/issues/2121 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-32665.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "FBpZBP7e7f2BzSjJ+ifgBQ==": { "id": "FBpZBP7e7f2BzSjJ+ifgBQ==", "updater": "rhel-vex", "name": "CVE-2023-5388", "description": "It was discovered that the numerical library used in NSS for RSA cryptography leaks information whether high order bits of the RSA decryption result are zero. This information can be used to mount a Bleichenbacher or Manger like attack against all RSA decryption operations. As the leak happens before any padding operations, it affects all padding modes: PKCS#1 v1.5, OAEP, and RSASVP. Both API level calls and TLS server operation are affected.", "issued": "2023-10-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-5388 https://bugzilla.redhat.com/show_bug.cgi?id=2243644 https://www.cve.org/CVERecord?id=CVE-2023-5388 https://nvd.nist.gov/vuln/detail/CVE-2023-5388 https://www.mozilla.org/en-US/security/advisories/mfsa2024-13/#CVE-2023-5388 https://www.mozilla.org/en-US/security/advisories/mfsa2024-14/#CVE-2023-5388 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-5388.json https://access.redhat.com/errata/RHSA-2024:0105", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "nss-softokn", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.90.0-4.el8_9", "arch_op": "pattern match" }, "FCW5vXKA2+ORD2+pWU1nlg==": { "id": "FCW5vXKA2+ORD2+pWU1nlg==", "updater": "rhel-vex", "name": "CVE-2024-2961", "description": "An out-of-bounds write flaw was found in the ISO-2022-CN-EXT plugin for glibc's iconv library. When converting from UCS4 charset, adding certain escape charterers is required to indicate where the charset was changed to the library. During this process, iconv improperly checks the boundaries of internal buffers, leading to a buffer overflow, which allows writing up to 3 bytes outside the desired memory location. This issue may allow an attacker to craft a malicious characters sequence that will trigger the out-of-bounds write and perform remote code execution, presenting a high impact to the Integrity, Confidentiality, and Availability triad.", "issued": "2024-04-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-2961 https://bugzilla.redhat.com/show_bug.cgi?id=2273404 https://www.cve.org/CVERecord?id=CVE-2024-2961 https://nvd.nist.gov/vuln/detail/CVE-2024-2961 https://www.openwall.com/lists/oss-security/2024/04/17/9 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-2961.json https://access.redhat.com/errata/RHSA-2024:2722", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "glibc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.28-236.el8_9.13", "arch_op": "pattern match" }, "FJHSWZFQM9fVMQc3QtVQPw==": { "id": "FJHSWZFQM9fVMQc3QtVQPw==", "updater": "rhel-vex", "name": "CVE-2021-33294", "description": "A flaw was found in the elfutils tools package. An infinite loop is possible in the handle_symtab function in readelf.c, which may lead to a denial of service.\n\nA vulnerability was found in Elfutils, where an infinite loop in the handle_symtab function within readelf.c can lead to a denial of service, causing the application to become unresponsive and consume excessive system resources indefinitely.", "issued": "2023-07-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-33294 https://bugzilla.redhat.com/show_bug.cgi?id=2223918 https://www.cve.org/CVERecord?id=CVE-2021-33294 https://nvd.nist.gov/vuln/detail/CVE-2021-33294 https://sourceware.org/bugzilla/show_bug.cgi?id=27501 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-33294.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "elfutils", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "FKQTXMln7RVZ8Bvso0uw+g==": { "id": "FKQTXMln7RVZ8Bvso0uw+g==", "updater": "rhel-vex", "name": "CVE-2023-46218", "description": "A flaw was found in curl that verifies a given cookie domain against the Public Suffix List. This issue could allow a malicious HTTP server to set \"super cookies\" in curl that are passed back to more origins than what is otherwise allowed or possible.", "issued": "2023-12-06T07:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-46218 https://bugzilla.redhat.com/show_bug.cgi?id=2252030 https://www.cve.org/CVERecord?id=CVE-2023-46218 https://nvd.nist.gov/vuln/detail/CVE-2023-46218 https://curl.se/docs/CVE-2023-46218.html https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-46218.json https://access.redhat.com/errata/RHSA-2024:1601", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "libcurl", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:7.61.1-33.el8_9.5", "arch_op": "pattern match" }, "Fcnpx41i8off67HnLCjD6g==": { "id": "Fcnpx41i8off67HnLCjD6g==", "updater": "rhel-vex", "name": "CVE-2021-46848", "description": "An out-of-bounds read flaw was found in Libtasn1 due to an ETYPE_OK off-by-one error in the asn1_encode_simple_der() function. This flaw allows a remote attacker to pass specially crafted data or invalid values to the application, triggering an off-by-one error, corrupting the memory, and possibly performing a denial of service (DoS) attack.", "issued": "2022-10-24T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-46848 https://bugzilla.redhat.com/show_bug.cgi?id=2140058 https://www.cve.org/CVERecord?id=CVE-2021-46848 https://nvd.nist.gov/vuln/detail/CVE-2021-46848 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-46848.json https://access.redhat.com/errata/RHSA-2023:0116", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libtasn1", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:4.13-4.el8_7", "arch_op": "pattern match" }, "Fppidu+wYiM99PLiUOgZWg==": { "id": "Fppidu+wYiM99PLiUOgZWg==", "updater": "rhel-vex", "name": "CVE-2021-28861", "description": "A vulnerability was found in python. This security flaw causes an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of the URI path. This issue may lead to information disclosure.", "issued": "2022-08-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-28861 https://bugzilla.redhat.com/show_bug.cgi?id=2120642 https://www.cve.org/CVERecord?id=CVE-2021-28861 https://nvd.nist.gov/vuln/detail/CVE-2021-28861 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-28861.json https://access.redhat.com/errata/RHSA-2023:0833", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-48.el8_7.1", "arch_op": "pattern match" }, "FzMHDyPt7UleDzkFzsCMrg==": { "id": "FzMHDyPt7UleDzkFzsCMrg==", "updater": "rhel-vex", "name": "CVE-2024-6602", "description": "The Mozilla Foundation Security Advisory describes this flaw as:\r\n\r\nA mismatch between allocator and deallocator could have lead to memory corruption.", "issued": "2024-07-09T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-6602 https://bugzilla.redhat.com/show_bug.cgi?id=2296637 https://www.cve.org/CVERecord?id=CVE-2024-6602 https://nvd.nist.gov/vuln/detail/CVE-2024-6602 https://www.mozilla.org/en-US/security/advisories/mfsa2024-30/#CVE-2024-6602 https://www.mozilla.org/en-US/security/advisories/mfsa2024-31/#CVE-2024-6602 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-6602.json https://access.redhat.com/errata/RHBA-2024:6680", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "nss", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.101.0-7.el8_8", "arch_op": "pattern match" }, "G0+1xEPWjgkrJRsbMDuWXg==": { "id": "G0+1xEPWjgkrJRsbMDuWXg==", "updater": "rhel-vex", "name": "CVE-2022-21541", "description": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.9 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N).", "issued": "2022-07-19T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-21541 https://bugzilla.redhat.com/show_bug.cgi?id=2108543 https://www.cve.org/CVERecord?id=CVE-2022-21541 https://nvd.nist.gov/vuln/detail/CVE-2022-21541 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-21541.json https://access.redhat.com/errata/RHSA-2022:5726", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.4.0.8-2.el8_6", "arch_op": "pattern match" }, "G6QnC6Ht4tbSnRDjV4i1vA==": { "id": "G6QnC6Ht4tbSnRDjV4i1vA==", "updater": "rhel-vex", "name": "CVE-2020-19189", "description": "A flaw was found in the ncurses library. This issue occurs when processing a crafted terminfo database, causing a heap-based buffer overflow, resulting in an application crash.", "issued": "2019-05-03T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-19189 https://bugzilla.redhat.com/show_bug.cgi?id=2234926 https://www.cve.org/CVERecord?id=CVE-2020-19189 https://nvd.nist.gov/vuln/detail/CVE-2020-19189 https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-19189.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "G7IyfoPhe9f8QzIGbOfn7Q==": { "id": "G7IyfoPhe9f8QzIGbOfn7Q==", "updater": "rhel-vex", "name": "CVE-2023-45322", "description": "A flaw was found in libxml2. In an out-of-memory condition or when limiting the memory allocation, processing a XML document using the HTML parser may result in a use-after-free vulnerability.", "issued": "2023-08-23T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-45322 https://bugzilla.redhat.com/show_bug.cgi?id=2242945 https://www.cve.org/CVERecord?id=CVE-2023-45322 https://nvd.nist.gov/vuln/detail/CVE-2023-45322 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-45322.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "GAvIYzeuCDnfsiqzVSRXSQ==": { "id": "GAvIYzeuCDnfsiqzVSRXSQ==", "updater": "rhel-vex", "name": "CVE-2025-21587", "description": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE:8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK:17.0.14, 21.0.6, 24; Oracle GraalVM Enterprise Edition:20.3.17 and 21.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).", "issued": "2025-04-15T21:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-21587 https://bugzilla.redhat.com/show_bug.cgi?id=2359695 https://www.cve.org/CVERecord?id=CVE-2025-21587 https://nvd.nist.gov/vuln/detail/CVE-2025-21587 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-21587.json https://access.redhat.com/errata/RHSA-2025:3852", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.15.0.6-2.el8", "arch_op": "pattern match" }, "GC0PrHyRUgy0CoSA0ZEcAg==": { "id": "GC0PrHyRUgy0CoSA0ZEcAg==", "updater": "rhel-vex", "name": "CVE-2024-20952", "description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator).", "issued": "2024-01-16T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-20952 https://bugzilla.redhat.com/show_bug.cgi?id=2257837 https://www.cve.org/CVERecord?id=CVE-2024-20952 https://nvd.nist.gov/vuln/detail/CVE-2024-20952 https://www.oracle.com/security-alerts/cpujan2024.html#AppendixJAVA https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-20952.json https://access.redhat.com/errata/RHSA-2024:0267", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "normalized_severity": "High", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.10.0.7-2.el8", "arch_op": "pattern match" }, "GFCdJ9nfiEZweptVRgkFWg==": { "id": "GFCdJ9nfiEZweptVRgkFWg==", "updater": "rhel-vex", "name": "CVE-2025-31344", "description": "A flaw was found in the gif2rgb utility of giflib. This vulnerability allows an attacker to cause a heap-based buffer overflow via crafted GIF files. The issue arises due to improper handling of certain GIF image data, leading to memory corruption.​", "issued": "2025-04-14T07:49:36Z", "links": "https://access.redhat.com/security/cve/CVE-2025-31344 https://bugzilla.redhat.com/show_bug.cgi?id=2359418 https://www.cve.org/CVERecord?id=CVE-2025-31344 https://nvd.nist.gov/vuln/detail/CVE-2025-31344 https://gitee.com/src-openeuler/giflib/pulls/54 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1292 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-31344.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "GnTTW6G1l3dAlgCF3plXLg==": { "id": "GnTTW6G1l3dAlgCF3plXLg==", "updater": "rhel-vex", "name": "CVE-2024-11168", "description": "A flaw was found in Python. The `urllib.parse.urlsplit()` and `urlparse()` functions improperly validated bracketed hosts (`[]`), allowing hosts that weren't IPv6 or IPvFuture compliant. This behavior was not conformant to RFC 3986 and was potentially vulnerable to server-side request forgery (SSRF) if a URL is processed by more than one URL parser.", "issued": "2024-11-12T21:22:23Z", "links": "https://access.redhat.com/security/cve/CVE-2024-11168 https://bugzilla.redhat.com/show_bug.cgi?id=2325776 https://www.cve.org/CVERecord?id=CVE-2024-11168 https://nvd.nist.gov/vuln/detail/CVE-2024-11168 https://github.com/python/cpython/commit/29f348e232e82938ba2165843c448c2b291504c5 https://github.com/python/cpython/commit/b2171a2fd41416cf68afd67460578631d755a550 https://github.com/python/cpython/issues/103848 https://github.com/python/cpython/pull/103849 https://mail.python.org/archives/list/security-announce@python.org/thread/XPWB6XVZ5G5KGEI63M4AWLIEUF5BPH4T/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-11168.json https://access.redhat.com/errata/RHSA-2024:10779", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "platform-python", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-69.el8_10", "arch_op": "pattern match" }, "GwvwH1WAYCMvkkUHPbMGGQ==": { "id": "GwvwH1WAYCMvkkUHPbMGGQ==", "updater": "rhel-vex", "name": "CVE-2020-11023", "description": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery's DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.", "issued": "2020-04-29T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-11023 https://bugzilla.redhat.com/show_bug.cgi?id=1850004 https://www.cve.org/CVERecord?id=CVE-2020-11023 https://nvd.nist.gov/vuln/detail/CVE-2020-11023 https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-11023.json https://access.redhat.com/errata/RHSA-2025:1301", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "libgcc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:8.5.0-23.el8_10", "arch_op": "pattern match" }, "H2CablNBrQ/I5AsUjk5xyw==": { "id": "H2CablNBrQ/I5AsUjk5xyw==", "updater": "rhel-vex", "name": "CVE-2018-20839", "description": "systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the KDGKBMODE (aka current keyboard mode) check is mishandled.", "issued": "2019-05-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2018-20839 https://bugzilla.redhat.com/show_bug.cgi?id=1716955 https://www.cve.org/CVERecord?id=CVE-2018-20839 https://nvd.nist.gov/vuln/detail/CVE-2018-20839 https://security.access.redhat.com/data/csaf/v2/vex/2018/cve-2018-20839.json", "severity": "CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "HGutNBOBI3bGwUTGbCk+Dw==": { "id": "HGutNBOBI3bGwUTGbCk+Dw==", "updater": "rhel-vex", "name": "CVE-2024-33600", "description": "A flaw was found in the glibc netgroup cache. After a failed cache insertion, addgetnetgrentX tries to send the non-existing response after the not-found header. This can lead to a null pointer dereference that causes a crash or exit.", "issued": "2024-04-24T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-33600 https://bugzilla.redhat.com/show_bug.cgi?id=2277204 https://www.cve.org/CVERecord?id=CVE-2024-33600 https://nvd.nist.gov/vuln/detail/CVE-2024-33600 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-33600.json https://access.redhat.com/errata/RHSA-2024:3344", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.28-251.el8_10.2", "arch_op": "pattern match" }, "HKS2QL87HxGZ+kNv9Ohv6A==": { "id": "HKS2QL87HxGZ+kNv9Ohv6A==", "updater": "rhel-vex", "name": "CVE-2021-4217", "description": "A flaw was found in unzip. The vulnerability occurs due to improper handling of Unicode strings, which can lead to a null pointer dereference. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.", "issued": "2022-01-14T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-4217 https://bugzilla.redhat.com/show_bug.cgi?id=2044583 https://www.cve.org/CVERecord?id=CVE-2021-4217 https://nvd.nist.gov/vuln/detail/CVE-2021-4217 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-4217.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "unzip", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "HKrLnQyTw1292mNt3MQ0aQ==": { "id": "HKrLnQyTw1292mNt3MQ0aQ==", "updater": "rhel-vex", "name": "CVE-2024-7592", "description": "A flaw was found in the `http.cookies` module in the Python package. When parsing cookies that contain backslashes, under certain circumstances, the module uses an algorithm with quadratic complexity, leading to excessive CPU consumption.", "issued": "2024-08-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-7592 https://bugzilla.redhat.com/show_bug.cgi?id=2305879 https://www.cve.org/CVERecord?id=CVE-2024-7592 https://nvd.nist.gov/vuln/detail/CVE-2024-7592 https://github.com/python/cpython/issues/123067 https://github.com/python/cpython/pull/123075 https://mail.python.org/archives/list/security-announce@python.org/thread/HXJAAAALNUNGCQUS2W7WR6GFIZIHFOOK/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-7592.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "HTk+AAyRWNCrZTtBLx34Aw==": { "id": "HTk+AAyRWNCrZTtBLx34Aw==", "updater": "rhel-vex", "name": "CVE-2024-25260", "description": "A NULL pointer dereference vulnerability in the elfutils library has been discovered. This vulnerability occurs within the handle_verdef() function in the readelf.c source file. A NULL pointer dereference typically happens when a program attempts to access memory using a pointer that is not pointing anywhere (i.e., it's NULL), leading to a crash or potentially exploitable behavior.", "issued": "2024-02-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-25260 https://bugzilla.redhat.com/show_bug.cgi?id=2265194 https://www.cve.org/CVERecord?id=CVE-2024-25260 https://nvd.nist.gov/vuln/detail/CVE-2024-25260 https://github.com/schsiung/fuzzer_issues/issues/1 https://sourceware.org/bugzilla/show_bug.cgi?id=31058 https://sourceware.org/elfutils/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-25260.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "elfutils", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "He2qeG6pnwyLDPZ0Ymi+8Q==": { "id": "He2qeG6pnwyLDPZ0Ymi+8Q==", "updater": "rhel-vex", "name": "CVE-2025-21502", "description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to Oracle Java SE accessible. This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security.", "issued": "2025-01-21T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-21502 https://bugzilla.redhat.com/show_bug.cgi?id=2338992 https://www.cve.org/CVERecord?id=CVE-2025-21502 https://nvd.nist.gov/vuln/detail/CVE-2025-21502 https://www.oracle.com/security-alerts/cpujan2025.html#AppendixJAVA https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-21502.json https://access.redhat.com/errata/RHSA-2025:0422", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.14.0.7-3.el8", "arch_op": "pattern match" }, "HfZUhYy0Js3tgtxy1156zQ==": { "id": "HfZUhYy0Js3tgtxy1156zQ==", "updater": "rhel-vex", "name": "CVE-2023-6135", "description": "The Network Security Services (NSS) package contains a vulnerability that exposes a side-channel information leak. This weakness enables a local attacker to capture several thousand usages of a signature, allowing them to utilize this information to recover portions of an ECDSA private key.", "issued": "2023-12-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-6135 https://bugzilla.redhat.com/show_bug.cgi?id=2249906 https://www.cve.org/CVERecord?id=CVE-2023-6135 https://nvd.nist.gov/vuln/detail/CVE-2023-6135 https://bugzilla.mozilla.org/show_bug.cgi?id=1853908 https://minerva.crocs.fi.muni.cz/ https://people.redhat.com/~hkario/marvin/ https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6135 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-6135.json https://access.redhat.com/errata/RHSA-2024:0786", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "nss", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.90.0-6.el8_9", "arch_op": "pattern match" }, "HsgdR+ZUz/buofS6xN/cdA==": { "id": "HsgdR+ZUz/buofS6xN/cdA==", "updater": "rhel-vex", "name": "CVE-2023-6004", "description": "A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue may allow an attacker to inject malicious code into the command of the features mentioned through the hostname parameter.", "issued": "2023-12-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-6004 https://bugzilla.redhat.com/show_bug.cgi?id=2251110 https://www.cve.org/CVERecord?id=CVE-2023-6004 https://nvd.nist.gov/vuln/detail/CVE-2023-6004 https://www.libssh.org/security/advisories/CVE-2023-6004.txt https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-6004.json https://access.redhat.com/errata/RHSA-2024:3233", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libssh-config", "version": "", "kind": "binary", "normalized_version": "", "arch": "noarch", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:0.9.6-14.el8", "arch_op": "pattern match" }, "I/ciDFfxIabKbBVHg7M38w==": { "id": "I/ciDFfxIabKbBVHg7M38w==", "updater": "rhel-vex", "name": "CVE-2025-50181", "description": "No description is available for this CVE.", "issued": "2025-06-19T01:08:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-50181 https://bugzilla.redhat.com/show_bug.cgi?id=2373799 https://www.cve.org/CVERecord?id=CVE-2025-50181 https://nvd.nist.gov/vuln/detail/CVE-2025-50181 https://github.com/urllib3/urllib3/commit/f05b1329126d5be6de501f9d1e3e36738bc08857 https://github.com/urllib3/urllib3/security/advisories/GHSA-pq67-6m6q-mj2v https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-50181.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-pip", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "I2Zt9YsHD1yGZzClxwi8Nw==": { "id": "I2Zt9YsHD1yGZzClxwi8Nw==", "updater": "rhel-vex", "name": "CVE-2023-39615", "description": "A flaw was found in Libxml2, where it contains a global buffer overflow via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a denial of service (DoS) by supplying a crafted XML file.", "issued": "2023-08-29T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-39615 https://bugzilla.redhat.com/show_bug.cgi?id=2235864 https://www.cve.org/CVERecord?id=CVE-2023-39615 https://nvd.nist.gov/vuln/detail/CVE-2023-39615 https://gitlab.gnome.org/GNOME/libxml2/-/issues/535 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-39615.json https://access.redhat.com/errata/RHSA-2024:0119", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.9.7-18.el8_9", "arch_op": "pattern match" }, "IBwplA8saI0ZfUheNf3v8w==": { "id": "IBwplA8saI0ZfUheNf3v8w==", "updater": "rhel-vex", "name": "CVE-2024-12086", "description": "A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare with in order to determine what data needs to be sent to the server. By sending specially constructed checksum values for arbitrary files, an attacker may be able to reconstruct the data of those files byte-by-byte based on the responses from the client.", "issued": "2025-01-14T15:06:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-12086 https://bugzilla.redhat.com/show_bug.cgi?id=2330577 https://www.cve.org/CVERecord?id=CVE-2024-12086 https://nvd.nist.gov/vuln/detail/CVE-2024-12086 https://kb.cert.org/vuls/id/952657 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-12086.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "rsync", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ICMgLhb2hrTu4aoZgv4OJg==": { "id": "ICMgLhb2hrTu4aoZgv4OJg==", "updater": "rhel-vex", "name": "CVE-2024-12747", "description": "A flaw was found in rsync. This vulnerability arises from a race condition during rsync's handling of symbolic links. Rsync's default behavior when encountering symbolic links is to skip them. If an attacker replaced a regular file with a symbolic link at the right time, it was possible to bypass the default behavior and traverse symbolic links. Depending on the privileges of the rsync process, an attacker could leak sensitive information, potentially leading to privilege escalation.", "issued": "2025-01-14T15:06:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-12747 https://bugzilla.redhat.com/show_bug.cgi?id=2332968 https://www.cve.org/CVERecord?id=CVE-2024-12747 https://nvd.nist.gov/vuln/detail/CVE-2024-12747 https://kb.cert.org/vuls/id/952657 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-12747.json https://access.redhat.com/errata/RHSA-2025:2600", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "rsync", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.1.3-21.el8_10", "arch_op": "pattern match" }, "IEMHgBMw35D4hXSAa095xA==": { "id": "IEMHgBMw35D4hXSAa095xA==", "updater": "rhel-vex", "name": "CVE-2023-37920", "description": "A flaw was found in the python-certifi package. This issue occurs when the e-Tugra root certificate in Certifi is removed, resulting in an unspecified error that has an unknown impact and attack vector.", "issued": "2023-07-25T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-37920 https://bugzilla.redhat.com/show_bug.cgi?id=2226586 https://www.cve.org/CVERecord?id=CVE-2023-37920 https://nvd.nist.gov/vuln/detail/CVE-2023-37920 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-37920.json https://access.redhat.com/errata/RHBA-2024:5736", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "ca-certificates", "version": "", "kind": "binary", "normalized_version": "", "arch": "noarch|src", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2024.2.69_v8.0.303-80.0.el8_10", "arch_op": "pattern match" }, "IJS3b296QT7Z41aaGzQcDg==": { "id": "IJS3b296QT7Z41aaGzQcDg==", "updater": "rhel-vex", "name": "CVE-2023-38471", "description": "A vulnerability was found in Avahi. A reachable assertion exists in the dbus_set_host_name function.", "issued": "2023-04-26T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-38471 https://bugzilla.redhat.com/show_bug.cgi?id=2191691 https://www.cve.org/CVERecord?id=CVE-2023-38471 https://nvd.nist.gov/vuln/detail/CVE-2023-38471 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-38471.json https://access.redhat.com/errata/RHSA-2023:7836", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "avahi-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:0.7-21.el8_9.1", "arch_op": "pattern match" }, "ILRkBDacA/Hq8lS4vwmUQw==": { "id": "ILRkBDacA/Hq8lS4vwmUQw==", "updater": "rhel-vex", "name": "CVE-2024-12133", "description": "A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate, causing a denial of service attack.", "issued": "2025-02-10T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-12133 https://bugzilla.redhat.com/show_bug.cgi?id=2344611 https://www.cve.org/CVERecord?id=CVE-2024-12133 https://nvd.nist.gov/vuln/detail/CVE-2024-12133 https://gitlab.com/gnutls/libtasn1/-/issues/52 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-12133.json https://access.redhat.com/errata/RHSA-2025:4049", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "libtasn1", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:4.13-5.el8_10", "arch_op": "pattern match" }, "IQWSy6l9QPBAEUX4RIP13A==": { "id": "IQWSy6l9QPBAEUX4RIP13A==", "updater": "rhel-vex", "name": "CVE-2020-11023", "description": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery's DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.", "issued": "2020-04-29T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-11023 https://bugzilla.redhat.com/show_bug.cgi?id=1850004 https://www.cve.org/CVERecord?id=CVE-2020-11023 https://nvd.nist.gov/vuln/detail/CVE-2020-11023 https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-11023.json https://access.redhat.com/errata/RHSA-2025:1301", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "libstdc++", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:8.5.0-23.el8_10", "arch_op": "pattern match" }, "Iw/8/Ghx1xANXejV7+z8Zg==": { "id": "Iw/8/Ghx1xANXejV7+z8Zg==", "updater": "rhel-vex", "name": "CVE-2024-28834", "description": "A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noticeable step in nonce size from 513 to 512 bits, exposing a potential timing side-channel.", "issued": "2024-03-21T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-28834 https://bugzilla.redhat.com/show_bug.cgi?id=2269228 https://www.cve.org/CVERecord?id=CVE-2024-28834 https://nvd.nist.gov/vuln/detail/CVE-2024-28834 https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.html https://minerva.crocs.fi.muni.cz/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-28834.json https://access.redhat.com/errata/RHSA-2024:1784", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "gnutls", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.6.16-8.el8_9.3", "arch_op": "pattern match" }, "J6V4je3mZjkDf/lc+6NV1Q==": { "id": "J6V4je3mZjkDf/lc+6NV1Q==", "updater": "rhel-vex", "name": "CVE-2024-21210", "description": "Vulnerability in Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4 and 23. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).", "issued": "2024-10-15T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-21210 https://bugzilla.redhat.com/show_bug.cgi?id=2318524 https://www.cve.org/CVERecord?id=CVE-2024-21210 https://nvd.nist.gov/vuln/detail/CVE-2024-21210 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-21210.json https://access.redhat.com/errata/RHSA-2024:8124", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.13.0.11-3.el8", "arch_op": "pattern match" }, "JIDV1pvncNzhtgdgLparmg==": { "id": "JIDV1pvncNzhtgdgLparmg==", "updater": "rhel-vex", "name": "CVE-2025-0395", "description": "A flaw was found in the GNU C Library (glibc). A buffer overflow condition via the `assert()` function may be triggered due to glibc not allocating enough space for the assertion failure message string and size information. In certain conditions, a local attacker can exploit this, potentially leading to an application crash or other undefined behavior.", "issued": "2025-01-22T13:11:30Z", "links": "https://access.redhat.com/security/cve/CVE-2025-0395 https://bugzilla.redhat.com/show_bug.cgi?id=2339460 https://www.cve.org/CVERecord?id=CVE-2025-0395 https://nvd.nist.gov/vuln/detail/CVE-2025-0395 https://sourceware.org/bugzilla/show_bug.cgi?id=32582 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-0395.json https://access.redhat.com/errata/RHSA-2025:3828", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.28-251.el8_10.16", "arch_op": "pattern match" }, "JNUrKI0zZxKRrBrBzoBLMQ==": { "id": "JNUrKI0zZxKRrBrBzoBLMQ==", "updater": "rhel-vex", "name": "CVE-2024-33600", "description": "A flaw was found in the glibc netgroup cache. After a failed cache insertion, addgetnetgrentX tries to send the non-existing response after the not-found header. This can lead to a null pointer dereference that causes a crash or exit.", "issued": "2024-04-24T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-33600 https://bugzilla.redhat.com/show_bug.cgi?id=2277204 https://www.cve.org/CVERecord?id=CVE-2024-33600 https://nvd.nist.gov/vuln/detail/CVE-2024-33600 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-33600.json https://access.redhat.com/errata/RHSA-2024:3344", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc-minimal-langpack", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.28-251.el8_10.2", "arch_op": "pattern match" }, "JSaaaompsbKsRPOGmqWlSg==": { "id": "JSaaaompsbKsRPOGmqWlSg==", "updater": "rhel-vex", "name": "CVE-2025-49795", "description": "A NULL pointer dereference vulnerability was found in libxml2 when processing XPath XML expressions. This flaw allows an attacker to craft a malicious XML input to libxml2, leading to a denial of service.", "issued": "2025-06-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-49795 https://bugzilla.redhat.com/show_bug.cgi?id=2372379 https://www.cve.org/CVERecord?id=CVE-2025-49795 https://nvd.nist.gov/vuln/detail/CVE-2025-49795 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-49795.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "High", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "JULVy5wy3sW0IxhRCyvLzw==": { "id": "JULVy5wy3sW0IxhRCyvLzw==", "updater": "rhel-vex", "name": "CVE-2022-4450", "description": "A double-free vulnerability was found in OpenSSL's PEM_read_bio_ex function. The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the \"name\" (for example, \"CERTIFICATE\"), any header data, and the payload data. If the function succeeds, then the \"name_out,\" \"header,\" and \"data\" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. Constructing a PEM file that results in 0 bytes of payload data is possible. In this case, PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a freed buffer. A double-free will occur if the caller also frees this buffer. This will most likely lead to a crash. This could be exploited by an attacker who can supply malicious PEM files for parsing to achieve a denial of service attack.", "issued": "2023-02-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-4450 https://bugzilla.redhat.com/show_bug.cgi?id=2164494 https://www.cve.org/CVERecord?id=CVE-2022-4450 https://nvd.nist.gov/vuln/detail/CVE-2022-4450 https://www.openssl.org/news/secadv/20230207.txt https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-4450.json https://access.redhat.com/errata/RHSA-2023:1405", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:1.1.1k-9.el8_7", "arch_op": "pattern match" }, "K/SChMPcKirzzgJ/2H3Snw==": { "id": "K/SChMPcKirzzgJ/2H3Snw==", "updater": "rhel-vex", "name": "CVE-2022-27943", "description": "A flaw was found in binutils, where GNU GCC is vulnerable to a denial of service caused by a stack consumption in the demangle_const() function in ibiberty/rust-demangle.c. The vulnerability exists due to the application not properly controlling the consumption of internal resources. By persuading a victim to open a specially-crafted file, an attacker could cause a denial of service.", "issued": "2022-03-26T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-27943 https://bugzilla.redhat.com/show_bug.cgi?id=2071728 https://www.cve.org/CVERecord?id=CVE-2022-27943 https://nvd.nist.gov/vuln/detail/CVE-2022-27943 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-27943.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "gcc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "K6uaVwUZHszfGhRWXdtyLw==": { "id": "K6uaVwUZHszfGhRWXdtyLw==", "updater": "rhel-vex", "name": "CVE-2024-47175", "description": "A security issue was found in OpenPrinting CUPS.\n\nThe function ppdCreatePPDFromIPP2 in the libppd library is responsible for generating a PostScript Printer Description (PPD) file based on attributes retrieved from an Internet Printing Protocol (IPP) response. Essentially, it takes printer information, usually obtained via IPP, and creates a corresponding PPD file that describes the printer's capabilities (such as supported media sizes, resolutions, color modes, etc.).\n\nPPD files are used by printing systems like CUPS (Common Unix Printing System) to communicate with and configure printers. They provide a standardized format that allows different printers to work with the printing system in a consistent way.\n\nThe ppdCreatePPDFromIPP2 function in libppd doesn't properly check or clean IPP attributes before writing them to a temporary PPD file. This means that a remote attacker, who has control of or has hijacked an exposed printer (through UPD or mDNS), could send a harmful IPP attribute and potentially insert malicious commands into the PPD file.", "issued": "2024-09-26T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-47175 https://bugzilla.redhat.com/show_bug.cgi?id=2314256 https://access.redhat.com/security/vulnerabilities/RHSB-2024-002 https://www.cve.org/CVERecord?id=CVE-2024-47175 https://nvd.nist.gov/vuln/detail/CVE-2024-47175 https://github.com/OpenPrinting/libppd/security/advisories/GHSA-7xfx-47qg-grp6 https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-47175.json https://access.redhat.com/errata/RHSA-2025:0083", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "cups-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:2.2.6-62.el8_10", "arch_op": "pattern match" }, "K9iroZkqL0rOnZwxxgg88A==": { "id": "K9iroZkqL0rOnZwxxgg88A==", "updater": "rhel-vex", "name": "CVE-2025-0395", "description": "A flaw was found in the GNU C Library (glibc). A buffer overflow condition via the `assert()` function may be triggered due to glibc not allocating enough space for the assertion failure message string and size information. In certain conditions, a local attacker can exploit this, potentially leading to an application crash or other undefined behavior.", "issued": "2025-01-22T13:11:30Z", "links": "https://access.redhat.com/security/cve/CVE-2025-0395 https://bugzilla.redhat.com/show_bug.cgi?id=2339460 https://www.cve.org/CVERecord?id=CVE-2025-0395 https://nvd.nist.gov/vuln/detail/CVE-2025-0395 https://sourceware.org/bugzilla/show_bug.cgi?id=32582 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-0395.json https://access.redhat.com/errata/RHSA-2025:3828", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc-common", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.28-251.el8_10.16", "arch_op": "pattern match" }, "KGXy4/PIqmqxgmdGe+CSOw==": { "id": "KGXy4/PIqmqxgmdGe+CSOw==", "updater": "rhel-vex", "name": "CVE-2025-6170", "description": "A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections.", "issued": "2025-06-16T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-6170 https://bugzilla.redhat.com/show_bug.cgi?id=2372952 https://www.cve.org/CVERecord?id=CVE-2025-6170 https://nvd.nist.gov/vuln/detail/CVE-2025-6170 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-6170.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "KY9BKlq4Gj8NzFJAjVvZ0Q==": { "id": "KY9BKlq4Gj8NzFJAjVvZ0Q==", "updater": "rhel-vex", "name": "CVE-2023-4911", "description": "A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.", "issued": "2023-10-03T17:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4911 https://bugzilla.redhat.com/show_bug.cgi?id=2238352 https://www.cve.org/CVERecord?id=CVE-2023-4911 https://nvd.nist.gov/vuln/detail/CVE-2023-4911 https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt https://www.qualys.com/cve-2023-4911/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4911.json https://access.redhat.com/errata/RHSA-2023:5455", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "glibc-common", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.28-225.el8_8.6", "arch_op": "pattern match" }, "KaROgE0QmtiOixMG9Wi1RA==": { "id": "KaROgE0QmtiOixMG9Wi1RA==", "updater": "rhel-vex", "name": "CVE-2023-32636", "description": "A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect glib distributors who followed the guidance of glib developers to backport the initial fix for CVE-2023-29499.", "issued": "2022-12-14T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-32636 https://bugzilla.redhat.com/show_bug.cgi?id=2211833 https://www.cve.org/CVERecord?id=CVE-2023-32636 https://nvd.nist.gov/vuln/detail/CVE-2023-32636 https://discourse.gnome.org/t/multiple-fixes-for-gvariant-normalisation-issues-in-glib/12835 https://gitlab.gnome.org/GNOME/glib/-/issues/2841 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-32636.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Kgb0OXb48Qy0VFaP/ozc+A==": { "id": "Kgb0OXb48Qy0VFaP/ozc+A==", "updater": "rhel-vex", "name": "CVE-2023-6004", "description": "A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue may allow an attacker to inject malicious code into the command of the features mentioned through the hostname parameter.", "issued": "2023-12-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-6004 https://bugzilla.redhat.com/show_bug.cgi?id=2251110 https://www.cve.org/CVERecord?id=CVE-2023-6004 https://nvd.nist.gov/vuln/detail/CVE-2023-6004 https://www.libssh.org/security/advisories/CVE-2023-6004.txt https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-6004.json https://access.redhat.com/errata/RHSA-2024:3233", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libssh", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:0.9.6-14.el8", "arch_op": "pattern match" }, "Ki7oqSsO2d+3IU4Kt9Ij9Q==": { "id": "Ki7oqSsO2d+3IU4Kt9Ij9Q==", "updater": "rhel-vex", "name": "CVE-2024-20921", "description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security.", "issued": "2024-01-16T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-20921 https://bugzilla.redhat.com/show_bug.cgi?id=2257859 https://www.cve.org/CVERecord?id=CVE-2024-20921 https://nvd.nist.gov/vuln/detail/CVE-2024-20921 https://www.oracle.com/security-alerts/cpujan2024.html#AppendixJAVA https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-20921.json https://access.redhat.com/errata/RHSA-2024:0267", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.10.0.7-2.el8", "arch_op": "pattern match" }, "KmDekh9bjUEz74sD3+JWxw==": { "id": "KmDekh9bjUEz74sD3+JWxw==", "updater": "rhel-vex", "name": "CVE-2022-21540", "description": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).", "issued": "2022-07-19T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-21540 https://bugzilla.redhat.com/show_bug.cgi?id=2108540 https://www.cve.org/CVERecord?id=CVE-2022-21540 https://nvd.nist.gov/vuln/detail/CVE-2022-21540 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-21540.json https://access.redhat.com/errata/RHSA-2022:5726", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.4.0.8-2.el8_6", "arch_op": "pattern match" }, "KrdA+ZSJ60jp3zLcReaBRQ==": { "id": "KrdA+ZSJ60jp3zLcReaBRQ==", "updater": "rhel-vex", "name": "CVE-2023-6004", "description": "A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue may allow an attacker to inject malicious code into the command of the features mentioned through the hostname parameter.", "issued": "2023-12-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-6004 https://bugzilla.redhat.com/show_bug.cgi?id=2251110 https://www.cve.org/CVERecord?id=CVE-2023-6004 https://nvd.nist.gov/vuln/detail/CVE-2023-6004 https://www.libssh.org/security/advisories/CVE-2023-6004.txt https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-6004.json https://access.redhat.com/errata/RHSA-2024:3233", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libssh-config", "version": "", "kind": "binary", "normalized_version": "", "arch": "noarch", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:0.9.6-14.el8", "arch_op": "pattern match" }, "Ktk5hZEExnBrqnvP5TBq8A==": { "id": "Ktk5hZEExnBrqnvP5TBq8A==", "updater": "rhel-vex", "name": "CVE-2024-33601", "description": "A flaw was found in the glibc netgroup cache. The netgroup cache uses xmalloc/xrealloc and may terminate the process due to a memory allocation failure.", "issued": "2024-04-24T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-33601 https://bugzilla.redhat.com/show_bug.cgi?id=2277205 https://www.cve.org/CVERecord?id=CVE-2024-33601 https://nvd.nist.gov/vuln/detail/CVE-2024-33601 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-33601.json https://access.redhat.com/errata/RHSA-2024:3344", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "glibc-minimal-langpack", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.28-251.el8_10.2", "arch_op": "pattern match" }, "L7QbkTbsy8v3tMfOqNsVKQ==": { "id": "L7QbkTbsy8v3tMfOqNsVKQ==", "updater": "rhel-vex", "name": "CVE-2024-7531", "description": "The Mozilla Foundation Security Advisory describes this flaw as:\n\nCalling PK11_Encrypt() in NSS using CKM_CHACHA20 and the same buffer for input and output can result in plaintext on Intel Sandy Bridge and later processors. In Firefox this only affects the QUIC header protection feature when the connection is using the ChaCha20-Poly1305 cipher suite. The most likely outcome is connection failure, but if the connection persists despite the high packet loss it could be possible for a network observer to identify packets as coming from the same source despite a network path change.", "issued": "2024-08-06T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-7531 https://bugzilla.redhat.com/show_bug.cgi?id=2303148 https://www.cve.org/CVERecord?id=CVE-2024-7531 https://nvd.nist.gov/vuln/detail/CVE-2024-7531 https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/#CVE-2024-7531 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-7531.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "nss", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "LSK/jpdA0my/0ITmRM7LRw==": { "id": "LSK/jpdA0my/0ITmRM7LRw==", "updater": "rhel-vex", "name": "CVE-2024-9287", "description": "A vulnerability has been found in the Python `venv` module and CLI. Path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment \"activation\" scripts, for example, \"source venv/bin/activate\". This flaw allows attacker-controlled virtual environments to run commands when the virtual environment is activated.", "issued": "2024-10-22T16:34:39Z", "links": "https://access.redhat.com/security/cve/CVE-2024-9287 https://bugzilla.redhat.com/show_bug.cgi?id=2321440 https://www.cve.org/CVERecord?id=CVE-2024-9287 https://nvd.nist.gov/vuln/detail/CVE-2024-9287 https://github.com/python/cpython/issues/124651 https://github.com/python/cpython/pull/124712 https://mail.python.org/archives/list/security-announce@python.org/thread/RSPJ2B5JL22FG3TKUJ7D7DQ4N5JRRBZL/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-9287.json https://access.redhat.com/errata/RHSA-2024:10779", "severity": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-69.el8_10", "arch_op": "pattern match" }, "Lr7APYpoHx1Gcopp0lkBGQ==": { "id": "Lr7APYpoHx1Gcopp0lkBGQ==", "updater": "rhel-vex", "name": "CVE-2019-14250", "description": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow.", "issued": "2019-08-09T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2019-14250 https://bugzilla.redhat.com/show_bug.cgi?id=1739490 https://www.cve.org/CVERecord?id=CVE-2019-14250 https://nvd.nist.gov/vuln/detail/CVE-2019-14250 https://security.access.redhat.com/data/csaf/v2/vex/2019/cve-2019-14250.json", "severity": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gcc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "LvY+0b8eLd3sz+9w+e48OA==": { "id": "LvY+0b8eLd3sz+9w+e48OA==", "updater": "rhel-vex", "name": "CVE-2022-0391", "description": "A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\\r' and '\\n' in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks.", "issued": "2021-04-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-0391 https://bugzilla.redhat.com/show_bug.cgi?id=2047376 https://www.cve.org/CVERecord?id=CVE-2022-0391 https://nvd.nist.gov/vuln/detail/CVE-2022-0391 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-0391.json https://access.redhat.com/errata/RHSA-2022:6457", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-47.el8_6", "arch_op": "pattern match" }, "M6D+VTRNXixbmL/0yy1a9w==": { "id": "M6D+VTRNXixbmL/0yy1a9w==", "updater": "rhel-vex", "name": "CVE-2023-5388", "description": "It was discovered that the numerical library used in NSS for RSA cryptography leaks information whether high order bits of the RSA decryption result are zero. This information can be used to mount a Bleichenbacher or Manger like attack against all RSA decryption operations. As the leak happens before any padding operations, it affects all padding modes: PKCS#1 v1.5, OAEP, and RSASVP. Both API level calls and TLS server operation are affected.", "issued": "2023-10-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-5388 https://bugzilla.redhat.com/show_bug.cgi?id=2243644 https://www.cve.org/CVERecord?id=CVE-2023-5388 https://nvd.nist.gov/vuln/detail/CVE-2023-5388 https://www.mozilla.org/en-US/security/advisories/mfsa2024-13/#CVE-2023-5388 https://www.mozilla.org/en-US/security/advisories/mfsa2024-14/#CVE-2023-5388 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-5388.json https://access.redhat.com/errata/RHSA-2024:0105", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "nss-sysinit", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.90.0-4.el8_9", "arch_op": "pattern match" }, "MBtl9rP7D2DY8aZOJ0U4Qw==": { "id": "MBtl9rP7D2DY8aZOJ0U4Qw==", "updater": "rhel-vex", "name": "CVE-2025-32414", "description": "A flaw was found in libxml2. This vulnerability allows out-of-bounds memory access via incorrect handling of return values in xmlPythonFileRead and xmlPythonFileReadRaw, due to a mismatch between bytes and characters.", "issued": "2025-04-08T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-32414 https://bugzilla.redhat.com/show_bug.cgi?id=2358121 https://www.cve.org/CVERecord?id=CVE-2025-32414 https://nvd.nist.gov/vuln/detail/CVE-2025-32414 https://gitlab.gnome.org/GNOME/libxml2/-/issues/889 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-32414.json https://access.redhat.com/errata/RHSA-2025:8958", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.9.7-20.el8_10", "arch_op": "pattern match" }, "MFPnXhqi7R/vWR8Pbt8PiA==": { "id": "MFPnXhqi7R/vWR8Pbt8PiA==", "updater": "rhel-vex", "name": "CVE-2023-40217", "description": "Python ssl.SSLSocket is vulnerable to a bypass of the TLS handshake in certain instances for HTTPS servers and other server-side protocols that use TLS client authentication such as mTLS. This issue may result in a breach of integrity as its possible to modify or delete resources that are authenticated only by a TLS certificate. No breach of confidentiality is possible.", "issued": "2023-08-25T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-40217 https://bugzilla.redhat.com/show_bug.cgi?id=2235789 https://www.cve.org/CVERecord?id=CVE-2023-40217 https://nvd.nist.gov/vuln/detail/CVE-2023-40217 https://github.com/python/cpython/issues/108310 https://github.com/python/cpython/pull/108315 https://mail.python.org/archives/list/security-announce@python.org/thread/PEPLII27KYHLF4AK3ZQGKYNCRERG4YXY/ https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-40217.json https://access.redhat.com/errata/RHSA-2023:5997", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N", "normalized_severity": "High", "package": { "id": "", "name": "platform-python", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-51.el8_8.2", "arch_op": "pattern match" }, "MRnBR1NwPejsF0F/Po53Ew==": { "id": "MRnBR1NwPejsF0F/Po53Ew==", "updater": "rhel-vex", "name": "CVE-2019-8905", "description": "do_core_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printable, a different vulnerability than CVE-2018-10360.", "issued": "2019-02-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2019-8905 https://bugzilla.redhat.com/show_bug.cgi?id=1679181 https://www.cve.org/CVERecord?id=CVE-2019-8905 https://nvd.nist.gov/vuln/detail/CVE-2019-8905 https://security.access.redhat.com/data/csaf/v2/vex/2019/cve-2019-8905.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "file", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "MbIP6skTvSICAjVnxuqoIg==": { "id": "MbIP6skTvSICAjVnxuqoIg==", "updater": "rhel-vex", "name": "CVE-2021-3468", "description": "A flaw was found in avahi. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the availability of the avahi service, which becomes unresponsive after this flaw is triggered.", "issued": "2021-03-10T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-3468 https://bugzilla.redhat.com/show_bug.cgi?id=1939614 https://www.cve.org/CVERecord?id=CVE-2021-3468 https://nvd.nist.gov/vuln/detail/CVE-2021-3468 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-3468.json https://access.redhat.com/errata/RHSA-2023:7836", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "avahi-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:0.7-21.el8_9.1", "arch_op": "pattern match" }, "Mc7zHgg4D2CxQferqT0txw==": { "id": "Mc7zHgg4D2CxQferqT0txw==", "updater": "rhel-vex", "name": "CVE-2022-21624", "description": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).", "issued": "2022-10-18T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-21624 https://bugzilla.redhat.com/show_bug.cgi?id=2133765 https://www.cve.org/CVERecord?id=CVE-2022-21624 https://nvd.nist.gov/vuln/detail/CVE-2022-21624 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-21624.json https://access.redhat.com/errata/RHSA-2022:7000", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.5.0.8-2.el8_6", "arch_op": "pattern match" }, "McSXqVuR6tGJf6vkcFREXg==": { "id": "McSXqVuR6tGJf6vkcFREXg==", "updater": "rhel-vex", "name": "CVE-2022-47629", "description": "A vulnerability was found in the Libksba library, due to an integer overflow within the CRL's signature parser. This issue can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.", "issued": "2022-10-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-47629 https://bugzilla.redhat.com/show_bug.cgi?id=2161571 https://www.cve.org/CVERecord?id=CVE-2022-47629 https://nvd.nist.gov/vuln/detail/CVE-2022-47629 https://gnupg.org/blog/20221017-pepe-left-the-ksba.html https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-47629.json https://access.redhat.com/errata/RHSA-2023:0625", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "normalized_severity": "High", "package": { "id": "", "name": "libksba", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:1.3.5-9.el8_7", "arch_op": "pattern match" }, "Mz0ngyR6Id7iin7uAxNAYw==": { "id": "Mz0ngyR6Id7iin7uAxNAYw==", "updater": "rhel-vex", "name": "CVE-2024-11168", "description": "A flaw was found in Python. The `urllib.parse.urlsplit()` and `urlparse()` functions improperly validated bracketed hosts (`[]`), allowing hosts that weren't IPv6 or IPvFuture compliant. This behavior was not conformant to RFC 3986 and was potentially vulnerable to server-side request forgery (SSRF) if a URL is processed by more than one URL parser.", "issued": "2024-11-12T21:22:23Z", "links": "https://access.redhat.com/security/cve/CVE-2024-11168 https://bugzilla.redhat.com/show_bug.cgi?id=2325776 https://www.cve.org/CVERecord?id=CVE-2024-11168 https://nvd.nist.gov/vuln/detail/CVE-2024-11168 https://github.com/python/cpython/commit/29f348e232e82938ba2165843c448c2b291504c5 https://github.com/python/cpython/commit/b2171a2fd41416cf68afd67460578631d755a550 https://github.com/python/cpython/issues/103848 https://github.com/python/cpython/pull/103849 https://mail.python.org/archives/list/security-announce@python.org/thread/XPWB6XVZ5G5KGEI63M4AWLIEUF5BPH4T/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-11168.json https://access.redhat.com/errata/RHSA-2024:10779", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-69.el8_10", "arch_op": "pattern match" }, "NJcot/jXTfghKCED4k3bTw==": { "id": "NJcot/jXTfghKCED4k3bTw==", "updater": "rhel-vex", "name": "CVE-2023-24329", "description": "A flaw was found in the Python package. An issue in the urllib.parse component could allow attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.This may lead to compromised Integrity.", "issued": "2023-02-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-24329 https://bugzilla.redhat.com/show_bug.cgi?id=2173917 https://www.cve.org/CVERecord?id=CVE-2023-24329 https://nvd.nist.gov/vuln/detail/CVE-2023-24329 https://pointernull.com/security/python-url-parse-problem.html https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-24329.json https://access.redhat.com/errata/RHSA-2023:3591", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "normalized_severity": "High", "package": { "id": "", "name": "platform-python", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-51.el8_8.1", "arch_op": "pattern match" }, "NP+ftgAXKAxtqkDd2/nZ5Q==": { "id": "NP+ftgAXKAxtqkDd2/nZ5Q==", "updater": "rhel-vex", "name": "CVE-2022-45061", "description": "A vulnerability was discovered in Python. A quadratic algorithm exists when processing inputs to the IDNA (RFC 3490) decoder, such that a crafted unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often supplied by remote servers that could be controlled by a malicious actor, which could trigger excessive CPU consumption on the client attempting to make use of an attacker-supplied hostname.", "issued": "2022-11-09T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-45061 https://bugzilla.redhat.com/show_bug.cgi?id=2144072 https://www.cve.org/CVERecord?id=CVE-2022-45061 https://nvd.nist.gov/vuln/detail/CVE-2022-45061 https://github.com/python/cpython/issues/98433 https://python-security.readthedocs.io/vuln/slow-idna-large-strings.html https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-45061.json https://access.redhat.com/errata/RHSA-2023:0833", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "python3-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-48.el8_7.1", "arch_op": "pattern match" }, "Ng5iiCGmoHR+swxooAJCqw==": { "id": "Ng5iiCGmoHR+swxooAJCqw==", "updater": "rhel-vex", "name": "CVE-2022-22576", "description": "A vulnerability was found in curl. This security flaw allows reusing OAUTH2-authenticated connections without properly ensuring that the connection was authenticated with the same credentials set for this transfer. This issue leads to an authentication bypass, either by mistake or by a malicious actor.", "issued": "2022-04-27T06:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-22576 https://bugzilla.redhat.com/show_bug.cgi?id=2077541 https://www.cve.org/CVERecord?id=CVE-2022-22576 https://nvd.nist.gov/vuln/detail/CVE-2022-22576 https://curl.se/docs/CVE-2022-22576.html https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-22576.json https://access.redhat.com/errata/RHSA-2022:5313", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "libcurl", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:7.61.1-22.el8_6.3", "arch_op": "pattern match" }, "NiJEOu5Kjh3lsQlrV/cvxw==": { "id": "NiJEOu5Kjh3lsQlrV/cvxw==", "updater": "rhel-vex", "name": "CVE-2024-0450", "description": "A flaw was found in the Python/CPython 'zipfile' that can allow a zip-bomb type of attack. An attacker may craft a zip file format, leading to a Denial of Service when processed.", "issued": "2024-03-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-0450 https://bugzilla.redhat.com/show_bug.cgi?id=2276525 https://www.cve.org/CVERecord?id=CVE-2024-0450 https://nvd.nist.gov/vuln/detail/CVE-2024-0450 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-0450.json https://access.redhat.com/errata/RHSA-2024:3347", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "python3-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-62.el8_10", "arch_op": "pattern match" }, "O0MX0fzniEDC/IINFuoyRw==": { "id": "O0MX0fzniEDC/IINFuoyRw==", "updater": "rhel-vex", "name": "CVE-2022-3821", "description": "An off-by-one error flaw was found in systemd in the format_timespan() function of time-util.c. This flaw allows an attacker to supply specific values for time and accuracy, leading to a buffer overrun in format_timespan(), leading to a denial of service.", "issued": "2022-07-08T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-3821 https://bugzilla.redhat.com/show_bug.cgi?id=2139327 https://www.cve.org/CVERecord?id=CVE-2022-3821 https://nvd.nist.gov/vuln/detail/CVE-2022-3821 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-3821.json https://access.redhat.com/errata/RHSA-2023:0100", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "systemd-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:239-68.el8_7.1", "arch_op": "pattern match" }, "O6eQrDqYe8zCvECWFMIzFQ==": { "id": "O6eQrDqYe8zCvECWFMIzFQ==", "updater": "rhel-vex", "name": "CVE-2019-8906", "description": "do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused.", "issued": "2019-01-03T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2019-8906 https://bugzilla.redhat.com/show_bug.cgi?id=1679175 https://www.cve.org/CVERecord?id=CVE-2019-8906 https://nvd.nist.gov/vuln/detail/CVE-2019-8906 https://security.access.redhat.com/data/csaf/v2/vex/2019/cve-2019-8906.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "file", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "OPy7Fiduw9KEpo8dGN9jJg==": { "id": "OPy7Fiduw9KEpo8dGN9jJg==", "updater": "rhel-vex", "name": "CVE-2023-6597", "description": "A flaw was found in the tempfile.TemporaryDirectory class in python3/cpython3. The class may dereference symbolic links during permission-related errors, resulting in users that run privileged programs being able to modify permissions of files referenced by the symbolic link.", "issued": "2024-03-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-6597 https://bugzilla.redhat.com/show_bug.cgi?id=2276518 https://www.cve.org/CVERecord?id=CVE-2023-6597 https://nvd.nist.gov/vuln/detail/CVE-2023-6597 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-6597.json https://access.redhat.com/errata/RHSA-2024:3347", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", "normalized_severity": "High", "package": { "id": "", "name": "python3-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-62.el8_10", "arch_op": "pattern match" }, "ORwe+kzFJjOOvg2V1zLttQ==": { "id": "ORwe+kzFJjOOvg2V1zLttQ==", "updater": "rhel-vex", "name": "CVE-2024-6232", "description": "A regular expression denial of service (ReDos) vulnerability was found in Python's tarfile module. Due to excessive backtracking while tarfile parses headers, an attacker may be able to trigger a denial of service via a specially crafted tar archive.", "issued": "2024-09-03T13:15:05Z", "links": "https://access.redhat.com/security/cve/CVE-2024-6232 https://bugzilla.redhat.com/show_bug.cgi?id=2309426 https://www.cve.org/CVERecord?id=CVE-2024-6232 https://nvd.nist.gov/vuln/detail/CVE-2024-6232 https://github.com/python/cpython/issues/121285 https://github.com/python/cpython/pull/121286 https://mail.python.org/archives/list/security-announce@python.org/thread/JRYFTPRHZRTLMZLWQEUHZSJXNHM4ACTY/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-6232.json https://access.redhat.com/errata/RHSA-2024:6975", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "python3-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-67.el8_10", "arch_op": "pattern match" }, "OWjo5jp0o/r2whDDnWp0vw==": { "id": "OWjo5jp0o/r2whDDnWp0vw==", "updater": "rhel-vex", "name": "CVE-2019-7317", "description": "png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.", "issued": "2019-01-25T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2019-7317 https://bugzilla.redhat.com/show_bug.cgi?id=1672409 https://www.cve.org/CVERecord?id=CVE-2019-7317 https://nvd.nist.gov/vuln/detail/CVE-2019-7317 https://security.access.redhat.com/data/csaf/v2/vex/2019/cve-2019-7317.json", "severity": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "libpng", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "OeTADeRVaMhDk1Akna9xlA==": { "id": "OeTADeRVaMhDk1Akna9xlA==", "updater": "rhel-vex", "name": "CVE-2023-29469", "description": "A flaw was found in libxml2. This issue occurs when hashing empty strings which aren't null-terminated, xmlDictComputeFastKey could produce inconsistent results, which may lead to various logic or memory errors, including double free errors.", "issued": "2023-04-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-29469 https://bugzilla.redhat.com/show_bug.cgi?id=2185984 https://www.cve.org/CVERecord?id=CVE-2023-29469 https://nvd.nist.gov/vuln/detail/CVE-2023-29469 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-29469.json https://access.redhat.com/errata/RHSA-2023:4529", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.9.7-16.el8_8.1", "arch_op": "pattern match" }, "OhcCd0zeiQKtFtNGp31MYQ==": { "id": "OhcCd0zeiQKtFtNGp31MYQ==", "updater": "rhel-vex", "name": "CVE-2023-22036", "description": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Utility). Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).", "issued": "2023-07-18T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-22036 https://bugzilla.redhat.com/show_bug.cgi?id=2221634 https://www.cve.org/CVERecord?id=CVE-2023-22036 https://nvd.nist.gov/vuln/detail/CVE-2023-22036 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-22036.json https://access.redhat.com/errata/RHSA-2023:4159", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.8.0.7-2.el8", "arch_op": "pattern match" }, "OkBQv6P8l9HZFxt6Kd+WNA==": { "id": "OkBQv6P8l9HZFxt6Kd+WNA==", "updater": "rhel-vex", "name": "CVE-2025-30698", "description": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK: 17.0.14, 21.0.6, 24; Oracle GraalVM Enterprise Edition: 20.3.17 and 21.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L).", "issued": "2025-04-15T21:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-30698 https://bugzilla.redhat.com/show_bug.cgi?id=2359693 https://www.cve.org/CVERecord?id=CVE-2025-30698 https://nvd.nist.gov/vuln/detail/CVE-2025-30698 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-30698.json https://access.redhat.com/errata/RHSA-2025:3852", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.15.0.6-2.el8", "arch_op": "pattern match" }, "OpCld6iRicihruOWfDVl/A==": { "id": "OpCld6iRicihruOWfDVl/A==", "updater": "rhel-vex", "name": "CVE-2025-24928", "description": "A flaw was found in libxml2. This vulnerability allows a stack-based buffer overflow via DTD validation of an untrusted document or untrusted DTD.", "issued": "2025-02-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-24928 https://bugzilla.redhat.com/show_bug.cgi?id=2346421 https://www.cve.org/CVERecord?id=CVE-2025-24928 https://nvd.nist.gov/vuln/detail/CVE-2025-24928 https://gitlab.gnome.org/GNOME/libxml2/-/issues/847 https://issues.oss-fuzz.com/issues/392687022 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-24928.json https://access.redhat.com/errata/RHSA-2025:2686", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", "normalized_severity": "High", "package": { "id": "", "name": "libxml2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.9.7-19.el8_10", "arch_op": "pattern match" }, "Os1DfO8E456l/6+3keFvqA==": { "id": "Os1DfO8E456l/6+3keFvqA==", "updater": "rhel-vex", "name": "CVE-2023-26604", "description": "A vulnerability was found in the systemd package. The systemd package does not adequately block local privilege escalation for some Sudo configurations, for example, plausible sudoers files, in which the \"systemctl status\" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This issue presents a substantial security risk when running systemctl from Sudo because less executes as root when the terminal size is too small to show the complete systemctl output.", "issued": "2023-03-03T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-26604 https://bugzilla.redhat.com/show_bug.cgi?id=2175611 https://www.cve.org/CVERecord?id=CVE-2023-26604 https://nvd.nist.gov/vuln/detail/CVE-2023-26604 https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/ https://github.com/systemd/systemd/issues/5666 https://medium.com/@zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-26604.json https://access.redhat.com/errata/RHSA-2023:3837", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "systemd-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:239-74.el8_8.2", "arch_op": "pattern match" }, "Ovba/OJi1hooRYrIRm6vew==": { "id": "Ovba/OJi1hooRYrIRm6vew==", "updater": "rhel-vex", "name": "CVE-2021-35938", "description": "A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "issued": "2021-06-30T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-35938 https://bugzilla.redhat.com/show_bug.cgi?id=1964114 https://www.cve.org/CVERecord?id=CVE-2021-35938 https://nvd.nist.gov/vuln/detail/CVE-2021-35938 https://rpm.org/wiki/Releases/4.18.0 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-35938.json https://access.redhat.com/errata/RHSA-2024:0647", "severity": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "rpm-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:4.14.3-28.el8_9", "arch_op": "pattern match" }, "OzJkO78MmDzePTWx0sg2IA==": { "id": "OzJkO78MmDzePTWx0sg2IA==", "updater": "rhel-vex", "name": "CVE-2023-48795", "description": "A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.", "issued": "2023-12-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-48795 https://bugzilla.redhat.com/show_bug.cgi?id=2254210 https://www.cve.org/CVERecord?id=CVE-2023-48795 https://nvd.nist.gov/vuln/detail/CVE-2023-48795 https://access.redhat.com/solutions/7071748 https://terrapin-attack.com/ https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-48795.json https://access.redhat.com/errata/RHSA-2024:0628", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "libssh", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:0.9.6-13.el8_9", "arch_op": "pattern match" }, "Ozdwc6yAzERyoKF4+dYT/w==": { "id": "Ozdwc6yAzERyoKF4+dYT/w==", "updater": "rhel-vex", "name": "CVE-2023-21954", "description": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).", "issued": "2023-04-18T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-21954 https://bugzilla.redhat.com/show_bug.cgi?id=2187441 https://www.cve.org/CVERecord?id=CVE-2023-21954 https://nvd.nist.gov/vuln/detail/CVE-2023-21954 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-21954.json https://access.redhat.com/errata/RHSA-2023:1898", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.7.0.7-1.el8_7", "arch_op": "pattern match" }, "P/yYfuu6LspAl/8KG0/T1A==": { "id": "P/yYfuu6LspAl/8KG0/T1A==", "updater": "rhel-vex", "name": "CVE-2024-2961", "description": "An out-of-bounds write flaw was found in the ISO-2022-CN-EXT plugin for glibc's iconv library. When converting from UCS4 charset, adding certain escape charterers is required to indicate where the charset was changed to the library. During this process, iconv improperly checks the boundaries of internal buffers, leading to a buffer overflow, which allows writing up to 3 bytes outside the desired memory location. This issue may allow an attacker to craft a malicious characters sequence that will trigger the out-of-bounds write and perform remote code execution, presenting a high impact to the Integrity, Confidentiality, and Availability triad.", "issued": "2024-04-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-2961 https://bugzilla.redhat.com/show_bug.cgi?id=2273404 https://www.cve.org/CVERecord?id=CVE-2024-2961 https://nvd.nist.gov/vuln/detail/CVE-2024-2961 https://www.openwall.com/lists/oss-security/2024/04/17/9 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-2961.json https://access.redhat.com/errata/RHSA-2024:3269", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "glibc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.28-251.el8_10.1", "arch_op": "pattern match" }, "P3bwFhcjgNE4VGXZoiVmRA==": { "id": "P3bwFhcjgNE4VGXZoiVmRA==", "updater": "rhel-vex", "name": "CVE-2024-25062", "description": "A use-after-free flaw was found in libxml2. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free.", "issued": "2024-02-04T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-25062 https://bugzilla.redhat.com/show_bug.cgi?id=2262726 https://www.cve.org/CVERecord?id=CVE-2024-25062 https://nvd.nist.gov/vuln/detail/CVE-2024-25062 https://gitlab.gnome.org/GNOME/libxml2/-/issues/604 https://gitlab.gnome.org/GNOME/libxml2/-/tags https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-25062.json https://access.redhat.com/errata/RHSA-2024:3626", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.9.7-18.el8_10.1", "arch_op": "pattern match" }, "P9K/j8TJJcZmCd+6z/HUnQ==": { "id": "P9K/j8TJJcZmCd+6z/HUnQ==", "updater": "rhel-vex", "name": "CVE-2025-3576", "description": "A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This may lead to unauthorized message tampering.", "issued": "2025-04-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-3576 https://bugzilla.redhat.com/show_bug.cgi?id=2359465 https://www.cve.org/CVERecord?id=CVE-2025-3576 https://nvd.nist.gov/vuln/detail/CVE-2025-3576 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-3576.json https://access.redhat.com/errata/RHSA-2025:8411", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "krb5-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:1.18.2-32.el8_10", "arch_op": "pattern match" }, "PGr9ZlGaUfSfWBK3qA3UAg==": { "id": "PGr9ZlGaUfSfWBK3qA3UAg==", "updater": "rhel-vex", "name": "CVE-2021-35937", "description": "A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "issued": "2021-06-30T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-35937 https://bugzilla.redhat.com/show_bug.cgi?id=1964125 https://www.cve.org/CVERecord?id=CVE-2021-35937 https://nvd.nist.gov/vuln/detail/CVE-2021-35937 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-35937.json https://access.redhat.com/errata/RHSA-2024:0647", "severity": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "rpm", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:4.14.3-28.el8_9", "arch_op": "pattern match" }, "PIAhpDt1N9HfzNKvp6fi/w==": { "id": "PIAhpDt1N9HfzNKvp6fi/w==", "updater": "rhel-vex", "name": "CVE-2024-2398", "description": "A flaw was found in curl. When an application configures libcurl to use HTTP/2 server push and the amount of received headers for the push surpasses the maximum allowed limit, libcurl aborts the server push. When aborting, libcurl does not free all the previously allocated headers, resulting in a memory leak.", "issued": "2024-03-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-2398 https://bugzilla.redhat.com/show_bug.cgi?id=2270498 https://www.cve.org/CVERecord?id=CVE-2024-2398 https://nvd.nist.gov/vuln/detail/CVE-2024-2398 https://curl.se/docs/CVE-2024-2398.html https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-2398.json https://access.redhat.com/errata/RHSA-2024:5654", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:7.61.1-34.el8_10.2", "arch_op": "pattern match" }, "PIMpTa5HiWLhah5sbziU7w==": { "id": "PIMpTa5HiWLhah5sbziU7w==", "updater": "rhel-vex", "name": "CVE-2023-4641", "description": "A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from the memory.", "issued": "2023-06-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4641 https://bugzilla.redhat.com/show_bug.cgi?id=2215945 https://www.cve.org/CVERecord?id=CVE-2023-4641 https://nvd.nist.gov/vuln/detail/CVE-2023-4641 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4641.json https://access.redhat.com/errata/RHSA-2023:7112", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "shadow-utils", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "2:4.6-19.el8", "arch_op": "pattern match" }, "POFuUisVoRmRJc/rUQ6M1w==": { "id": "POFuUisVoRmRJc/rUQ6M1w==", "updater": "rhel-vex", "name": "CVE-2022-43552", "description": "A vulnerability was found in curl. In this issue, curl can be asked to tunnel all protocols virtually it supports through an HTTP proxy. HTTP proxies can deny these tunnel operations using an appropriate HTTP error response code. When getting denied to tunnel the specific SMB or TELNET protocols, curl can use a heap-allocated struct after it has been freed and shut down the code path in its transfer.", "issued": "2022-12-21T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-43552 https://bugzilla.redhat.com/show_bug.cgi?id=2152652 https://www.cve.org/CVERecord?id=CVE-2022-43552 https://nvd.nist.gov/vuln/detail/CVE-2022-43552 https://curl.se/docs/CVE-2022-43552.html https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-43552.json https://access.redhat.com/errata/RHSA-2023:2963", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:7.61.1-30.el8", "arch_op": "pattern match" }, "POH6436D/7P69Z7CXk+4qw==": { "id": "POH6436D/7P69Z7CXk+4qw==", "updater": "rhel-vex", "name": "CVE-2022-0529", "description": "A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash.", "issued": "2022-01-24T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-0529 https://bugzilla.redhat.com/show_bug.cgi?id=2051402 https://www.cve.org/CVERecord?id=CVE-2022-0529 https://nvd.nist.gov/vuln/detail/CVE-2022-0529 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-0529.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "unzip", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "PTH7algJJJWUW4L+g1tpBQ==": { "id": "PTH7algJJJWUW4L+g1tpBQ==", "updater": "rhel-vex", "name": "CVE-2023-28321", "description": "A flaw was found in the Curl package. An incorrect International Domain Name (IDN) wildcard match may lead to improper certificate validation.", "issued": "2023-05-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-28321 https://bugzilla.redhat.com/show_bug.cgi?id=2196786 https://www.cve.org/CVERecord?id=CVE-2023-28321 https://nvd.nist.gov/vuln/detail/CVE-2023-28321 https://curl.se/docs/CVE-2023-28321.html https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-28321.json https://access.redhat.com/errata/RHSA-2023:4523", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:7.61.1-30.el8_8.3", "arch_op": "pattern match" }, "PWIiCvSZS6iRuLgswRF8CQ==": { "id": "PWIiCvSZS6iRuLgswRF8CQ==", "updater": "rhel-vex", "name": "CVE-2024-4032", "description": "A flaw was found in Python. The ipaddress module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private”. Due to this issue, it is possible that values will not be returned in accordance with the latest information from the IANA Special-Purpose Address Registries.", "issued": "2024-06-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-4032 https://bugzilla.redhat.com/show_bug.cgi?id=2292921 https://www.cve.org/CVERecord?id=CVE-2024-4032 https://nvd.nist.gov/vuln/detail/CVE-2024-4032 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-4032.json https://access.redhat.com/errata/RHSA-2024:6975", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "platform-python", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-67.el8_10", "arch_op": "pattern match" }, "PbWuhLHE6IKdaBWnoaZt3w==": { "id": "PbWuhLHE6IKdaBWnoaZt3w==", "updater": "rhel-vex", "name": "CVE-2024-26461", "description": "A memory leak flaw was found in krb5 in /krb5/src/lib/gssapi/krb5/k5sealv3.c. This issue can lead to a denial of service through memory exhaustion.", "issued": "2024-02-28T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-26461 https://bugzilla.redhat.com/show_bug.cgi?id=2266740 https://www.cve.org/CVERecord?id=CVE-2024-26461 https://nvd.nist.gov/vuln/detail/CVE-2024-26461 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-26461.json https://access.redhat.com/errata/RHSA-2024:3268", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "krb5-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:1.18.2-27.el8_10", "arch_op": "pattern match" }, "PcNbuWOo0ahqjfbOQhXvvQ==": { "id": "PcNbuWOo0ahqjfbOQhXvvQ==", "updater": "rhel-vex", "name": "CVE-2024-41996", "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "issued": "2024-08-26T06:15:04Z", "links": "https://access.redhat.com/security/cve/CVE-2024-41996 https://bugzilla.redhat.com/show_bug.cgi?id=2307826 https://www.cve.org/CVERecord?id=CVE-2024-41996 https://nvd.nist.gov/vuln/detail/CVE-2024-41996 https://dheatattack.gitlab.io/details/ https://dheatattack.gitlab.io/faq/ https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1 https://github.com/openssl/openssl/issues/17374 https://openssl-library.org/post/2022-10-21-tls-groups-configuration/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-41996.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "PjCYGvBMu8wy3qqxRUwngA==": { "id": "PjCYGvBMu8wy3qqxRUwngA==", "updater": "rhel-vex", "name": "CVE-2020-11023", "description": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery's DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.", "issued": "2020-04-29T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-11023 https://bugzilla.redhat.com/show_bug.cgi?id=1850004 https://www.cve.org/CVERecord?id=CVE-2020-11023 https://nvd.nist.gov/vuln/detail/CVE-2020-11023 https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-11023.json https://access.redhat.com/errata/RHSA-2025:1301", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "libstdc++", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:8.5.0-23.el8_10", "arch_op": "pattern match" }, "Pjzsw6+ClTH3tDntlo5n9g==": { "id": "Pjzsw6+ClTH3tDntlo5n9g==", "updater": "rhel-vex", "name": "CVE-2022-22576", "description": "A vulnerability was found in curl. This security flaw allows reusing OAUTH2-authenticated connections without properly ensuring that the connection was authenticated with the same credentials set for this transfer. This issue leads to an authentication bypass, either by mistake or by a malicious actor.", "issued": "2022-04-27T06:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-22576 https://bugzilla.redhat.com/show_bug.cgi?id=2077541 https://www.cve.org/CVERecord?id=CVE-2022-22576 https://nvd.nist.gov/vuln/detail/CVE-2022-22576 https://curl.se/docs/CVE-2022-22576.html https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-22576.json https://access.redhat.com/errata/RHSA-2022:5313", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:7.61.1-22.el8_6.3", "arch_op": "pattern match" }, "Q/ySAojdxPRpKKA3fdxcjw==": { "id": "Q/ySAojdxPRpKKA3fdxcjw==", "updater": "rhel-vex", "name": "CVE-2024-33601", "description": "A flaw was found in the glibc netgroup cache. The netgroup cache uses xmalloc/xrealloc and may terminate the process due to a memory allocation failure.", "issued": "2024-04-24T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-33601 https://bugzilla.redhat.com/show_bug.cgi?id=2277205 https://www.cve.org/CVERecord?id=CVE-2024-33601 https://nvd.nist.gov/vuln/detail/CVE-2024-33601 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-33601.json https://access.redhat.com/errata/RHSA-2024:3344", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "glibc-common", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.28-251.el8_10.2", "arch_op": "pattern match" }, "Q3YvGJDHhCOVdPl8wlbQiQ==": { "id": "Q3YvGJDHhCOVdPl8wlbQiQ==", "updater": "rhel-vex", "name": "CVE-2024-6602", "description": "The Mozilla Foundation Security Advisory describes this flaw as:\r\n\r\nA mismatch between allocator and deallocator could have lead to memory corruption.", "issued": "2024-07-09T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-6602 https://bugzilla.redhat.com/show_bug.cgi?id=2296637 https://www.cve.org/CVERecord?id=CVE-2024-6602 https://nvd.nist.gov/vuln/detail/CVE-2024-6602 https://www.mozilla.org/en-US/security/advisories/mfsa2024-30/#CVE-2024-6602 https://www.mozilla.org/en-US/security/advisories/mfsa2024-31/#CVE-2024-6602 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-6602.json https://access.redhat.com/errata/RHBA-2024:6680", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "nss-softokn-freebl", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.101.0-7.el8_8", "arch_op": "pattern match" }, "Q56kx76uLWIhLRNIyon0jg==": { "id": "Q56kx76uLWIhLRNIyon0jg==", "updater": "rhel-vex", "name": "CVE-2025-1632", "description": "A flaw was found in the bsdunzip utility of libarchive. In affected versions, a specially crafted file may trigger a null pointer dereference. This issue can lead to an application crash or other unexpected behavior.", "issued": "2025-02-24T13:31:08Z", "links": "https://access.redhat.com/security/cve/CVE-2025-1632 https://bugzilla.redhat.com/show_bug.cgi?id=2347309 https://www.cve.org/CVERecord?id=CVE-2025-1632 https://nvd.nist.gov/vuln/detail/CVE-2025-1632 https://github.com/Ekkosun/pocs/blob/main/bsdunzip-poc https://vuldb.com/?ctiid.296619 https://vuldb.com/?id.296619 https://vuldb.com/?submit.496460 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-1632.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Q6ubSHX2vqKa7M5A8vw/1g==": { "id": "Q6ubSHX2vqKa7M5A8vw/1g==", "updater": "rhel-vex", "name": "CVE-2024-2961", "description": "An out-of-bounds write flaw was found in the ISO-2022-CN-EXT plugin for glibc's iconv library. When converting from UCS4 charset, adding certain escape charterers is required to indicate where the charset was changed to the library. During this process, iconv improperly checks the boundaries of internal buffers, leading to a buffer overflow, which allows writing up to 3 bytes outside the desired memory location. This issue may allow an attacker to craft a malicious characters sequence that will trigger the out-of-bounds write and perform remote code execution, presenting a high impact to the Integrity, Confidentiality, and Availability triad.", "issued": "2024-04-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-2961 https://bugzilla.redhat.com/show_bug.cgi?id=2273404 https://www.cve.org/CVERecord?id=CVE-2024-2961 https://nvd.nist.gov/vuln/detail/CVE-2024-2961 https://www.openwall.com/lists/oss-security/2024/04/17/9 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-2961.json https://access.redhat.com/errata/RHSA-2024:2722", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "glibc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.28-236.el8_9.13", "arch_op": "pattern match" }, "QI6uWM4Qbaobf2jl8ezerw==": { "id": "QI6uWM4Qbaobf2jl8ezerw==", "updater": "rhel-vex", "name": "CVE-2023-27043", "description": "The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python.", "issued": "2023-04-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-27043 https://bugzilla.redhat.com/show_bug.cgi?id=2196183 https://www.cve.org/CVERecord?id=CVE-2023-27043 https://nvd.nist.gov/vuln/detail/CVE-2023-27043 https://access.redhat.com/articles/7051467 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-27043.json https://access.redhat.com/errata/RHSA-2024:0256", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-56.el8_9.3", "arch_op": "pattern match" }, "QUke6jnbLM13V2/ms9s8pw==": { "id": "QUke6jnbLM13V2/ms9s8pw==", "updater": "rhel-vex", "name": "CVE-2015-20107", "description": "A command injection vulnerability was found in the Python mailcap module. The issue occurs due to not adding escape characters into the system mailcap file commands. This flaw allows attackers to inject shell commands into applications that call the mailcap.findmatch function with untrusted input.", "issued": "2015-08-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2015-20107 https://bugzilla.redhat.com/show_bug.cgi?id=2075390 https://www.cve.org/CVERecord?id=CVE-2015-20107 https://nvd.nist.gov/vuln/detail/CVE-2015-20107 https://python-security.readthedocs.io/vuln/mailcap-shell-injection.html https://security.access.redhat.com/data/csaf/v2/vex/2015/cve-2015-20107.json https://access.redhat.com/errata/RHSA-2022:6457", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "platform-python", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-47.el8_6", "arch_op": "pattern match" }, "QUtTYJuHdkAOgtveagWUfA==": { "id": "QUtTYJuHdkAOgtveagWUfA==", "updater": "rhel-vex", "name": "CVE-2023-0466", "description": "A flaw was found in OpenSSL. The X509_VERIFY_PARAM_add0_policy() function is documented to enable the certificate policy check when doing certificate verification implicitly. However, implementing the function does not enable the check, allowing certificates with invalid or incorrect policies to pass the certificate verification. Suddenly enabling the policy check could break existing deployments, so it was decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() function. The applications that require OpenSSL to perform certificate policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly enable the policy check by calling X509_VERIFY_PARAM_set_flags() with the X509_V_FLAG_POLICY_CHECK flag argument. Certificate policy checks are disabled by default in OpenSSL and are not commonly used by applications.", "issued": "2023-03-28T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-0466 https://bugzilla.redhat.com/show_bug.cgi?id=2182565 https://www.cve.org/CVERecord?id=CVE-2023-0466 https://nvd.nist.gov/vuln/detail/CVE-2023-0466 https://www.openssl.org/news/secadv/20230328.txt https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-0466.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "QcOTYeOedG0AUhPSakMpIA==": { "id": "QcOTYeOedG0AUhPSakMpIA==", "updater": "rhel-vex", "name": "CVE-2024-4741", "description": "A use-after-free vulnerability was found in OpenSSL. Calling the OpenSSL API SSL_free_buffers function may cause memory to be accessed that was previously freed in some situations.", "issued": "2024-05-28T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-4741 https://bugzilla.redhat.com/show_bug.cgi?id=2283757 https://www.cve.org/CVERecord?id=CVE-2024-4741 https://nvd.nist.gov/vuln/detail/CVE-2024-4741 https://www.openssl.org/news/secadv/20240528.txt https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-4741.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "QwCNWThma/kKdhYxvbKjGQ==": { "id": "QwCNWThma/kKdhYxvbKjGQ==", "updater": "rhel-vex", "name": "CVE-2023-34969", "description": "An assertion failure vulnerability was found in D-Bus. This issue occurs when a privileged monitoring connection (dbus-monitor, busctl monitor, gdbus monitor, or similar) is active, and a message from the bus driver cannot be delivered to a client connection due to \u003cdeny\u003e rules or outgoing message quota. If a privileged user with control over the dbus-daemon is monitoring the message bus traffic using the Monitoring clients like the dbus-monitor or busctl monitor interfaces, then an unprivileged local user with the ability to connect to the same dbus-daemon could send specially crafted request, causing a dbus-daemon to crash, resulting in a denial of service under some circumstances.", "issued": "2023-06-06T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-34969 https://bugzilla.redhat.com/show_bug.cgi?id=2213166 https://www.cve.org/CVERecord?id=CVE-2023-34969 https://nvd.nist.gov/vuln/detail/CVE-2023-34969 https://gitlab.freedesktop.org/dbus/dbus/-/issues/457 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-34969.json https://access.redhat.com/errata/RHSA-2023:4498", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "dbus-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:1.12.8-24.el8_8.1", "arch_op": "pattern match" }, "QyxTp/hIOE/OAuSyRpqXeQ==": { "id": "QyxTp/hIOE/OAuSyRpqXeQ==", "updater": "rhel-vex", "name": "CVE-2022-39399", "description": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).", "issued": "2022-10-18T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-39399 https://bugzilla.redhat.com/show_bug.cgi?id=2133776 https://www.cve.org/CVERecord?id=CVE-2022-39399 https://nvd.nist.gov/vuln/detail/CVE-2022-39399 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-39399.json https://access.redhat.com/errata/RHSA-2022:7000", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.5.0.8-2.el8_6", "arch_op": "pattern match" }, "R+cOeg14k7ddoOulV2YJPw==": { "id": "R+cOeg14k7ddoOulV2YJPw==", "updater": "rhel-vex", "name": "CVE-2022-40304", "description": "A flaw was found in libxml2. When a reference cycle is detected in the XML entity cleanup function the XML entity data can be stored in a dictionary. In this case, the dictionary becomes corrupted resulting in logic errors, including memory errors like double free.", "issued": "2022-10-14T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-40304 https://bugzilla.redhat.com/show_bug.cgi?id=2136288 https://www.cve.org/CVERecord?id=CVE-2022-40304 https://nvd.nist.gov/vuln/detail/CVE-2022-40304 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-40304.json https://access.redhat.com/errata/RHSA-2023:0173", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.9.7-15.el8_7.1", "arch_op": "pattern match" }, "RRAwCyx+5LRa0hJdjcXk3Q==": { "id": "RRAwCyx+5LRa0hJdjcXk3Q==", "updater": "rhel-vex", "name": "CVE-2022-27782", "description": "A vulnerability was found in curl. This issue occurs because curl can reuse a previously created connection even when a TLS or SSH-related option is changed that should have prohibited reuse. This flaw leads to an authentication bypass, either by mistake or by a malicious actor.", "issued": "2022-05-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-27782 https://bugzilla.redhat.com/show_bug.cgi?id=2082215 https://www.cve.org/CVERecord?id=CVE-2022-27782 https://nvd.nist.gov/vuln/detail/CVE-2022-27782 https://curl.se/docs/CVE-2022-27782.html https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-27782.json https://access.redhat.com/errata/RHSA-2022:5313", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "libcurl", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:7.61.1-22.el8_6.3", "arch_op": "pattern match" }, "RVCidRUm4D1IKoPhoUi2AA==": { "id": "RVCidRUm4D1IKoPhoUi2AA==", "updater": "rhel-vex", "name": "CVE-2019-9674", "description": "A ZIP bomb attack was found in the Python zipfile module. A remote attacker could abuse this flaw by providing a specially crafted ZIP file that, when decompressed by zipfile, would exhaust system resources resulting in a denial of service.", "issued": "2019-03-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2019-9674 https://bugzilla.redhat.com/show_bug.cgi?id=1800749 https://www.cve.org/CVERecord?id=CVE-2019-9674 https://nvd.nist.gov/vuln/detail/CVE-2019-9674 https://security.access.redhat.com/data/csaf/v2/vex/2019/cve-2019-9674.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "RXbXUJmL/Bm70R9lVz2Aqw==": { "id": "RXbXUJmL/Bm70R9lVz2Aqw==", "updater": "rhel-vex", "name": "CVE-2023-4527", "description": "A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash.", "issued": "2023-09-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4527 https://bugzilla.redhat.com/show_bug.cgi?id=2234712 https://www.cve.org/CVERecord?id=CVE-2023-4527 https://nvd.nist.gov/vuln/detail/CVE-2023-4527 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4527.json https://access.redhat.com/errata/RHSA-2023:5455", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc-common", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.28-225.el8_8.6", "arch_op": "pattern match" }, "Rl8J9fWIWNsl1xi+9L/boQ==": { "id": "Rl8J9fWIWNsl1xi+9L/boQ==", "updater": "rhel-vex", "name": "CVE-2021-3468", "description": "A flaw was found in avahi. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the availability of the avahi service, which becomes unresponsive after this flaw is triggered.", "issued": "2021-03-10T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-3468 https://bugzilla.redhat.com/show_bug.cgi?id=1939614 https://www.cve.org/CVERecord?id=CVE-2021-3468 https://nvd.nist.gov/vuln/detail/CVE-2021-3468 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-3468.json https://access.redhat.com/errata/RHSA-2023:7836", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "avahi-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:0.7-21.el8_9.1", "arch_op": "pattern match" }, "RqGQEUART3PNe9eSTBq14Q==": { "id": "RqGQEUART3PNe9eSTBq14Q==", "updater": "rhel-vex", "name": "CVE-2023-21938", "description": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).", "issued": "2023-04-18T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-21938 https://bugzilla.redhat.com/show_bug.cgi?id=2187758 https://www.cve.org/CVERecord?id=CVE-2023-21938 https://nvd.nist.gov/vuln/detail/CVE-2023-21938 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-21938.json https://access.redhat.com/errata/RHSA-2023:1898", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.7.0.7-1.el8_7", "arch_op": "pattern match" }, "RtlTQJtBm04IDRUV95z65A==": { "id": "RtlTQJtBm04IDRUV95z65A==", "updater": "rhel-vex", "name": "CVE-2022-21618", "description": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JGSS). Supported versions that are affected are Oracle Java SE: 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via Kerberos to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).", "issued": "2022-10-18T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-21618 https://bugzilla.redhat.com/show_bug.cgi?id=2133817 https://www.cve.org/CVERecord?id=CVE-2022-21618 https://nvd.nist.gov/vuln/detail/CVE-2022-21618 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-21618.json https://access.redhat.com/errata/RHSA-2022:7000", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.5.0.8-2.el8_6", "arch_op": "pattern match" }, "S7qx7a03HASsJhyQafvXjg==": { "id": "S7qx7a03HASsJhyQafvXjg==", "updater": "rhel-vex", "name": "CVE-2018-19211", "description": "In ncurses 6.1, there is a NULL pointer dereference at function _nc_parse_entry in parse_entry.c that will lead to a denial of service attack. The product proceeds to the dereference code path even after a \"dubious character `*' in name or alias field\" detection.", "issued": "2018-10-28T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2018-19211 https://bugzilla.redhat.com/show_bug.cgi?id=1652600 https://www.cve.org/CVERecord?id=CVE-2018-19211 https://nvd.nist.gov/vuln/detail/CVE-2018-19211 https://security.access.redhat.com/data/csaf/v2/vex/2018/cve-2018-19211.json", "severity": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "S8oZoEhPJlWCS9nYpiuEUA==": { "id": "S8oZoEhPJlWCS9nYpiuEUA==", "updater": "rhel-vex", "name": "CVE-2022-27405", "description": "A segmentation fault was found in the FreeType library. This flaw allows an attacker to attempt access to a memory location in a way that could cause an application to halt or crash, leading to a denial of service.", "issued": "2022-04-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-27405 https://bugzilla.redhat.com/show_bug.cgi?id=2077991 https://www.cve.org/CVERecord?id=CVE-2022-27405 https://nvd.nist.gov/vuln/detail/CVE-2022-27405 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-27405.json https://access.redhat.com/errata/RHSA-2022:7745", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "freetype", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.9.1-9.el8", "arch_op": "pattern match" }, "SGu58h9I4IKw+IX4J/uwTg==": { "id": "SGu58h9I4IKw+IX4J/uwTg==", "updater": "rhel-vex", "name": "CVE-2020-10735", "description": "A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int(\"text\"), a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits (float, decimal, int.from_bytes(), and int() for binary bases 2, 4, 8, 16, and 32 are not affected). The highest threat from this vulnerability is to system availability.", "issued": "2022-09-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-10735 https://bugzilla.redhat.com/show_bug.cgi?id=1834423 https://www.cve.org/CVERecord?id=CVE-2020-10735 https://nvd.nist.gov/vuln/detail/CVE-2020-10735 https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-10735.json https://access.redhat.com/errata/RHSA-2023:0833", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "platform-python", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-48.el8_7.1", "arch_op": "pattern match" }, "SXl2Y2LOY3/aFmsbDvIpow==": { "id": "SXl2Y2LOY3/aFmsbDvIpow==", "updater": "rhel-vex", "name": "CVE-2024-6345", "description": "A flaw was found in the package_index module of pypa/setuptools. Affected versions of this package allow remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code injection. If these functions are exposed to user-controlled inputs, such as package URLs, they can execute arbitrary commands on the system.", "issued": "2024-07-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-6345 https://bugzilla.redhat.com/show_bug.cgi?id=2297771 https://www.cve.org/CVERecord?id=CVE-2024-6345 https://nvd.nist.gov/vuln/detail/CVE-2024-6345 https://github.com/pypa/setuptools/commit/88807c7062788254f654ea8c03427adc859321f0 https://huntr.com/bounties/d6362117-ad57-4e83-951f-b8141c6e7ca5 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-6345.json https://access.redhat.com/errata/RHSA-2024:5530", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "platform-python-setuptools", "version": "", "kind": "binary", "normalized_version": "", "arch": "noarch", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:39.2.0-8.el8_10", "arch_op": "pattern match" }, "SuqeYfq0DU93PPLhMlcfdA==": { "id": "SuqeYfq0DU93PPLhMlcfdA==", "updater": "rhel-vex", "name": "CVE-2024-33599", "description": "A stack-based buffer overflow flaw was found in the glibc netgroup cache. In certain conditions, its possible to trigger a stack-based buffer overflow condition that can lead to a denial of service and potentially other malicious actions that impact confidentiality and integrity.", "issued": "2024-04-23T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-33599 https://bugzilla.redhat.com/show_bug.cgi?id=2277202 https://www.cve.org/CVERecord?id=CVE-2024-33599 https://nvd.nist.gov/vuln/detail/CVE-2024-33599 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-33599.json https://access.redhat.com/errata/RHSA-2024:3344", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "normalized_severity": "High", "package": { "id": "", "name": "glibc-minimal-langpack", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.28-251.el8_10.2", "arch_op": "pattern match" }, "SwDBo0PcPcpx9Kg8cJhiMg==": { "id": "SwDBo0PcPcpx9Kg8cJhiMg==", "updater": "rhel-vex", "name": "CVE-2024-35235", "description": "A flaw was found in the cupsd server. When starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can perform an arbitrary chmod of the provided argument, providing world-writable access to the target. Since cupsd is often running as root, this issue can result in the change of permission of any user or system files to be world writable.", "issued": "2024-06-11T14:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-35235 https://bugzilla.redhat.com/show_bug.cgi?id=2290318 https://www.cve.org/CVERecord?id=CVE-2024-35235 https://nvd.nist.gov/vuln/detail/CVE-2024-35235 https://seclists.org/oss-sec/2024/q2/277 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-35235.json https://access.redhat.com/errata/RHSA-2024:4265", "severity": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "cups-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:2.2.6-60.el8_10", "arch_op": "pattern match" }, "T2QS67+g6RntDqSjp2teiw==": { "id": "T2QS67+g6RntDqSjp2teiw==", "updater": "rhel-vex", "name": "CVE-2023-6135", "description": "The Network Security Services (NSS) package contains a vulnerability that exposes a side-channel information leak. This weakness enables a local attacker to capture several thousand usages of a signature, allowing them to utilize this information to recover portions of an ECDSA private key.", "issued": "2023-12-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-6135 https://bugzilla.redhat.com/show_bug.cgi?id=2249906 https://www.cve.org/CVERecord?id=CVE-2023-6135 https://nvd.nist.gov/vuln/detail/CVE-2023-6135 https://bugzilla.mozilla.org/show_bug.cgi?id=1853908 https://minerva.crocs.fi.muni.cz/ https://people.redhat.com/~hkario/marvin/ https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6135 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-6135.json https://access.redhat.com/errata/RHSA-2024:0786", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "nss-sysinit", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.90.0-6.el8_9", "arch_op": "pattern match" }, "TDGtAfBIT1unQk7mFjNXQQ==": { "id": "TDGtAfBIT1unQk7mFjNXQQ==", "updater": "rhel-vex", "name": "CVE-2022-32891", "description": "A vulnerability was found in webkitgtk, where an issue was addressed with improved UI handling. Visiting a website that frames malicious content may lead to UI spoofing.", "issued": "2022-09-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-32891 https://bugzilla.redhat.com/show_bug.cgi?id=2128647 https://www.cve.org/CVERecord?id=CVE-2022-32891 https://nvd.nist.gov/vuln/detail/CVE-2022-32891 https://webkitgtk.org/security/WSA-2022-0009.html https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-32891.json https://access.redhat.com/errata/RHSA-2022:7704", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "glib2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.56.4-159.el8", "arch_op": "pattern match" }, "TLOrmSYL76Du+GI4WD9gMQ==": { "id": "TLOrmSYL76Du+GI4WD9gMQ==", "updater": "rhel-vex", "name": "CVE-2024-34459", "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", "issued": "2024-05-08T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-34459 https://bugzilla.redhat.com/show_bug.cgi?id=2280532 https://www.cve.org/CVERecord?id=CVE-2024-34459 https://nvd.nist.gov/vuln/detail/CVE-2024-34459 https://gitlab.gnome.org/GNOME/libxml2/-/issues/720 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-34459.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Tmms/OdMfFhomdNX8yeqdg==": { "id": "Tmms/OdMfFhomdNX8yeqdg==", "updater": "rhel-vex", "name": "CVE-2022-48560", "description": "A use-after-free vulnerability was found in Python via the heappushpop function in the heapq module. This flaw allows an attacker to submit a specially crafted request, causing a service disruption that leads to a denial of service attack.", "issued": "2023-08-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-48560 https://bugzilla.redhat.com/show_bug.cgi?id=2249755 https://www.cve.org/CVERecord?id=CVE-2022-48560 https://nvd.nist.gov/vuln/detail/CVE-2022-48560 https://bugs.python.org/issue39421 https://github.com/python/cpython/issues/83602 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-48560.json https://access.redhat.com/errata/RHSA-2024:0114", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "platform-python", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-56.el8_9.2", "arch_op": "pattern match" }, "TuyZ+9VbyFRnolLiZxTIeg==": { "id": "TuyZ+9VbyFRnolLiZxTIeg==", "updater": "rhel-vex", "name": "CVE-2023-21930", "description": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).", "issued": "2023-04-18T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-21930 https://bugzilla.redhat.com/show_bug.cgi?id=2187435 https://www.cve.org/CVERecord?id=CVE-2023-21930 https://nvd.nist.gov/vuln/detail/CVE-2023-21930 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-21930.json https://access.redhat.com/errata/RHSA-2023:1898", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "normalized_severity": "High", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.7.0.7-1.el8_7", "arch_op": "pattern match" }, "TxXyqwdsm1MLIWkwCwrl4g==": { "id": "TxXyqwdsm1MLIWkwCwrl4g==", "updater": "rhel-vex", "name": "CVE-2021-28861", "description": "A vulnerability was found in python. This security flaw causes an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of the URI path. This issue may lead to information disclosure.", "issued": "2022-08-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-28861 https://bugzilla.redhat.com/show_bug.cgi?id=2120642 https://www.cve.org/CVERecord?id=CVE-2021-28861 https://nvd.nist.gov/vuln/detail/CVE-2021-28861 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-28861.json https://access.redhat.com/errata/RHSA-2023:0833", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-48.el8_7.1", "arch_op": "pattern match" }, "UBjIgC7Uc/Jv2H/pnNmGgQ==": { "id": "UBjIgC7Uc/Jv2H/pnNmGgQ==", "updater": "rhel-vex", "name": "CVE-2022-42012", "description": "A vulnerability found in D-bus. This flaw allows an authenticated attacker to cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format.", "issued": "2022-10-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-42012 https://bugzilla.redhat.com/show_bug.cgi?id=2133618 https://www.cve.org/CVERecord?id=CVE-2022-42012 https://nvd.nist.gov/vuln/detail/CVE-2022-42012 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-42012.json https://access.redhat.com/errata/RHSA-2023:0096", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "dbus-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:1.12.8-23.el8_7.1", "arch_op": "pattern match" }, "UDs3SEk5W11f8Zr4c1P89w==": { "id": "UDs3SEk5W11f8Zr4c1P89w==", "updater": "rhel-vex", "name": "CVE-2025-0395", "description": "A flaw was found in the GNU C Library (glibc). A buffer overflow condition via the `assert()` function may be triggered due to glibc not allocating enough space for the assertion failure message string and size information. In certain conditions, a local attacker can exploit this, potentially leading to an application crash or other undefined behavior.", "issued": "2025-01-22T13:11:30Z", "links": "https://access.redhat.com/security/cve/CVE-2025-0395 https://bugzilla.redhat.com/show_bug.cgi?id=2339460 https://www.cve.org/CVERecord?id=CVE-2025-0395 https://nvd.nist.gov/vuln/detail/CVE-2025-0395 https://sourceware.org/bugzilla/show_bug.cgi?id=32582 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-0395.json https://access.redhat.com/errata/RHSA-2025:3828", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc-minimal-langpack", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.28-251.el8_10.16", "arch_op": "pattern match" }, "UMD4nV1Ky5C5eKUMgtnKzw==": { "id": "UMD4nV1Ky5C5eKUMgtnKzw==", "updater": "rhel-vex", "name": "CVE-2021-20193", "description": "A flaw was found in the src/list.c of tar. This flaw allows an attacker who can submit a crafted input file to tar to cause uncontrolled consumption of memory. The highest threat from this vulnerability is to system availability.", "issued": "2021-01-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-20193 https://bugzilla.redhat.com/show_bug.cgi?id=1917565 https://www.cve.org/CVERecord?id=CVE-2021-20193 https://nvd.nist.gov/vuln/detail/CVE-2021-20193 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-20193.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "tar", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "UPzTyNn8ZLXlb+bwRFPPTA==": { "id": "UPzTyNn8ZLXlb+bwRFPPTA==", "updater": "rhel-vex", "name": "CVE-2023-2650", "description": "A flaw was found in OpenSSL resulting in a possible denial of service while translating ASN.1 object identifiers. Applications that use OBJ_obj2txt() directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience long delays when processing messages, which may lead to a denial of service.", "issued": "2023-05-30T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-2650 https://bugzilla.redhat.com/show_bug.cgi?id=2207947 https://www.cve.org/CVERecord?id=CVE-2023-2650 https://nvd.nist.gov/vuln/detail/CVE-2023-2650 https://www.openssl.org/news/secadv/20230530.txt https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-2650.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "UbmdE2pHXRFccv8l1e02Jw==": { "id": "UbmdE2pHXRFccv8l1e02Jw==", "updater": "rhel-vex", "name": "CVE-2023-4156", "description": "A heap out-of-bounds read flaw was found in builtin.c in the gawk package. This issue may lead to a crash and could be used to read sensitive information.", "issued": "2023-06-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4156 https://bugzilla.redhat.com/show_bug.cgi?id=2215930 https://www.cve.org/CVERecord?id=CVE-2023-4156 https://nvd.nist.gov/vuln/detail/CVE-2023-4156 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4156.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "gawk", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "UkRzJIq1dpEpe+pCeDMBWQ==": { "id": "UkRzJIq1dpEpe+pCeDMBWQ==", "updater": "rhel-vex", "name": "CVE-2020-19190", "description": "A flaw was found in the ncurses library. This issue occurs when processing a crafted terminfo database, causing a heap-based buffer overflow, resulting in an application crash.", "issued": "2019-05-03T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-19190 https://bugzilla.redhat.com/show_bug.cgi?id=2234923 https://www.cve.org/CVERecord?id=CVE-2020-19190 https://nvd.nist.gov/vuln/detail/CVE-2020-19190 https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-19190.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "UrKjwk9WIe9u1Nz1CrdGxg==": { "id": "UrKjwk9WIe9u1Nz1CrdGxg==", "updater": "rhel-vex", "name": "CVE-2023-21967", "description": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).", "issued": "2023-04-18T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-21967 https://bugzilla.redhat.com/show_bug.cgi?id=2187704 https://www.cve.org/CVERecord?id=CVE-2023-21967 https://nvd.nist.gov/vuln/detail/CVE-2023-21967 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-21967.json https://access.redhat.com/errata/RHSA-2023:1898", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.7.0.7-1.el8_7", "arch_op": "pattern match" }, "V3pl8W8hmQWZZasRgG5a8w==": { "id": "V3pl8W8hmQWZZasRgG5a8w==", "updater": "rhel-vex", "name": "CVE-2025-5916", "description": "A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Archive (WARC) file that claims to have more than INT64_MAX - 4 content bytes. An attacker could craft a malicious WARC archive to induce this overflow, potentially leading to unpredictable program behavior, memory corruption, or a denial-of-service condition within applications that process such archives using libarchive.", "issued": "2025-05-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5916 https://bugzilla.redhat.com/show_bug.cgi?id=2370872 https://www.cve.org/CVERecord?id=CVE-2025-5916 https://nvd.nist.gov/vuln/detail/CVE-2025-5916 https://github.com/libarchive/libarchive/pull/2568 https://github.com/libarchive/libarchive/releases/tag/v3.8.0 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5916.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "VLmOwtIBlSQardViyo7ZpA==": { "id": "VLmOwtIBlSQardViyo7ZpA==", "updater": "rhel-vex", "name": "CVE-2024-6602", "description": "The Mozilla Foundation Security Advisory describes this flaw as:\r\n\r\nA mismatch between allocator and deallocator could have lead to memory corruption.", "issued": "2024-07-09T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-6602 https://bugzilla.redhat.com/show_bug.cgi?id=2296637 https://www.cve.org/CVERecord?id=CVE-2024-6602 https://nvd.nist.gov/vuln/detail/CVE-2024-6602 https://www.mozilla.org/en-US/security/advisories/mfsa2024-30/#CVE-2024-6602 https://www.mozilla.org/en-US/security/advisories/mfsa2024-31/#CVE-2024-6602 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-6602.json https://access.redhat.com/errata/RHBA-2024:6680", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "nss-softokn", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.101.0-7.el8_8", "arch_op": "pattern match" }, "VPXnnF64iZiXGI8n3FF+lw==": { "id": "VPXnnF64iZiXGI8n3FF+lw==", "updater": "rhel-vex", "name": "CVE-2023-0767", "description": "The Mozilla Foundation Security Advisory describes this flaw as:\r\n\r\nAn attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled.", "issued": "2023-02-14T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-0767 https://bugzilla.redhat.com/show_bug.cgi?id=2170377 https://www.cve.org/CVERecord?id=CVE-2023-0767 https://nvd.nist.gov/vuln/detail/CVE-2023-0767 https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-0767 https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-0767 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-0767.json https://access.redhat.com/errata/RHSA-2023:1252", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "nss-sysinit", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.79.0-11.el8_7", "arch_op": "pattern match" }, "VRA9wsSKTemeKWRMUOSQ8A==": { "id": "VRA9wsSKTemeKWRMUOSQ8A==", "updater": "rhel-vex", "name": "CVE-2022-32208", "description": "A vulnerability was found in curl. This issue occurs because it mishandles message verification failures when curl does FTP transfers secured by krb5. This flaw makes it possible for a Man-in-the-middle attack to go unnoticed and allows data injection into the client.", "issued": "2022-06-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-32208 https://bugzilla.redhat.com/show_bug.cgi?id=2099306 https://www.cve.org/CVERecord?id=CVE-2022-32208 https://nvd.nist.gov/vuln/detail/CVE-2022-32208 https://curl.se/docs/CVE-2022-32208.html https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-32208.json https://access.redhat.com/errata/RHSA-2022:6159", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "libcurl", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:7.61.1-22.el8_6.4", "arch_op": "pattern match" }, "VxnhJhcJDibHkRcU/osXDw==": { "id": "VxnhJhcJDibHkRcU/osXDw==", "updater": "rhel-vex", "name": "CVE-2022-48564", "description": "A vulnerability was found in the Python core plistlib library within the read_ints() function in the plistlib.py file. In malformed input, the implementation can be manipulated to create an argument for struct.unpack(). This issue can lead to excessive CPU and memory consumption, resulting in a MemError, as it constructs the 'format' argument for unpack(). This flaw allows an attacker to employ a binary plist input, potentially executing a denial of service (DoS) attack by exhausting CPU and RAM resources.", "issued": "2023-08-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-48564 https://bugzilla.redhat.com/show_bug.cgi?id=2249750 https://www.cve.org/CVERecord?id=CVE-2022-48564 https://nvd.nist.gov/vuln/detail/CVE-2022-48564 https://bugs.python.org/issue42103 https://github.com/python/cpython/issues/86269 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-48564.json https://access.redhat.com/errata/RHSA-2024:0114", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "platform-python", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-56.el8_9.2", "arch_op": "pattern match" }, "W/d4trZ7jb2yxjrq4cNOWA==": { "id": "W/d4trZ7jb2yxjrq4cNOWA==", "updater": "rhel-vex", "name": "CVE-2022-3219", "description": "A vulnerability was found in GnuPG. GnuPG can spin on a relatively small input by crafting a public key with thousands of signatures attached and compressed down to a few kilobytes. This issue can potentially cause a denial of service.", "issued": "2022-09-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-3219 https://bugzilla.redhat.com/show_bug.cgi?id=2127010 https://www.cve.org/CVERecord?id=CVE-2022-3219 https://nvd.nist.gov/vuln/detail/CVE-2022-3219 https://dev.gnupg.org/D556 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-3219.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "WHB3WNu2RgNXJhjw7mBJLw==": { "id": "WHB3WNu2RgNXJhjw7mBJLw==", "updater": "rhel-vex", "name": "CVE-2019-17543", "description": "LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (related to LZ4_compress_destSize), affecting applications that call LZ4_compress_fast with a large input. (This issue can also lead to data corruption.) NOTE: the vendor states \"only a few specific / uncommon usages of the API are at risk.\"", "issued": "2019-07-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2019-17543 https://bugzilla.redhat.com/show_bug.cgi?id=1765316 https://www.cve.org/CVERecord?id=CVE-2019-17543 https://nvd.nist.gov/vuln/detail/CVE-2019-17543 https://security.access.redhat.com/data/csaf/v2/vex/2019/cve-2019-17543.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "lz4", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "WbmUGgkmxoaGa9IhjWsUzA==": { "id": "WbmUGgkmxoaGa9IhjWsUzA==", "updater": "rhel-vex", "name": "CVE-2023-4527", "description": "A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash.", "issued": "2023-09-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4527 https://bugzilla.redhat.com/show_bug.cgi?id=2234712 https://www.cve.org/CVERecord?id=CVE-2023-4527 https://nvd.nist.gov/vuln/detail/CVE-2023-4527 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4527.json https://access.redhat.com/errata/RHSA-2023:5455", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc-common", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.28-225.el8_8.6", "arch_op": "pattern match" }, "WiBQj7XHKIGrrTQyNBrWmg==": { "id": "WiBQj7XHKIGrrTQyNBrWmg==", "updater": "rhel-vex", "name": "CVE-2022-40303", "description": "A flaw was found in libxml2. Parsing a XML document with the XML_PARSE_HUGE option enabled can result in an integer overflow because safety checks were missing in some functions. Also, the xmlParseEntityValue function didn't have any length limitation.", "issued": "2022-10-14T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-40303 https://bugzilla.redhat.com/show_bug.cgi?id=2136266 https://www.cve.org/CVERecord?id=CVE-2022-40303 https://nvd.nist.gov/vuln/detail/CVE-2022-40303 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-40303.json https://access.redhat.com/errata/RHSA-2023:0173", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.9.7-15.el8_7.1", "arch_op": "pattern match" }, "Wsu5UzNfQFqjm4dwWxgPNA==": { "id": "Wsu5UzNfQFqjm4dwWxgPNA==", "updater": "rhel-vex", "name": "CVE-2024-6232", "description": "A regular expression denial of service (ReDos) vulnerability was found in Python's tarfile module. Due to excessive backtracking while tarfile parses headers, an attacker may be able to trigger a denial of service via a specially crafted tar archive.", "issued": "2024-09-03T13:15:05Z", "links": "https://access.redhat.com/security/cve/CVE-2024-6232 https://bugzilla.redhat.com/show_bug.cgi?id=2309426 https://www.cve.org/CVERecord?id=CVE-2024-6232 https://nvd.nist.gov/vuln/detail/CVE-2024-6232 https://github.com/python/cpython/issues/121285 https://github.com/python/cpython/pull/121286 https://mail.python.org/archives/list/security-announce@python.org/thread/JRYFTPRHZRTLMZLWQEUHZSJXNHM4ACTY/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-6232.json https://access.redhat.com/errata/RHSA-2024:6975", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "platform-python", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-67.el8_10", "arch_op": "pattern match" }, "WtNX+KKJMTA5E13Wj9WuMA==": { "id": "WtNX+KKJMTA5E13Wj9WuMA==", "updater": "rhel-vex", "name": "CVE-2023-6597", "description": "A flaw was found in the tempfile.TemporaryDirectory class in python3/cpython3. The class may dereference symbolic links during permission-related errors, resulting in users that run privileged programs being able to modify permissions of files referenced by the symbolic link.", "issued": "2024-03-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-6597 https://bugzilla.redhat.com/show_bug.cgi?id=2276518 https://www.cve.org/CVERecord?id=CVE-2023-6597 https://nvd.nist.gov/vuln/detail/CVE-2023-6597 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-6597.json https://access.redhat.com/errata/RHSA-2024:3347", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", "normalized_severity": "High", "package": { "id": "", "name": "platform-python", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-62.el8_10", "arch_op": "pattern match" }, "Wtvn0xgob97WvcM7EjfmXA==": { "id": "Wtvn0xgob97WvcM7EjfmXA==", "updater": "rhel-vex", "name": "CVE-2022-40304", "description": "A flaw was found in libxml2. When a reference cycle is detected in the XML entity cleanup function the XML entity data can be stored in a dictionary. In this case, the dictionary becomes corrupted resulting in logic errors, including memory errors like double free.", "issued": "2022-10-14T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-40304 https://bugzilla.redhat.com/show_bug.cgi?id=2136288 https://www.cve.org/CVERecord?id=CVE-2022-40304 https://nvd.nist.gov/vuln/detail/CVE-2022-40304 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-40304.json https://access.redhat.com/errata/RHSA-2023:0173", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.9.7-15.el8_7.1", "arch_op": "pattern match" }, "WuM9uW74v8oBxx5G+PnIsQ==": { "id": "WuM9uW74v8oBxx5G+PnIsQ==", "updater": "rhel-vex", "name": "CVE-2024-2398", "description": "A flaw was found in curl. When an application configures libcurl to use HTTP/2 server push and the amount of received headers for the push surpasses the maximum allowed limit, libcurl aborts the server push. When aborting, libcurl does not free all the previously allocated headers, resulting in a memory leak.", "issued": "2024-03-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-2398 https://bugzilla.redhat.com/show_bug.cgi?id=2270498 https://www.cve.org/CVERecord?id=CVE-2024-2398 https://nvd.nist.gov/vuln/detail/CVE-2024-2398 https://curl.se/docs/CVE-2024-2398.html https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-2398.json https://access.redhat.com/errata/RHSA-2024:5654", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "libcurl", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:7.61.1-34.el8_10.2", "arch_op": "pattern match" }, "WvmzsuJEzKkP58rPW1w/Aw==": { "id": "WvmzsuJEzKkP58rPW1w/Aw==", "updater": "rhel-vex", "name": "CVE-2023-21939", "description": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).", "issued": "2023-04-18T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-21939 https://bugzilla.redhat.com/show_bug.cgi?id=2187724 https://www.cve.org/CVERecord?id=CVE-2023-21939 https://nvd.nist.gov/vuln/detail/CVE-2023-21939 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-21939.json https://access.redhat.com/errata/RHSA-2023:1898", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.7.0.7-1.el8_7", "arch_op": "pattern match" }, "WxJXyAPAm0twg0Sa6CraCQ==": { "id": "WxJXyAPAm0twg0Sa6CraCQ==", "updater": "rhel-vex", "name": "CVE-2024-33600", "description": "A flaw was found in the glibc netgroup cache. After a failed cache insertion, addgetnetgrentX tries to send the non-existing response after the not-found header. This can lead to a null pointer dereference that causes a crash or exit.", "issued": "2024-04-24T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-33600 https://bugzilla.redhat.com/show_bug.cgi?id=2277204 https://www.cve.org/CVERecord?id=CVE-2024-33600 https://nvd.nist.gov/vuln/detail/CVE-2024-33600 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-33600.json https://access.redhat.com/errata/RHSA-2024:3344", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc-minimal-langpack", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.28-251.el8_10.2", "arch_op": "pattern match" }, "XEpNbYE8baSeNQKfAWr65g==": { "id": "XEpNbYE8baSeNQKfAWr65g==", "updater": "rhel-vex", "name": "CVE-2024-0553", "description": "A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK key exchange, potentially leading to the leakage of sensitive data. CVE-2024-0553 is designated as an incomplete resolution for CVE-2023-5981.", "issued": "2024-01-16T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-0553 https://bugzilla.redhat.com/show_bug.cgi?id=2258412 https://www.cve.org/CVERecord?id=CVE-2024-0553 https://nvd.nist.gov/vuln/detail/CVE-2024-0553 https://gitlab.com/gnutls/gnutls/-/issues/1522 https://lists.gnupg.org/pipermail/gnutls-help/2024-January/004841.html https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-0553.json https://access.redhat.com/errata/RHSA-2024:0627", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "gnutls", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.6.16-8.el8_9.1", "arch_op": "pattern match" }, "XHx6qufkdiNQ4ThOPaZ7Cg==": { "id": "XHx6qufkdiNQ4ThOPaZ7Cg==", "updater": "rhel-vex", "name": "CVE-2024-45492", "description": "A flaw was found in libexpat's internal nextScaffoldPart function in xmlparse.c. It can have an integer overflow for m_groupSize on 32-bit platforms where UINT_MAX equals SIZE_MAX.", "issued": "2024-08-30T03:15:03Z", "links": "https://access.redhat.com/security/cve/CVE-2024-45492 https://bugzilla.redhat.com/show_bug.cgi?id=2308617 https://www.cve.org/CVERecord?id=CVE-2024-45492 https://nvd.nist.gov/vuln/detail/CVE-2024-45492 https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes https://github.com/libexpat/libexpat/issues/889 https://github.com/libexpat/libexpat/pull/892 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-45492.json https://access.redhat.com/errata/RHSA-2024:6989", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "expat", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.2.5-15.el8_10", "arch_op": "pattern match" }, "XIOkhF/HGo7NDscxxXolRw==": { "id": "XIOkhF/HGo7NDscxxXolRw==", "updater": "rhel-vex", "name": "CVE-2024-9287", "description": "A vulnerability has been found in the Python `venv` module and CLI. Path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment \"activation\" scripts, for example, \"source venv/bin/activate\". This flaw allows attacker-controlled virtual environments to run commands when the virtual environment is activated.", "issued": "2024-10-22T16:34:39Z", "links": "https://access.redhat.com/security/cve/CVE-2024-9287 https://bugzilla.redhat.com/show_bug.cgi?id=2321440 https://www.cve.org/CVERecord?id=CVE-2024-9287 https://nvd.nist.gov/vuln/detail/CVE-2024-9287 https://github.com/python/cpython/issues/124651 https://github.com/python/cpython/pull/124712 https://mail.python.org/archives/list/security-announce@python.org/thread/RSPJ2B5JL22FG3TKUJ7D7DQ4N5JRRBZL/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-9287.json https://access.redhat.com/errata/RHSA-2024:10779", "severity": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "platform-python", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-69.el8_10", "arch_op": "pattern match" }, "XNkilQLowK7fFFcGXGXo0g==": { "id": "XNkilQLowK7fFFcGXGXo0g==", "updater": "rhel-vex", "name": "CVE-2021-35939", "description": "It was found that the fix for CVE-2017-7500 and CVE-2017-7501 was incomplete: the check was only implemented for the parent directory of the file to be created. A local unprivileged user who owns another ancestor directory could potentially use this flaw to gain root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "issued": "2021-06-30T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-35939 https://bugzilla.redhat.com/show_bug.cgi?id=1964129 https://www.cve.org/CVERecord?id=CVE-2021-35939 https://nvd.nist.gov/vuln/detail/CVE-2021-35939 https://rpm.org/wiki/Releases/4.18.0 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-35939.json https://access.redhat.com/errata/RHSA-2024:0647", "severity": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "rpm", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:4.14.3-28.el8_9", "arch_op": "pattern match" }, "XNlrBQKe37o7KhUU6jxS0A==": { "id": "XNlrBQKe37o7KhUU6jxS0A==", "updater": "rhel-vex", "name": "CVE-2024-21012", "description": "A flaw was found in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data.\r\n\r\nNote: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator).", "issued": "2024-04-16T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-21012 https://bugzilla.redhat.com/show_bug.cgi?id=2274975 https://www.cve.org/CVERecord?id=CVE-2024-21012 https://nvd.nist.gov/vuln/detail/CVE-2024-21012 https://www.oracle.com/security-alerts/cpuapr2024.html#AppendixJAVA https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-21012.json https://access.redhat.com/errata/RHSA-2024:1825", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.11.0.9-2.el8", "arch_op": "pattern match" }, "Xa22jaVc91z8CL55umm+fA==": { "id": "Xa22jaVc91z8CL55umm+fA==", "updater": "rhel-vex", "name": "CVE-2020-24736", "description": "A flaw was found in SQLite. A buffer overflow vulnerability allows a local attacker to cause a denial of service via a crafted script.", "issued": "2023-04-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-24736 https://bugzilla.redhat.com/show_bug.cgi?id=2186385 https://www.cve.org/CVERecord?id=CVE-2020-24736 https://nvd.nist.gov/vuln/detail/CVE-2020-24736 https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-24736.json https://access.redhat.com/errata/RHSA-2023:3840", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "sqlite-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.26.0-18.el8_8", "arch_op": "pattern match" }, "XhZ3hHjcK40DoUB+HlWOEg==": { "id": "XhZ3hHjcK40DoUB+HlWOEg==", "updater": "rhel-vex", "name": "CVE-2024-2961", "description": "An out-of-bounds write flaw was found in the ISO-2022-CN-EXT plugin for glibc's iconv library. When converting from UCS4 charset, adding certain escape charterers is required to indicate where the charset was changed to the library. During this process, iconv improperly checks the boundaries of internal buffers, leading to a buffer overflow, which allows writing up to 3 bytes outside the desired memory location. This issue may allow an attacker to craft a malicious characters sequence that will trigger the out-of-bounds write and perform remote code execution, presenting a high impact to the Integrity, Confidentiality, and Availability triad.", "issued": "2024-04-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-2961 https://bugzilla.redhat.com/show_bug.cgi?id=2273404 https://www.cve.org/CVERecord?id=CVE-2024-2961 https://nvd.nist.gov/vuln/detail/CVE-2024-2961 https://www.openwall.com/lists/oss-security/2024/04/17/9 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-2961.json https://access.redhat.com/errata/RHSA-2024:3269", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "glibc-common", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.28-251.el8_10.1", "arch_op": "pattern match" }, "Y5NtVIgOo2LjjySOhtpqgA==": { "id": "Y5NtVIgOo2LjjySOhtpqgA==", "updater": "rhel-vex", "name": "CVE-2020-35538", "description": "A vulnerability was found in libjpeg-turbo where a segmentation fault occurs due to a NULL pointer passing to jcopy_sample_rows(). You may see this error statement: \"Corrupt JPEG data: premature end of data segment\". When processed by a libjpeg-turbo, a crafted input file could cause a crash, leading to a denial of service.", "issued": "2020-07-06T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-35538 https://bugzilla.redhat.com/show_bug.cgi?id=2122387 https://www.cve.org/CVERecord?id=CVE-2020-35538 https://nvd.nist.gov/vuln/detail/CVE-2020-35538 https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-35538.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "libjpeg-turbo", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "YC3QWljAM10wnWDHV9my8w==": { "id": "YC3QWljAM10wnWDHV9my8w==", "updater": "rhel-vex", "name": "CVE-2025-5914", "description": "A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.", "issued": "2025-05-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5914 https://bugzilla.redhat.com/show_bug.cgi?id=2370861 https://www.cve.org/CVERecord?id=CVE-2025-5914 https://nvd.nist.gov/vuln/detail/CVE-2025-5914 https://github.com/libarchive/libarchive/pull/2598 https://github.com/libarchive/libarchive/releases/tag/v3.8.0 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5914.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "YN57CFin8wJMUdySgEbDDg==": { "id": "YN57CFin8wJMUdySgEbDDg==", "updater": "rhel-vex", "name": "CVE-2023-24329", "description": "A flaw was found in the Python package. An issue in the urllib.parse component could allow attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.This may lead to compromised Integrity.", "issued": "2023-02-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-24329 https://bugzilla.redhat.com/show_bug.cgi?id=2173917 https://www.cve.org/CVERecord?id=CVE-2023-24329 https://nvd.nist.gov/vuln/detail/CVE-2023-24329 https://pointernull.com/security/python-url-parse-problem.html https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-24329.json https://access.redhat.com/errata/RHSA-2023:3591", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "normalized_severity": "High", "package": { "id": "", "name": "platform-python", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-51.el8_8.1", "arch_op": "pattern match" }, "YRGOKGOFaSHJHQuJdCol5w==": { "id": "YRGOKGOFaSHJHQuJdCol5w==", "updater": "rhel-vex", "name": "CVE-2023-4806", "description": "A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags.", "issued": "2023-09-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4806 https://bugzilla.redhat.com/show_bug.cgi?id=2237782 https://www.cve.org/CVERecord?id=CVE-2023-4806 https://nvd.nist.gov/vuln/detail/CVE-2023-4806 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4806.json https://access.redhat.com/errata/RHSA-2023:5455", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc-common", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.28-225.el8_8.6", "arch_op": "pattern match" }, "YU7Z5U1vIuzhiGVwvleZtA==": { "id": "YU7Z5U1vIuzhiGVwvleZtA==", "updater": "rhel-vex", "name": "CVE-2022-49043", "description": "A flaw was found in libxml2 where improper handling of memory allocation failures in `libxml2` can lead to crashes, memory leaks, or inconsistent states. While an attacker cannot directly control allocation failures, they may trigger denial-of-service conditions under extreme system stress.", "issued": "2025-01-26T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-49043 https://bugzilla.redhat.com/show_bug.cgi?id=2342118 https://www.cve.org/CVERecord?id=CVE-2022-49043 https://nvd.nist.gov/vuln/detail/CVE-2022-49043 https://github.com/php/php-src/issues/17467 https://gitlab.gnome.org/GNOME/libxml2/-/commit/5a19e21605398cef6a8b1452477a8705cb41562b https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-49043.json https://access.redhat.com/errata/RHSA-2025:1517", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.9.7-18.el8_10.2", "arch_op": "pattern match" }, "YiJlkUTKf0/7+ORZMmQ2cw==": { "id": "YiJlkUTKf0/7+ORZMmQ2cw==", "updater": "rhel-vex", "name": "CVE-2025-25724", "description": "A flaw was found in the libarchive package. Affected versions of libarchive do not check a strftime return value, which can lead to a denial of service or unspecified other impacts via a crafted TAR archive that is read with a verbose value of 2. For example, the 100-byte buffer may not be sufficient for a custom locale.", "issued": "2025-03-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-25724 https://bugzilla.redhat.com/show_bug.cgi?id=2349221 https://www.cve.org/CVERecord?id=CVE-2025-25724 https://nvd.nist.gov/vuln/detail/CVE-2025-25724 https://gist.github.com/Ekkosun/a83870ce7f3b7813b9b462a395e8ad92 https://github.com/Ekkosun/pocs/blob/main/bsdtarbug https://github.com/libarchive/libarchive/blob/b439d586f53911c84be5e380445a8a259e19114c/tar/util.c#L751-L752 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-25724.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "YlNwNNYhMhxVXKAMARrRXA==": { "id": "YlNwNNYhMhxVXKAMARrRXA==", "updater": "rhel-vex", "name": "CVE-2020-19186", "description": "A flaw was found in the ncurses library. This issue occurs when processing a crafted terminfo database, causing a buffer over-read, resulting in an application crash.", "issued": "2019-05-03T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-19186 https://bugzilla.redhat.com/show_bug.cgi?id=2234908 https://www.cve.org/CVERecord?id=CVE-2020-19186 https://nvd.nist.gov/vuln/detail/CVE-2020-19186 https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-19186.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "YxArgGZ2k3AOfJkjsHVAEg==": { "id": "YxArgGZ2k3AOfJkjsHVAEg==", "updater": "rhel-vex", "name": "CVE-2019-9937", "description": "In SQLite 3.27.2, interleaving reads and writes in a single transaction with an fts5 virtual table will lead to a NULL Pointer Dereference in fts5ChunkIterate in sqlite3.c. This is related to ext/fts5/fts5_hash.c and ext/fts5/fts5_index.c.", "issued": "2019-03-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2019-9937 https://bugzilla.redhat.com/show_bug.cgi?id=1692357 https://www.cve.org/CVERecord?id=CVE-2019-9937 https://nvd.nist.gov/vuln/detail/CVE-2019-9937 https://security.access.redhat.com/data/csaf/v2/vex/2019/cve-2019-9937.json", "severity": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "sqlite", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Z2gVqii6wCj6i+vSsYJAfQ==": { "id": "Z2gVqii6wCj6i+vSsYJAfQ==", "updater": "rhel-vex", "name": "CVE-2023-27536", "description": "A flaw was found in the Curl package. Libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. However, the GSS delegation setting was left out from the configuration match checks, making them match too easily, affecting krb5/kerberos/negotiate/GSSAPI transfers.", "issued": "2023-03-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-27536 https://bugzilla.redhat.com/show_bug.cgi?id=2179092 https://www.cve.org/CVERecord?id=CVE-2023-27536 https://nvd.nist.gov/vuln/detail/CVE-2023-27536 https://curl.se/docs/CVE-2023-27536.html https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-27536.json https://access.redhat.com/errata/RHSA-2023:4523", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "libcurl", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:7.61.1-30.el8_8.3", "arch_op": "pattern match" }, "ZAEbqGvurMVFPbaWIUuMsQ==": { "id": "ZAEbqGvurMVFPbaWIUuMsQ==", "updater": "rhel-vex", "name": "CVE-2022-42898", "description": "A vulnerability was found in MIT krb5. This flaw allows an authenticated attacker to cause a KDC or kadmind process to crash by reading beyond the bounds of allocated memory, creating a denial of service. A privileged attacker may similarly be able to cause a Kerberos or GSS application service to crash.", "issued": "2022-11-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-42898 https://bugzilla.redhat.com/show_bug.cgi?id=2140960 https://www.cve.org/CVERecord?id=CVE-2022-42898 https://nvd.nist.gov/vuln/detail/CVE-2022-42898 https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-42898.json https://access.redhat.com/errata/RHSA-2022:8638", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "krb5-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:1.18.2-22.el8_7", "arch_op": "pattern match" }, "ZCt0yW434CaDOfVm9geRKw==": { "id": "ZCt0yW434CaDOfVm9geRKw==", "updater": "rhel-vex", "name": "CVE-2023-38473", "description": "A vulnerability was found in Avahi. A reachable assertion exists in the avahi_alternative_host_name() function.", "issued": "2023-04-26T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-38473 https://bugzilla.redhat.com/show_bug.cgi?id=2191694 https://www.cve.org/CVERecord?id=CVE-2023-38473 https://nvd.nist.gov/vuln/detail/CVE-2023-38473 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-38473.json https://access.redhat.com/errata/RHSA-2023:7836", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "avahi-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:0.7-21.el8_9.1", "arch_op": "pattern match" }, "ZDI3BbfBdOVsLpV2RldMaA==": { "id": "ZDI3BbfBdOVsLpV2RldMaA==", "updater": "rhel-vex", "name": "CVE-2023-4806", "description": "A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags.", "issued": "2023-09-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4806 https://bugzilla.redhat.com/show_bug.cgi?id=2237782 https://www.cve.org/CVERecord?id=CVE-2023-4806 https://nvd.nist.gov/vuln/detail/CVE-2023-4806 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4806.json https://access.redhat.com/errata/RHSA-2023:5455", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.28-225.el8_8.6", "arch_op": "pattern match" }, "ZGYWl+p1RrOT0HzaEzSTjg==": { "id": "ZGYWl+p1RrOT0HzaEzSTjg==", "updater": "rhel-vex", "name": "CVE-2022-33068", "description": "A vulnerability found in harfbuzz. An integer overflow in the hb-ot-shape-fallback.cc component allows attackers to cause a denial of service (DoS) via unspecified vectors.", "issued": "2022-06-23T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-33068 https://bugzilla.redhat.com/show_bug.cgi?id=2102608 https://www.cve.org/CVERecord?id=CVE-2022-33068 https://nvd.nist.gov/vuln/detail/CVE-2022-33068 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-33068.json https://access.redhat.com/errata/RHSA-2022:7000", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.5.0.8-2.el8_6", "arch_op": "pattern match" }, "ZGazKGaEIFJr/qgYuwClNg==": { "id": "ZGazKGaEIFJr/qgYuwClNg==", "updater": "rhel-vex", "name": "CVE-2024-21147", "description": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).", "issued": "2024-07-16T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-21147 https://bugzilla.redhat.com/show_bug.cgi?id=2297977 https://www.cve.org/CVERecord?id=CVE-2024-21147 https://nvd.nist.gov/vuln/detail/CVE-2024-21147 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-21147.json https://access.redhat.com/errata/RHSA-2024:4568", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "normalized_severity": "High", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.12.0.7-2.el8", "arch_op": "pattern match" }, "ZINV7lyZu9XBwDcnEkkOmQ==": { "id": "ZINV7lyZu9XBwDcnEkkOmQ==", "updater": "rhel-vex", "name": "CVE-2023-5981", "description": "A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.", "issued": "2023-11-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-5981 https://bugzilla.redhat.com/show_bug.cgi?id=2248445 https://www.cve.org/CVERecord?id=CVE-2023-5981 https://nvd.nist.gov/vuln/detail/CVE-2023-5981 https://gnutls.org/security-new.html#GNUTLS-SA-2023-10-23 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-5981.json https://access.redhat.com/errata/RHSA-2024:0155", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "gnutls", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.6.16-8.el8_9", "arch_op": "pattern match" }, "ZNUx9b6Gk9ggFU4V1BHIPQ==": { "id": "ZNUx9b6Gk9ggFU4V1BHIPQ==", "updater": "rhel-vex", "name": "CVE-2024-21235", "description": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23; Oracle GraalVM Enterprise Edition: 20.3.15 and 21.3.11. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).", "issued": "2024-10-15T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-21235 https://bugzilla.redhat.com/show_bug.cgi?id=2318534 https://www.cve.org/CVERecord?id=CVE-2024-21235 https://nvd.nist.gov/vuln/detail/CVE-2024-21235 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-21235.json https://access.redhat.com/errata/RHSA-2024:8124", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.13.0.11-3.el8", "arch_op": "pattern match" }, "ZSIgoENQ6JuxP4rnSyyi7Q==": { "id": "ZSIgoENQ6JuxP4rnSyyi7Q==", "updater": "rhel-vex", "name": "CVE-2018-20657", "description": "The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, has a memory leak via a crafted string, leading to a denial of service (memory consumption), as demonstrated by cxxfilt, a related issue to CVE-2018-12698.", "issued": "2018-12-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2018-20657 https://bugzilla.redhat.com/show_bug.cgi?id=1664708 https://www.cve.org/CVERecord?id=CVE-2018-20657 https://nvd.nist.gov/vuln/detail/CVE-2018-20657 https://security.access.redhat.com/data/csaf/v2/vex/2018/cve-2018-20657.json", "severity": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gcc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ZlXiwfrkwH4AKEF9SpVZyA==": { "id": "ZlXiwfrkwH4AKEF9SpVZyA==", "updater": "rhel-vex", "name": "CVE-2025-0395", "description": "A flaw was found in the GNU C Library (glibc). A buffer overflow condition via the `assert()` function may be triggered due to glibc not allocating enough space for the assertion failure message string and size information. In certain conditions, a local attacker can exploit this, potentially leading to an application crash or other undefined behavior.", "issued": "2025-01-22T13:11:30Z", "links": "https://access.redhat.com/security/cve/CVE-2025-0395 https://bugzilla.redhat.com/show_bug.cgi?id=2339460 https://www.cve.org/CVERecord?id=CVE-2025-0395 https://nvd.nist.gov/vuln/detail/CVE-2025-0395 https://sourceware.org/bugzilla/show_bug.cgi?id=32582 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-0395.json https://access.redhat.com/errata/RHSA-2025:3828", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc-minimal-langpack", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.28-251.el8_10.16", "arch_op": "pattern match" }, "Zp9+pixFuNBueE2yO610gQ==": { "id": "Zp9+pixFuNBueE2yO610gQ==", "updater": "rhel-vex", "name": "CVE-2024-56433", "description": "A flaw was found in shadow-utils. Affected versions of shadow-utils establish a default /etc/subuid behavior, for example, uid 100000 through 165535 for the first user account, that can conflict with the uids of users defined on locally administered networks. This issue potentially leads to account takeover by leveraging newuidmap for access to an NFS home directory or same-host resources for remote logins by these local network users.", "issued": "2024-12-26T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-56433 https://bugzilla.redhat.com/show_bug.cgi?id=2334165 https://www.cve.org/CVERecord?id=CVE-2024-56433 https://nvd.nist.gov/vuln/detail/CVE-2024-56433 https://github.com/shadow-maint/shadow/blob/e2512d5741d4a44bdd81a8c2d0029b6222728cf0/etc/login.defs#L238-L241 https://github.com/shadow-maint/shadow/issues/1157 https://github.com/shadow-maint/shadow/releases/tag/4.4 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-56433.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "shadow-utils", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ZvX4VR3jvMBd1Wq+RxNTgg==": { "id": "ZvX4VR3jvMBd1Wq+RxNTgg==", "updater": "rhel-vex", "name": "CVE-2020-35512", "description": "A use-after-free flaw was found in D-Bus when a system has multiple usernames sharing the same UID. When a set of policy rules references these usernames, D-Bus may free some memory in the heap, which is still used by data structures necessary for the other usernames sharing the UID, possibly leading to a crash or other undefined behaviors.", "issued": "2020-06-30T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-35512 https://bugzilla.redhat.com/show_bug.cgi?id=1909101 https://www.cve.org/CVERecord?id=CVE-2020-35512 https://nvd.nist.gov/vuln/detail/CVE-2020-35512 https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-35512.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "dbus", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "a067YUjLHWzR99JNl/RtGQ==": { "id": "a067YUjLHWzR99JNl/RtGQ==", "updater": "rhel-vex", "name": "CVE-2025-4598", "description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process.\n\nA SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "issued": "2025-05-29T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-4598 https://bugzilla.redhat.com/show_bug.cgi?id=2369242 https://www.cve.org/CVERecord?id=CVE-2025-4598 https://nvd.nist.gov/vuln/detail/CVE-2025-4598 https://www.openwall.com/lists/oss-security/2025/05/29/3 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-4598.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "a2WzG6eILX6PH58wZxT/eg==": { "id": "a2WzG6eILX6PH58wZxT/eg==", "updater": "rhel-vex", "name": "CVE-2024-12243", "description": "A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to send a specially crafted certificate, causing GnuTLS to become unresponsive or slow, resulting in a denial-of-service condition.", "issued": "2025-02-10T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-12243 https://bugzilla.redhat.com/show_bug.cgi?id=2344615 https://www.cve.org/CVERecord?id=CVE-2024-12243 https://nvd.nist.gov/vuln/detail/CVE-2024-12243 https://gitlab.com/gnutls/libtasn1/-/issues/52 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-12243.json https://access.redhat.com/errata/RHSA-2025:4051", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "gnutls", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.6.16-8.el8_10.3", "arch_op": "pattern match" }, "a6VkbY6DpPyOiIT3w0aLQA==": { "id": "a6VkbY6DpPyOiIT3w0aLQA==", "updater": "rhel-vex", "name": "CVE-2023-29491", "description": "A vulnerability was found in ncurses and occurs when used by a setuid application. This flaw allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.", "issued": "2023-04-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-29491 https://bugzilla.redhat.com/show_bug.cgi?id=2191704 https://www.cve.org/CVERecord?id=CVE-2023-29491 https://nvd.nist.gov/vuln/detail/CVE-2023-29491 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-29491.json https://access.redhat.com/errata/RHSA-2023:5249", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "ncurses-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:6.1-9.20180224.el8_8.1", "arch_op": "pattern match" }, "a6WklDYhYXKGRIopjXMKuw==": { "id": "a6WklDYhYXKGRIopjXMKuw==", "updater": "rhel-vex", "name": "CVE-2019-2201", "description": "In generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-120551338", "issued": "2019-07-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2019-2201 https://bugzilla.redhat.com/show_bug.cgi?id=1770982 https://www.cve.org/CVERecord?id=CVE-2019-2201 https://nvd.nist.gov/vuln/detail/CVE-2019-2201 https://security.access.redhat.com/data/csaf/v2/vex/2019/cve-2019-2201.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libjpeg-turbo", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "aIssfXhXh+O9Q6gT9fzA4Q==": { "id": "aIssfXhXh+O9Q6gT9fzA4Q==", "updater": "rhel-vex", "name": "CVE-2025-4435", "description": "A flaw was found in CPython's tarfile module. This vulnerability allows unauthorized file extraction via crafted tar archives when TarFile.errorlevel=0, bypassing expected filtering mechanisms.", "issued": "2025-06-03T12:59:06Z", "links": "https://access.redhat.com/security/cve/CVE-2025-4435 https://bugzilla.redhat.com/show_bug.cgi?id=2370010 https://www.cve.org/CVERecord?id=CVE-2025-4435 https://nvd.nist.gov/vuln/detail/CVE-2025-4435 https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a https://github.com/python/cpython/issues/135034 https://github.com/python/cpython/pull/135037 https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-4435.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "aN5J80ZvkGBs2zb1EoCKAw==": { "id": "aN5J80ZvkGBs2zb1EoCKAw==", "updater": "rhel-vex", "name": "CVE-2022-0391", "description": "A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\\r' and '\\n' in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks.", "issued": "2021-04-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-0391 https://bugzilla.redhat.com/show_bug.cgi?id=2047376 https://www.cve.org/CVERecord?id=CVE-2022-0391 https://nvd.nist.gov/vuln/detail/CVE-2022-0391 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-0391.json https://access.redhat.com/errata/RHSA-2022:6457", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-47.el8_6", "arch_op": "pattern match" }, "aVK7ciiDea8theCZAMJkqQ==": { "id": "aVK7ciiDea8theCZAMJkqQ==", "updater": "rhel-vex", "name": "CVE-2024-33599", "description": "A stack-based buffer overflow flaw was found in the glibc netgroup cache. In certain conditions, its possible to trigger a stack-based buffer overflow condition that can lead to a denial of service and potentially other malicious actions that impact confidentiality and integrity.", "issued": "2024-04-23T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-33599 https://bugzilla.redhat.com/show_bug.cgi?id=2277202 https://www.cve.org/CVERecord?id=CVE-2024-33599 https://nvd.nist.gov/vuln/detail/CVE-2024-33599 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-33599.json https://access.redhat.com/errata/RHSA-2024:3344", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "normalized_severity": "High", "package": { "id": "", "name": "glibc-common", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.28-251.el8_10.2", "arch_op": "pattern match" }, "aW0iaUuIHg86jDWhWtL7pQ==": { "id": "aW0iaUuIHg86jDWhWtL7pQ==", "updater": "rhel-vex", "name": "CVE-2025-5915", "description": "A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer over-read due to the size of a filter block potentially exceeding the Lempel-Ziv-Storer-Schieber (LZSS) window. This means the library may attempt to read beyond the allocated memory buffer, which can result in unpredictable program behavior, crashes (denial of service), or the disclosure of sensitive information from adjacent memory regions.", "issued": "2025-05-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5915 https://bugzilla.redhat.com/show_bug.cgi?id=2370865 https://www.cve.org/CVERecord?id=CVE-2025-5915 https://nvd.nist.gov/vuln/detail/CVE-2025-5915 https://github.com/libarchive/libarchive/pull/2599 https://github.com/libarchive/libarchive/releases/tag/v3.8.0 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5915.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "aXKVm7Dm+JnzHeNplsbXnA==": { "id": "aXKVm7Dm+JnzHeNplsbXnA==", "updater": "rhel-vex", "name": "CVE-2021-43618", "description": "A flaw was found in gmp. An integer overflow vulnerability could allow an attacker to input an integer value leading to a crash. The highest threat from this vulnerability is to system availability.", "issued": "2021-11-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-43618 https://bugzilla.redhat.com/show_bug.cgi?id=2024904 https://www.cve.org/CVERecord?id=CVE-2021-43618 https://nvd.nist.gov/vuln/detail/CVE-2021-43618 https://bugs.debian.org/994405 https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-43618.json https://access.redhat.com/errata/RHSA-2024:3214", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "gmp", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:6.1.2-11.el8", "arch_op": "pattern match" }, "aoTbGkTpK3FwA+kn6HQBnw==": { "id": "aoTbGkTpK3FwA+kn6HQBnw==", "updater": "rhel-vex", "name": "CVE-2023-6135", "description": "The Network Security Services (NSS) package contains a vulnerability that exposes a side-channel information leak. This weakness enables a local attacker to capture several thousand usages of a signature, allowing them to utilize this information to recover portions of an ECDSA private key.", "issued": "2023-12-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-6135 https://bugzilla.redhat.com/show_bug.cgi?id=2249906 https://www.cve.org/CVERecord?id=CVE-2023-6135 https://nvd.nist.gov/vuln/detail/CVE-2023-6135 https://bugzilla.mozilla.org/show_bug.cgi?id=1853908 https://minerva.crocs.fi.muni.cz/ https://people.redhat.com/~hkario/marvin/ https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6135 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-6135.json https://access.redhat.com/errata/RHSA-2024:0786", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "nss-softokn", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.90.0-6.el8_9", "arch_op": "pattern match" }, "arc3e7T1PhjZvuuztkD40g==": { "id": "arc3e7T1PhjZvuuztkD40g==", "updater": "rhel-vex", "name": "CVE-2023-2953", "description": "A vulnerability was found in OpenLDAP, in ber_memalloc_x() function, leading to a null pointer dereference. This flaw can result in reduced system memory and cause LDAP authentication failures. The impact is primarily a disruption in authentication processes, which may hinder user access or service operations relying on LDAP for authentication.", "issued": "2023-05-29T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-2953 https://bugzilla.redhat.com/show_bug.cgi?id=2210651 https://www.cve.org/CVERecord?id=CVE-2023-2953 https://nvd.nist.gov/vuln/detail/CVE-2023-2953 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-2953.json https://access.redhat.com/errata/RHSA-2024:4264", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openldap", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.4.46-19.el8_10", "arch_op": "pattern match" }, "avCxxosOVggwZGQXgntvFQ==": { "id": "avCxxosOVggwZGQXgntvFQ==", "updater": "rhel-vex", "name": "CVE-2020-19185", "description": "A flaw was found in the ncurses library. This issue occurs when processing a crafted terminfo database, causing a heap-based buffer overflow, resulting in an application crash.", "issued": "2019-05-03T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-19185 https://bugzilla.redhat.com/show_bug.cgi?id=2234924 https://www.cve.org/CVERecord?id=CVE-2020-19185 https://nvd.nist.gov/vuln/detail/CVE-2020-19185 https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-19185.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ay8SZz7e5oUxSq/eln9epA==": { "id": "ay8SZz7e5oUxSq/eln9epA==", "updater": "rhel-vex", "name": "CVE-2023-34969", "description": "An assertion failure vulnerability was found in D-Bus. This issue occurs when a privileged monitoring connection (dbus-monitor, busctl monitor, gdbus monitor, or similar) is active, and a message from the bus driver cannot be delivered to a client connection due to \u003cdeny\u003e rules or outgoing message quota. If a privileged user with control over the dbus-daemon is monitoring the message bus traffic using the Monitoring clients like the dbus-monitor or busctl monitor interfaces, then an unprivileged local user with the ability to connect to the same dbus-daemon could send specially crafted request, causing a dbus-daemon to crash, resulting in a denial of service under some circumstances.", "issued": "2023-06-06T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-34969 https://bugzilla.redhat.com/show_bug.cgi?id=2213166 https://www.cve.org/CVERecord?id=CVE-2023-34969 https://nvd.nist.gov/vuln/detail/CVE-2023-34969 https://gitlab.freedesktop.org/dbus/dbus/-/issues/457 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-34969.json https://access.redhat.com/errata/RHSA-2023:4498", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "dbus-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:1.12.8-24.el8_8.1", "arch_op": "pattern match" }, "b5pHLo6BzI2vDWL/bZbKhg==": { "id": "b5pHLo6BzI2vDWL/bZbKhg==", "updater": "rhel-vex", "name": "CVE-2023-22045", "description": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).", "issued": "2023-07-18T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-22045 https://bugzilla.redhat.com/show_bug.cgi?id=2221645 https://www.cve.org/CVERecord?id=CVE-2023-22045 https://nvd.nist.gov/vuln/detail/CVE-2023-22045 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-22045.json https://access.redhat.com/errata/RHSA-2023:4159", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.8.0.7-2.el8", "arch_op": "pattern match" }, "b6nJlqhDXyHanx5z6KpLBA==": { "id": "b6nJlqhDXyHanx5z6KpLBA==", "updater": "rhel-vex", "name": "CVE-2024-6602", "description": "The Mozilla Foundation Security Advisory describes this flaw as:\r\n\r\nA mismatch between allocator and deallocator could have lead to memory corruption.", "issued": "2024-07-09T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-6602 https://bugzilla.redhat.com/show_bug.cgi?id=2296637 https://www.cve.org/CVERecord?id=CVE-2024-6602 https://nvd.nist.gov/vuln/detail/CVE-2024-6602 https://www.mozilla.org/en-US/security/advisories/mfsa2024-30/#CVE-2024-6602 https://www.mozilla.org/en-US/security/advisories/mfsa2024-31/#CVE-2024-6602 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-6602.json https://access.redhat.com/errata/RHBA-2024:6680", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "nss-util", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.101.0-7.el8_8", "arch_op": "pattern match" }, "bCmMOQnPYWaCVArfmlcGNA==": { "id": "bCmMOQnPYWaCVArfmlcGNA==", "updater": "rhel-vex", "name": "CVE-2025-24528", "description": "A flaw was found in krb5. With incremental propagation enabled, an authenticated attacker can cause kadmind to write beyond the end of the mapped region for the iprop log file. This issue can trigger a process crash and lead to a denial of service.", "issued": "2024-01-28T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-24528 https://bugzilla.redhat.com/show_bug.cgi?id=2342796 https://www.cve.org/CVERecord?id=CVE-2025-24528 https://nvd.nist.gov/vuln/detail/CVE-2025-24528 https://github.com/krb5/krb5/commit/78ceba024b64d49612375be4a12d1c066b0bfbd0 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-24528.json https://access.redhat.com/errata/RHSA-2025:2722", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "krb5-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:1.18.2-31.el8_10", "arch_op": "pattern match" }, "bG/xFPRLORcdoTEuIWFoCA==": { "id": "bG/xFPRLORcdoTEuIWFoCA==", "updater": "rhel-vex", "name": "CVE-2024-12133", "description": "A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate, causing a denial of service attack.", "issued": "2025-02-10T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-12133 https://bugzilla.redhat.com/show_bug.cgi?id=2344611 https://www.cve.org/CVERecord?id=CVE-2024-12133 https://nvd.nist.gov/vuln/detail/CVE-2024-12133 https://gitlab.com/gnutls/libtasn1/-/issues/52 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-12133.json https://access.redhat.com/errata/RHSA-2025:4049", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "libtasn1", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:4.13-5.el8_10", "arch_op": "pattern match" }, "baJCEw0uHdQWt5sQYv4JwQ==": { "id": "baJCEw0uHdQWt5sQYv4JwQ==", "updater": "rhel-vex", "name": "CVE-2024-33602", "description": "A flaw was found in the glibc netgroup cache. The buffer-resizing code in addgetnetgrentX assumes that all string pointers point into the supplied buffer. This can potentially lead to memory corruption and cause a crash.", "issued": "2024-04-24T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-33602 https://bugzilla.redhat.com/show_bug.cgi?id=2277206 https://www.cve.org/CVERecord?id=CVE-2024-33602 https://nvd.nist.gov/vuln/detail/CVE-2024-33602 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-33602.json https://access.redhat.com/errata/RHSA-2024:3344", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "glibc-common", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.28-251.el8_10.2", "arch_op": "pattern match" }, "bo89sJ5bpNwiYs1HKmEhew==": { "id": "bo89sJ5bpNwiYs1HKmEhew==", "updater": "rhel-vex", "name": "CVE-2024-33602", "description": "A flaw was found in the glibc netgroup cache. The buffer-resizing code in addgetnetgrentX assumes that all string pointers point into the supplied buffer. This can potentially lead to memory corruption and cause a crash.", "issued": "2024-04-24T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-33602 https://bugzilla.redhat.com/show_bug.cgi?id=2277206 https://www.cve.org/CVERecord?id=CVE-2024-33602 https://nvd.nist.gov/vuln/detail/CVE-2024-33602 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-33602.json https://access.redhat.com/errata/RHSA-2024:3344", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "glibc-minimal-langpack", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.28-251.el8_10.2", "arch_op": "pattern match" }, "breeo2G1CL/f9vP/mBuGqg==": { "id": "breeo2G1CL/f9vP/mBuGqg==", "updater": "rhel-vex", "name": "CVE-2023-6135", "description": "The Network Security Services (NSS) package contains a vulnerability that exposes a side-channel information leak. This weakness enables a local attacker to capture several thousand usages of a signature, allowing them to utilize this information to recover portions of an ECDSA private key.", "issued": "2023-12-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-6135 https://bugzilla.redhat.com/show_bug.cgi?id=2249906 https://www.cve.org/CVERecord?id=CVE-2023-6135 https://nvd.nist.gov/vuln/detail/CVE-2023-6135 https://bugzilla.mozilla.org/show_bug.cgi?id=1853908 https://minerva.crocs.fi.muni.cz/ https://people.redhat.com/~hkario/marvin/ https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6135 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-6135.json https://access.redhat.com/errata/RHSA-2024:0786", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "nss-softokn-freebl", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.90.0-6.el8_9", "arch_op": "pattern match" }, "c3EBqCsce61MGNOLAQRoFQ==": { "id": "c3EBqCsce61MGNOLAQRoFQ==", "updater": "rhel-vex", "name": "CVE-2021-35937", "description": "A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "issued": "2021-06-30T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-35937 https://bugzilla.redhat.com/show_bug.cgi?id=1964125 https://www.cve.org/CVERecord?id=CVE-2021-35937 https://nvd.nist.gov/vuln/detail/CVE-2021-35937 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-35937.json https://access.redhat.com/errata/RHSA-2024:0647", "severity": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "rpm-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:4.14.3-28.el8_9", "arch_op": "pattern match" }, "c7NVXfTsTMVF7aSpsUVoAg==": { "id": "c7NVXfTsTMVF7aSpsUVoAg==", "updater": "rhel-vex", "name": "CVE-2023-29469", "description": "A flaw was found in libxml2. This issue occurs when hashing empty strings which aren't null-terminated, xmlDictComputeFastKey could produce inconsistent results, which may lead to various logic or memory errors, including double free errors.", "issued": "2023-04-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-29469 https://bugzilla.redhat.com/show_bug.cgi?id=2185984 https://www.cve.org/CVERecord?id=CVE-2023-29469 https://nvd.nist.gov/vuln/detail/CVE-2023-29469 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-29469.json https://access.redhat.com/errata/RHSA-2023:4529", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.9.7-16.el8_8.1", "arch_op": "pattern match" }, "c9IP9u5A7MOStA19b+RjKw==": { "id": "c9IP9u5A7MOStA19b+RjKw==", "updater": "rhel-vex", "name": "CVE-2023-28322", "description": "A use-after-free flaw was found in the Curl package. This issue may lead to unintended information disclosure by the application.", "issued": "2023-05-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-28322 https://bugzilla.redhat.com/show_bug.cgi?id=2196793 https://www.cve.org/CVERecord?id=CVE-2023-28322 https://nvd.nist.gov/vuln/detail/CVE-2023-28322 https://curl.se/docs/CVE-2023-28322.html https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-28322.json https://access.redhat.com/errata/RHSA-2024:1601", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:7.61.1-33.el8_9.5", "arch_op": "pattern match" }, "cCowLuOsLfTMmPFOoqUVww==": { "id": "cCowLuOsLfTMmPFOoqUVww==", "updater": "rhel-vex", "name": "CVE-2024-0397", "description": "A vulnerability was found in Python. A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “cert_store_stats()” and “get_ca_certs()”. The race condition can be triggered if the methods are called at the same time that certificates are loaded into the SSLContext, such as during the TLS handshake with a configured certificate directory.", "issued": "2024-06-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-0397 https://bugzilla.redhat.com/show_bug.cgi?id=2301891 https://www.cve.org/CVERecord?id=CVE-2024-0397 https://nvd.nist.gov/vuln/detail/CVE-2024-0397 https://mail.python.org/archives/list/security-announce@python.org/thread/BMAK5BCGKYWNJOACVUSLUF6SFGBIM4VP/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-0397.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "cLjtH8DMGP9rRcR7G0FwXQ==": { "id": "cLjtH8DMGP9rRcR7G0FwXQ==", "updater": "rhel-vex", "name": "CVE-2024-35235", "description": "A flaw was found in the cupsd server. When starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can perform an arbitrary chmod of the provided argument, providing world-writable access to the target. Since cupsd is often running as root, this issue can result in the change of permission of any user or system files to be world writable.", "issued": "2024-06-11T14:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-35235 https://bugzilla.redhat.com/show_bug.cgi?id=2290318 https://www.cve.org/CVERecord?id=CVE-2024-35235 https://nvd.nist.gov/vuln/detail/CVE-2024-35235 https://seclists.org/oss-sec/2024/q2/277 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-35235.json https://access.redhat.com/errata/RHSA-2024:4265", "severity": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "cups-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:2.2.6-60.el8_10", "arch_op": "pattern match" }, "cXcVRNX0Kbtuz9UuQfmUNw==": { "id": "cXcVRNX0Kbtuz9UuQfmUNw==", "updater": "rhel-vex", "name": "CVE-2016-3709", "description": "A Cross-site scripting (XSS) vulnerability was found in libxml2. A specially crafted input, when serialized and re-parsed by the libxml2 library, will result in a document with element attributes that did not exist in the original document.", "issued": "2016-08-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2016-3709 https://bugzilla.redhat.com/show_bug.cgi?id=2112766 https://www.cve.org/CVERecord?id=CVE-2016-3709 https://nvd.nist.gov/vuln/detail/CVE-2016-3709 https://security.access.redhat.com/data/csaf/v2/vex/2016/cve-2016-3709.json https://access.redhat.com/errata/RHSA-2022:7715", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.9.7-15.el8", "arch_op": "pattern match" }, "cgK5G78up7raRd8LrOZKNw==": { "id": "cgK5G78up7raRd8LrOZKNw==", "updater": "rhel-vex", "name": "CVE-2023-32324", "description": "A flaw was found in the Cups package. A buffer overflow vulnerability in the |format_log_line| function could allow remote attackers to cause a denial of service. Exploitation is only possible when the configuration file, cupsd.conf, has the value of loglevel set to DEBUG.", "issued": "2023-06-01T10:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-32324 https://bugzilla.redhat.com/show_bug.cgi?id=2209603 https://www.cve.org/CVERecord?id=CVE-2023-32324 https://nvd.nist.gov/vuln/detail/CVE-2023-32324 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-32324.json https://access.redhat.com/errata/RHSA-2023:7165", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "cups-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:2.2.6-54.el8_9", "arch_op": "pattern match" }, "cmqla8jisnjS+p+DA0529w==": { "id": "cmqla8jisnjS+p+DA0529w==", "updater": "rhel-vex", "name": "CVE-2023-25193", "description": "A vulnerability was found HarfBuzz. This flaw allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.", "issued": "2023-02-04T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-25193 https://bugzilla.redhat.com/show_bug.cgi?id=2167254 https://www.cve.org/CVERecord?id=CVE-2023-25193 https://nvd.nist.gov/vuln/detail/CVE-2023-25193 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-25193.json https://access.redhat.com/errata/RHSA-2024:2980", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "harfbuzz", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:1.7.5-4.el8", "arch_op": "pattern match" }, "dKTnwBWQXrodDyq0efE+iA==": { "id": "dKTnwBWQXrodDyq0efE+iA==", "updater": "rhel-vex", "name": "CVE-2022-40303", "description": "A flaw was found in libxml2. Parsing a XML document with the XML_PARSE_HUGE option enabled can result in an integer overflow because safety checks were missing in some functions. Also, the xmlParseEntityValue function didn't have any length limitation.", "issued": "2022-10-14T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-40303 https://bugzilla.redhat.com/show_bug.cgi?id=2136266 https://www.cve.org/CVERecord?id=CVE-2022-40303 https://nvd.nist.gov/vuln/detail/CVE-2022-40303 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-40303.json https://access.redhat.com/errata/RHSA-2023:0173", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.9.7-15.el8_7.1", "arch_op": "pattern match" }, "dP3lH6efxI+rDx/3sfqhTQ==": { "id": "dP3lH6efxI+rDx/3sfqhTQ==", "updater": "rhel-vex", "name": "CVE-2020-11023", "description": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery's DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.", "issued": "2020-04-29T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-11023 https://bugzilla.redhat.com/show_bug.cgi?id=1850004 https://www.cve.org/CVERecord?id=CVE-2020-11023 https://nvd.nist.gov/vuln/detail/CVE-2020-11023 https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-11023.json https://access.redhat.com/errata/RHSA-2025:1301", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "libgcc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:8.5.0-23.el8_10", "arch_op": "pattern match" }, "dTu/y4C8jFna4JvXmym/NQ==": { "id": "dTu/y4C8jFna4JvXmym/NQ==", "updater": "rhel-vex", "name": "CVE-2023-4911", "description": "A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.", "issued": "2023-10-03T17:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4911 https://bugzilla.redhat.com/show_bug.cgi?id=2238352 https://www.cve.org/CVERecord?id=CVE-2023-4911 https://nvd.nist.gov/vuln/detail/CVE-2023-4911 https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt https://www.qualys.com/cve-2023-4911/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4911.json https://access.redhat.com/errata/RHSA-2023:5455", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "glibc-minimal-langpack", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.28-225.el8_8.6", "arch_op": "pattern match" }, "dUct0H4Fen89ZeNxqRrDMg==": { "id": "dUct0H4Fen89ZeNxqRrDMg==", "updater": "rhel-vex", "name": "CVE-2025-5917", "description": "A vulnerability has been identified in the libarchive library. This flaw involves an 'off-by-one' miscalculation when handling prefixes and suffixes for file names. This can lead to a 1-byte write overflow. While seemingly small, such an overflow can corrupt adjacent memory, leading to unpredictable program behavior, crashes, or in specific circumstances, could be leveraged as a building block for more sophisticated exploitation.", "issued": "2025-05-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5917 https://bugzilla.redhat.com/show_bug.cgi?id=2370874 https://www.cve.org/CVERecord?id=CVE-2025-5917 https://nvd.nist.gov/vuln/detail/CVE-2025-5917 https://github.com/libarchive/libarchive/pull/2588 https://github.com/libarchive/libarchive/releases/tag/v3.8.0 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5917.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "dhMoh9p3gbOIA7u0sGqGCQ==": { "id": "dhMoh9p3gbOIA7u0sGqGCQ==", "updater": "rhel-vex", "name": "CVE-2015-20107", "description": "A command injection vulnerability was found in the Python mailcap module. The issue occurs due to not adding escape characters into the system mailcap file commands. This flaw allows attackers to inject shell commands into applications that call the mailcap.findmatch function with untrusted input.", "issued": "2015-08-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2015-20107 https://bugzilla.redhat.com/show_bug.cgi?id=2075390 https://www.cve.org/CVERecord?id=CVE-2015-20107 https://nvd.nist.gov/vuln/detail/CVE-2015-20107 https://python-security.readthedocs.io/vuln/mailcap-shell-injection.html https://security.access.redhat.com/data/csaf/v2/vex/2015/cve-2015-20107.json https://access.redhat.com/errata/RHSA-2022:6457", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "python3-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-47.el8_6", "arch_op": "pattern match" }, "do9QkBm4gctUE+HcvuyHiQ==": { "id": "do9QkBm4gctUE+HcvuyHiQ==", "updater": "rhel-vex", "name": "CVE-2024-33600", "description": "A flaw was found in the glibc netgroup cache. After a failed cache insertion, addgetnetgrentX tries to send the non-existing response after the not-found header. This can lead to a null pointer dereference that causes a crash or exit.", "issued": "2024-04-24T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-33600 https://bugzilla.redhat.com/show_bug.cgi?id=2277204 https://www.cve.org/CVERecord?id=CVE-2024-33600 https://nvd.nist.gov/vuln/detail/CVE-2024-33600 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-33600.json https://access.redhat.com/errata/RHSA-2024:3344", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.28-251.el8_10.2", "arch_op": "pattern match" }, "eEIOPn4/BUr8ja4EtI6IHQ==": { "id": "eEIOPn4/BUr8ja4EtI6IHQ==", "updater": "rhel-vex", "name": "CVE-2023-38471", "description": "A vulnerability was found in Avahi. A reachable assertion exists in the dbus_set_host_name function.", "issued": "2023-04-26T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-38471 https://bugzilla.redhat.com/show_bug.cgi?id=2191691 https://www.cve.org/CVERecord?id=CVE-2023-38471 https://nvd.nist.gov/vuln/detail/CVE-2023-38471 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-38471.json https://access.redhat.com/errata/RHSA-2023:7836", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "avahi-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:0.7-21.el8_9.1", "arch_op": "pattern match" }, "eGsbfyK/NIuDPMhuewKzbg==": { "id": "eGsbfyK/NIuDPMhuewKzbg==", "updater": "rhel-vex", "name": "CVE-2024-21094", "description": "A flaw was found in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data.\r\n\r\nNote: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security.", "issued": "2024-04-16T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-21094 https://bugzilla.redhat.com/show_bug.cgi?id=2275005 https://www.cve.org/CVERecord?id=CVE-2024-21094 https://nvd.nist.gov/vuln/detail/CVE-2024-21094 https://www.oracle.com/security-alerts/cpuapr2024.html#AppendixJAVA https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-21094.json https://access.redhat.com/errata/RHSA-2024:1825", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.11.0.9-2.el8", "arch_op": "pattern match" }, "eIxHveLHtbaG2Gvw5MNLGw==": { "id": "eIxHveLHtbaG2Gvw5MNLGw==", "updater": "rhel-vex", "name": "CVE-2023-28322", "description": "A use-after-free flaw was found in the Curl package. This issue may lead to unintended information disclosure by the application.", "issued": "2023-05-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-28322 https://bugzilla.redhat.com/show_bug.cgi?id=2196793 https://www.cve.org/CVERecord?id=CVE-2023-28322 https://nvd.nist.gov/vuln/detail/CVE-2023-28322 https://curl.se/docs/CVE-2023-28322.html https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-28322.json https://access.redhat.com/errata/RHSA-2024:1601", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "libcurl", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:7.61.1-33.el8_9.5", "arch_op": "pattern match" }, "eNwsUNYw4TmBGCsePQ1C+w==": { "id": "eNwsUNYw4TmBGCsePQ1C+w==", "updater": "rhel-vex", "name": "CVE-2023-4806", "description": "A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags.", "issued": "2023-09-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4806 https://bugzilla.redhat.com/show_bug.cgi?id=2237782 https://www.cve.org/CVERecord?id=CVE-2023-4806 https://nvd.nist.gov/vuln/detail/CVE-2023-4806 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4806.json https://access.redhat.com/errata/RHSA-2023:5455", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc-minimal-langpack", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.28-225.el8_8.6", "arch_op": "pattern match" }, "eOlvg4lqTz3Su6Gyzrf9Ag==": { "id": "eOlvg4lqTz3Su6Gyzrf9Ag==", "updater": "rhel-vex", "name": "CVE-2023-6918", "description": "A flaw was found in the libssh implements abstract layer for message digest (MD) operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the uninitialized memory as an input for the KDF. In this case, non-matching keys will result in decryption/integrity failures, terminating the connection.", "issued": "2023-12-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-6918 https://bugzilla.redhat.com/show_bug.cgi?id=2254997 https://www.cve.org/CVERecord?id=CVE-2023-6918 https://nvd.nist.gov/vuln/detail/CVE-2023-6918 https://www.libssh.org/2023/12/18/libssh-0-10-6-and-libssh-0-9-8-security-releases/ https://www.libssh.org/security/advisories/CVE-2023-6918.txt https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-6918.json https://access.redhat.com/errata/RHSA-2024:3233", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libssh", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:0.9.6-14.el8", "arch_op": "pattern match" }, "eTtgQuxLR2tdfiRwFY3Gjw==": { "id": "eTtgQuxLR2tdfiRwFY3Gjw==", "updater": "rhel-vex", "name": "CVE-2022-27776", "description": "A vulnerability was found in curl. This security flaw allows leak authentication or cookie header data on HTTP redirects to the same host but another port number. Sending the same set of headers to a server on a different port number is a problem for applications that pass on custom `Authorization:` or `Cookie:`headers. Those headers often contain privacy-sensitive information or data.", "issued": "2022-04-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-27776 https://bugzilla.redhat.com/show_bug.cgi?id=2078408 https://www.cve.org/CVERecord?id=CVE-2022-27776 https://nvd.nist.gov/vuln/detail/CVE-2022-27776 https://curl.se/docs/CVE-2022-27776.html https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-27776.json https://access.redhat.com/errata/RHSA-2022:5313", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "libcurl", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:7.61.1-22.el8_6.3", "arch_op": "pattern match" }, "eUbosfSkltEvzBkXVc+Bqw==": { "id": "eUbosfSkltEvzBkXVc+Bqw==", "updater": "rhel-vex", "name": "CVE-2022-21619", "description": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).", "issued": "2022-10-18T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-21619 https://bugzilla.redhat.com/show_bug.cgi?id=2133745 https://www.cve.org/CVERecord?id=CVE-2022-21619 https://nvd.nist.gov/vuln/detail/CVE-2022-21619 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-21619.json https://access.redhat.com/errata/RHSA-2022:7000", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.5.0.8-2.el8_6", "arch_op": "pattern match" }, "efY13QnKfvccAqcHDbXHGg==": { "id": "efY13QnKfvccAqcHDbXHGg==", "updater": "rhel-vex", "name": "CVE-2023-38472", "description": "A vulnerability was found in Avahi. A reachable assertion exists in the avahi_rdata_parse() function.", "issued": "2023-04-26T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-38472 https://bugzilla.redhat.com/show_bug.cgi?id=2191692 https://www.cve.org/CVERecord?id=CVE-2023-38472 https://nvd.nist.gov/vuln/detail/CVE-2023-38472 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-38472.json https://access.redhat.com/errata/RHSA-2023:7836", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "avahi-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:0.7-21.el8_9.1", "arch_op": "pattern match" }, "eqoqeJN8gMUINJLH2PXP7g==": { "id": "eqoqeJN8gMUINJLH2PXP7g==", "updater": "rhel-vex", "name": "CVE-2018-1000654", "description": "GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 contains a DoS, specifically CPU usage will reach 100% when running asn1Paser against the POC due to an issue in _asn1_expand_object_id(p_tree), after a long time, the program will be killed. This attack appears to be exploitable via parsing a crafted file.", "issued": "2018-08-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2018-1000654 https://bugzilla.redhat.com/show_bug.cgi?id=1621972 https://www.cve.org/CVERecord?id=CVE-2018-1000654 https://nvd.nist.gov/vuln/detail/CVE-2018-1000654 https://security.access.redhat.com/data/csaf/v2/vex/2018/cve-2018-1000654.json", "severity": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libtasn1", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ewHp/5RPgtChNiB8fQaApQ==": { "id": "ewHp/5RPgtChNiB8fQaApQ==", "updater": "rhel-vex", "name": "CVE-2020-21674", "description": "Heap-based buffer overflow in archive_string_append_from_wcs() (archive_string.c) in libarchive-3.4.1dev allows remote attackers to cause a denial of service (out-of-bounds write in heap memory resulting into a crash) via a crafted archive file. NOTE: this only affects users who downloaded the development code from GitHub. Users of the product's official releases are unaffected.", "issued": "2019-12-28T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-21674 https://bugzilla.redhat.com/show_bug.cgi?id=1888786 https://www.cve.org/CVERecord?id=CVE-2020-21674 https://nvd.nist.gov/vuln/detail/CVE-2020-21674 https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-21674.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ey8J9hZfodcj21DYLkBN5Q==": { "id": "ey8J9hZfodcj21DYLkBN5Q==", "updater": "rhel-vex", "name": "CVE-2024-33602", "description": "A flaw was found in the glibc netgroup cache. The buffer-resizing code in addgetnetgrentX assumes that all string pointers point into the supplied buffer. This can potentially lead to memory corruption and cause a crash.", "issued": "2024-04-24T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-33602 https://bugzilla.redhat.com/show_bug.cgi?id=2277206 https://www.cve.org/CVERecord?id=CVE-2024-33602 https://nvd.nist.gov/vuln/detail/CVE-2024-33602 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-33602.json https://access.redhat.com/errata/RHSA-2024:3344", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "glibc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.28-251.el8_10.2", "arch_op": "pattern match" }, "f+mifhQGaTax4VvJBSCSpg==": { "id": "f+mifhQGaTax4VvJBSCSpg==", "updater": "rhel-vex", "name": "CVE-2022-48560", "description": "A use-after-free vulnerability was found in Python via the heappushpop function in the heapq module. This flaw allows an attacker to submit a specially crafted request, causing a service disruption that leads to a denial of service attack.", "issued": "2023-08-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-48560 https://bugzilla.redhat.com/show_bug.cgi?id=2249755 https://www.cve.org/CVERecord?id=CVE-2022-48560 https://nvd.nist.gov/vuln/detail/CVE-2022-48560 https://bugs.python.org/issue39421 https://github.com/python/cpython/issues/83602 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-48560.json https://access.redhat.com/errata/RHSA-2024:0114", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "platform-python", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-56.el8_9.2", "arch_op": "pattern match" }, "f07gzc6bhMznO+y2blff4w==": { "id": "f07gzc6bhMznO+y2blff4w==", "updater": "rhel-vex", "name": "CVE-2024-4032", "description": "A flaw was found in Python. The ipaddress module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private”. Due to this issue, it is possible that values will not be returned in accordance with the latest information from the IANA Special-Purpose Address Registries.", "issued": "2024-06-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-4032 https://bugzilla.redhat.com/show_bug.cgi?id=2292921 https://www.cve.org/CVERecord?id=CVE-2024-4032 https://nvd.nist.gov/vuln/detail/CVE-2024-4032 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-4032.json https://access.redhat.com/errata/RHSA-2024:6975", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "platform-python", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-67.el8_10", "arch_op": "pattern match" }, "f0km1zTP88JT7aYTZ7d8MQ==": { "id": "f0km1zTP88JT7aYTZ7d8MQ==", "updater": "rhel-vex", "name": "CVE-2023-46218", "description": "A flaw was found in curl that verifies a given cookie domain against the Public Suffix List. This issue could allow a malicious HTTP server to set \"super cookies\" in curl that are passed back to more origins than what is otherwise allowed or possible.", "issued": "2023-12-06T07:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-46218 https://bugzilla.redhat.com/show_bug.cgi?id=2252030 https://www.cve.org/CVERecord?id=CVE-2023-46218 https://nvd.nist.gov/vuln/detail/CVE-2023-46218 https://curl.se/docs/CVE-2023-46218.html https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-46218.json https://access.redhat.com/errata/RHSA-2024:1601", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:7.61.1-33.el8_9.5", "arch_op": "pattern match" }, "fExn+ODrunWOcAM6sOMY2Q==": { "id": "fExn+ODrunWOcAM6sOMY2Q==", "updater": "rhel-vex", "name": "CVE-2020-10735", "description": "A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int(\"text\"), a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits (float, decimal, int.from_bytes(), and int() for binary bases 2, 4, 8, 16, and 32 are not affected). The highest threat from this vulnerability is to system availability.", "issued": "2022-09-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-10735 https://bugzilla.redhat.com/show_bug.cgi?id=1834423 https://www.cve.org/CVERecord?id=CVE-2020-10735 https://nvd.nist.gov/vuln/detail/CVE-2020-10735 https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-10735.json https://access.redhat.com/errata/RHSA-2023:0833", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "python3-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-48.el8_7.1", "arch_op": "pattern match" }, "fKt72w71goWuZiVh+wHa+g==": { "id": "fKt72w71goWuZiVh+wHa+g==", "updater": "rhel-vex", "name": "CVE-2022-43680", "description": "A use-after-free flaw was found in the Expat package, caused by destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. This may lead to availability disruptions.", "issued": "2022-10-24T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-43680 https://bugzilla.redhat.com/show_bug.cgi?id=2140059 https://www.cve.org/CVERecord?id=CVE-2022-43680 https://nvd.nist.gov/vuln/detail/CVE-2022-43680 https://github.com/libexpat/libexpat/issues/649 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-43680.json https://access.redhat.com/errata/RHSA-2023:0103", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "expat", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.2.5-10.el8_7.1", "arch_op": "pattern match" }, "fXpWtuXNPi3tb2edhk37bw==": { "id": "fXpWtuXNPi3tb2edhk37bw==", "updater": "rhel-vex", "name": "CVE-2024-2236", "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", "issued": "2024-03-06T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-2236 https://bugzilla.redhat.com/show_bug.cgi?id=2245218 https://www.cve.org/CVERecord?id=CVE-2024-2236 https://nvd.nist.gov/vuln/detail/CVE-2024-2236 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-2236.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "libgcrypt", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "fayrPya6DVXP9weWvA6obQ==": { "id": "fayrPya6DVXP9weWvA6obQ==", "updater": "rhel-vex", "name": "CVE-2024-7264", "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "issued": "2024-07-31T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-7264 https://bugzilla.redhat.com/show_bug.cgi?id=2301888 https://www.cve.org/CVERecord?id=CVE-2024-7264 https://nvd.nist.gov/vuln/detail/CVE-2024-7264 https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixMSQL https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-7264.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "fbasw5HIvtLhMJi0PCBjEA==": { "id": "fbasw5HIvtLhMJi0PCBjEA==", "updater": "rhel-vex", "name": "CVE-2023-7104", "description": "A vulnerability was found in SQLite3. This issue affects the sessionReadRecord function of the ext/session/sqlite3session.c function in the make alltest Handler component. Manipulation may cause a heap-based buffer overflow to occur.", "issued": "2023-12-29T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-7104 https://bugzilla.redhat.com/show_bug.cgi?id=2256194 https://www.cve.org/CVERecord?id=CVE-2023-7104 https://nvd.nist.gov/vuln/detail/CVE-2023-7104 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-7104.json https://access.redhat.com/errata/RHSA-2024:0253", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "sqlite-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.26.0-19.el8_9", "arch_op": "pattern match" }, "ffHVt37/ZGxBo8sMZpdwQQ==": { "id": "ffHVt37/ZGxBo8sMZpdwQQ==", "updater": "rhel-vex", "name": "CVE-2022-21549", "description": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 17.0.3.1; Oracle GraalVM Enterprise Edition: 21.3.2 and 22.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).", "issued": "2022-07-19T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-21549 https://bugzilla.redhat.com/show_bug.cgi?id=2108547 https://www.cve.org/CVERecord?id=CVE-2022-21549 https://nvd.nist.gov/vuln/detail/CVE-2022-21549 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-21549.json https://access.redhat.com/errata/RHSA-2022:5726", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.4.0.8-2.el8_6", "arch_op": "pattern match" }, "fotaIKpz80a9St4ZCdXtGg==": { "id": "fotaIKpz80a9St4ZCdXtGg==", "updater": "rhel-vex", "name": "CVE-2020-35525", "description": "A NULL pointer dereference flaw was found in select.c of SQLite. An out-of-memory error occurs while an early out on the INTERSECT query is processing. This flaw allows an attacker to execute a potential NULL pointer dereference.", "issued": "2020-02-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-35525 https://bugzilla.redhat.com/show_bug.cgi?id=2122324 https://www.cve.org/CVERecord?id=CVE-2020-35525 https://nvd.nist.gov/vuln/detail/CVE-2020-35525 https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-35525.json https://access.redhat.com/errata/RHSA-2022:7108", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "sqlite-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.26.0-16.el8_6", "arch_op": "pattern match" }, "fsOyUQZjzqQ9jgr0bJS+gA==": { "id": "fsOyUQZjzqQ9jgr0bJS+gA==", "updater": "rhel-vex", "name": "CVE-2023-4911", "description": "A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.", "issued": "2023-10-03T17:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4911 https://bugzilla.redhat.com/show_bug.cgi?id=2238352 https://www.cve.org/CVERecord?id=CVE-2023-4911 https://nvd.nist.gov/vuln/detail/CVE-2023-4911 https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt https://www.qualys.com/cve-2023-4911/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4911.json https://access.redhat.com/errata/RHSA-2023:5455", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "glibc-common", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.28-225.el8_8.6", "arch_op": "pattern match" }, "fvGjL9hw9hDQockMTb7lrA==": { "id": "fvGjL9hw9hDQockMTb7lrA==", "updater": "rhel-vex", "name": "CVE-2021-4209", "description": "A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances.", "issued": "2021-12-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-4209 https://bugzilla.redhat.com/show_bug.cgi?id=2044156 https://www.cve.org/CVERecord?id=CVE-2021-4209 https://nvd.nist.gov/vuln/detail/CVE-2021-4209 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-4209.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "gnutls", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "g5LZdgQezHXnQfGOzFdKXw==": { "id": "g5LZdgQezHXnQfGOzFdKXw==", "updater": "rhel-vex", "name": "CVE-2025-47273", "description": "A path traversal vulnerability in the Python setuptools library allows attackers with limited system access to write files outside the intended temporary directory by manipulating package download URLs. This flaw bypasses basic filename sanitization and can lead to unauthorized overwrites of important system files, creating opportunities for further compromise. While it doesn't expose data or require user interaction, it poses a high integrity risk and is especially concerning in environments that rely on automated package handling or internal tooling built on setuptools.", "issued": "2025-05-17T15:46:11Z", "links": "https://access.redhat.com/security/cve/CVE-2025-47273 https://bugzilla.redhat.com/show_bug.cgi?id=2366982 https://www.cve.org/CVERecord?id=CVE-2025-47273 https://nvd.nist.gov/vuln/detail/CVE-2025-47273 https://github.com/pypa/setuptools/blob/6ead555c5fb29bc57fe6105b1bffc163f56fd558/setuptools/package_index.py#L810C1-L825C88 https://github.com/pypa/setuptools/commit/250a6d17978f9f6ac3ac887091f2d32886fbbb0b https://github.com/pypa/setuptools/issues/4946 https://github.com/pypa/setuptools/security/advisories/GHSA-5rjg-fvgr-3xxf https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-47273.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "python-setuptools", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "gO6zvBRDTB4rta0/41e1gQ==": { "id": "gO6zvBRDTB4rta0/41e1gQ==", "updater": "rhel-vex", "name": "CVE-2025-32415", "description": "In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used.", "issued": "2025-04-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-32415 https://bugzilla.redhat.com/show_bug.cgi?id=2360768 https://www.cve.org/CVERecord?id=CVE-2025-32415 https://nvd.nist.gov/vuln/detail/CVE-2025-32415 https://gitlab.gnome.org/GNOME/libxml2/-/issues/890 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-32415.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "gVESKEIZBaB5Ell+PC1whQ==": { "id": "gVESKEIZBaB5Ell+PC1whQ==", "updater": "rhel-vex", "name": "CVE-2024-33602", "description": "A flaw was found in the glibc netgroup cache. The buffer-resizing code in addgetnetgrentX assumes that all string pointers point into the supplied buffer. This can potentially lead to memory corruption and cause a crash.", "issued": "2024-04-24T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-33602 https://bugzilla.redhat.com/show_bug.cgi?id=2277206 https://www.cve.org/CVERecord?id=CVE-2024-33602 https://nvd.nist.gov/vuln/detail/CVE-2024-33602 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-33602.json https://access.redhat.com/errata/RHSA-2024:3344", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "glibc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.28-251.el8_10.2", "arch_op": "pattern match" }, "gY0X2Ivz08MuFcbtUAjw4Q==": { "id": "gY0X2Ivz08MuFcbtUAjw4Q==", "updater": "rhel-vex", "name": "CVE-2022-2068", "description": "A flaw was found in OpenSSL. The issue in CVE-2022-1292 did not find other places in the `c_rehash` script where it possibly passed the file names of certificates being hashed to a command executed through the shell. Some operating systems distribute this script in a manner where it is automatically executed. On these operating systems, this flaw allows an attacker to execute arbitrary commands with the privileges of the script.", "issued": "2022-06-21T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-2068 https://bugzilla.redhat.com/show_bug.cgi?id=2097310 https://www.cve.org/CVERecord?id=CVE-2022-2068 https://nvd.nist.gov/vuln/detail/CVE-2022-2068 https://www.openssl.org/news/secadv/20220621.txt https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-2068.json https://access.redhat.com/errata/RHSA-2022:5818", "severity": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:1.1.1k-7.el8_6", "arch_op": "pattern match" }, "gZak1oPB4mrHNgIOnZCrjg==": { "id": "gZak1oPB4mrHNgIOnZCrjg==", "updater": "rhel-vex", "name": "CVE-2024-13176", "description": "A timing side-channel vulnerability was found in OpenSSL. This vulnerability allows an attacker to recover the private key. However, measuring the timing would require local access to the signing application or a fast network connection with low latency. There is a timing signal of around 300 nanoseconds when the top word of the inverted ECDSA nonce value is zero. This issue can happen with significant probability only for some of the supported elliptic curves. In particular, the NIST P-521 curve is affected.", "issued": "2025-01-20T13:29:57Z", "links": "https://access.redhat.com/security/cve/CVE-2024-13176 https://bugzilla.redhat.com/show_bug.cgi?id=2338999 https://www.cve.org/CVERecord?id=CVE-2024-13176 https://nvd.nist.gov/vuln/detail/CVE-2024-13176 https://github.com/openssl/openssl/commit/2af62e74fb59bc469506bc37eb2990ea408d9467 https://github.com/openssl/openssl/commit/392dcb336405a0c94486aa6655057f59fd3a0902 https://github.com/openssl/openssl/commit/4b1cb94a734a7d4ec363ac0a215a25c181e11f65 https://github.com/openssl/openssl/commit/77c608f4c8857e63e98e66444e2e761c9627916f https://github.openssl.org/openssl/extended-releases/commit/0d5fd1ab987f7571e2c955d8d8b638fc0fb54ded https://github.openssl.org/openssl/extended-releases/commit/a2639000db19878d5d89586ae7b725080592ae86 https://openssl-library.org/news/secadv/20250120.txt https://www.oracle.com/security-alerts/cpuapr2025.html#AppendixMSQL https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-13176.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "gagftKXuSuh9pi4dRu9yPQ==": { "id": "gagftKXuSuh9pi4dRu9yPQ==", "updater": "rhel-vex", "name": "CVE-2024-2511", "description": "A flaw was found in OpenSSL. A malicious client can trigger an uncontrolled memory consumption, resulting in a Denial of Service. This issue occurs due to OpenSSL's TLSv1.3 session cache going into an incorrect state, leading to it failing to flush properly as it fills. OpenSSL must be configured with the non-default SSL_OP_NO_TICKET option enabled to be vulnerable. This issue only affects TLSv1.3 servers, while TLS clients are not affected.", "issued": "2024-04-08T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-2511 https://bugzilla.redhat.com/show_bug.cgi?id=2274020 https://www.cve.org/CVERecord?id=CVE-2024-2511 https://nvd.nist.gov/vuln/detail/CVE-2024-2511 https://www.openssl.org/news/vulnerabilities.html https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-2511.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "gcwLQ0nzcXGeX+WVj5zBaA==": { "id": "gcwLQ0nzcXGeX+WVj5zBaA==", "updater": "rhel-vex", "name": "CVE-2023-5455", "description": "A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of confidentiality and system integrity. During community penetration testing it was found that for certain HTTP end-points FreeIPA does not ensure CSRF protection. Due to implementation details one cannot use this flaw for reflection of a cookie representing already logged-in user. An attacker would always have to go through a new authentication attempt.", "issued": "2024-01-10T06:30:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-5455 https://bugzilla.redhat.com/show_bug.cgi?id=2242828 https://www.cve.org/CVERecord?id=CVE-2023-5455 https://nvd.nist.gov/vuln/detail/CVE-2023-5455 https://www.freeipa.org/release-notes/4-10-3.html https://www.freeipa.org/release-notes/4-11-1.html https://www.freeipa.org/release-notes/4-6-10.html https://www.freeipa.org/release-notes/4-9-14.html https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-5455.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "krb5", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "gnPnOLbj2/V0jyJHgTPljA==": { "id": "gnPnOLbj2/V0jyJHgTPljA==", "updater": "rhel-vex", "name": "CVE-2025-4802", "description": "A flaw was found in the glibc library. A statically linked setuid binary that calls dlopen(), including internal dlopen() calls after setlocale() or calls to NSS functions such as getaddrinfo(), may incorrectly search LD_LIBRARY_PATH to determine which library to load, allowing a local attacker to load malicious shared libraries, escalate privileges and execute arbitrary code.", "issued": "2025-05-16T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-4802 https://bugzilla.redhat.com/show_bug.cgi?id=2367468 https://www.cve.org/CVERecord?id=CVE-2025-4802 https://nvd.nist.gov/vuln/detail/CVE-2025-4802 https://www.openwall.com/lists/oss-security/2025/05/16/7 https://www.openwall.com/lists/oss-security/2025/05/17/2 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-4802.json https://access.redhat.com/errata/RHSA-2025:8686", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc-minimal-langpack", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.28-251.el8_10.22", "arch_op": "pattern match" }, "gqNlp+zMbwHq1FhCyd5krQ==": { "id": "gqNlp+zMbwHq1FhCyd5krQ==", "updater": "rhel-vex", "name": "CVE-2023-48795", "description": "A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.", "issued": "2023-12-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-48795 https://bugzilla.redhat.com/show_bug.cgi?id=2254210 https://www.cve.org/CVERecord?id=CVE-2023-48795 https://nvd.nist.gov/vuln/detail/CVE-2023-48795 https://access.redhat.com/solutions/7071748 https://terrapin-attack.com/ https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-48795.json https://access.redhat.com/errata/RHSA-2024:0628", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "libssh-config", "version": "", "kind": "binary", "normalized_version": "", "arch": "noarch", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:0.9.6-13.el8_9", "arch_op": "pattern match" }, "gwgU9MEYef7tGC9huNJmjA==": { "id": "gwgU9MEYef7tGC9huNJmjA==", "updater": "rhel-vex", "name": "CVE-2022-2509", "description": "A vulnerability was found in gnutls. This issue is due to a double-free error that occurs during the verification of pkcs7 signatures in the gnutls_pkcs7_verify function.", "issued": "2022-07-29T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-2509 https://bugzilla.redhat.com/show_bug.cgi?id=2108977 https://www.cve.org/CVERecord?id=CVE-2022-2509 https://nvd.nist.gov/vuln/detail/CVE-2022-2509 https://gnutls.org/security-new.html#GNUTLS-SA-2022-07-07 https://lists.gnupg.org/pipermail/gnutls-help/2022-July/004746.html https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-2509.json https://access.redhat.com/errata/RHSA-2022:7105", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "gnutls", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.6.16-5.el8_6", "arch_op": "pattern match" }, "h9JXqFcXq7vA+7yXIEuGfQ==": { "id": "h9JXqFcXq7vA+7yXIEuGfQ==", "updater": "rhel-vex", "name": "CVE-2023-38470", "description": "A vulnerability was found in Avahi. A reachable assertion exists in the avahi_escape_label() function.", "issued": "2023-04-26T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-38470 https://bugzilla.redhat.com/show_bug.cgi?id=2191690 https://www.cve.org/CVERecord?id=CVE-2023-38470 https://nvd.nist.gov/vuln/detail/CVE-2023-38470 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-38470.json https://access.redhat.com/errata/RHSA-2023:7836", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "avahi-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:0.7-21.el8_9.1", "arch_op": "pattern match" }, "hTubippsZ0CGktd0YrC9Iw==": { "id": "hTubippsZ0CGktd0YrC9Iw==", "updater": "rhel-vex", "name": "CVE-2024-2961", "description": "An out-of-bounds write flaw was found in the ISO-2022-CN-EXT plugin for glibc's iconv library. When converting from UCS4 charset, adding certain escape charterers is required to indicate where the charset was changed to the library. During this process, iconv improperly checks the boundaries of internal buffers, leading to a buffer overflow, which allows writing up to 3 bytes outside the desired memory location. This issue may allow an attacker to craft a malicious characters sequence that will trigger the out-of-bounds write and perform remote code execution, presenting a high impact to the Integrity, Confidentiality, and Availability triad.", "issued": "2024-04-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-2961 https://bugzilla.redhat.com/show_bug.cgi?id=2273404 https://www.cve.org/CVERecord?id=CVE-2024-2961 https://nvd.nist.gov/vuln/detail/CVE-2024-2961 https://www.openwall.com/lists/oss-security/2024/04/17/9 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-2961.json https://access.redhat.com/errata/RHSA-2024:3269", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "glibc-common", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.28-251.el8_10.1", "arch_op": "pattern match" }, "havwgv5z7TxcCEPKPQ7K9Q==": { "id": "havwgv5z7TxcCEPKPQ7K9Q==", "updater": "rhel-vex", "name": "CVE-2023-4806", "description": "A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags.", "issued": "2023-09-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4806 https://bugzilla.redhat.com/show_bug.cgi?id=2237782 https://www.cve.org/CVERecord?id=CVE-2023-4806 https://nvd.nist.gov/vuln/detail/CVE-2023-4806 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4806.json https://access.redhat.com/errata/RHSA-2023:5455", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc-common", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.28-225.el8_8.6", "arch_op": "pattern match" }, "hmeqTWiD2AyHreDwAk5zEA==": { "id": "hmeqTWiD2AyHreDwAk5zEA==", "updater": "rhel-vex", "name": "CVE-2024-45491", "description": "An issue was found in libexpat’s internal dtdCopy function in xmlparse.c, It can have an integer overflow for nDefaultAtts on 32-bit platforms where UINT_MAX equals SIZE_MAX.", "issued": "2024-08-30T03:15:03Z", "links": "https://access.redhat.com/security/cve/CVE-2024-45491 https://bugzilla.redhat.com/show_bug.cgi?id=2308616 https://www.cve.org/CVERecord?id=CVE-2024-45491 https://nvd.nist.gov/vuln/detail/CVE-2024-45491 https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes https://github.com/libexpat/libexpat/issues/888 https://github.com/libexpat/libexpat/pull/891 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-45491.json https://access.redhat.com/errata/RHSA-2024:6989", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "expat", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.2.5-15.el8_10", "arch_op": "pattern match" }, "hppUsF0legX7lWORapWe7g==": { "id": "hppUsF0legX7lWORapWe7g==", "updater": "rhel-vex", "name": "CVE-2024-6232", "description": "A regular expression denial of service (ReDos) vulnerability was found in Python's tarfile module. Due to excessive backtracking while tarfile parses headers, an attacker may be able to trigger a denial of service via a specially crafted tar archive.", "issued": "2024-09-03T13:15:05Z", "links": "https://access.redhat.com/security/cve/CVE-2024-6232 https://bugzilla.redhat.com/show_bug.cgi?id=2309426 https://www.cve.org/CVERecord?id=CVE-2024-6232 https://nvd.nist.gov/vuln/detail/CVE-2024-6232 https://github.com/python/cpython/issues/121285 https://github.com/python/cpython/pull/121286 https://mail.python.org/archives/list/security-announce@python.org/thread/JRYFTPRHZRTLMZLWQEUHZSJXNHM4ACTY/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-6232.json https://access.redhat.com/errata/RHSA-2024:6975", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "python3-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-67.el8_10", "arch_op": "pattern match" }, "i+WrWvb8ia7fSchciC2NIA==": { "id": "i+WrWvb8ia7fSchciC2NIA==", "updater": "rhel-vex", "name": "CVE-2023-22006", "description": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N).", "issued": "2023-07-18T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-22006 https://bugzilla.redhat.com/show_bug.cgi?id=2221626 https://www.cve.org/CVERecord?id=CVE-2023-22006 https://nvd.nist.gov/vuln/detail/CVE-2023-22006 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-22006.json https://access.redhat.com/errata/RHSA-2023:4159", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.8.0.7-2.el8", "arch_op": "pattern match" }, "i2VJiQc09WdLRrYlgROY4g==": { "id": "i2VJiQc09WdLRrYlgROY4g==", "updater": "rhel-vex", "name": "CVE-2023-27043", "description": "The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python.", "issued": "2023-04-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-27043 https://bugzilla.redhat.com/show_bug.cgi?id=2196183 https://www.cve.org/CVERecord?id=CVE-2023-27043 https://nvd.nist.gov/vuln/detail/CVE-2023-27043 https://access.redhat.com/articles/7051467 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-27043.json https://access.redhat.com/errata/RHSA-2024:0256", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "platform-python", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-56.el8_9.3", "arch_op": "pattern match" }, "i5aQNmtFwY4Id/H1OcQ2Cw==": { "id": "i5aQNmtFwY4Id/H1OcQ2Cw==", "updater": "rhel-vex", "name": "CVE-2023-38469", "description": "A vulnerability was found in Avahi, where a reachable assertion exists in avahi_dns_packet_append_record.", "issued": "2023-04-26T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-38469 https://bugzilla.redhat.com/show_bug.cgi?id=2191687 https://www.cve.org/CVERecord?id=CVE-2023-38469 https://nvd.nist.gov/vuln/detail/CVE-2023-38469 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-38469.json https://access.redhat.com/errata/RHSA-2023:7836", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "avahi-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:0.7-21.el8_9.1", "arch_op": "pattern match" }, "i9gRgWelYzL7dgZUCFlj5Q==": { "id": "i9gRgWelYzL7dgZUCFlj5Q==", "updater": "rhel-vex", "name": "CVE-2022-0530", "description": "A flaw was found in Unzip. The vulnerability occurs during the conversion of a UTF-8 string to a local string that leads to a segmentation fault. This flaw allows an attacker to input a specially crafted zip file, leading to a crash.", "issued": "2022-01-31T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-0530 https://bugzilla.redhat.com/show_bug.cgi?id=2051395 https://www.cve.org/CVERecord?id=CVE-2022-0530 https://nvd.nist.gov/vuln/detail/CVE-2022-0530 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-0530.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "unzip", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "iBlxrK2NH9SLDa3YW66J9w==": { "id": "iBlxrK2NH9SLDa3YW66J9w==", "updater": "rhel-vex", "name": "CVE-2023-22049", "description": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).", "issued": "2023-07-18T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-22049 https://bugzilla.redhat.com/show_bug.cgi?id=2221647 https://www.cve.org/CVERecord?id=CVE-2023-22049 https://nvd.nist.gov/vuln/detail/CVE-2023-22049 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-22049.json https://access.redhat.com/errata/RHSA-2023:4159", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.8.0.7-2.el8", "arch_op": "pattern match" }, "iYkhHLb5QUhydGOHhj7OoA==": { "id": "iYkhHLb5QUhydGOHhj7OoA==", "updater": "rhel-vex", "name": "CVE-2025-4802", "description": "A flaw was found in the glibc library. A statically linked setuid binary that calls dlopen(), including internal dlopen() calls after setlocale() or calls to NSS functions such as getaddrinfo(), may incorrectly search LD_LIBRARY_PATH to determine which library to load, allowing a local attacker to load malicious shared libraries, escalate privileges and execute arbitrary code.", "issued": "2025-05-16T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-4802 https://bugzilla.redhat.com/show_bug.cgi?id=2367468 https://www.cve.org/CVERecord?id=CVE-2025-4802 https://nvd.nist.gov/vuln/detail/CVE-2025-4802 https://www.openwall.com/lists/oss-security/2025/05/16/7 https://www.openwall.com/lists/oss-security/2025/05/17/2 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-4802.json https://access.redhat.com/errata/RHSA-2025:8686", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc-common", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.28-251.el8_10.22", "arch_op": "pattern match" }, "icj6a8bc4dYK/DJNvkU0+A==": { "id": "icj6a8bc4dYK/DJNvkU0+A==", "updater": "rhel-vex", "name": "CVE-2022-41409", "description": "A flaw was found in PCRE2, where it is susceptible to an integer overflow vulnerability triggered by a negative repeat value in the pcre2test subject line that causes infinite looping. This flaw allows a remote attacker to pass specially crafted data to the application, initiating an integer overflow and executing a denial of service (DoS) attack.", "issued": "2023-07-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-41409 https://bugzilla.redhat.com/show_bug.cgi?id=2260814 https://www.cve.org/CVERecord?id=CVE-2022-41409 https://nvd.nist.gov/vuln/detail/CVE-2022-41409 https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35 https://github.com/PCRE2Project/pcre2/issues/141 https://github.com/advisories/GHSA-4qfx-v7wh-3q4j https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-41409.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "pcre2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "j1B9rh6x/Shr00583Fm/gg==": { "id": "j1B9rh6x/Shr00583Fm/gg==", "updater": "rhel-vex", "name": "CVE-2023-28484", "description": "A NULL pointer dereference vulnerability was found in libxml2. This issue occurs when parsing (invalid) XML schemas.", "issued": "2023-04-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-28484 https://bugzilla.redhat.com/show_bug.cgi?id=2185994 https://www.cve.org/CVERecord?id=CVE-2023-28484 https://nvd.nist.gov/vuln/detail/CVE-2023-28484 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-28484.json https://access.redhat.com/errata/RHSA-2023:4529", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.9.7-16.el8_8.1", "arch_op": "pattern match" }, "j8YmUSbHLORXj+i5Mtknvw==": { "id": "j8YmUSbHLORXj+i5Mtknvw==", "updater": "rhel-vex", "name": "CVE-2021-28861", "description": "A vulnerability was found in python. This security flaw causes an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of the URI path. This issue may lead to information disclosure.", "issued": "2022-08-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-28861 https://bugzilla.redhat.com/show_bug.cgi?id=2120642 https://www.cve.org/CVERecord?id=CVE-2021-28861 https://nvd.nist.gov/vuln/detail/CVE-2021-28861 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-28861.json https://access.redhat.com/errata/RHSA-2023:0833", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "platform-python", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-48.el8_7.1", "arch_op": "pattern match" }, "jERMA/+L5tOAwtIbJdCp4Q==": { "id": "jERMA/+L5tOAwtIbJdCp4Q==", "updater": "rhel-vex", "name": "CVE-2022-21628", "description": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Lightweight HTTP Server). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "issued": "2022-10-18T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-21628 https://bugzilla.redhat.com/show_bug.cgi?id=2133769 https://www.cve.org/CVERecord?id=CVE-2022-21628 https://nvd.nist.gov/vuln/detail/CVE-2022-21628 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-21628.json https://access.redhat.com/errata/RHSA-2022:7000", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.5.0.8-2.el8_6", "arch_op": "pattern match" }, "jHXrqfXFS2613cOsnAbbPQ==": { "id": "jHXrqfXFS2613cOsnAbbPQ==", "updater": "rhel-vex", "name": "CVE-2022-1292", "description": "A flaw was found in OpenSSL. The `c_rehash` script does not properly sanitize shell meta-characters to prevent command injection. Some operating systems distribute this script in a manner where it is automatically executed. This flaw allows an attacker to execute arbitrary commands with the privileges of the script on these operating systems.", "issued": "2022-05-03T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-1292 https://bugzilla.redhat.com/show_bug.cgi?id=2081494 https://www.cve.org/CVERecord?id=CVE-2022-1292 https://nvd.nist.gov/vuln/detail/CVE-2022-1292 https://www.openssl.org/news/secadv/20220503.txt https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-1292.json https://access.redhat.com/errata/RHSA-2022:5818", "severity": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:1.1.1k-7.el8_6", "arch_op": "pattern match" }, "jHi92E7/EboO54Bh8cBB2w==": { "id": "jHi92E7/EboO54Bh8cBB2w==", "updater": "rhel-vex", "name": "CVE-2022-40897", "description": "A flaw was found in Python Setuptools due to a regular expression Denial of Service (ReDoS) present in package_index.py. This issue could allow a remote attacker to cause a denial of service via HTML in a crafted package or custom PackageIndex page.", "issued": "2022-12-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-40897 https://bugzilla.redhat.com/show_bug.cgi?id=2158559 https://www.cve.org/CVERecord?id=CVE-2022-40897 https://nvd.nist.gov/vuln/detail/CVE-2022-40897 https://pyup.io/vulnerabilities/CVE-2022-40897/52495/ https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-40897.json https://access.redhat.com/errata/RHSA-2023:0835", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "platform-python-setuptools", "version": "", "kind": "binary", "normalized_version": "", "arch": "noarch", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:39.2.0-6.el8_7.1", "arch_op": "pattern match" }, "jJZxGEs6W0UoNszCBT+BbA==": { "id": "jJZxGEs6W0UoNszCBT+BbA==", "updater": "rhel-vex", "name": "CVE-2023-27535", "description": "A flaw was found in the Curl package. Libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. However, several FTP settings were left out from the configuration match checks, making them match too easily. The problematic settings are `CURLOPT_FTP_ACCOUNT`, `CURLOPT_FTP_ALTERNATIVE_TO_USER`, `CURLOPT_FTP_SSL_CCC` and `CURLOPT_USE_SSL` level.", "issued": "2023-03-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-27535 https://bugzilla.redhat.com/show_bug.cgi?id=2179073 https://www.cve.org/CVERecord?id=CVE-2023-27535 https://nvd.nist.gov/vuln/detail/CVE-2023-27535 https://curl.se/docs/CVE-2023-27535.html https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-27535.json https://access.redhat.com/errata/RHSA-2023:3106", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "libcurl", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:7.61.1-30.el8_8.2", "arch_op": "pattern match" }, "jLAoZmKVOHrnt9mnufsmwA==": { "id": "jLAoZmKVOHrnt9mnufsmwA==", "updater": "rhel-vex", "name": "CVE-2023-22081", "description": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise Edition: 20.3.11, 21.3.7 and 22.3.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "issued": "2023-10-17T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-22081 https://bugzilla.redhat.com/show_bug.cgi?id=2243627 https://www.cve.org/CVERecord?id=CVE-2023-22081 https://nvd.nist.gov/vuln/detail/CVE-2023-22081 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-22081.json https://access.redhat.com/errata/RHSA-2023:5751", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.9.0.9-2.el8", "arch_op": "pattern match" }, "jguV9kU5iHC5V/cF3+b/tg==": { "id": "jguV9kU5iHC5V/cF3+b/tg==", "updater": "rhel-vex", "name": "CVE-2025-3360", "description": "A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the g_date_time_new_from_iso8601() function.", "issued": "2025-04-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-3360 https://bugzilla.redhat.com/show_bug.cgi?id=2357754 https://www.cve.org/CVERecord?id=CVE-2025-3360 https://nvd.nist.gov/vuln/detail/CVE-2025-3360 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-3360.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "jqhqk8o/+99KqV26DBZ2OQ==": { "id": "jqhqk8o/+99KqV26DBZ2OQ==", "updater": "rhel-vex", "name": "CVE-2023-1667", "description": "A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of service.", "issued": "2023-04-30T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-1667 https://bugzilla.redhat.com/show_bug.cgi?id=2182199 https://www.cve.org/CVERecord?id=CVE-2023-1667 https://nvd.nist.gov/vuln/detail/CVE-2023-1667 http://www.libssh.org/security/advisories/CVE-2023-1667.txt https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-1667.json https://access.redhat.com/errata/RHSA-2023:3839", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "libssh", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:0.9.6-10.el8_8", "arch_op": "pattern match" }, "jt0t59uqf5Ysdznl6XSAXA==": { "id": "jt0t59uqf5Ysdznl6XSAXA==", "updater": "rhel-vex", "name": "CVE-2023-27535", "description": "A flaw was found in the Curl package. Libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. However, several FTP settings were left out from the configuration match checks, making them match too easily. The problematic settings are `CURLOPT_FTP_ACCOUNT`, `CURLOPT_FTP_ALTERNATIVE_TO_USER`, `CURLOPT_FTP_SSL_CCC` and `CURLOPT_USE_SSL` level.", "issued": "2023-03-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-27535 https://bugzilla.redhat.com/show_bug.cgi?id=2179073 https://www.cve.org/CVERecord?id=CVE-2023-27535 https://nvd.nist.gov/vuln/detail/CVE-2023-27535 https://curl.se/docs/CVE-2023-27535.html https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-27535.json https://access.redhat.com/errata/RHSA-2023:3106", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:7.61.1-30.el8_8.2", "arch_op": "pattern match" }, "k4h1ljDFG4vbtDcBj51PfQ==": { "id": "k4h1ljDFG4vbtDcBj51PfQ==", "updater": "rhel-vex", "name": "CVE-2022-42010", "description": "A vulnerability found in D-bus. This flaw allows an authenticated attacker to cause dbus-daemon and other programs that use libdbus to crash when receiving a message with specific invalid type signatures.", "issued": "2022-10-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-42010 https://bugzilla.redhat.com/show_bug.cgi?id=2133616 https://www.cve.org/CVERecord?id=CVE-2022-42010 https://nvd.nist.gov/vuln/detail/CVE-2022-42010 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-42010.json https://access.redhat.com/errata/RHSA-2023:0096", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "dbus-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:1.12.8-23.el8_7.1", "arch_op": "pattern match" }, "k6yDpahkU2/ZfGq/aUK2dw==": { "id": "k6yDpahkU2/ZfGq/aUK2dw==", "updater": "rhel-vex", "name": "CVE-2024-56171", "description": "A flaw was found in libxml2. This vulnerability allows a use-after-free via a crafted XML document validated against an XML schema with certain identity constraints or a crafted XML schema.", "issued": "2025-02-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-56171 https://bugzilla.redhat.com/show_bug.cgi?id=2346416 https://www.cve.org/CVERecord?id=CVE-2024-56171 https://nvd.nist.gov/vuln/detail/CVE-2024-56171 https://gitlab.gnome.org/GNOME/libxml2/-/issues/828 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-56171.json https://access.redhat.com/errata/RHSA-2025:2686", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "libxml2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.9.7-19.el8_10", "arch_op": "pattern match" }, "kXU0r9dog4PIJG+D3RoOMg==": { "id": "kXU0r9dog4PIJG+D3RoOMg==", "updater": "rhel-vex", "name": "CVE-2022-3857", "description": "[REJECTED CVE] A issue has been identified with libpng in png_setup_paeth_row() function. A crafted PNG image from a n attacker can lead to a segmentation fault and Denial of service.", "issued": "2022-11-04T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-3857 https://bugzilla.redhat.com/show_bug.cgi?id=2142600 https://www.cve.org/CVERecord?id=CVE-2022-3857 https://nvd.nist.gov/vuln/detail/CVE-2022-3857 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-3857.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "libpng", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "kYYDrncBncmKkmFnSd5t3w==": { "id": "kYYDrncBncmKkmFnSd5t3w==", "updater": "rhel-vex", "name": "CVE-2017-6519", "description": "avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets. NOTE: this may overlap CVE-2015-2809.", "issued": "2015-03-31T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2017-6519 https://bugzilla.redhat.com/show_bug.cgi?id=1426712 https://www.cve.org/CVERecord?id=CVE-2017-6519 https://nvd.nist.gov/vuln/detail/CVE-2017-6519 https://www.kb.cert.org/vuls/id/550620 https://security.access.redhat.com/data/csaf/v2/vex/2017/cve-2017-6519.json", "severity": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "avahi", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "kc9wfQbgmYFKmu0N/WviEg==": { "id": "kc9wfQbgmYFKmu0N/WviEg==", "updater": "rhel-vex", "name": "CVE-2024-20919", "description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service.", "issued": "2024-01-16T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-20919 https://bugzilla.redhat.com/show_bug.cgi?id=2257853 https://www.cve.org/CVERecord?id=CVE-2024-20919 https://nvd.nist.gov/vuln/detail/CVE-2024-20919 https://www.oracle.com/security-alerts/cpujan2024.html#AppendixJAVA https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-20919.json https://access.redhat.com/errata/RHSA-2024:0267", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.10.0.7-2.el8", "arch_op": "pattern match" }, "kk1lCt4kV+DgvM5q8b7new==": { "id": "kk1lCt4kV+DgvM5q8b7new==", "updater": "rhel-vex", "name": "CVE-2025-4802", "description": "A flaw was found in the glibc library. A statically linked setuid binary that calls dlopen(), including internal dlopen() calls after setlocale() or calls to NSS functions such as getaddrinfo(), may incorrectly search LD_LIBRARY_PATH to determine which library to load, allowing a local attacker to load malicious shared libraries, escalate privileges and execute arbitrary code.", "issued": "2025-05-16T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-4802 https://bugzilla.redhat.com/show_bug.cgi?id=2367468 https://www.cve.org/CVERecord?id=CVE-2025-4802 https://nvd.nist.gov/vuln/detail/CVE-2025-4802 https://www.openwall.com/lists/oss-security/2025/05/16/7 https://www.openwall.com/lists/oss-security/2025/05/17/2 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-4802.json https://access.redhat.com/errata/RHSA-2025:8686", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.28-251.el8_10.22", "arch_op": "pattern match" }, "kl+nHl+uiNLzyLIPmJZ+2A==": { "id": "kl+nHl+uiNLzyLIPmJZ+2A==", "updater": "rhel-vex", "name": "CVE-2023-29491", "description": "A vulnerability was found in ncurses and occurs when used by a setuid application. This flaw allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.", "issued": "2023-04-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-29491 https://bugzilla.redhat.com/show_bug.cgi?id=2191704 https://www.cve.org/CVERecord?id=CVE-2023-29491 https://nvd.nist.gov/vuln/detail/CVE-2023-29491 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-29491.json https://access.redhat.com/errata/RHSA-2023:5249", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "ncurses-base", "version": "", "kind": "binary", "normalized_version": "", "arch": "noarch", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:6.1-9.20180224.el8_8.1", "arch_op": "pattern match" }, "krjhsgVS6cWh58tlL6ugfg==": { "id": "krjhsgVS6cWh58tlL6ugfg==", "updater": "rhel-vex", "name": "CVE-2023-5388", "description": "It was discovered that the numerical library used in NSS for RSA cryptography leaks information whether high order bits of the RSA decryption result are zero. This information can be used to mount a Bleichenbacher or Manger like attack against all RSA decryption operations. As the leak happens before any padding operations, it affects all padding modes: PKCS#1 v1.5, OAEP, and RSASVP. Both API level calls and TLS server operation are affected.", "issued": "2023-10-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-5388 https://bugzilla.redhat.com/show_bug.cgi?id=2243644 https://www.cve.org/CVERecord?id=CVE-2023-5388 https://nvd.nist.gov/vuln/detail/CVE-2023-5388 https://www.mozilla.org/en-US/security/advisories/mfsa2024-13/#CVE-2023-5388 https://www.mozilla.org/en-US/security/advisories/mfsa2024-14/#CVE-2023-5388 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-5388.json https://access.redhat.com/errata/RHSA-2024:0105", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "nss", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.90.0-4.el8_9", "arch_op": "pattern match" }, "l1/qopzsE7Edjkd1o4THEA==": { "id": "l1/qopzsE7Edjkd1o4THEA==", "updater": "rhel-vex", "name": "CVE-2024-21068", "description": "A flaw was found in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data.\r\n\r\nNote: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security.", "issued": "2024-04-16T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-21068 https://bugzilla.redhat.com/show_bug.cgi?id=2275003 https://www.cve.org/CVERecord?id=CVE-2024-21068 https://nvd.nist.gov/vuln/detail/CVE-2024-21068 https://www.oracle.com/security-alerts/cpuapr2024.html#AppendixJAVA https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-21068.json https://access.redhat.com/errata/RHSA-2024:1825", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.11.0.9-2.el8", "arch_op": "pattern match" }, "lHXxq+uu8bqjCiNYJSLThw==": { "id": "lHXxq+uu8bqjCiNYJSLThw==", "updater": "rhel-vex", "name": "CVE-2022-34903", "description": "A vulnerability was found in GnuPG. This issue occurs due to an escape detection loop at the write_status_text_and_buffer() function in g10/cpr.c. This flaw allows a malicious actor to bypass access control.", "issued": "2022-06-30T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-34903 https://bugzilla.redhat.com/show_bug.cgi?id=2102868 https://www.cve.org/CVERecord?id=CVE-2022-34903 https://nvd.nist.gov/vuln/detail/CVE-2022-34903 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-34903.json https://access.redhat.com/errata/RHSA-2022:6463", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.2.20-3.el8_6", "arch_op": "pattern match" }, "lJBDe4u1RTOYApw/wCGRBw==": { "id": "lJBDe4u1RTOYApw/wCGRBw==", "updater": "rhel-vex", "name": "CVE-2024-6923", "description": "A vulnerability was found in the email module that uses Python language. The email module doesn't properly quote new lines in email headers. This flaw allows an attacker to inject email headers that could, among other possibilities, add hidden email destinations or inject content into the email, impacting data confidentiality and integrity.", "issued": "2024-08-01T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-6923 https://bugzilla.redhat.com/show_bug.cgi?id=2302255 https://www.cve.org/CVERecord?id=CVE-2024-6923 https://nvd.nist.gov/vuln/detail/CVE-2024-6923 https://github.com/python/cpython/issues/121650 https://github.com/python/cpython/pull/122233 https://mail.python.org/archives/list/security-announce@python.org/thread/QH3BUOE2DYQBWP7NAQ7UNHPPOELKISRW/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-6923.json https://access.redhat.com/errata/RHSA-2024:6975", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-67.el8_10", "arch_op": "pattern match" }, "lMO/fWY33YTgxeTQS9ahOQ==": { "id": "lMO/fWY33YTgxeTQS9ahOQ==", "updater": "rhel-vex", "name": "CVE-2023-4813", "description": "A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge.", "issued": "2022-03-01T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4813 https://bugzilla.redhat.com/show_bug.cgi?id=2237798 https://www.cve.org/CVERecord?id=CVE-2023-4813 https://nvd.nist.gov/vuln/detail/CVE-2023-4813 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4813.json https://access.redhat.com/errata/RHSA-2023:5455", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc-common", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.28-225.el8_8.6", "arch_op": "pattern match" }, "lXomMj4ef+u4GYISqoXJSA==": { "id": "lXomMj4ef+u4GYISqoXJSA==", "updater": "rhel-vex", "name": "CVE-2022-27404", "description": "A heap buffer overflow flaw was found in Freetype’s sfnt_init_face() function in the sfobjs.c file. The vulnerability occurs when creating a face with a strange file and invalid index. This flaw allows an attacker to read a small amount of memory, causing the application to crash.", "issued": "2022-04-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-27404 https://bugzilla.redhat.com/show_bug.cgi?id=2077989 https://www.cve.org/CVERecord?id=CVE-2022-27404 https://nvd.nist.gov/vuln/detail/CVE-2022-27404 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-27404.json https://access.redhat.com/errata/RHSA-2022:7745", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "freetype", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.9.1-9.el8", "arch_op": "pattern match" }, "lbwTAHoHLyYT3AIO+M7x0A==": { "id": "lbwTAHoHLyYT3AIO+M7x0A==", "updater": "rhel-vex", "name": "CVE-2022-25314", "description": "An integer overflow flaw was found in expat. This issue affects the encoding name parameter at the parser creation time, which is often hard-coded (rather than user input), takes a value in the gigabytes to trigger, and on a 64-bit machine. This flaw can cause a denial of service.", "issued": "2022-02-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-25314 https://bugzilla.redhat.com/show_bug.cgi?id=2056354 https://www.cve.org/CVERecord?id=CVE-2022-25314 https://nvd.nist.gov/vuln/detail/CVE-2022-25314 https://blog.hartwork.org/posts/expat-2-4-5-released/ https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-25314.json https://access.redhat.com/errata/RHSA-2022:5314", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "expat", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.2.5-8.el8_6.2", "arch_op": "pattern match" }, "lkpy3aG6JVPgJ/H4gsHLxg==": { "id": "lkpy3aG6JVPgJ/H4gsHLxg==", "updater": "rhel-vex", "name": "CVE-2023-4911", "description": "A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.", "issued": "2023-10-03T17:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4911 https://bugzilla.redhat.com/show_bug.cgi?id=2238352 https://www.cve.org/CVERecord?id=CVE-2023-4911 https://nvd.nist.gov/vuln/detail/CVE-2023-4911 https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt https://www.qualys.com/cve-2023-4911/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4911.json https://access.redhat.com/errata/RHSA-2023:5455", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "glibc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.28-225.el8_8.6", "arch_op": "pattern match" }, "lt63SpZsP/G28WfMx2j4zg==": { "id": "lt63SpZsP/G28WfMx2j4zg==", "updater": "rhel-vex", "name": "CVE-2025-49796", "description": "A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.", "issued": "2025-06-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-49796 https://bugzilla.redhat.com/show_bug.cgi?id=2372385 https://www.cve.org/CVERecord?id=CVE-2025-49796 https://nvd.nist.gov/vuln/detail/CVE-2025-49796 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-49796.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "lztZZhM8DKOpSD1UaKxSYA==": { "id": "lztZZhM8DKOpSD1UaKxSYA==", "updater": "rhel-vex", "name": "CVE-2023-5388", "description": "It was discovered that the numerical library used in NSS for RSA cryptography leaks information whether high order bits of the RSA decryption result are zero. This information can be used to mount a Bleichenbacher or Manger like attack against all RSA decryption operations. As the leak happens before any padding operations, it affects all padding modes: PKCS#1 v1.5, OAEP, and RSASVP. Both API level calls and TLS server operation are affected.", "issued": "2023-10-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-5388 https://bugzilla.redhat.com/show_bug.cgi?id=2243644 https://www.cve.org/CVERecord?id=CVE-2023-5388 https://nvd.nist.gov/vuln/detail/CVE-2023-5388 https://www.mozilla.org/en-US/security/advisories/mfsa2024-13/#CVE-2023-5388 https://www.mozilla.org/en-US/security/advisories/mfsa2024-14/#CVE-2023-5388 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-5388.json https://access.redhat.com/errata/RHSA-2024:0105", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "nss-util", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.90.0-4.el8_9", "arch_op": "pattern match" }, "m04qKG8oaclOoLS97g+q9g==": { "id": "m04qKG8oaclOoLS97g+q9g==", "updater": "rhel-vex", "name": "CVE-2024-2961", "description": "An out-of-bounds write flaw was found in the ISO-2022-CN-EXT plugin for glibc's iconv library. When converting from UCS4 charset, adding certain escape charterers is required to indicate where the charset was changed to the library. During this process, iconv improperly checks the boundaries of internal buffers, leading to a buffer overflow, which allows writing up to 3 bytes outside the desired memory location. This issue may allow an attacker to craft a malicious characters sequence that will trigger the out-of-bounds write and perform remote code execution, presenting a high impact to the Integrity, Confidentiality, and Availability triad.", "issued": "2024-04-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-2961 https://bugzilla.redhat.com/show_bug.cgi?id=2273404 https://www.cve.org/CVERecord?id=CVE-2024-2961 https://nvd.nist.gov/vuln/detail/CVE-2024-2961 https://www.openwall.com/lists/oss-security/2024/04/17/9 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-2961.json https://access.redhat.com/errata/RHSA-2024:3269", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "glibc-minimal-langpack", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.28-251.el8_10.1", "arch_op": "pattern match" }, "m1XLddmNhywlmwx0uiasAA==": { "id": "m1XLddmNhywlmwx0uiasAA==", "updater": "rhel-vex", "name": "CVE-2023-6597", "description": "A flaw was found in the tempfile.TemporaryDirectory class in python3/cpython3. The class may dereference symbolic links during permission-related errors, resulting in users that run privileged programs being able to modify permissions of files referenced by the symbolic link.", "issued": "2024-03-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-6597 https://bugzilla.redhat.com/show_bug.cgi?id=2276518 https://www.cve.org/CVERecord?id=CVE-2023-6597 https://nvd.nist.gov/vuln/detail/CVE-2023-6597 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-6597.json https://access.redhat.com/errata/RHSA-2024:3347", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", "normalized_severity": "High", "package": { "id": "", "name": "platform-python", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-62.el8_10", "arch_op": "pattern match" }, "m8ueKfgkaYIYTU+xtIQcwA==": { "id": "m8ueKfgkaYIYTU+xtIQcwA==", "updater": "rhel-vex", "name": "CVE-2022-3857", "description": "[REJECTED CVE] A issue has been identified with libpng in png_setup_paeth_row() function. A crafted PNG image from a n attacker can lead to a segmentation fault and Denial of service.", "issued": "2022-11-04T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-3857 https://bugzilla.redhat.com/show_bug.cgi?id=2142600 https://www.cve.org/CVERecord?id=CVE-2022-3857 https://nvd.nist.gov/vuln/detail/CVE-2022-3857 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-3857.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "java-17-openjdk", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "mRazAXjBcgFrTolNDZHDsA==": { "id": "mRazAXjBcgFrTolNDZHDsA==", "updater": "rhel-vex", "name": "CVE-2025-6069", "description": "A denial-of-service (DoS) vulnerability has been discovered in Python's html.parser.HTMLParser class. When processing specially malformed HTML input, the parsing runtime can become quadratic with respect to the input size. This significantly increased processing time can lead to excessive resource consumption, ultimately causing a denial-of-service condition in applications that rely on this parser.", "issued": "2025-06-17T13:39:46Z", "links": "https://access.redhat.com/security/cve/CVE-2025-6069 https://bugzilla.redhat.com/show_bug.cgi?id=2373234 https://www.cve.org/CVERecord?id=CVE-2025-6069 https://nvd.nist.gov/vuln/detail/CVE-2025-6069 https://github.com/python/cpython/commit/4455cbabf991e202185a25a631af206f60bbc949 https://github.com/python/cpython/commit/6eb6c5dbfb528bd07d77b60fd71fd05d81d45c41 https://github.com/python/cpython/commit/d851f8e258c7328814943e923a7df81bca15df4b https://github.com/python/cpython/issues/135462 https://github.com/python/cpython/pull/135464 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-6069.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "mTRhXv2RRRE1V99LYYJaQQ==": { "id": "mTRhXv2RRRE1V99LYYJaQQ==", "updater": "rhel-vex", "name": "CVE-2023-4527", "description": "A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash.", "issued": "2023-09-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4527 https://bugzilla.redhat.com/show_bug.cgi?id=2234712 https://www.cve.org/CVERecord?id=CVE-2023-4527 https://nvd.nist.gov/vuln/detail/CVE-2023-4527 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4527.json https://access.redhat.com/errata/RHSA-2023:5455", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.28-225.el8_8.6", "arch_op": "pattern match" }, "mdqYN2l1XmMgVsj/nxOlTg==": { "id": "mdqYN2l1XmMgVsj/nxOlTg==", "updater": "rhel-vex", "name": "CVE-2025-0395", "description": "A flaw was found in the GNU C Library (glibc). A buffer overflow condition via the `assert()` function may be triggered due to glibc not allocating enough space for the assertion failure message string and size information. In certain conditions, a local attacker can exploit this, potentially leading to an application crash or other undefined behavior.", "issued": "2025-01-22T13:11:30Z", "links": "https://access.redhat.com/security/cve/CVE-2025-0395 https://bugzilla.redhat.com/show_bug.cgi?id=2339460 https://www.cve.org/CVERecord?id=CVE-2025-0395 https://nvd.nist.gov/vuln/detail/CVE-2025-0395 https://sourceware.org/bugzilla/show_bug.cgi?id=32582 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-0395.json https://access.redhat.com/errata/RHSA-2025:3828", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc-common", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.28-251.el8_10.16", "arch_op": "pattern match" }, "mzH5InrtX2D7A+1HPD0Ipg==": { "id": "mzH5InrtX2D7A+1HPD0Ipg==", "updater": "rhel-vex", "name": "CVE-2023-4813", "description": "A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge.", "issued": "2022-03-01T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4813 https://bugzilla.redhat.com/show_bug.cgi?id=2237798 https://www.cve.org/CVERecord?id=CVE-2023-4813 https://nvd.nist.gov/vuln/detail/CVE-2023-4813 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4813.json https://access.redhat.com/errata/RHSA-2023:5455", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.28-225.el8_8.6", "arch_op": "pattern match" }, "n+B8KykobCXAQ94pMr3HEQ==": { "id": "n+B8KykobCXAQ94pMr3HEQ==", "updater": "rhel-vex", "name": "CVE-2022-48564", "description": "A vulnerability was found in the Python core plistlib library within the read_ints() function in the plistlib.py file. In malformed input, the implementation can be manipulated to create an argument for struct.unpack(). This issue can lead to excessive CPU and memory consumption, resulting in a MemError, as it constructs the 'format' argument for unpack(). This flaw allows an attacker to employ a binary plist input, potentially executing a denial of service (DoS) attack by exhausting CPU and RAM resources.", "issued": "2023-08-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-48564 https://bugzilla.redhat.com/show_bug.cgi?id=2249750 https://www.cve.org/CVERecord?id=CVE-2022-48564 https://nvd.nist.gov/vuln/detail/CVE-2022-48564 https://bugs.python.org/issue42103 https://github.com/python/cpython/issues/86269 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-48564.json https://access.redhat.com/errata/RHSA-2024:0114", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "python3-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-56.el8_9.2", "arch_op": "pattern match" }, "n57uH3fsX2arO0SuWUsJhg==": { "id": "n57uH3fsX2arO0SuWUsJhg==", "updater": "rhel-vex", "name": "CVE-2024-33600", "description": "A flaw was found in the glibc netgroup cache. After a failed cache insertion, addgetnetgrentX tries to send the non-existing response after the not-found header. This can lead to a null pointer dereference that causes a crash or exit.", "issued": "2024-04-24T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-33600 https://bugzilla.redhat.com/show_bug.cgi?id=2277204 https://www.cve.org/CVERecord?id=CVE-2024-33600 https://nvd.nist.gov/vuln/detail/CVE-2024-33600 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-33600.json https://access.redhat.com/errata/RHSA-2024:3344", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc-common", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.28-251.el8_10.2", "arch_op": "pattern match" }, "n62NQEoNh2KDuo0RjqDKag==": { "id": "n62NQEoNh2KDuo0RjqDKag==", "updater": "rhel-vex", "name": "CVE-2023-6597", "description": "A flaw was found in the tempfile.TemporaryDirectory class in python3/cpython3. The class may dereference symbolic links during permission-related errors, resulting in users that run privileged programs being able to modify permissions of files referenced by the symbolic link.", "issued": "2024-03-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-6597 https://bugzilla.redhat.com/show_bug.cgi?id=2276518 https://www.cve.org/CVERecord?id=CVE-2023-6597 https://nvd.nist.gov/vuln/detail/CVE-2023-6597 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-6597.json https://access.redhat.com/errata/RHSA-2024:3347", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", "normalized_severity": "High", "package": { "id": "", "name": "python3-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-62.el8_10", "arch_op": "pattern match" }, "n7pgOvbE5kcvTytZ+btYxA==": { "id": "n7pgOvbE5kcvTytZ+btYxA==", "updater": "rhel-vex", "name": "CVE-2022-34169", "description": "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.", "issued": "2022-07-19T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-34169 https://bugzilla.redhat.com/show_bug.cgi?id=2108554 https://www.cve.org/CVERecord?id=CVE-2022-34169 https://nvd.nist.gov/vuln/detail/CVE-2022-34169 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-34169.json https://access.redhat.com/errata/RHSA-2022:5726", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "normalized_severity": "High", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.4.0.8-2.el8_6", "arch_op": "pattern match" }, "n83jaRl/T6kiaoMyWtX8xw==": { "id": "n83jaRl/T6kiaoMyWtX8xw==", "updater": "rhel-vex", "name": "CVE-2021-24032", "description": "A flaw was found in zstd. While the final file mode is reflective of the input file, when compressing or uncompressing, the file can temporarily gain greater permissions than the input and potentially leading to security issues (especially if large files are being handled).", "issued": "2021-02-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-24032 https://bugzilla.redhat.com/show_bug.cgi?id=1928090 https://www.cve.org/CVERecord?id=CVE-2021-24032 https://nvd.nist.gov/vuln/detail/CVE-2021-24032 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-24032.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "zstd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "n9TO3YkOGkrwZ3JXQbe6GQ==": { "id": "n9TO3YkOGkrwZ3JXQbe6GQ==", "updater": "rhel-vex", "name": "CVE-2023-40217", "description": "Python ssl.SSLSocket is vulnerable to a bypass of the TLS handshake in certain instances for HTTPS servers and other server-side protocols that use TLS client authentication such as mTLS. This issue may result in a breach of integrity as its possible to modify or delete resources that are authenticated only by a TLS certificate. No breach of confidentiality is possible.", "issued": "2023-08-25T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-40217 https://bugzilla.redhat.com/show_bug.cgi?id=2235789 https://www.cve.org/CVERecord?id=CVE-2023-40217 https://nvd.nist.gov/vuln/detail/CVE-2023-40217 https://github.com/python/cpython/issues/108310 https://github.com/python/cpython/pull/108315 https://mail.python.org/archives/list/security-announce@python.org/thread/PEPLII27KYHLF4AK3ZQGKYNCRERG4YXY/ https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-40217.json https://access.redhat.com/errata/RHSA-2023:5997", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N", "normalized_severity": "High", "package": { "id": "", "name": "python3-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-51.el8_8.2", "arch_op": "pattern match" }, "nNkfCouC7eKdpQ16WKRlmw==": { "id": "nNkfCouC7eKdpQ16WKRlmw==", "updater": "rhel-vex", "name": "CVE-2020-35527", "description": "An out-of-bounds read vulnerability was found in SQLite. This security flaw occurs when the ALTER TABLE for views has a nested FROM clause. This flaw allows an attacker to triage an out-of-bounds read and access confidential data successfully.", "issued": "2020-02-23T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-35527 https://bugzilla.redhat.com/show_bug.cgi?id=2122329 https://www.cve.org/CVERecord?id=CVE-2020-35527 https://nvd.nist.gov/vuln/detail/CVE-2020-35527 https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-35527.json https://access.redhat.com/errata/RHSA-2022:7108", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "sqlite-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.26.0-16.el8_6", "arch_op": "pattern match" }, "nXdrTPYJyewaIZB9ybDqoQ==": { "id": "nXdrTPYJyewaIZB9ybDqoQ==", "updater": "rhel-vex", "name": "CVE-2023-4806", "description": "A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags.", "issued": "2023-09-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4806 https://bugzilla.redhat.com/show_bug.cgi?id=2237782 https://www.cve.org/CVERecord?id=CVE-2023-4806 https://nvd.nist.gov/vuln/detail/CVE-2023-4806 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4806.json https://access.redhat.com/errata/RHSA-2023:5455", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc-minimal-langpack", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.28-225.el8_8.6", "arch_op": "pattern match" }, "nqU9dNTDJgnF1kHabSdMNw==": { "id": "nqU9dNTDJgnF1kHabSdMNw==", "updater": "rhel-vex", "name": "CVE-2022-42010", "description": "A vulnerability found in D-bus. This flaw allows an authenticated attacker to cause dbus-daemon and other programs that use libdbus to crash when receiving a message with specific invalid type signatures.", "issued": "2022-10-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-42010 https://bugzilla.redhat.com/show_bug.cgi?id=2133616 https://www.cve.org/CVERecord?id=CVE-2022-42010 https://nvd.nist.gov/vuln/detail/CVE-2022-42010 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-42010.json https://access.redhat.com/errata/RHSA-2023:0096", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "dbus-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:1.12.8-23.el8_7.1", "arch_op": "pattern match" }, "nxs3JIcLL2Mv7o8/51F1dw==": { "id": "nxs3JIcLL2Mv7o8/51F1dw==", "updater": "rhel-vex", "name": "CVE-2023-52425", "description": "A flaw was found in Expat (libexpat). When parsing a large token that requires multiple buffer fills to complete, Expat has to re-parse the token from start numerous times. This process may trigger excessive resource consumption, leading to a denial of service.", "issued": "2024-02-04T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-52425 https://bugzilla.redhat.com/show_bug.cgi?id=2262877 https://www.cve.org/CVERecord?id=CVE-2023-52425 https://nvd.nist.gov/vuln/detail/CVE-2023-52425 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-52425.json https://access.redhat.com/errata/RHSA-2024:1615", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "expat", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.2.5-11.el8_9.1", "arch_op": "pattern match" }, "o9iOw4os3AQQsV1P6JYQ/g==": { "id": "o9iOw4os3AQQsV1P6JYQ/g==", "updater": "rhel-vex", "name": "CVE-2023-4911", "description": "A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.", "issued": "2023-10-03T17:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4911 https://bugzilla.redhat.com/show_bug.cgi?id=2238352 https://www.cve.org/CVERecord?id=CVE-2023-4911 https://nvd.nist.gov/vuln/detail/CVE-2023-4911 https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt https://www.qualys.com/cve-2023-4911/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4911.json https://access.redhat.com/errata/RHSA-2023:5455", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "glibc-minimal-langpack", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.28-225.el8_8.6", "arch_op": "pattern match" }, "oH9GUrUZwnTD/B7HZXwX7A==": { "id": "oH9GUrUZwnTD/B7HZXwX7A==", "updater": "rhel-vex", "name": "CVE-2022-40674", "description": "A vulnerability was found in expat. With this flaw, it is possible to create a situation in which parsing is suspended while substituting in an internal entity so that XML_ResumeParser directly uses the internalEntityProcessor as its processor. If the subsequent parse includes some unclosed tags, this will return without calling storeRawNames to ensure that the raw versions of the tag names are stored in memory other than the parse buffer itself. Issues occur if the parse buffer is changed or reallocated (for example, if processing a file line by line), problems occur. Using this vulnerability in the doContent function allows an attacker to triage a denial of service or potentially arbitrary code execution.", "issued": "2022-09-14T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-40674 https://bugzilla.redhat.com/show_bug.cgi?id=2130769 https://www.cve.org/CVERecord?id=CVE-2022-40674 https://nvd.nist.gov/vuln/detail/CVE-2022-40674 https://blog.hartwork.org/posts/expat-2-4-9-released/ https://github.com/advisories/GHSA-2vq2-xc55-3j5m https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-40674.json https://access.redhat.com/errata/RHSA-2022:6878", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "expat", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.2.5-8.el8_6.3", "arch_op": "pattern match" }, "oJevmh6JId18tKfcAvK//Q==": { "id": "oJevmh6JId18tKfcAvK//Q==", "updater": "rhel-vex", "name": "CVE-2023-38470", "description": "A vulnerability was found in Avahi. A reachable assertion exists in the avahi_escape_label() function.", "issued": "2023-04-26T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-38470 https://bugzilla.redhat.com/show_bug.cgi?id=2191690 https://www.cve.org/CVERecord?id=CVE-2023-38470 https://nvd.nist.gov/vuln/detail/CVE-2023-38470 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-38470.json https://access.redhat.com/errata/RHSA-2023:7836", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "avahi-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:0.7-21.el8_9.1", "arch_op": "pattern match" }, "oP30Ow5/EeXOCXP35T9fnw==": { "id": "oP30Ow5/EeXOCXP35T9fnw==", "updater": "rhel-vex", "name": "CVE-2023-2283", "description": "A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in the`pki_verify_data_signature` function in memory allocation problems. This issue may happen if there is insufficient memory or the memory usage is limited. The problem is caused by the return value `rc,` which is initialized to SSH_ERROR and later rewritten to save the return value of the function call `pki_key_check_hash_compatible.` The value of the variable is not changed between this point and the cryptographic verification. Therefore any error between them calls `goto error` returning SSH_OK.", "issued": "2023-05-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-2283 https://bugzilla.redhat.com/show_bug.cgi?id=2189736 https://www.cve.org/CVERecord?id=CVE-2023-2283 https://nvd.nist.gov/vuln/detail/CVE-2023-2283 https://www.libssh.org/security/advisories/CVE-2023-2283.txt https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-2283.json https://access.redhat.com/errata/RHSA-2023:3839", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "libssh", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:0.9.6-10.el8_8", "arch_op": "pattern match" }, "oZ2HBP+W/SPEpO39t0rk9Q==": { "id": "oZ2HBP+W/SPEpO39t0rk9Q==", "updater": "rhel-vex", "name": "CVE-2022-35252", "description": "A vulnerability found in curl. This security flaw happens when curl is used to retrieve and parse cookies from an HTTP(S) server, where it accepts cookies using control codes (byte values below 32), and also when cookies that contain such control codes are later sent back to an HTTP(S) server, possibly causing the server to return a 400 response. This issue effectively allows a \"sister site\" to deny service to siblings and cause a denial of service attack.", "issued": "2022-08-31T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-35252 https://bugzilla.redhat.com/show_bug.cgi?id=2120718 https://www.cve.org/CVERecord?id=CVE-2022-35252 https://nvd.nist.gov/vuln/detail/CVE-2022-35252 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-35252.json https://access.redhat.com/errata/RHSA-2023:2963", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libcurl", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:7.61.1-30.el8", "arch_op": "pattern match" }, "oi+xJA0boxRY5yWPOBsJFw==": { "id": "oi+xJA0boxRY5yWPOBsJFw==", "updater": "rhel-vex", "name": "CVE-2022-36227", "description": "A flaw was found in libarchive. A missing check of the return value of the calloc function can cause a NULL pointer dereference in an out-of-memory condition or when a memory allocation limit is reached, resulting in the program linked with libarchive to crash.", "issued": "2022-07-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-36227 https://bugzilla.redhat.com/show_bug.cgi?id=2144972 https://www.cve.org/CVERecord?id=CVE-2022-36227 https://nvd.nist.gov/vuln/detail/CVE-2022-36227 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-36227.json https://access.redhat.com/errata/RHSA-2023:3018", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.3.3-5.el8", "arch_op": "pattern match" }, "ojs9EKTQUre0tExhDXVQIQ==": { "id": "ojs9EKTQUre0tExhDXVQIQ==", "updater": "rhel-vex", "name": "CVE-2023-21937", "description": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).", "issued": "2023-04-18T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-21937 https://bugzilla.redhat.com/show_bug.cgi?id=2187790 https://www.cve.org/CVERecord?id=CVE-2023-21937 https://nvd.nist.gov/vuln/detail/CVE-2023-21937 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-21937.json https://access.redhat.com/errata/RHSA-2023:1898", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.7.0.7-1.el8_7", "arch_op": "pattern match" }, "ouSt6xtRrHEbNlGnYNC0Uw==": { "id": "ouSt6xtRrHEbNlGnYNC0Uw==", "updater": "rhel-vex", "name": "CVE-2025-32414", "description": "A flaw was found in libxml2. This vulnerability allows out-of-bounds memory access via incorrect handling of return values in xmlPythonFileRead and xmlPythonFileReadRaw, due to a mismatch between bytes and characters.", "issued": "2025-04-08T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-32414 https://bugzilla.redhat.com/show_bug.cgi?id=2358121 https://www.cve.org/CVERecord?id=CVE-2025-32414 https://nvd.nist.gov/vuln/detail/CVE-2025-32414 https://gitlab.gnome.org/GNOME/libxml2/-/issues/889 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-32414.json https://access.redhat.com/errata/RHSA-2025:8958", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.9.7-20.el8_10", "arch_op": "pattern match" }, "ow8EEGUia8t2W6ehFm2Q1g==": { "id": "ow8EEGUia8t2W6ehFm2Q1g==", "updater": "rhel-vex", "name": "CVE-2023-0767", "description": "The Mozilla Foundation Security Advisory describes this flaw as:\r\n\r\nAn attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled.", "issued": "2023-02-14T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-0767 https://bugzilla.redhat.com/show_bug.cgi?id=2170377 https://www.cve.org/CVERecord?id=CVE-2023-0767 https://nvd.nist.gov/vuln/detail/CVE-2023-0767 https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-0767 https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-0767 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-0767.json https://access.redhat.com/errata/RHSA-2023:1252", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "nss", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.79.0-11.el8_7", "arch_op": "pattern match" }, "oyfakLKwkgiQvoEuhk9VTA==": { "id": "oyfakLKwkgiQvoEuhk9VTA==", "updater": "rhel-vex", "name": "CVE-2021-46848", "description": "An out-of-bounds read flaw was found in Libtasn1 due to an ETYPE_OK off-by-one error in the asn1_encode_simple_der() function. This flaw allows a remote attacker to pass specially crafted data or invalid values to the application, triggering an off-by-one error, corrupting the memory, and possibly performing a denial of service (DoS) attack.", "issued": "2022-10-24T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-46848 https://bugzilla.redhat.com/show_bug.cgi?id=2140058 https://www.cve.org/CVERecord?id=CVE-2021-46848 https://nvd.nist.gov/vuln/detail/CVE-2021-46848 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-46848.json https://access.redhat.com/errata/RHSA-2023:0116", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libtasn1", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:4.13-4.el8_7", "arch_op": "pattern match" }, "ozOABrlbDimrNXKHKTm4PQ==": { "id": "ozOABrlbDimrNXKHKTm4PQ==", "updater": "rhel-vex", "name": "CVE-2025-4517", "description": "A flaw was found in the CPython tarfile module. This vulnerability allows arbitrary filesystem writes outside the extraction directory via extracting untrusted tar archives using the TarFile.extractall() or TarFile.extract() methods with the extraction filter parameter set to \"data\" or \"tar\".", "issued": "2025-06-03T12:58:50Z", "links": "https://access.redhat.com/security/cve/CVE-2025-4517 https://bugzilla.redhat.com/show_bug.cgi?id=2370016 https://www.cve.org/CVERecord?id=CVE-2025-4517 https://nvd.nist.gov/vuln/detail/CVE-2025-4517 https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a https://github.com/python/cpython/issues/135034 https://github.com/python/cpython/pull/135037 https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-4517.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L", "normalized_severity": "High", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "p+MFXsGF7YbCXGsNdOy5gg==": { "id": "p+MFXsGF7YbCXGsNdOy5gg==", "updater": "rhel-vex", "name": "CVE-2023-7104", "description": "A vulnerability was found in SQLite3. This issue affects the sessionReadRecord function of the ext/session/sqlite3session.c function in the make alltest Handler component. Manipulation may cause a heap-based buffer overflow to occur.", "issued": "2023-12-29T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-7104 https://bugzilla.redhat.com/show_bug.cgi?id=2256194 https://www.cve.org/CVERecord?id=CVE-2023-7104 https://nvd.nist.gov/vuln/detail/CVE-2023-7104 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-7104.json https://access.redhat.com/errata/RHSA-2024:0253", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "sqlite-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.26.0-19.el8_9", "arch_op": "pattern match" }, "p2gxShXxoUHwRgR2ANJ+CQ==": { "id": "p2gxShXxoUHwRgR2ANJ+CQ==", "updater": "rhel-vex", "name": "CVE-2023-48161", "description": "A security flaw related to buffer overflow has been identified in GifLib. This flaw allows a nearby attacker to access sensitive information through the DumpSCreen2RGB function in gif2rgb.c.", "issued": "2023-11-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-48161 https://bugzilla.redhat.com/show_bug.cgi?id=2251025 https://www.cve.org/CVERecord?id=CVE-2023-48161 https://nvd.nist.gov/vuln/detail/CVE-2023-48161 https://github.com/tacetool/TACE#cve-2023-48161 https://sourceforge.net/p/giflib/bugs/167/ https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-48161.json https://access.redhat.com/errata/RHSA-2024:8124", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.13.0.11-3.el8", "arch_op": "pattern match" }, "p3B5sSxUcI3sJIaO9T4OXA==": { "id": "p3B5sSxUcI3sJIaO9T4OXA==", "updater": "rhel-vex", "name": "CVE-2025-5278", "description": "A flaw was found in GNU Coreutils. The sort utility's begfield() function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitive data.", "issued": "2025-05-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5278 https://bugzilla.redhat.com/show_bug.cgi?id=2368764 https://www.cve.org/CVERecord?id=CVE-2025-5278 https://nvd.nist.gov/vuln/detail/CVE-2025-5278 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5278.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "coreutils", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "p6VWIonYblKaG3Rwgi8WZg==": { "id": "p6VWIonYblKaG3Rwgi8WZg==", "updater": "rhel-vex", "name": "CVE-2022-0391", "description": "A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\\r' and '\\n' in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks.", "issued": "2021-04-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-0391 https://bugzilla.redhat.com/show_bug.cgi?id=2047376 https://www.cve.org/CVERecord?id=CVE-2022-0391 https://nvd.nist.gov/vuln/detail/CVE-2022-0391 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-0391.json https://access.redhat.com/errata/RHSA-2022:6457", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "platform-python", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-47.el8_6", "arch_op": "pattern match" }, "pA/gdUqtBf9C33OwLzVwUA==": { "id": "pA/gdUqtBf9C33OwLzVwUA==", "updater": "rhel-vex", "name": "CVE-2023-3446", "description": "A vulnerability was found in OpenSSL. This security flaw occurs because the applications that use the DH_check(), DH_check_ex(), or EVP_PKEY_param_check() functions to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source may lead to a denial of service.", "issued": "2023-07-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-3446 https://bugzilla.redhat.com/show_bug.cgi?id=2224962 https://www.cve.org/CVERecord?id=CVE-2023-3446 https://nvd.nist.gov/vuln/detail/CVE-2023-3446 https://www.openssl.org/news/secadv/20230719.txt https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-3446.json https://access.redhat.com/errata/RHSA-2023:7877", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:1.1.1k-12.el8_9", "arch_op": "pattern match" }, "pTZOjhousl549buzLryOCA==": { "id": "pTZOjhousl549buzLryOCA==", "updater": "rhel-vex", "name": "CVE-2023-4527", "description": "A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash.", "issued": "2023-09-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4527 https://bugzilla.redhat.com/show_bug.cgi?id=2234712 https://www.cve.org/CVERecord?id=CVE-2023-4527 https://nvd.nist.gov/vuln/detail/CVE-2023-4527 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4527.json https://access.redhat.com/errata/RHSA-2023:5455", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.28-225.el8_8.6", "arch_op": "pattern match" }, "pZcxvsmHDYPkwMOvqmwKtg==": { "id": "pZcxvsmHDYPkwMOvqmwKtg==", "updater": "rhel-vex", "name": "CVE-2023-4813", "description": "A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge.", "issued": "2022-03-01T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4813 https://bugzilla.redhat.com/show_bug.cgi?id=2237798 https://www.cve.org/CVERecord?id=CVE-2023-4813 https://nvd.nist.gov/vuln/detail/CVE-2023-4813 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4813.json https://access.redhat.com/errata/RHSA-2023:5455", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc-minimal-langpack", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.28-225.el8_8.6", "arch_op": "pattern match" }, "pfL9lFH8EnDQ1pcBADCdlw==": { "id": "pfL9lFH8EnDQ1pcBADCdlw==", "updater": "rhel-vex", "name": "CVE-2022-0391", "description": "A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\\r' and '\\n' in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks.", "issued": "2021-04-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-0391 https://bugzilla.redhat.com/show_bug.cgi?id=2047376 https://www.cve.org/CVERecord?id=CVE-2022-0391 https://nvd.nist.gov/vuln/detail/CVE-2022-0391 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-0391.json https://access.redhat.com/errata/RHSA-2022:6457", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "platform-python", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-47.el8_6", "arch_op": "pattern match" }, "phTW1jd+Vdu7XERPdgoqUg==": { "id": "phTW1jd+Vdu7XERPdgoqUg==", "updater": "rhel-vex", "name": "CVE-2023-22025", "description": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition, product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u381-perf, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise Edition: 21.3.7 and 22.3.3. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition,. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition, accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).", "issued": "2023-09-26T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-22025 https://bugzilla.redhat.com/show_bug.cgi?id=2243805 https://www.cve.org/CVERecord?id=CVE-2023-22025 https://nvd.nist.gov/vuln/detail/CVE-2023-22025 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-22025.json https://access.redhat.com/errata/RHSA-2023:5751", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.9.0.9-2.el8", "arch_op": "pattern match" }, "pjb5LKdJAfqIzj4N6YBwUQ==": { "id": "pjb5LKdJAfqIzj4N6YBwUQ==", "updater": "rhel-vex", "name": "CVE-2024-11053", "description": "A flaw was found in curl. A logic error when processing credentials from the .netrc file while performing redirects allows the transfer of credentials from the original host to the followed-to host under certain circumstances, leaking the credentials to the followed-to host.", "issued": "2024-12-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-11053 https://bugzilla.redhat.com/show_bug.cgi?id=2331191 https://www.cve.org/CVERecord?id=CVE-2024-11053 https://nvd.nist.gov/vuln/detail/CVE-2024-11053 https://www.oracle.com/security-alerts/cpujan2025.html#AppendixMSQL https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-11053.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "pnUVH8OADSjjKoMer3rokQ==": { "id": "pnUVH8OADSjjKoMer3rokQ==", "updater": "rhel-vex", "name": "CVE-2022-27774", "description": "A vulnerability was found in curl. This security flaw allows leaking credentials to other servers when it follows redirects from auth-protected HTTP(S) URLs to other protocols and port numbers.", "issued": "2022-04-27T06:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-27774 https://bugzilla.redhat.com/show_bug.cgi?id=2077547 https://www.cve.org/CVERecord?id=CVE-2022-27774 https://nvd.nist.gov/vuln/detail/CVE-2022-27774 https://curl.se/docs/CVE-2022-27774.html https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-27774.json https://access.redhat.com/errata/RHSA-2022:5313", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:7.61.1-22.el8_6.3", "arch_op": "pattern match" }, "psa6YFVRa1f9Bbg0ykPQdw==": { "id": "psa6YFVRa1f9Bbg0ykPQdw==", "updater": "rhel-vex", "name": "CVE-2020-13790", "description": "libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file.", "issued": "2020-05-25T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-13790 https://bugzilla.redhat.com/show_bug.cgi?id=1847155 https://www.cve.org/CVERecord?id=CVE-2020-13790 https://nvd.nist.gov/vuln/detail/CVE-2020-13790 https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-13790.json https://access.redhat.com/errata/RHSA-2025:7540", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libjpeg-turbo", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:1.5.3-14.el8_10", "arch_op": "pattern match" }, "pzCRDrenevX3EAToXcPQ0Q==": { "id": "pzCRDrenevX3EAToXcPQ0Q==", "updater": "rhel-vex", "name": "CVE-2024-33601", "description": "A flaw was found in the glibc netgroup cache. The netgroup cache uses xmalloc/xrealloc and may terminate the process due to a memory allocation failure.", "issued": "2024-04-24T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-33601 https://bugzilla.redhat.com/show_bug.cgi?id=2277205 https://www.cve.org/CVERecord?id=CVE-2024-33601 https://nvd.nist.gov/vuln/detail/CVE-2024-33601 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-33601.json https://access.redhat.com/errata/RHSA-2024:3344", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "glibc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.28-251.el8_10.2", "arch_op": "pattern match" }, "q1zmuMA/fP0Sm4aw9tougg==": { "id": "q1zmuMA/fP0Sm4aw9tougg==", "updater": "rhel-vex", "name": "CVE-2024-12088", "description": "A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory.", "issued": "2025-01-14T15:06:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-12088 https://bugzilla.redhat.com/show_bug.cgi?id=2330676 https://www.cve.org/CVERecord?id=CVE-2024-12088 https://nvd.nist.gov/vuln/detail/CVE-2024-12088 https://kb.cert.org/vuls/id/952657 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-12088.json https://access.redhat.com/errata/RHSA-2025:2600", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "rsync", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.1.3-21.el8_10", "arch_op": "pattern match" }, "q8IV0OaGJOcT9aOsTlo4ZA==": { "id": "q8IV0OaGJOcT9aOsTlo4ZA==", "updater": "rhel-vex", "name": "CVE-2024-2961", "description": "An out-of-bounds write flaw was found in the ISO-2022-CN-EXT plugin for glibc's iconv library. When converting from UCS4 charset, adding certain escape charterers is required to indicate where the charset was changed to the library. During this process, iconv improperly checks the boundaries of internal buffers, leading to a buffer overflow, which allows writing up to 3 bytes outside the desired memory location. This issue may allow an attacker to craft a malicious characters sequence that will trigger the out-of-bounds write and perform remote code execution, presenting a high impact to the Integrity, Confidentiality, and Availability triad.", "issued": "2024-04-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-2961 https://bugzilla.redhat.com/show_bug.cgi?id=2273404 https://www.cve.org/CVERecord?id=CVE-2024-2961 https://nvd.nist.gov/vuln/detail/CVE-2024-2961 https://www.openwall.com/lists/oss-security/2024/04/17/9 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-2961.json https://access.redhat.com/errata/RHSA-2024:2722", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "glibc-minimal-langpack", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.28-236.el8_9.13", "arch_op": "pattern match" }, "qFcfrE95F4Rd6nEojcwIgg==": { "id": "qFcfrE95F4Rd6nEojcwIgg==", "updater": "rhel-vex", "name": "CVE-2024-33599", "description": "A stack-based buffer overflow flaw was found in the glibc netgroup cache. In certain conditions, its possible to trigger a stack-based buffer overflow condition that can lead to a denial of service and potentially other malicious actions that impact confidentiality and integrity.", "issued": "2024-04-23T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-33599 https://bugzilla.redhat.com/show_bug.cgi?id=2277202 https://www.cve.org/CVERecord?id=CVE-2024-33599 https://nvd.nist.gov/vuln/detail/CVE-2024-33599 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-33599.json https://access.redhat.com/errata/RHSA-2024:3344", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "normalized_severity": "High", "package": { "id": "", "name": "glibc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.28-251.el8_10.2", "arch_op": "pattern match" }, "qXNASosSuCsudML1MqXPjw==": { "id": "qXNASosSuCsudML1MqXPjw==", "updater": "rhel-vex", "name": "CVE-2023-27534", "description": "A path traversal vulnerability exists in curl \u003c8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's home directory. Attackers can exploit this flaw to bypass filtering or execute arbitrary code by crafting a path like /~2/foo while accessing a server with a specific user.", "issued": "2023-03-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-27534 https://bugzilla.redhat.com/show_bug.cgi?id=2179069 https://www.cve.org/CVERecord?id=CVE-2023-27534 https://nvd.nist.gov/vuln/detail/CVE-2023-27534 https://curl.se/docs/CVE-2023-27534.html https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-27534.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "qefz9HpCEPJ3lvjIha2k3Q==": { "id": "qefz9HpCEPJ3lvjIha2k3Q==", "updater": "rhel-vex", "name": "CVE-2021-39537", "description": "A heap overflow vulnerability has been found in the ncurses package, particularly in the \"tic\". This flaw results from a lack of proper bounds checking during input processing. By exploiting this boundary error, an attacker can create a malicious file, deceive the victim into opening it using the affected software, and initiate an out-of-bounds write, potentially impacting system availability.", "issued": "2020-08-04T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-39537 https://bugzilla.redhat.com/show_bug.cgi?id=2006978 https://www.cve.org/CVERecord?id=CVE-2021-39537 https://nvd.nist.gov/vuln/detail/CVE-2021-39537 https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-39537.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "qiLMPDa5d6eufHsmVcJ13A==": { "id": "qiLMPDa5d6eufHsmVcJ13A==", "updater": "rhel-vex", "name": "CVE-2023-38469", "description": "A vulnerability was found in Avahi, where a reachable assertion exists in avahi_dns_packet_append_record.", "issued": "2023-04-26T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-38469 https://bugzilla.redhat.com/show_bug.cgi?id=2191687 https://www.cve.org/CVERecord?id=CVE-2023-38469 https://nvd.nist.gov/vuln/detail/CVE-2023-38469 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-38469.json https://access.redhat.com/errata/RHSA-2023:7836", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "avahi-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:0.7-21.el8_9.1", "arch_op": "pattern match" }, "qiUAkotn50Bq59ppZ/rSvg==": { "id": "qiUAkotn50Bq59ppZ/rSvg==", "updater": "rhel-vex", "name": "CVE-2024-21140", "description": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).", "issued": "2024-07-16T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-21140 https://bugzilla.redhat.com/show_bug.cgi?id=2297963 https://www.cve.org/CVERecord?id=CVE-2024-21140 https://nvd.nist.gov/vuln/detail/CVE-2024-21140 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-21140.json https://access.redhat.com/errata/RHSA-2024:4568", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.12.0.7-2.el8", "arch_op": "pattern match" }, "qmXzoDBk0VHG0o+XlDk32Q==": { "id": "qmXzoDBk0VHG0o+XlDk32Q==", "updater": "rhel-vex", "name": "CVE-2024-0450", "description": "A flaw was found in the Python/CPython 'zipfile' that can allow a zip-bomb type of attack. An attacker may craft a zip file format, leading to a Denial of Service when processed.", "issued": "2024-03-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-0450 https://bugzilla.redhat.com/show_bug.cgi?id=2276525 https://www.cve.org/CVERecord?id=CVE-2024-0450 https://nvd.nist.gov/vuln/detail/CVE-2024-0450 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-0450.json https://access.redhat.com/errata/RHSA-2024:3347", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "platform-python", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-62.el8_10", "arch_op": "pattern match" }, "qsYFMtlQAD9SM+IctGJ47A==": { "id": "qsYFMtlQAD9SM+IctGJ47A==", "updater": "rhel-vex", "name": "CVE-2022-27774", "description": "A vulnerability was found in curl. This security flaw allows leaking credentials to other servers when it follows redirects from auth-protected HTTP(S) URLs to other protocols and port numbers.", "issued": "2022-04-27T06:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-27774 https://bugzilla.redhat.com/show_bug.cgi?id=2077547 https://www.cve.org/CVERecord?id=CVE-2022-27774 https://nvd.nist.gov/vuln/detail/CVE-2022-27774 https://curl.se/docs/CVE-2022-27774.html https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-27774.json https://access.redhat.com/errata/RHSA-2022:5313", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "libcurl", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:7.61.1-22.el8_6.3", "arch_op": "pattern match" }, "r2Fnd4reKywK0gvDJTqRDA==": { "id": "r2Fnd4reKywK0gvDJTqRDA==", "updater": "rhel-vex", "name": "CVE-2024-21011", "description": "A flaw was found in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition.\r\n\r\nNote: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security.", "issued": "2024-04-16T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-21011 https://bugzilla.redhat.com/show_bug.cgi?id=2274977 https://www.cve.org/CVERecord?id=CVE-2024-21011 https://nvd.nist.gov/vuln/detail/CVE-2024-21011 https://www.oracle.com/security-alerts/cpuapr2024.html#AppendixJAVA https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-21011.json https://access.redhat.com/errata/RHSA-2024:1825", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.11.0.9-2.el8", "arch_op": "pattern match" }, "r4EeKQ1+HUg4G/JeyALXtw==": { "id": "r4EeKQ1+HUg4G/JeyALXtw==", "updater": "rhel-vex", "name": "CVE-2022-3515", "description": "A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser. The vulnerability can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.", "issued": "2022-10-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-3515 https://bugzilla.redhat.com/show_bug.cgi?id=2135610 https://www.cve.org/CVERecord?id=CVE-2022-3515 https://nvd.nist.gov/vuln/detail/CVE-2022-3515 https://www.gnupg.org/blog/20221017-pepe-left-the-ksba.html https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-3515.json https://access.redhat.com/errata/RHSA-2022:7089", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "normalized_severity": "High", "package": { "id": "", "name": "libksba", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:1.3.5-8.el8_6", "arch_op": "pattern match" }, "rEg00U8+//igCt+0+QBUhA==": { "id": "rEg00U8+//igCt+0+QBUhA==", "updater": "rhel-vex", "name": "CVE-2023-50495", "description": "A vulnerability was found in the NCurses package, where a segmentation fault may be triggered through _nc_wrap_entry().", "issued": "2023-12-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-50495 https://bugzilla.redhat.com/show_bug.cgi?id=2254244 https://www.cve.org/CVERecord?id=CVE-2023-50495 https://nvd.nist.gov/vuln/detail/CVE-2023-50495 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-50495.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "rIqJL7bel29V0hJFbPUZ9w==": { "id": "rIqJL7bel29V0hJFbPUZ9w==", "updater": "rhel-vex", "name": "CVE-2023-0361", "description": "A timing side-channel vulnerability was found in RSA ClientKeyExchange messages in GnuTLS. This side-channel may be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption, the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.", "issued": "2023-02-14T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-0361 https://bugzilla.redhat.com/show_bug.cgi?id=2162596 https://www.cve.org/CVERecord?id=CVE-2023-0361 https://nvd.nist.gov/vuln/detail/CVE-2023-0361 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-0361.json https://access.redhat.com/errata/RHSA-2023:1569", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "gnutls", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.6.16-6.el8_7", "arch_op": "pattern match" }, "rQWkLJMiGYoTQoc430zUmQ==": { "id": "rQWkLJMiGYoTQoc430zUmQ==", "updater": "rhel-vex", "name": "CVE-2024-9287", "description": "A vulnerability has been found in the Python `venv` module and CLI. Path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment \"activation\" scripts, for example, \"source venv/bin/activate\". This flaw allows attacker-controlled virtual environments to run commands when the virtual environment is activated.", "issued": "2024-10-22T16:34:39Z", "links": "https://access.redhat.com/security/cve/CVE-2024-9287 https://bugzilla.redhat.com/show_bug.cgi?id=2321440 https://www.cve.org/CVERecord?id=CVE-2024-9287 https://nvd.nist.gov/vuln/detail/CVE-2024-9287 https://github.com/python/cpython/issues/124651 https://github.com/python/cpython/pull/124712 https://mail.python.org/archives/list/security-announce@python.org/thread/RSPJ2B5JL22FG3TKUJ7D7DQ4N5JRRBZL/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-9287.json https://access.redhat.com/errata/RHSA-2024:10779", "severity": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "platform-python", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-69.el8_10", "arch_op": "pattern match" }, "rTYZAVwsyQs0wlBQwNVCvw==": { "id": "rTYZAVwsyQs0wlBQwNVCvw==", "updater": "rhel-vex", "name": "CVE-2023-36191", "description": "A segmentation fault was discovered in SQLite. This issue exists due to a boundary error within the /sqlite3_aflpp/shell.c which could allow a local user to send a specially crafted request to the database to trigger memory corruption and perform a denial of service (DoS) attack.", "issued": "2023-06-23T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-36191 https://bugzilla.redhat.com/show_bug.cgi?id=2216936 https://www.cve.org/CVERecord?id=CVE-2023-36191 https://nvd.nist.gov/vuln/detail/CVE-2023-36191 https://www.sqlite.org/forum/forumpost/19f55ef73b https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-36191.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "sqlite", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "rVgBV65FWtFg3jitEqotFA==": { "id": "rVgBV65FWtFg3jitEqotFA==", "updater": "rhel-vex", "name": "CVE-2024-0727", "description": "A flaw was found in OpenSSL. The optional ContentInfo fields can be set to null, even if the \"type\" is a valid value, which can lead to a null dereference error that may cause a denial of service.", "issued": "2024-01-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-0727 https://bugzilla.redhat.com/show_bug.cgi?id=2259944 https://www.cve.org/CVERecord?id=CVE-2024-0727 https://nvd.nist.gov/vuln/detail/CVE-2024-0727 https://github.com/openssl/openssl/pull/23362 https://www.openssl.org/news/secadv/20240125.txt https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-0727.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "rhOFh4qnddtkLBAFz7YOLQ==": { "id": "rhOFh4qnddtkLBAFz7YOLQ==", "updater": "rhel-vex", "name": "CVE-2024-8176", "description": "A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage.", "issued": "2025-03-13T13:51:54Z", "links": "https://access.redhat.com/security/cve/CVE-2024-8176 https://bugzilla.redhat.com/show_bug.cgi?id=2310137 https://www.cve.org/CVERecord?id=CVE-2024-8176 https://nvd.nist.gov/vuln/detail/CVE-2024-8176 https://github.com/libexpat/libexpat/issues/893 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-8176.json https://access.redhat.com/errata/RHSA-2025:3913", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "expat", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.2.5-17.el8_10", "arch_op": "pattern match" }, "rkTtYvrd12uyxklXyGzF1A==": { "id": "rkTtYvrd12uyxklXyGzF1A==", "updater": "rhel-vex", "name": "CVE-2023-1667", "description": "A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of service.", "issued": "2023-04-30T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-1667 https://bugzilla.redhat.com/show_bug.cgi?id=2182199 https://www.cve.org/CVERecord?id=CVE-2023-1667 https://nvd.nist.gov/vuln/detail/CVE-2023-1667 http://www.libssh.org/security/advisories/CVE-2023-1667.txt https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-1667.json https://access.redhat.com/errata/RHSA-2023:3839", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "libssh-config", "version": "", "kind": "binary", "normalized_version": "", "arch": "noarch", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:0.9.6-10.el8_8", "arch_op": "pattern match" }, "rlIHPdC3n0HQJVXto2MqUA==": { "id": "rlIHPdC3n0HQJVXto2MqUA==", "updater": "rhel-vex", "name": "CVE-2021-35937", "description": "A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "issued": "2021-06-30T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-35937 https://bugzilla.redhat.com/show_bug.cgi?id=1964125 https://www.cve.org/CVERecord?id=CVE-2021-35937 https://nvd.nist.gov/vuln/detail/CVE-2021-35937 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-35937.json https://access.redhat.com/errata/RHSA-2024:0647", "severity": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "rpm", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:4.14.3-28.el8_9", "arch_op": "pattern match" }, "rqTdCy5ddJKSpbo9WfySBw==": { "id": "rqTdCy5ddJKSpbo9WfySBw==", "updater": "rhel-vex", "name": "CVE-2022-2509", "description": "A vulnerability was found in gnutls. This issue is due to a double-free error that occurs during the verification of pkcs7 signatures in the gnutls_pkcs7_verify function.", "issued": "2022-07-29T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-2509 https://bugzilla.redhat.com/show_bug.cgi?id=2108977 https://www.cve.org/CVERecord?id=CVE-2022-2509 https://nvd.nist.gov/vuln/detail/CVE-2022-2509 https://gnutls.org/security-new.html#GNUTLS-SA-2022-07-07 https://lists.gnupg.org/pipermail/gnutls-help/2022-July/004746.html https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-2509.json https://access.redhat.com/errata/RHSA-2022:7105", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "gnutls", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.6.16-5.el8_6", "arch_op": "pattern match" }, "rstjr9tgTpXg6LEasctgFg==": { "id": "rstjr9tgTpXg6LEasctgFg==", "updater": "rhel-vex", "name": "CVE-2023-4813", "description": "A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge.", "issued": "2022-03-01T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4813 https://bugzilla.redhat.com/show_bug.cgi?id=2237798 https://www.cve.org/CVERecord?id=CVE-2023-4813 https://nvd.nist.gov/vuln/detail/CVE-2023-4813 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4813.json https://access.redhat.com/errata/RHSA-2023:5455", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc-minimal-langpack", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.28-225.el8_8.6", "arch_op": "pattern match" }, "rv7NKQvuSB9aCiT0itP3Wg==": { "id": "rv7NKQvuSB9aCiT0itP3Wg==", "updater": "rhel-vex", "name": "CVE-2024-33601", "description": "A flaw was found in the glibc netgroup cache. The netgroup cache uses xmalloc/xrealloc and may terminate the process due to a memory allocation failure.", "issued": "2024-04-24T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-33601 https://bugzilla.redhat.com/show_bug.cgi?id=2277205 https://www.cve.org/CVERecord?id=CVE-2024-33601 https://nvd.nist.gov/vuln/detail/CVE-2024-33601 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-33601.json https://access.redhat.com/errata/RHSA-2024:3344", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "glibc-minimal-langpack", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.28-251.el8_10.2", "arch_op": "pattern match" }, "sBJURZ2fj6Mnwd/nrY5DEg==": { "id": "sBJURZ2fj6Mnwd/nrY5DEg==", "updater": "rhel-vex", "name": "CVE-2024-21217", "description": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23; Oracle GraalVM Enterprise Edition: 20.3.15 and 21.3.11. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).", "issued": "2024-10-15T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-21217 https://bugzilla.redhat.com/show_bug.cgi?id=2318530 https://www.cve.org/CVERecord?id=CVE-2024-21217 https://nvd.nist.gov/vuln/detail/CVE-2024-21217 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-21217.json https://access.redhat.com/errata/RHSA-2024:8124", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.13.0.11-3.el8", "arch_op": "pattern match" }, "sJ/+AGrenHKChVgEt+/oCg==": { "id": "sJ/+AGrenHKChVgEt+/oCg==", "updater": "rhel-vex", "name": "CVE-2016-9840", "description": "inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.", "issued": "2016-09-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2016-9840 https://bugzilla.redhat.com/show_bug.cgi?id=1402345 https://www.cve.org/CVERecord?id=CVE-2016-9840 https://nvd.nist.gov/vuln/detail/CVE-2016-9840 https://docs.google.com/document/d/10i1KZS5so8xDqH2rplRa2xet0tyTvvJlLbQQmZIUIKE/edit#heading=h.t13tvnx4loq7 https://wiki.mozilla.org/images/0/09/Zlib-report.pdf https://security.access.redhat.com/data/csaf/v2/vex/2016/cve-2016-9840.json https://access.redhat.com/errata/RHSA-2025:8395", "severity": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "rsync", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.1.3-23.el8_10", "arch_op": "pattern match" }, "sKvmLJjqOdEEFy6WYjsmNQ==": { "id": "sKvmLJjqOdEEFy6WYjsmNQ==", "updater": "rhel-vex", "name": "CVE-2024-33601", "description": "A flaw was found in the glibc netgroup cache. The netgroup cache uses xmalloc/xrealloc and may terminate the process due to a memory allocation failure.", "issued": "2024-04-24T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-33601 https://bugzilla.redhat.com/show_bug.cgi?id=2277205 https://www.cve.org/CVERecord?id=CVE-2024-33601 https://nvd.nist.gov/vuln/detail/CVE-2024-33601 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-33601.json https://access.redhat.com/errata/RHSA-2024:3344", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "glibc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.28-251.el8_10.2", "arch_op": "pattern match" }, "slNt5MUPoZUlUUPr/YisNg==": { "id": "slNt5MUPoZUlUUPr/YisNg==", "updater": "rhel-vex", "name": "CVE-2023-4806", "description": "A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags.", "issued": "2023-09-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4806 https://bugzilla.redhat.com/show_bug.cgi?id=2237782 https://www.cve.org/CVERecord?id=CVE-2023-4806 https://nvd.nist.gov/vuln/detail/CVE-2023-4806 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4806.json https://access.redhat.com/errata/RHSA-2023:5455", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.28-225.el8_8.6", "arch_op": "pattern match" }, "syQN6IkMqEQ4cR81UqeD/Q==": { "id": "syQN6IkMqEQ4cR81UqeD/Q==", "updater": "rhel-vex", "name": "CVE-2024-47175", "description": "A security issue was found in OpenPrinting CUPS.\n\nThe function ppdCreatePPDFromIPP2 in the libppd library is responsible for generating a PostScript Printer Description (PPD) file based on attributes retrieved from an Internet Printing Protocol (IPP) response. Essentially, it takes printer information, usually obtained via IPP, and creates a corresponding PPD file that describes the printer's capabilities (such as supported media sizes, resolutions, color modes, etc.).\n\nPPD files are used by printing systems like CUPS (Common Unix Printing System) to communicate with and configure printers. They provide a standardized format that allows different printers to work with the printing system in a consistent way.\n\nThe ppdCreatePPDFromIPP2 function in libppd doesn't properly check or clean IPP attributes before writing them to a temporary PPD file. This means that a remote attacker, who has control of or has hijacked an exposed printer (through UPD or mDNS), could send a harmful IPP attribute and potentially insert malicious commands into the PPD file.", "issued": "2024-09-26T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-47175 https://bugzilla.redhat.com/show_bug.cgi?id=2314256 https://access.redhat.com/security/vulnerabilities/RHSB-2024-002 https://www.cve.org/CVERecord?id=CVE-2024-47175 https://nvd.nist.gov/vuln/detail/CVE-2024-47175 https://github.com/OpenPrinting/libppd/security/advisories/GHSA-7xfx-47qg-grp6 https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-47175.json https://access.redhat.com/errata/RHSA-2025:0083", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "cups-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:2.2.6-62.el8_10", "arch_op": "pattern match" }, "t+FG7sGtFQWvNo6i1WzJzQ==": { "id": "t+FG7sGtFQWvNo6i1WzJzQ==", "updater": "rhel-vex", "name": "CVE-2022-37434", "description": "A security vulnerability was found in zlib. The flaw triggered a heap-based buffer in inflate in the inflate.c function via a large gzip header extra field. This flaw is only applicable in the call inflateGetHeader.", "issued": "2022-08-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-37434 https://bugzilla.redhat.com/show_bug.cgi?id=2116639 https://www.cve.org/CVERecord?id=CVE-2022-37434 https://nvd.nist.gov/vuln/detail/CVE-2022-37434 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-37434.json https://access.redhat.com/errata/RHSA-2022:7793", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "rsync", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.1.3-19.el8", "arch_op": "pattern match" }, "t+GPN31gTFWovU+9KQM3nA==": { "id": "t+GPN31gTFWovU+9KQM3nA==", "updater": "rhel-vex", "name": "CVE-2023-27536", "description": "A flaw was found in the Curl package. Libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. However, the GSS delegation setting was left out from the configuration match checks, making them match too easily, affecting krb5/kerberos/negotiate/GSSAPI transfers.", "issued": "2023-03-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-27536 https://bugzilla.redhat.com/show_bug.cgi?id=2179092 https://www.cve.org/CVERecord?id=CVE-2023-27536 https://nvd.nist.gov/vuln/detail/CVE-2023-27536 https://curl.se/docs/CVE-2023-27536.html https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-27536.json https://access.redhat.com/errata/RHSA-2023:4523", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:7.61.1-30.el8_8.3", "arch_op": "pattern match" }, "t/5P2v7l5Us6uU/TayuL5g==": { "id": "t/5P2v7l5Us6uU/TayuL5g==", "updater": "rhel-container-updater", "name": "RHBA-2023:0030", "description": "A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).", "issued": "2023-01-04T00:00:00Z", "links": "https://access.redhat.com/errata/RHBA-2023:0030 https://access.redhat.com/security/cve/CVE-2022-1471", "severity": "Important", "normalized_severity": "High", "package": { "id": "", "name": "ubi8/openjdk-17-runtime", "version": "", "kind": "binary", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "Red Hat Container Catalog", "uri": "https://catalog.redhat.com/software/containers/explore", "cpe": "" }, "fixed_in_version": "1.14-8" }, "t4oe6DBPNf5Ikk93RfTdig==": { "id": "t4oe6DBPNf5Ikk93RfTdig==", "updater": "rhel-vex", "name": "CVE-2019-12904", "description": "[Disputed] A vulnerability has been identified in Libgcrypt due to a flaw in its C implementation of AES. This vulnerability enables a remote attacker to perform a flush-and-reload side-channel attack, potentially accessing sensitive information. The vulnerability arises from the availability of physical addresses to other processes, particularly on platforms lacking an assembly-language implementation.", "issued": "2019-07-16T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2019-12904 https://bugzilla.redhat.com/show_bug.cgi?id=1730320 https://www.cve.org/CVERecord?id=CVE-2019-12904 https://nvd.nist.gov/vuln/detail/CVE-2019-12904 https://dev.gnupg.org/T4541 https://lists.gnupg.org/pipermail/gcrypt-devel/2019-July/004760.html https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-12904.html https://security.access.redhat.com/data/csaf/v2/vex/2019/cve-2019-12904.json", "severity": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "libgcrypt", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "t4ytVDYYObtk+u0551GNTA==": { "id": "t4ytVDYYObtk+u0551GNTA==", "updater": "rhel-vex", "name": "CVE-2024-52533", "description": "A flaw was found in the Glib library. A buffer overflow condition can be triggered in certain conditions due to an off-by-one error in SOCKS4_CONN_MSG_LEN. This issue may lead to an application crash or other undefined behavior.", "issued": "2024-11-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-52533 https://bugzilla.redhat.com/show_bug.cgi?id=2325340 https://www.cve.org/CVERecord?id=CVE-2024-52533 https://nvd.nist.gov/vuln/detail/CVE-2024-52533 https://gitlab.gnome.org/GNOME/glib/-/issues/3461 https://gitlab.gnome.org/GNOME/glib/-/releases/2.82.1 https://gitlab.gnome.org/Teams/Releng/security/-/wikis/home https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-52533.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "tYrHMwJR2+IKZNZqejG6CA==": { "id": "tYrHMwJR2+IKZNZqejG6CA==", "updater": "rhel-vex", "name": "CVE-2021-35939", "description": "It was found that the fix for CVE-2017-7500 and CVE-2017-7501 was incomplete: the check was only implemented for the parent directory of the file to be created. A local unprivileged user who owns another ancestor directory could potentially use this flaw to gain root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "issued": "2021-06-30T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-35939 https://bugzilla.redhat.com/show_bug.cgi?id=1964129 https://www.cve.org/CVERecord?id=CVE-2021-35939 https://nvd.nist.gov/vuln/detail/CVE-2021-35939 https://rpm.org/wiki/Releases/4.18.0 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-35939.json https://access.redhat.com/errata/RHSA-2024:0647", "severity": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "rpm-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:4.14.3-28.el8_9", "arch_op": "pattern match" }, "thvY3u/qMHVY/oLiaxhgKA==": { "id": "thvY3u/qMHVY/oLiaxhgKA==", "updater": "rhel-vex", "name": "CVE-2022-27406", "description": "A segmentation fault was found in FreeType’s FT_Request_Size() function in the ftobjs.c file. This flaw allows an attacker to access a memory location in a way that could cause an application to halt or crash, leading to a denial of service.", "issued": "2022-04-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-27406 https://bugzilla.redhat.com/show_bug.cgi?id=2077985 https://www.cve.org/CVERecord?id=CVE-2022-27406 https://nvd.nist.gov/vuln/detail/CVE-2022-27406 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-27406.json https://access.redhat.com/errata/RHSA-2022:7745", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "freetype", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.9.1-9.el8", "arch_op": "pattern match" }, "tim7JKWFrDoMpe+VOdRp6g==": { "id": "tim7JKWFrDoMpe+VOdRp6g==", "updater": "rhel-vex", "name": "CVE-2020-10735", "description": "A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int(\"text\"), a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits (float, decimal, int.from_bytes(), and int() for binary bases 2, 4, 8, 16, and 32 are not affected). The highest threat from this vulnerability is to system availability.", "issued": "2022-09-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-10735 https://bugzilla.redhat.com/show_bug.cgi?id=1834423 https://www.cve.org/CVERecord?id=CVE-2020-10735 https://nvd.nist.gov/vuln/detail/CVE-2020-10735 https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-10735.json https://access.redhat.com/errata/RHSA-2023:0833", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "platform-python", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-48.el8_7.1", "arch_op": "pattern match" }, "tjzeYSIOXVDYaOmt58hKxA==": { "id": "tjzeYSIOXVDYaOmt58hKxA==", "updater": "rhel-vex", "name": "CVE-2024-21208", "description": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23; Oracle GraalVM Enterprise Edition: 20.3.15 and 21.3.11. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).", "issued": "2024-10-15T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-21208 https://bugzilla.redhat.com/show_bug.cgi?id=2318526 https://www.cve.org/CVERecord?id=CVE-2024-21208 https://nvd.nist.gov/vuln/detail/CVE-2024-21208 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-21208.json https://access.redhat.com/errata/RHSA-2024:8124", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.13.0.11-3.el8", "arch_op": "pattern match" }, "ttiQ8Ne17O8KN24UqGvbeA==": { "id": "ttiQ8Ne17O8KN24UqGvbeA==", "updater": "rhel-vex", "name": "CVE-2022-35252", "description": "A vulnerability found in curl. This security flaw happens when curl is used to retrieve and parse cookies from an HTTP(S) server, where it accepts cookies using control codes (byte values below 32), and also when cookies that contain such control codes are later sent back to an HTTP(S) server, possibly causing the server to return a 400 response. This issue effectively allows a \"sister site\" to deny service to siblings and cause a denial of service attack.", "issued": "2022-08-31T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-35252 https://bugzilla.redhat.com/show_bug.cgi?id=2120718 https://www.cve.org/CVERecord?id=CVE-2022-35252 https://nvd.nist.gov/vuln/detail/CVE-2022-35252 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-35252.json https://access.redhat.com/errata/RHSA-2023:2963", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:7.61.1-30.el8", "arch_op": "pattern match" }, "tui4wg/rbptEhoXd4jTiWQ==": { "id": "tui4wg/rbptEhoXd4jTiWQ==", "updater": "rhel-vex", "name": "CVE-2022-29824", "description": "A flaw was found in the libxml2 library in functions used to manipulate the xmlBuf and the xmlBuffer types. A substantial input causes values to calculate buffer sizes to overflow, resulting in an out-of-bounds write.", "issued": "2022-05-03T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-29824 https://bugzilla.redhat.com/show_bug.cgi?id=2082158 https://www.cve.org/CVERecord?id=CVE-2022-29824 https://nvd.nist.gov/vuln/detail/CVE-2022-29824 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-29824.json https://access.redhat.com/errata/RHSA-2022:5317", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.9.7-13.el8_6.1", "arch_op": "pattern match" }, "twcXZqY7vb9SGK+fuP/vNg==": { "id": "twcXZqY7vb9SGK+fuP/vNg==", "updater": "rhel-vex", "name": "CVE-2024-4032", "description": "A flaw was found in Python. The ipaddress module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private”. Due to this issue, it is possible that values will not be returned in accordance with the latest information from the IANA Special-Purpose Address Registries.", "issued": "2024-06-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-4032 https://bugzilla.redhat.com/show_bug.cgi?id=2292921 https://www.cve.org/CVERecord?id=CVE-2024-4032 https://nvd.nist.gov/vuln/detail/CVE-2024-4032 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-4032.json https://access.redhat.com/errata/RHSA-2024:6975", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "python3-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-67.el8_10", "arch_op": "pattern match" }, "u3Av8Eh05ctMA0eswLGL/w==": { "id": "u3Av8Eh05ctMA0eswLGL/w==", "updater": "rhel-vex", "name": "CVE-2024-6602", "description": "The Mozilla Foundation Security Advisory describes this flaw as:\r\n\r\nA mismatch between allocator and deallocator could have lead to memory corruption.", "issued": "2024-07-09T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-6602 https://bugzilla.redhat.com/show_bug.cgi?id=2296637 https://www.cve.org/CVERecord?id=CVE-2024-6602 https://nvd.nist.gov/vuln/detail/CVE-2024-6602 https://www.mozilla.org/en-US/security/advisories/mfsa2024-30/#CVE-2024-6602 https://www.mozilla.org/en-US/security/advisories/mfsa2024-31/#CVE-2024-6602 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-6602.json https://access.redhat.com/errata/RHBA-2024:6680", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "nss-sysinit", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.101.0-7.el8_8", "arch_op": "pattern match" }, "u6A/CFM93ZkYJVLWdcSARg==": { "id": "u6A/CFM93ZkYJVLWdcSARg==", "updater": "rhel-vex", "name": "CVE-2024-2961", "description": "An out-of-bounds write flaw was found in the ISO-2022-CN-EXT plugin for glibc's iconv library. When converting from UCS4 charset, adding certain escape charterers is required to indicate where the charset was changed to the library. During this process, iconv improperly checks the boundaries of internal buffers, leading to a buffer overflow, which allows writing up to 3 bytes outside the desired memory location. This issue may allow an attacker to craft a malicious characters sequence that will trigger the out-of-bounds write and perform remote code execution, presenting a high impact to the Integrity, Confidentiality, and Availability triad.", "issued": "2024-04-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-2961 https://bugzilla.redhat.com/show_bug.cgi?id=2273404 https://www.cve.org/CVERecord?id=CVE-2024-2961 https://nvd.nist.gov/vuln/detail/CVE-2024-2961 https://www.openwall.com/lists/oss-security/2024/04/17/9 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-2961.json https://access.redhat.com/errata/RHSA-2024:3269", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "glibc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.28-251.el8_10.1", "arch_op": "pattern match" }, "u7+HgSa7TeEER7vqZGcD4Q==": { "id": "u7+HgSa7TeEER7vqZGcD4Q==", "updater": "rhel-vex", "name": "CVE-2023-5981", "description": "A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.", "issued": "2023-11-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-5981 https://bugzilla.redhat.com/show_bug.cgi?id=2248445 https://www.cve.org/CVERecord?id=CVE-2023-5981 https://nvd.nist.gov/vuln/detail/CVE-2023-5981 https://gnutls.org/security-new.html#GNUTLS-SA-2023-10-23 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-5981.json https://access.redhat.com/errata/RHSA-2024:0155", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "gnutls", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.6.16-8.el8_9", "arch_op": "pattern match" }, "ubvC+5devxtiT2b9I8XPgw==": { "id": "ubvC+5devxtiT2b9I8XPgw==", "updater": "rhel-vex", "name": "CVE-2025-6021", "description": "A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.", "issued": "2025-06-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-6021 https://bugzilla.redhat.com/show_bug.cgi?id=2372406 https://www.cve.org/CVERecord?id=CVE-2025-6021 https://nvd.nist.gov/vuln/detail/CVE-2025-6021 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-6021.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "udlsuO0I24dCR4iLk24vTA==": { "id": "udlsuO0I24dCR4iLk24vTA==", "updater": "rhel-vex", "name": "CVE-2023-21835", "description": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via DTLS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "issued": "2023-01-17T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-21835 https://bugzilla.redhat.com/show_bug.cgi?id=2160421 https://www.cve.org/CVERecord?id=CVE-2023-21835 https://nvd.nist.gov/vuln/detail/CVE-2023-21835 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-21835.json https://access.redhat.com/errata/RHSA-2023:0192", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.6.0.10-3.el8_7", "arch_op": "pattern match" }, "uhcEFlQ5Y56RqwkffBPaug==": { "id": "uhcEFlQ5Y56RqwkffBPaug==", "updater": "rhel-vex", "name": "CVE-2021-35939", "description": "It was found that the fix for CVE-2017-7500 and CVE-2017-7501 was incomplete: the check was only implemented for the parent directory of the file to be created. A local unprivileged user who owns another ancestor directory could potentially use this flaw to gain root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "issued": "2021-06-30T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-35939 https://bugzilla.redhat.com/show_bug.cgi?id=1964129 https://www.cve.org/CVERecord?id=CVE-2021-35939 https://nvd.nist.gov/vuln/detail/CVE-2021-35939 https://rpm.org/wiki/Releases/4.18.0 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-35939.json https://access.redhat.com/errata/RHSA-2024:0647", "severity": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "rpm-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:4.14.3-28.el8_9", "arch_op": "pattern match" }, "um++s3UKODBEKMJePUzR0Q==": { "id": "um++s3UKODBEKMJePUzR0Q==", "updater": "rhel-vex", "name": "CVE-2024-6923", "description": "A vulnerability was found in the email module that uses Python language. The email module doesn't properly quote new lines in email headers. This flaw allows an attacker to inject email headers that could, among other possibilities, add hidden email destinations or inject content into the email, impacting data confidentiality and integrity.", "issued": "2024-08-01T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-6923 https://bugzilla.redhat.com/show_bug.cgi?id=2302255 https://www.cve.org/CVERecord?id=CVE-2024-6923 https://nvd.nist.gov/vuln/detail/CVE-2024-6923 https://github.com/python/cpython/issues/121650 https://github.com/python/cpython/pull/122233 https://mail.python.org/archives/list/security-announce@python.org/thread/QH3BUOE2DYQBWP7NAQ7UNHPPOELKISRW/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-6923.json https://access.redhat.com/errata/RHSA-2024:6975", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "platform-python", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-67.el8_10", "arch_op": "pattern match" }, "uxd8tIEkk+r2hWTEgvyv8w==": { "id": "uxd8tIEkk+r2hWTEgvyv8w==", "updater": "rhel-vex", "name": "CVE-2019-9936", "description": "In SQLite 3.27.2, running fts5 prefix queries inside a transaction could trigger a heap-based buffer over-read in fts5HashEntrySort in sqlite3.c, which may lead to an information leak. This is related to ext/fts5/fts5_hash.c.", "issued": "2019-03-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2019-9936 https://bugzilla.redhat.com/show_bug.cgi?id=1692365 https://www.cve.org/CVERecord?id=CVE-2019-9936 https://nvd.nist.gov/vuln/detail/CVE-2019-9936 https://security.access.redhat.com/data/csaf/v2/vex/2019/cve-2019-9936.json", "severity": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "sqlite", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "v252Lhr64CaOMO2x3IgBkQ==": { "id": "v252Lhr64CaOMO2x3IgBkQ==", "updater": "rhel-vex", "name": "CVE-2022-45061", "description": "A vulnerability was discovered in Python. A quadratic algorithm exists when processing inputs to the IDNA (RFC 3490) decoder, such that a crafted unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often supplied by remote servers that could be controlled by a malicious actor, which could trigger excessive CPU consumption on the client attempting to make use of an attacker-supplied hostname.", "issued": "2022-11-09T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-45061 https://bugzilla.redhat.com/show_bug.cgi?id=2144072 https://www.cve.org/CVERecord?id=CVE-2022-45061 https://nvd.nist.gov/vuln/detail/CVE-2022-45061 https://github.com/python/cpython/issues/98433 https://python-security.readthedocs.io/vuln/slow-idna-large-strings.html https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-45061.json https://access.redhat.com/errata/RHSA-2023:0833", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "platform-python", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-48.el8_7.1", "arch_op": "pattern match" }, "v9s+wrjqS8T+Gv13ICb/hw==": { "id": "v9s+wrjqS8T+Gv13ICb/hw==", "updater": "rhel-vex", "name": "CVE-2023-4527", "description": "A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash.", "issued": "2023-09-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4527 https://bugzilla.redhat.com/show_bug.cgi?id=2234712 https://www.cve.org/CVERecord?id=CVE-2023-4527 https://nvd.nist.gov/vuln/detail/CVE-2023-4527 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4527.json https://access.redhat.com/errata/RHSA-2023:5455", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc-minimal-langpack", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.28-225.el8_8.6", "arch_op": "pattern match" }, "vSafoZvPBi4XyWwytyKmoQ==": { "id": "vSafoZvPBi4XyWwytyKmoQ==", "updater": "rhel-vex", "name": "CVE-2021-35938", "description": "A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "issued": "2021-06-30T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-35938 https://bugzilla.redhat.com/show_bug.cgi?id=1964114 https://www.cve.org/CVERecord?id=CVE-2021-35938 https://nvd.nist.gov/vuln/detail/CVE-2021-35938 https://rpm.org/wiki/Releases/4.18.0 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-35938.json https://access.redhat.com/errata/RHSA-2024:0647", "severity": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "rpm", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:4.14.3-28.el8_9", "arch_op": "pattern match" }, "vUS/kXBrIAVJCcEVLBHidA==": { "id": "vUS/kXBrIAVJCcEVLBHidA==", "updater": "rhel-vex", "name": "CVE-2024-4032", "description": "A flaw was found in Python. The ipaddress module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private”. Due to this issue, it is possible that values will not be returned in accordance with the latest information from the IANA Special-Purpose Address Registries.", "issued": "2024-06-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-4032 https://bugzilla.redhat.com/show_bug.cgi?id=2292921 https://www.cve.org/CVERecord?id=CVE-2024-4032 https://nvd.nist.gov/vuln/detail/CVE-2024-4032 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-4032.json https://access.redhat.com/errata/RHSA-2024:6975", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "python3-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-67.el8_10", "arch_op": "pattern match" }, "vZmGRLHy3p0AEiSLAMSdrA==": { "id": "vZmGRLHy3p0AEiSLAMSdrA==", "updater": "rhel-vex", "name": "CVE-2024-3596", "description": "A vulnerability in the RADIUS (Remote Authentication Dial-In User Service) protocol allows attackers to forge authentication responses when the Message-Authenticator attribute is not enforced. This issue arises from a cryptographically insecure integrity check using MD5, enabling attackers to spoof UDP-based RADIUS response packets. This can result in unauthorized access by modifying an Access-Reject response to an Access-Accept response, thereby compromising the authentication process.", "issued": "2024-07-09T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-3596 https://bugzilla.redhat.com/show_bug.cgi?id=2263240 https://www.cve.org/CVERecord?id=CVE-2024-3596 https://nvd.nist.gov/vuln/detail/CVE-2024-3596 https://datatracker.ietf.org/doc/draft-ietf-radext-deprecating-radius/ https://datatracker.ietf.org/doc/html/rfc2865 https://networkradius.com/assets/pdf/radius_and_md5_collisions.pdf https://w1.fi/security/2024-1/hostapd-and-radius-protocol-forgery-attacks.txt https://www.blastradius.fail/ https://www.kb.cert.org/vuls/id/456537 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-3596.json https://access.redhat.com/errata/RHSA-2024:8860", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "krb5-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:1.18.2-30.el8_10", "arch_op": "pattern match" }, "vbb3B2HEkh68zKtbOGgyMQ==": { "id": "vbb3B2HEkh68zKtbOGgyMQ==", "updater": "rhel-vex", "name": "CVE-2023-48795", "description": "A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.", "issued": "2023-12-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-48795 https://bugzilla.redhat.com/show_bug.cgi?id=2254210 https://www.cve.org/CVERecord?id=CVE-2023-48795 https://nvd.nist.gov/vuln/detail/CVE-2023-48795 https://access.redhat.com/solutions/7071748 https://terrapin-attack.com/ https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-48795.json https://access.redhat.com/errata/RHSA-2024:0628", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "libssh", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:0.9.6-13.el8_9", "arch_op": "pattern match" }, "vc4u+Qr6h02g9HVH5yVCIw==": { "id": "vc4u+Qr6h02g9HVH5yVCIw==", "updater": "rhel-vex", "name": "CVE-2022-42898", "description": "A vulnerability was found in MIT krb5. This flaw allows an authenticated attacker to cause a KDC or kadmind process to crash by reading beyond the bounds of allocated memory, creating a denial of service. A privileged attacker may similarly be able to cause a Kerberos or GSS application service to crash.", "issued": "2022-11-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-42898 https://bugzilla.redhat.com/show_bug.cgi?id=2140960 https://www.cve.org/CVERecord?id=CVE-2022-42898 https://nvd.nist.gov/vuln/detail/CVE-2022-42898 https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-42898.json https://access.redhat.com/errata/RHEA-2023:3850", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "krb5-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:1.18.2-25.el8_8", "arch_op": "pattern match" }, "w+2jX+j+SJAeE1GKFrFFUg==": { "id": "w+2jX+j+SJAeE1GKFrFFUg==", "updater": "rhel-vex", "name": "CVE-2022-42012", "description": "A vulnerability found in D-bus. This flaw allows an authenticated attacker to cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format.", "issued": "2022-10-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-42012 https://bugzilla.redhat.com/show_bug.cgi?id=2133618 https://www.cve.org/CVERecord?id=CVE-2022-42012 https://nvd.nist.gov/vuln/detail/CVE-2022-42012 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-42012.json https://access.redhat.com/errata/RHSA-2023:0096", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "dbus-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:1.12.8-23.el8_7.1", "arch_op": "pattern match" }, "w5YNvLTjQMuWnv2ujLws1g==": { "id": "w5YNvLTjQMuWnv2ujLws1g==", "updater": "rhel-vex", "name": "CVE-2024-33599", "description": "A stack-based buffer overflow flaw was found in the glibc netgroup cache. In certain conditions, its possible to trigger a stack-based buffer overflow condition that can lead to a denial of service and potentially other malicious actions that impact confidentiality and integrity.", "issued": "2024-04-23T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-33599 https://bugzilla.redhat.com/show_bug.cgi?id=2277202 https://www.cve.org/CVERecord?id=CVE-2024-33599 https://nvd.nist.gov/vuln/detail/CVE-2024-33599 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-33599.json https://access.redhat.com/errata/RHSA-2024:3344", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "normalized_severity": "High", "package": { "id": "", "name": "glibc", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.28-251.el8_10.2", "arch_op": "pattern match" }, "w5jdWkfHYKLuNhYijn7NcQ==": { "id": "w5jdWkfHYKLuNhYijn7NcQ==", "updater": "rhel-vex", "name": "CVE-2023-1981", "description": "A vulnerability was found in the avahi library. This flaw allows an unprivileged user to make a dbus call, causing the avahi daemon to crash.", "issued": "2022-04-26T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-1981 https://bugzilla.redhat.com/show_bug.cgi?id=2185911 https://www.cve.org/CVERecord?id=CVE-2023-1981 https://nvd.nist.gov/vuln/detail/CVE-2023-1981 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-1981.json https://access.redhat.com/errata/RHSA-2023:7190", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "avahi-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:0.7-21.el8", "arch_op": "pattern match" }, "w6E5UFnu0txj9rXqXxF7nw==": { "id": "w6E5UFnu0txj9rXqXxF7nw==", "updater": "rhel-vex", "name": "CVE-2022-48564", "description": "A vulnerability was found in the Python core plistlib library within the read_ints() function in the plistlib.py file. In malformed input, the implementation can be manipulated to create an argument for struct.unpack(). This issue can lead to excessive CPU and memory consumption, resulting in a MemError, as it constructs the 'format' argument for unpack(). This flaw allows an attacker to employ a binary plist input, potentially executing a denial of service (DoS) attack by exhausting CPU and RAM resources.", "issued": "2023-08-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-48564 https://bugzilla.redhat.com/show_bug.cgi?id=2249750 https://www.cve.org/CVERecord?id=CVE-2022-48564 https://nvd.nist.gov/vuln/detail/CVE-2022-48564 https://bugs.python.org/issue42103 https://github.com/python/cpython/issues/86269 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-48564.json https://access.redhat.com/errata/RHSA-2024:0114", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "python3-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-56.el8_9.2", "arch_op": "pattern match" }, "w7f0WrYy5nUAdHu0TDShKA==": { "id": "w7f0WrYy5nUAdHu0TDShKA==", "updater": "rhel-vex", "name": "CVE-2024-9287", "description": "A vulnerability has been found in the Python `venv` module and CLI. Path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment \"activation\" scripts, for example, \"source venv/bin/activate\". This flaw allows attacker-controlled virtual environments to run commands when the virtual environment is activated.", "issued": "2024-10-22T16:34:39Z", "links": "https://access.redhat.com/security/cve/CVE-2024-9287 https://bugzilla.redhat.com/show_bug.cgi?id=2321440 https://www.cve.org/CVERecord?id=CVE-2024-9287 https://nvd.nist.gov/vuln/detail/CVE-2024-9287 https://github.com/python/cpython/issues/124651 https://github.com/python/cpython/pull/124712 https://mail.python.org/archives/list/security-announce@python.org/thread/RSPJ2B5JL22FG3TKUJ7D7DQ4N5JRRBZL/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-9287.json https://access.redhat.com/errata/RHSA-2024:10779", "severity": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-69.el8_10", "arch_op": "pattern match" }, "w9b2nNIUI4FuM87xznV0Pw==": { "id": "w9b2nNIUI4FuM87xznV0Pw==", "updater": "rhel-vex", "name": "CVE-2020-10735", "description": "A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int(\"text\"), a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits (float, decimal, int.from_bytes(), and int() for binary bases 2, 4, 8, 16, and 32 are not affected). The highest threat from this vulnerability is to system availability.", "issued": "2022-09-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-10735 https://bugzilla.redhat.com/show_bug.cgi?id=1834423 https://www.cve.org/CVERecord?id=CVE-2020-10735 https://nvd.nist.gov/vuln/detail/CVE-2020-10735 https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-10735.json https://access.redhat.com/errata/RHSA-2023:0833", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "python3-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-48.el8_7.1", "arch_op": "pattern match" }, "w9jXbkPTbBxSV8aWLxzn/w==": { "id": "w9jXbkPTbBxSV8aWLxzn/w==", "updater": "rhel-vex", "name": "CVE-2023-27043", "description": "The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python.", "issued": "2023-04-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-27043 https://bugzilla.redhat.com/show_bug.cgi?id=2196183 https://www.cve.org/CVERecord?id=CVE-2023-27043 https://nvd.nist.gov/vuln/detail/CVE-2023-27043 https://access.redhat.com/articles/7051467 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-27043.json https://access.redhat.com/errata/RHSA-2024:0256", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "platform-python", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-56.el8_9.3", "arch_op": "pattern match" }, "wHuOkcGp9LHaNHajGAhAkQ==": { "id": "wHuOkcGp9LHaNHajGAhAkQ==", "updater": "rhel-vex", "name": "CVE-2024-21138", "description": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).", "issued": "2024-07-16T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-21138 https://bugzilla.redhat.com/show_bug.cgi?id=2297962 https://www.cve.org/CVERecord?id=CVE-2024-21138 https://nvd.nist.gov/vuln/detail/CVE-2024-21138 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-21138.json https://access.redhat.com/errata/RHSA-2024:4568", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.12.0.7-2.el8", "arch_op": "pattern match" }, "wJ2K5RC6GNcF23yWwo/ClQ==": { "id": "wJ2K5RC6GNcF23yWwo/ClQ==", "updater": "rhel-vex", "name": "CVE-2025-4802", "description": "A flaw was found in the glibc library. A statically linked setuid binary that calls dlopen(), including internal dlopen() calls after setlocale() or calls to NSS functions such as getaddrinfo(), may incorrectly search LD_LIBRARY_PATH to determine which library to load, allowing a local attacker to load malicious shared libraries, escalate privileges and execute arbitrary code.", "issued": "2025-05-16T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-4802 https://bugzilla.redhat.com/show_bug.cgi?id=2367468 https://www.cve.org/CVERecord?id=CVE-2025-4802 https://nvd.nist.gov/vuln/detail/CVE-2025-4802 https://www.openwall.com/lists/oss-security/2025/05/16/7 https://www.openwall.com/lists/oss-security/2025/05/17/2 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-4802.json https://access.redhat.com/errata/RHSA-2025:8686", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc-minimal-langpack", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.28-251.el8_10.22", "arch_op": "pattern match" }, "wKWD/Dk1JsWuC3NsOz8lLQ==": { "id": "wKWD/Dk1JsWuC3NsOz8lLQ==", "updater": "rhel-vex", "name": "CVE-2022-49043", "description": "A flaw was found in libxml2 where improper handling of memory allocation failures in `libxml2` can lead to crashes, memory leaks, or inconsistent states. While an attacker cannot directly control allocation failures, they may trigger denial-of-service conditions under extreme system stress.", "issued": "2025-01-26T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-49043 https://bugzilla.redhat.com/show_bug.cgi?id=2342118 https://www.cve.org/CVERecord?id=CVE-2022-49043 https://nvd.nist.gov/vuln/detail/CVE-2022-49043 https://github.com/php/php-src/issues/17467 https://gitlab.gnome.org/GNOME/libxml2/-/commit/5a19e21605398cef6a8b1452477a8705cb41562b https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-49043.json https://access.redhat.com/errata/RHSA-2025:1517", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.9.7-18.el8_10.2", "arch_op": "pattern match" }, "wQ52als+baxxZM+7SgfcwQ==": { "id": "wQ52als+baxxZM+7SgfcwQ==", "updater": "rhel-vex", "name": "CVE-2024-11168", "description": "A flaw was found in Python. The `urllib.parse.urlsplit()` and `urlparse()` functions improperly validated bracketed hosts (`[]`), allowing hosts that weren't IPv6 or IPvFuture compliant. This behavior was not conformant to RFC 3986 and was potentially vulnerable to server-side request forgery (SSRF) if a URL is processed by more than one URL parser.", "issued": "2024-11-12T21:22:23Z", "links": "https://access.redhat.com/security/cve/CVE-2024-11168 https://bugzilla.redhat.com/show_bug.cgi?id=2325776 https://www.cve.org/CVERecord?id=CVE-2024-11168 https://nvd.nist.gov/vuln/detail/CVE-2024-11168 https://github.com/python/cpython/commit/29f348e232e82938ba2165843c448c2b291504c5 https://github.com/python/cpython/commit/b2171a2fd41416cf68afd67460578631d755a550 https://github.com/python/cpython/issues/103848 https://github.com/python/cpython/pull/103849 https://mail.python.org/archives/list/security-announce@python.org/thread/XPWB6XVZ5G5KGEI63M4AWLIEUF5BPH4T/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-11168.json https://access.redhat.com/errata/RHSA-2024:10779", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-69.el8_10", "arch_op": "pattern match" }, "wV05ATqBSzZ6GJceR8XF1w==": { "id": "wV05ATqBSzZ6GJceR8XF1w==", "updater": "rhel-vex", "name": "CVE-2024-12087", "description": "A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the `--inc-recursive` option, a lack of proper symlink verification coupled with deduplication checks occurring on a per-file-list basis could allow a server to write files outside of the client's intended destination directory. A malicious server could write malicious files to arbitrary locations named after valid directories/paths on the client.", "issued": "2025-01-14T15:06:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-12087 https://bugzilla.redhat.com/show_bug.cgi?id=2330672 https://www.cve.org/CVERecord?id=CVE-2024-12087 https://nvd.nist.gov/vuln/detail/CVE-2024-12087 https://kb.cert.org/vuls/id/952657 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-12087.json https://access.redhat.com/errata/RHSA-2025:2600", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "rsync", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.1.3-21.el8_10", "arch_op": "pattern match" }, "wVS7RsVmrUgb8qJJZxUcfw==": { "id": "wVS7RsVmrUgb8qJJZxUcfw==", "updater": "rhel-vex", "name": "CVE-2024-20918", "description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security.", "issued": "2024-01-16T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-20918 https://bugzilla.redhat.com/show_bug.cgi?id=2257728 https://www.cve.org/CVERecord?id=CVE-2024-20918 https://nvd.nist.gov/vuln/detail/CVE-2024-20918 https://www.oracle.com/security-alerts/cpujan2024.html#AppendixJAVA https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-20918.json https://access.redhat.com/errata/RHSA-2024:0267", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "normalized_severity": "High", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.10.0.7-2.el8", "arch_op": "pattern match" }, "wa+sXhxdBo4Y1JRm4G8Fqw==": { "id": "wa+sXhxdBo4Y1JRm4G8Fqw==", "updater": "rhel-vex", "name": "CVE-2023-2602", "description": "A vulnerability was found in the pthread_create() function in libcap. This issue may allow a malicious actor to use cause __real_pthread_create() to return an error, which can exhaust the process memory.", "issued": "2023-05-16T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-2602 https://bugzilla.redhat.com/show_bug.cgi?id=2209114 https://www.cve.org/CVERecord?id=CVE-2023-2602 https://nvd.nist.gov/vuln/detail/CVE-2023-2602 https://www.x41-dsec.de/static/reports/X41-libcap-Code-Review-2023-OSTIF-Final-Report.pdf https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-2602.json https://access.redhat.com/errata/RHSA-2023:4524", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libcap", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.48-5.el8_8", "arch_op": "pattern match" }, "wbkfHSeMnwURYLEYuqhPlw==": { "id": "wbkfHSeMnwURYLEYuqhPlw==", "updater": "rhel-vex", "name": "CVE-2023-25193", "description": "A vulnerability was found HarfBuzz. This flaw allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.", "issued": "2023-02-04T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-25193 https://bugzilla.redhat.com/show_bug.cgi?id=2167254 https://www.cve.org/CVERecord?id=CVE-2023-25193 https://nvd.nist.gov/vuln/detail/CVE-2023-25193 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-25193.json https://access.redhat.com/errata/RHSA-2023:4159", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.8.0.7-2.el8", "arch_op": "pattern match" }, "weIqW9ibkn/dNwumqFNUvg==": { "id": "weIqW9ibkn/dNwumqFNUvg==", "updater": "rhel-vex", "name": "CVE-2024-33602", "description": "A flaw was found in the glibc netgroup cache. The buffer-resizing code in addgetnetgrentX assumes that all string pointers point into the supplied buffer. This can potentially lead to memory corruption and cause a crash.", "issued": "2024-04-24T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-33602 https://bugzilla.redhat.com/show_bug.cgi?id=2277206 https://www.cve.org/CVERecord?id=CVE-2024-33602 https://nvd.nist.gov/vuln/detail/CVE-2024-33602 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-33602.json https://access.redhat.com/errata/RHSA-2024:3344", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "glibc-common", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.28-251.el8_10.2", "arch_op": "pattern match" }, "wquj2vV0Nf1IoXVgBObYRA==": { "id": "wquj2vV0Nf1IoXVgBObYRA==", "updater": "rhel-vex", "name": "CVE-2023-44487", "description": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003", "issued": "2023-10-10T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-44487 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://github.com/dotnet/announcements/issues/277 https://pkg.go.dev/vuln/GO-2023-2102 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-44487.json https://access.redhat.com/errata/RHSA-2023:5837", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "High", "package": { "id": "", "name": "libnghttp2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:1.33.0-5.el8_8", "arch_op": "pattern match" }, "wuCwRzfq5pG4m/kBjeuhHA==": { "id": "wuCwRzfq5pG4m/kBjeuhHA==", "updater": "rhel-vex", "name": "CVE-2022-27782", "description": "A vulnerability was found in curl. This issue occurs because curl can reuse a previously created connection even when a TLS or SSH-related option is changed that should have prohibited reuse. This flaw leads to an authentication bypass, either by mistake or by a malicious actor.", "issued": "2022-05-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-27782 https://bugzilla.redhat.com/show_bug.cgi?id=2082215 https://www.cve.org/CVERecord?id=CVE-2022-27782 https://nvd.nist.gov/vuln/detail/CVE-2022-27782 https://curl.se/docs/CVE-2022-27782.html https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-27782.json https://access.redhat.com/errata/RHSA-2022:5313", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:7.61.1-22.el8_6.3", "arch_op": "pattern match" }, "wzSMb7x9w2ctbLI2gJ4ZQw==": { "id": "wzSMb7x9w2ctbLI2gJ4ZQw==", "updater": "rhel-vex", "name": "CVE-2024-0450", "description": "A flaw was found in the Python/CPython 'zipfile' that can allow a zip-bomb type of attack. An attacker may craft a zip file format, leading to a Denial of Service when processed.", "issued": "2024-03-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-0450 https://bugzilla.redhat.com/show_bug.cgi?id=2276525 https://www.cve.org/CVERecord?id=CVE-2024-0450 https://nvd.nist.gov/vuln/detail/CVE-2024-0450 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-0450.json https://access.redhat.com/errata/RHSA-2024:3347", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "python3-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-62.el8_10", "arch_op": "pattern match" }, "x/E/17qfxsUFUEyIuvFneg==": { "id": "x/E/17qfxsUFUEyIuvFneg==", "updater": "rhel-vex", "name": "CVE-2025-4330", "description": "A flaw was found in CPython's tarfile module. This vulnerability allows bypassing of extraction filters, enabling symlink traversal outside the intended extraction directory and potential modification of file metadata via malicious tar archives using TarFile.extractall() or TarFile.extract() with the filter=\"data\" or filter=\"tar\" parameters. This issue leads to potentially overwriting or modifying system files and metadata.", "issued": "2025-06-03T12:58:57Z", "links": "https://access.redhat.com/security/cve/CVE-2025-4330 https://bugzilla.redhat.com/show_bug.cgi?id=2370014 https://www.cve.org/CVERecord?id=CVE-2025-4330 https://nvd.nist.gov/vuln/detail/CVE-2025-4330 https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a https://github.com/python/cpython/issues/135034 https://github.com/python/cpython/pull/135037 https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-4330.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "x/dH4LPb4xyx3VuIAD7n6A==": { "id": "x/dH4LPb4xyx3VuIAD7n6A==", "updater": "rhel-vex", "name": "CVE-2022-4304", "description": "A timing-based side channel exists in the OpenSSL RSA Decryption implementation, which could be sufficient to recover a ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption, an attacker would have to be able to send a very large number of trial messages for decryption. This issue affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP, and RSASVE.", "issued": "2023-02-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-4304 https://bugzilla.redhat.com/show_bug.cgi?id=2164487 https://www.cve.org/CVERecord?id=CVE-2022-4304 https://nvd.nist.gov/vuln/detail/CVE-2022-4304 https://www.openssl.org/news/secadv/20230207.txt https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-4304.json https://access.redhat.com/errata/RHSA-2023:1405", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:1.1.1k-9.el8_7", "arch_op": "pattern match" }, "x7UVxc9fjdM7vNUVwudQGw==": { "id": "x7UVxc9fjdM7vNUVwudQGw==", "updater": "rhel-vex", "name": "CVE-2020-35527", "description": "An out-of-bounds read vulnerability was found in SQLite. This security flaw occurs when the ALTER TABLE for views has a nested FROM clause. This flaw allows an attacker to triage an out-of-bounds read and access confidential data successfully.", "issued": "2020-02-23T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-35527 https://bugzilla.redhat.com/show_bug.cgi?id=2122329 https://www.cve.org/CVERecord?id=CVE-2020-35527 https://nvd.nist.gov/vuln/detail/CVE-2020-35527 https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-35527.json https://access.redhat.com/errata/RHSA-2022:7108", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "sqlite-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.26.0-16.el8_6", "arch_op": "pattern match" }, "xALSv+x7XKVD+0EFfpq9Qw==": { "id": "xALSv+x7XKVD+0EFfpq9Qw==", "updater": "rhel-vex", "name": "CVE-2024-6232", "description": "A regular expression denial of service (ReDos) vulnerability was found in Python's tarfile module. Due to excessive backtracking while tarfile parses headers, an attacker may be able to trigger a denial of service via a specially crafted tar archive.", "issued": "2024-09-03T13:15:05Z", "links": "https://access.redhat.com/security/cve/CVE-2024-6232 https://bugzilla.redhat.com/show_bug.cgi?id=2309426 https://www.cve.org/CVERecord?id=CVE-2024-6232 https://nvd.nist.gov/vuln/detail/CVE-2024-6232 https://github.com/python/cpython/issues/121285 https://github.com/python/cpython/pull/121286 https://mail.python.org/archives/list/security-announce@python.org/thread/JRYFTPRHZRTLMZLWQEUHZSJXNHM4ACTY/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-6232.json https://access.redhat.com/errata/RHSA-2024:6975", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "platform-python", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-67.el8_10", "arch_op": "pattern match" }, "xD7WW9qKNrtcrs3Uqmjqag==": { "id": "xD7WW9qKNrtcrs3Uqmjqag==", "updater": "rhel-vex", "name": "CVE-2022-2097", "description": "AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimized implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of \"in place\" encryption, sixteen bytes of the plaintext would be revealed.", "issued": "2022-07-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-2097 https://bugzilla.redhat.com/show_bug.cgi?id=2104905 https://www.cve.org/CVERecord?id=CVE-2022-2097 https://nvd.nist.gov/vuln/detail/CVE-2022-2097 https://www.openssl.org/news/secadv/20220705.txt https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-2097.json https://access.redhat.com/errata/RHSA-2022:5818", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:1.1.1k-7.el8_6", "arch_op": "pattern match" }, "xLIujTim86EomaRofe4tDg==": { "id": "xLIujTim86EomaRofe4tDg==", "updater": "rhel-vex", "name": "CVE-2023-32611", "description": "A flaw was found in GLib. GVariant deserialization is vulnerable to a slowdown issue where a crafted GVariant can cause excessive processing, leading to denial of service.", "issued": "2022-12-14T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-32611 https://bugzilla.redhat.com/show_bug.cgi?id=2211829 https://www.cve.org/CVERecord?id=CVE-2023-32611 https://nvd.nist.gov/vuln/detail/CVE-2023-32611 https://gitlab.gnome.org/GNOME/glib/-/issues/2797 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-32611.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "xRcsZnz/pmqPPqPZYbHnNQ==": { "id": "xRcsZnz/pmqPPqPZYbHnNQ==", "updater": "rhel-vex", "name": "CVE-2023-32360", "description": "A vulnerability was found in OpenPrinting CUPS. Unauthorized users are permitted to fetch documents over local or remote networks, leading to confidentiality breach.", "issued": "2022-12-06T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-32360 https://bugzilla.redhat.com/show_bug.cgi?id=2230495 https://www.cve.org/CVERecord?id=CVE-2023-32360 https://nvd.nist.gov/vuln/detail/CVE-2023-32360 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-32360.json https://access.redhat.com/errata/RHSA-2023:4864", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "High", "package": { "id": "", "name": "cups-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:2.2.6-51.el8_8.1", "arch_op": "pattern match" }, "xUVvBnCMD32GQ2LYOKWw0A==": { "id": "xUVvBnCMD32GQ2LYOKWw0A==", "updater": "rhel-vex", "name": "CVE-2023-38546", "description": "A flaw was found in the Curl package. This flaw allows an attacker to insert cookies into a running program using libcurl if the specific series of conditions are met.", "issued": "2023-10-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-38546 https://bugzilla.redhat.com/show_bug.cgi?id=2241938 https://access.redhat.com/errata/RHSA-2024:2101 https://www.cve.org/CVERecord?id=CVE-2023-38546 https://nvd.nist.gov/vuln/detail/CVE-2023-38546 https://curl.se/docs/CVE-2023-38546.html https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-38546.json https://access.redhat.com/errata/RHSA-2024:1601", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:7.61.1-33.el8_9.5", "arch_op": "pattern match" }, "xj8C0jhrXC6kG1IMTlx5Dg==": { "id": "xj8C0jhrXC6kG1IMTlx5Dg==", "updater": "rhel-vex", "name": "CVE-2022-2526", "description": "A use-after-free vulnerability was found in systemd. This issue occurs due to the on_stream_io() function and dns_stream_complete() function in 'resolved-dns-stream.c' not incrementing the reference counting for the DnsStream object. Therefore, other functions and callbacks called can dereference the DNSStream object, causing the use-after-free when the reference is still used later.", "issued": "2022-08-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-2526 https://bugzilla.redhat.com/show_bug.cgi?id=2109926 https://www.cve.org/CVERecord?id=CVE-2022-2526 https://nvd.nist.gov/vuln/detail/CVE-2022-2526 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-2526.json https://access.redhat.com/errata/RHSA-2022:6206", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "systemd-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:239-58.el8_6.4", "arch_op": "pattern match" }, "xoFUsA33ah+6MWsXR1DIaw==": { "id": "xoFUsA33ah+6MWsXR1DIaw==", "updater": "rhel-vex", "name": "CVE-2023-6135", "description": "The Network Security Services (NSS) package contains a vulnerability that exposes a side-channel information leak. This weakness enables a local attacker to capture several thousand usages of a signature, allowing them to utilize this information to recover portions of an ECDSA private key.", "issued": "2023-12-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-6135 https://bugzilla.redhat.com/show_bug.cgi?id=2249906 https://www.cve.org/CVERecord?id=CVE-2023-6135 https://nvd.nist.gov/vuln/detail/CVE-2023-6135 https://bugzilla.mozilla.org/show_bug.cgi?id=1853908 https://minerva.crocs.fi.muni.cz/ https://people.redhat.com/~hkario/marvin/ https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6135 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-6135.json https://access.redhat.com/errata/RHSA-2024:0786", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "nss-util", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:3.90.0-6.el8_9", "arch_op": "pattern match" }, "y+rQU8LQ+pUslhuxB0qZZA==": { "id": "y+rQU8LQ+pUslhuxB0qZZA==", "updater": "rhel-vex", "name": "CVE-2024-20945", "description": "Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator).", "issued": "2024-01-16T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-20945 https://bugzilla.redhat.com/show_bug.cgi?id=2257874 https://www.cve.org/CVERecord?id=CVE-2024-20945 https://nvd.nist.gov/vuln/detail/CVE-2024-20945 https://www.oracle.com/security-alerts/cpujan2024.html#AppendixJAVA https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-20945.json https://access.redhat.com/errata/RHSA-2024:0267", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.10.0.7-2.el8", "arch_op": "pattern match" }, "y0jGDIVZc312BivjXNg1yg==": { "id": "y0jGDIVZc312BivjXNg1yg==", "updater": "rhel-vex", "name": "CVE-2022-32816", "description": "A vulnerability was found in webkit. This issue occurs when visiting a website that frames malicious content, which may lead to UI spoofing.", "issued": "2022-07-04T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-32816 https://bugzilla.redhat.com/show_bug.cgi?id=2238975 https://www.cve.org/CVERecord?id=CVE-2022-32816 https://nvd.nist.gov/vuln/detail/CVE-2022-32816 https://wpewebkit.org/security/WSA-2022-0007.html https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-32816.json https://access.redhat.com/errata/RHSA-2022:7704", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "glib2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.56.4-159.el8", "arch_op": "pattern match" }, "y5V4wHQ+FEdoq8IR6nEOWw==": { "id": "y5V4wHQ+FEdoq8IR6nEOWw==", "updater": "rhel-vex", "name": "CVE-2023-24329", "description": "A flaw was found in the Python package. An issue in the urllib.parse component could allow attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.This may lead to compromised Integrity.", "issued": "2023-02-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-24329 https://bugzilla.redhat.com/show_bug.cgi?id=2173917 https://www.cve.org/CVERecord?id=CVE-2023-24329 https://nvd.nist.gov/vuln/detail/CVE-2023-24329 https://pointernull.com/security/python-url-parse-problem.html https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-24329.json https://access.redhat.com/errata/RHSA-2023:3591", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "normalized_severity": "High", "package": { "id": "", "name": "python3-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:3.6.8-51.el8_8.1", "arch_op": "pattern match" }, "y9xJ6GbX8SdCqjqBWcAKTQ==": { "id": "y9xJ6GbX8SdCqjqBWcAKTQ==", "updater": "rhel-vex", "name": "CVE-2022-48303", "description": "A flaw was found in the Tar package. When attempting to read files with old V7 tar format with a specially crafted checksum, an invalid memory read may occur. An attacker could possibly use this issue to expose sensitive information or cause a crash.", "issued": "2022-04-30T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-48303 https://bugzilla.redhat.com/show_bug.cgi?id=2149722 https://www.cve.org/CVERecord?id=CVE-2022-48303 https://nvd.nist.gov/vuln/detail/CVE-2022-48303 https://savannah.gnu.org/bugs/?62387 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-48303.json https://access.redhat.com/errata/RHSA-2023:0842", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "tar", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "2:1.30-6.el8_7.1", "arch_op": "pattern match" }, "yLGlMtmirdDmLVSq1jBtQg==": { "id": "yLGlMtmirdDmLVSq1jBtQg==", "updater": "rhel-vex", "name": "CVE-2023-32324", "description": "A flaw was found in the Cups package. A buffer overflow vulnerability in the |format_log_line| function could allow remote attackers to cause a denial of service. Exploitation is only possible when the configuration file, cupsd.conf, has the value of loglevel set to DEBUG.", "issued": "2023-06-01T10:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-32324 https://bugzilla.redhat.com/show_bug.cgi?id=2209603 https://www.cve.org/CVERecord?id=CVE-2023-32324 https://nvd.nist.gov/vuln/detail/CVE-2023-32324 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-32324.json https://access.redhat.com/errata/RHSA-2023:7165", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "cups-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "1:2.2.6-54.el8_9", "arch_op": "pattern match" }, "yLcc+OCTtFZEBFHR2T/Nnw==": { "id": "yLcc+OCTtFZEBFHR2T/Nnw==", "updater": "rhel-vex", "name": "CVE-2023-28484", "description": "A NULL pointer dereference vulnerability was found in libxml2. This issue occurs when parsing (invalid) XML schemas.", "issued": "2023-04-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-28484 https://bugzilla.redhat.com/show_bug.cgi?id=2185994 https://www.cve.org/CVERecord?id=CVE-2023-28484 https://nvd.nist.gov/vuln/detail/CVE-2023-28484 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-28484.json https://access.redhat.com/errata/RHSA-2023:4529", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.9.7-16.el8_8.1", "arch_op": "pattern match" }, "yOoXrTGyBdTFymEzPQiWcA==": { "id": "yOoXrTGyBdTFymEzPQiWcA==", "updater": "rhel-vex", "name": "CVE-2023-22041", "description": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK executes to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).", "issued": "2023-07-18T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-22041 https://bugzilla.redhat.com/show_bug.cgi?id=2223207 https://www.cve.org/CVERecord?id=CVE-2023-22041 https://nvd.nist.gov/vuln/detail/CVE-2023-22041 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-22041.json https://access.redhat.com/errata/RHSA-2023:4159", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.8.0.7-2.el8", "arch_op": "pattern match" }, "yY0Pdupngyp6vGfDBB9k+g==": { "id": "yY0Pdupngyp6vGfDBB9k+g==", "updater": "rhel-vex", "name": "CVE-2023-38473", "description": "A vulnerability was found in Avahi. A reachable assertion exists in the avahi_alternative_host_name() function.", "issued": "2023-04-26T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-38473 https://bugzilla.redhat.com/show_bug.cgi?id=2191694 https://www.cve.org/CVERecord?id=CVE-2023-38473 https://nvd.nist.gov/vuln/detail/CVE-2023-38473 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-38473.json https://access.redhat.com/errata/RHSA-2023:7836", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "avahi-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:0.7-21.el8_9.1", "arch_op": "pattern match" }, "ylAdCrQ5ZqBMajhFGdx86g==": { "id": "ylAdCrQ5ZqBMajhFGdx86g==", "updater": "rhel-vex", "name": "CVE-2024-2961", "description": "An out-of-bounds write flaw was found in the ISO-2022-CN-EXT plugin for glibc's iconv library. When converting from UCS4 charset, adding certain escape charterers is required to indicate where the charset was changed to the library. During this process, iconv improperly checks the boundaries of internal buffers, leading to a buffer overflow, which allows writing up to 3 bytes outside the desired memory location. This issue may allow an attacker to craft a malicious characters sequence that will trigger the out-of-bounds write and perform remote code execution, presenting a high impact to the Integrity, Confidentiality, and Availability triad.", "issued": "2024-04-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-2961 https://bugzilla.redhat.com/show_bug.cgi?id=2273404 https://www.cve.org/CVERecord?id=CVE-2024-2961 https://nvd.nist.gov/vuln/detail/CVE-2024-2961 https://www.openwall.com/lists/oss-security/2024/04/17/9 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-2961.json https://access.redhat.com/errata/RHSA-2024:2722", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "glibc-common", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.28-236.el8_9.13", "arch_op": "pattern match" }, "yuFlxOGqQlDuMCywIIELNw==": { "id": "yuFlxOGqQlDuMCywIIELNw==", "updater": "rhel-vex", "name": "CVE-2025-30258", "description": "A flaw was found in GnuPG. In affected versions, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that has incorrect usage flags, the user loses the ability to verify signatures made from certain other signing keys, leading to a verification denial of service.", "issued": "2025-03-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-30258 https://bugzilla.redhat.com/show_bug.cgi?id=2353427 https://www.cve.org/CVERecord?id=CVE-2025-30258 https://nvd.nist.gov/vuln/detail/CVE-2025-30258 https://dev.gnupg.org/T7527 https://dev.gnupg.org/rG48978ccb4e20866472ef18436a32744350a65158 https://lists.gnupg.org/pipermail/gnupg-announce/2025q1/000491.html https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-30258.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "yuxIsmGjsa0YFWxCXfxBcA==": { "id": "yuxIsmGjsa0YFWxCXfxBcA==", "updater": "rhel-vex", "name": "CVE-2022-1586", "description": "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", "issued": "2022-03-23T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-1586 https://bugzilla.redhat.com/show_bug.cgi?id=2077976 https://www.cve.org/CVERecord?id=CVE-2022-1586 https://nvd.nist.gov/vuln/detail/CVE-2022-1586 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-1586.json https://access.redhat.com/errata/RHSA-2022:5809", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "pcre2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:10.32-3.el8_6", "arch_op": "pattern match" }, "yvPadVM0tnN/2SPeW4dXXg==": { "id": "yvPadVM0tnN/2SPeW4dXXg==", "updater": "rhel-vex", "name": "CVE-2023-2283", "description": "A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in the`pki_verify_data_signature` function in memory allocation problems. This issue may happen if there is insufficient memory or the memory usage is limited. The problem is caused by the return value `rc,` which is initialized to SSH_ERROR and later rewritten to save the return value of the function call `pki_key_check_hash_compatible.` The value of the variable is not changed between this point and the cryptographic verification. Therefore any error between them calls `goto error` returning SSH_OK.", "issued": "2023-05-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-2283 https://bugzilla.redhat.com/show_bug.cgi?id=2189736 https://www.cve.org/CVERecord?id=CVE-2023-2283 https://nvd.nist.gov/vuln/detail/CVE-2023-2283 https://www.libssh.org/security/advisories/CVE-2023-2283.txt https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-2283.json https://access.redhat.com/errata/RHSA-2023:3839", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "libssh-config", "version": "", "kind": "binary", "normalized_version": "", "arch": "noarch", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:0.9.6-10.el8_8", "arch_op": "pattern match" }, "z/wClzhcU+IxlG8lX3F3aQ==": { "id": "z/wClzhcU+IxlG8lX3F3aQ==", "updater": "rhel-vex", "name": "CVE-2022-1304", "description": "An out-of-bounds read/write vulnerability was found in e2fsprogs. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.", "issued": "2022-03-24T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-1304 https://bugzilla.redhat.com/show_bug.cgi?id=2069726 https://www.cve.org/CVERecord?id=CVE-2022-1304 https://nvd.nist.gov/vuln/detail/CVE-2022-1304 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-1304.json https://access.redhat.com/errata/RHSA-2022:7720", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libcom_err", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:1.45.6-5.el8", "arch_op": "pattern match" }, "z01YovUzyXTkAUFXy66bQA==": { "id": "z01YovUzyXTkAUFXy66bQA==", "updater": "rhel-vex", "name": "CVE-2023-21968", "description": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).", "issued": "2023-04-18T20:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-21968 https://bugzilla.redhat.com/show_bug.cgi?id=2187802 https://www.cve.org/CVERecord?id=CVE-2023-21968 https://nvd.nist.gov/vuln/detail/CVE-2023-21968 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-21968.json https://access.redhat.com/errata/RHSA-2023:1898", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "java-17-openjdk-headless", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "1:17.0.7.0.7-1.el8_7", "arch_op": "pattern match" }, "zF8HhCrapUcFsur5Zlm4iA==": { "id": "zF8HhCrapUcFsur5Zlm4iA==", "updater": "rhel-vex", "name": "CVE-2024-37370", "description": "A vulnerability was found in the MIT Kerberos 5 GSS krb5 wrap token, where an attacker can modify the plaintext Extra Count field, causing the unwrapped token to appear truncated to the application, occurs when the attacker alters the token data during transmission which can lead to improper handling of authentication tokens.", "issued": "2024-06-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-37370 https://bugzilla.redhat.com/show_bug.cgi?id=2294677 https://www.cve.org/CVERecord?id=CVE-2024-37370 https://nvd.nist.gov/vuln/detail/CVE-2024-37370 https://web.mit.edu/kerberos/www/krb5-1.21/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-37370.json https://access.redhat.com/errata/RHSA-2024:5312", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "krb5-libs", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:1.18.2-29.el8_10", "arch_op": "pattern match" }, "zQPbdPTLszV8VKIt5+3Weg==": { "id": "zQPbdPTLszV8VKIt5+3Weg==", "updater": "rhel-vex", "name": "CVE-2022-32792", "description": "A vulnerability was found in webkit. This issue occurs when processing maliciously crafted web content which may lead to arbitrary code execution.", "issued": "2022-07-04T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-32792 https://bugzilla.redhat.com/show_bug.cgi?id=2238973 https://www.cve.org/CVERecord?id=CVE-2022-32792 https://nvd.nist.gov/vuln/detail/CVE-2022-32792 https://wpewebkit.org/security/WSA-2022-0007.html https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-32792.json https://access.redhat.com/errata/RHSA-2022:7704", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glib2", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|src|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:2.56.4-159.el8", "arch_op": "pattern match" }, "zWeqFjoRJbI+pv0+S4dSMg==": { "id": "zWeqFjoRJbI+pv0+S4dSMg==", "updater": "rhel-vex", "name": "CVE-2024-33600", "description": "A flaw was found in the glibc netgroup cache. After a failed cache insertion, addgetnetgrentX tries to send the non-existing response after the not-found header. This can lead to a null pointer dereference that causes a crash or exit.", "issued": "2024-04-24T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-33600 https://bugzilla.redhat.com/show_bug.cgi?id=2277204 https://www.cve.org/CVERecord?id=CVE-2024-33600 https://nvd.nist.gov/vuln/detail/CVE-2024-33600 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-33600.json https://access.redhat.com/errata/RHSA-2024:3344", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc-common", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.28-251.el8_10.2", "arch_op": "pattern match" }, "zWi69uXT/KgXGfthGpnrmQ==": { "id": "zWi69uXT/KgXGfthGpnrmQ==", "updater": "rhel-vex", "name": "CVE-2022-43552", "description": "A vulnerability was found in curl. In this issue, curl can be asked to tunnel all protocols virtually it supports through an HTTP proxy. HTTP proxies can deny these tunnel operations using an appropriate HTTP error response code. When getting denied to tunnel the specific SMB or TELNET protocols, curl can use a heap-allocated struct after it has been freed and shut down the code path in its transfer.", "issued": "2022-12-21T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-43552 https://bugzilla.redhat.com/show_bug.cgi?id=2152652 https://www.cve.org/CVERecord?id=CVE-2022-43552 https://nvd.nist.gov/vuln/detail/CVE-2022-43552 https://curl.se/docs/CVE-2022-43552.html https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-43552.json https://access.redhat.com/errata/RHSA-2023:2963", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "libcurl", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|i686|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "fixed_in_version": "0:7.61.1-30.el8", "arch_op": "pattern match" }, "zZQCP3BDcenpzAWN8Bg79Q==": { "id": "zZQCP3BDcenpzAWN8Bg79Q==", "updater": "rhel-vex", "name": "CVE-2024-47081", "description": "A flaw was found in the Requests HTTP library. This vulnerability allows leakage of .netrc credentials to third parties via maliciously crafted URLs that exploit a URL parsing issue.", "issued": "2025-06-09T17:57:47Z", "links": "https://access.redhat.com/security/cve/CVE-2024-47081 https://bugzilla.redhat.com/show_bug.cgi?id=2371272 https://www.cve.org/CVERecord?id=CVE-2024-47081 https://nvd.nist.gov/vuln/detail/CVE-2024-47081 http://seclists.org/fulldisclosure/2025/Jun/2 http://www.openwall.com/lists/oss-security/2025/06/03/11 http://www.openwall.com/lists/oss-security/2025/06/03/9 http://www.openwall.com/lists/oss-security/2025/06/04/1 http://www.openwall.com/lists/oss-security/2025/06/04/6 https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef https://github.com/psf/requests/pull/6965 https://github.com/psf/requests/security/advisories/GHSA-9hjg-9r4m-mvj7 https://requests.readthedocs.io/en/latest/api/#requests.Session.trust_env https://seclists.org/fulldisclosure/2025/Jun/2 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-47081.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-pip", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "zm9S9CFdip1s25g9TUWF5w==": { "id": "zm9S9CFdip1s25g9TUWF5w==", "updater": "rhel-vex", "name": "CVE-2024-52616", "description": "A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them sequentially after that. This predictable behavior facilitates DNS spoofing attacks, allowing attackers to guess transaction IDs.", "issued": "2024-11-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-52616 https://bugzilla.redhat.com/show_bug.cgi?id=2326429 https://www.cve.org/CVERecord?id=CVE-2024-52616 https://nvd.nist.gov/vuln/detail/CVE-2024-52616 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-52616.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "avahi", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "zmFkHbEK+8lW7TKeZffkmQ==": { "id": "zmFkHbEK+8lW7TKeZffkmQ==", "updater": "rhel-vex", "name": "CVE-2024-2961", "description": "An out-of-bounds write flaw was found in the ISO-2022-CN-EXT plugin for glibc's iconv library. When converting from UCS4 charset, adding certain escape charterers is required to indicate where the charset was changed to the library. During this process, iconv improperly checks the boundaries of internal buffers, leading to a buffer overflow, which allows writing up to 3 bytes outside the desired memory location. This issue may allow an attacker to craft a malicious characters sequence that will trigger the out-of-bounds write and perform remote code execution, presenting a high impact to the Integrity, Confidentiality, and Availability triad.", "issued": "2024-04-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-2961 https://bugzilla.redhat.com/show_bug.cgi?id=2273404 https://www.cve.org/CVERecord?id=CVE-2024-2961 https://nvd.nist.gov/vuln/detail/CVE-2024-2961 https://www.openwall.com/lists/oss-security/2024/04/17/9 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-2961.json https://access.redhat.com/errata/RHSA-2024:3269", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "glibc-minimal-langpack", "version": "", "kind": "binary", "normalized_version": "", "arch": "aarch64|ppc64le|s390x|x86_64", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" }, "fixed_in_version": "0:2.28-251.el8_10.1", "arch_op": "pattern match" } }, "package_vulnerabilities": { "+FFDF1L07rB99e4UL9WB+A==": [ "m8ueKfgkaYIYTU+xtIQcwA==", "GFCdJ9nfiEZweptVRgkFWg==", "53xt9ofhDspNa5exDSyxUQ==", "phTW1jd+Vdu7XERPdgoqUg==", "J6V4je3mZjkDf/lc+6NV1Q==", "yOoXrTGyBdTFymEzPQiWcA==", "Mc7zHgg4D2CxQferqT0txw==", "He2qeG6pnwyLDPZ0Ymi+8Q==", "3BIEEZNGzCJWC2Fx4uu4xg==", "QyxTp/hIOE/OAuSyRpqXeQ==", "Ozdwc6yAzERyoKF4+dYT/w==", "1V9gvOnbc/O4GqJ9bOA+6A==", "udlsuO0I24dCR4iLk24vTA==", "OhcCd0zeiQKtFtNGp31MYQ==", "UrKjwk9WIe9u1Nz1CrdGxg==", "RqGQEUART3PNe9eSTBq14Q==", "r2Fnd4reKywK0gvDJTqRDA==", "z01YovUzyXTkAUFXy66bQA==", "RtlTQJtBm04IDRUV95z65A==", "0hx3AeRTki0QKu49u2uI9A==", "jERMA/+L5tOAwtIbJdCp4Q==", "ojs9EKTQUre0tExhDXVQIQ==", "eUbosfSkltEvzBkXVc+Bqw==", "Ki7oqSsO2d+3IU4Kt9Ij9Q==", "G0+1xEPWjgkrJRsbMDuWXg==", "wbkfHSeMnwURYLEYuqhPlw==", "GC0PrHyRUgy0CoSA0ZEcAg==", "WvmzsuJEzKkP58rPW1w/Aw==", "+8Es4zGqyVDOkBuJhwt5Bg==", "jLAoZmKVOHrnt9mnufsmwA==", "n7pgOvbE5kcvTytZ+btYxA==", "ZGYWl+p1RrOT0HzaEzSTjg==", "y+rQU8LQ+pUslhuxB0qZZA==", "qiUAkotn50Bq59ppZ/rSvg==", "kc9wfQbgmYFKmu0N/WviEg==", "p2gxShXxoUHwRgR2ANJ+CQ==", "GAvIYzeuCDnfsiqzVSRXSQ==", "KmDekh9bjUEz74sD3+JWxw==", "OkBQv6P8l9HZFxt6Kd+WNA==", "sBJURZ2fj6Mnwd/nrY5DEg==", "21JEFP/1qdwwKuIXlNd6Og==", "i+WrWvb8ia7fSchciC2NIA==", "6miXGlAYo7AcRZhS83AtIQ==", "ffHVt37/ZGxBo8sMZpdwQQ==", "iBlxrK2NH9SLDa3YW66J9w==", "TuyZ+9VbyFRnolLiZxTIeg==", "eGsbfyK/NIuDPMhuewKzbg==", "tjzeYSIOXVDYaOmt58hKxA==", "l1/qopzsE7Edjkd1o4THEA==", "wVS7RsVmrUgb8qJJZxUcfw==", "XNlrBQKe37o7KhUU6jxS0A==", "ZGazKGaEIFJr/qgYuwClNg==", "b5pHLo6BzI2vDWL/bZbKhg==", "wHuOkcGp9LHaNHajGAhAkQ==", "ZNUx9b6Gk9ggFU4V1BHIPQ==" ], "+oTt3EDPSdSzupH3D6G0BA==": [ "WHB3WNu2RgNXJhjw7mBJLw==" ], "/hlOG6wgqZ0r/gMNh7kyZQ==": [ "COtHtAUMk7T3/UH/P0P8Bg==", "QwCNWThma/kKdhYxvbKjGQ==", "w+2jX+j+SJAeE1GKFrFFUg==", "nqU9dNTDJgnF1kHabSdMNw==", "ZvX4VR3jvMBd1Wq+RxNTgg==", "BJ3b2nevq6iK1UCd/7G48A==", "ay8SZz7e5oUxSq/eln9epA==", "UBjIgC7Uc/Jv2H/pnNmGgQ==", "k4h1ljDFG4vbtDcBj51PfQ==" ], "/nOgP+HpRWzSY9fEcmr6JQ==": [ "zZQCP3BDcenpzAWN8Bg79Q==", "I/ciDFfxIabKbBVHg7M38w==", "8I2jFG8JRR+6+eqqYlXhAg==", "1zVZTSVjPMhgdBYrxkWAlw==" ], "2k8BSFOOZ2ndA++n5wl4TA==": [ "7NwS166PaZGi7M67yM58Gw==", "RXbXUJmL/Bm70R9lVz2Aqw==", "KY9BKlq4Gj8NzFJAjVvZ0Q==", "Q/ySAojdxPRpKKA3fdxcjw==", "n57uH3fsX2arO0SuWUsJhg==", "aVK7ciiDea8theCZAMJkqQ==", "hTubippsZ0CGktd0YrC9Iw==", "+XQB7XrU7erMfJQg1chJSw==", "lMO/fWY33YTgxeTQS9ahOQ==", "havwgv5z7TxcCEPKPQ7K9Q==", "mdqYN2l1XmMgVsj/nxOlTg==", "weIqW9ibkn/dNwumqFNUvg==", "iYkhHLb5QUhydGOHhj7OoA==", "WbmUGgkmxoaGa9IhjWsUzA==", "fsOyUQZjzqQ9jgr0bJS+gA==", "DHL638g8uJ4meOJCV40ygw==", "zWeqFjoRJbI+pv0+S4dSMg==", "86OIQgkTOTkmF1pPpJdY2g==", "XhZ3hHjcK40DoUB+HlWOEg==", "ylAdCrQ5ZqBMajhFGdx86g==", "0HVDDj50URae9KMuitnGAQ==", "YRGOKGOFaSHJHQuJdCol5w==", "K9iroZkqL0rOnZwxxgg88A==", "baJCEw0uHdQWt5sQYv4JwQ==" ], "5Mcqv1rmwAoEs983fcq1cg==": [ "90371rURZTzvZV3upGEFLw==", "pTZOjhousl549buzLryOCA==", "B793JwKYVpka9SzQJ95f0A==", "pzCRDrenevX3EAToXcPQ0Q==", "HGutNBOBI3bGwUTGbCk+Dw==", "qFcfrE95F4Rd6nEojcwIgg==", "P/yYfuu6LspAl/8KG0/T1A==", "Q6ubSHX2vqKa7M5A8vw/1g==", "4st9LD+2++7vu0j406/Xrw==", "slNt5MUPoZUlUUPr/YisNg==", "JIDV1pvncNzhtgdgLparmg==", "gVESKEIZBaB5Ell+PC1whQ==", "kk1lCt4kV+DgvM5q8b7new==", "mTRhXv2RRRE1V99LYYJaQQ==", "lkpy3aG6JVPgJ/H4gsHLxg==", "sKvmLJjqOdEEFy6WYjsmNQ==", "do9QkBm4gctUE+HcvuyHiQ==", "w5YNvLTjQMuWnv2ujLws1g==", "u6A/CFM93ZkYJVLWdcSARg==", "FCW5vXKA2+ORD2+pWU1nlg==", "mzH5InrtX2D7A+1HPD0Ipg==", "ZDI3BbfBdOVsLpV2RldMaA==", "81J+T1001q2+nKUZzY+w+Q==", "ey8J9hZfodcj21DYLkBN5Q==" ], "6Tp9WGakxVaQJ9rGhrsxpw==": [ "Bhp1hmpBG//cJMEH3DeGGQ==", "9+MWAgJGmCbODfE2C76Gqg==", "zF8HhCrapUcFsur5Zlm4iA==", "ZAEbqGvurMVFPbaWIUuMsQ==", "vc4u+Qr6h02g9HVH5yVCIw==", "PbWuhLHE6IKdaBWnoaZt3w==", "vZmGRLHy3p0AEiSLAMSdrA==", "P9K/j8TJJcZmCd+6z/HUnQ==", "bCmMOQnPYWaCVArfmlcGNA==", "gcwLQ0nzcXGeX+WVj5zBaA==" ], "6dlkQEp2PtZPvC6f+1oBaA==": [ "8j1slAUDk5hMt1Yun3UG9w==", "Ea8F2bdzmo0QmE5VcHagUQ==" ], "6mY62Fou7cJqqLJXm9hzXg==": [ "W/d4trZ7jb2yxjrq4cNOWA==", "yuFlxOGqQlDuMCywIIELNw==", "lHXxq+uu8bqjCiNYJSLThw==" ], "8vRmB+Moiz+Kt6edi4cSYw==": [ "OWjo5jp0o/r2whDDnWp0vw==", "kXU0r9dog4PIJG+D3RoOMg==" ], "9CuK4fRE5gzOSWH5fqWZJw==": [ "CXmq6PlgBV6WEbOmhzfuVg==", "fbasw5HIvtLhMJi0PCBjEA==", "ABgR53RGqC9VvQwdxY9Jpg==", "x7UVxc9fjdM7vNUVwudQGw==", "4DMC2rzmr/0uqLP6PpG7JQ==", "rTYZAVwsyQs0wlBQwNVCvw==", "8ZxbhBIT+9Mj99/XbMpLSQ==", "5B1tQ2BK8z/YjRkYcvwqag==", "YxArgGZ2k3AOfJkjsHVAEg==", "uxd8tIEkk+r2hWTEgvyv8w==", "fotaIKpz80a9St4ZCdXtGg==", "p+MFXsGF7YbCXGsNdOy5gg==", "Xa22jaVc91z8CL55umm+fA==", "nNkfCouC7eKdpQ16WKRlmw==", "Dn8FqzmeTA8CSJ0ia2P9gg==" ], "9c4B7Edcs6gS7zy4kBT4Jw==": [ "4/mftydHpy90Umw3G0mTuQ==", "8Sec+JvKiQWGqYCOBdZhjg==", "ewHp/5RPgtChNiB8fQaApQ==", "YC3QWljAM10wnWDHV9my8w==", "V3pl8W8hmQWZZasRgG5a8w==", "aW0iaUuIHg86jDWhWtL7pQ==", "YiJlkUTKf0/7+ORZMmQ2cw==", "dUct0H4Fen89ZeNxqRrDMg==", "Q56kx76uLWIhLRNIyon0jg==", "EQ4eP3gKo3y8JsWUiWr6+g==", "AE8Cp1u8I9t52OYW7oGU4w==", "oi+xJA0boxRY5yWPOBsJFw==" ], "BPD4nm0V1xem9/HmmAnFiA==": [ "z/wClzhcU+IxlG8lX3F3aQ==" ], "BrxW5JNpEdvbkoGRXbVirw==": [ "gqNlp+zMbwHq1FhCyd5krQ==", "rkTtYvrd12uyxklXyGzF1A==", "KrdA+ZSJ60jp3zLcReaBRQ==", "B3GLjxsk0fvju/+IzG5Prg==", "yvPadVM0tnN/2SPeW4dXXg==", "2ys6ySRPV45jjaqKiRi8NQ==", "BUzSiF4P8l2fba8+4vytIw==", "HsgdR+ZUz/buofS6xN/cdA==", "8TFgFlUtgZLpn2Ire1885g==", "0nxqdWkEMqTJy8A94osl3w==" ], "Bt7v/jLkw1CWEjQhzP+6Ew==": [ "arc3e7T1PhjZvuuztkD40g==" ], "Ce3Eu6RmZkiUW2to8Kec/w==": [ "eqoqeJN8gMUINJLH2PXP7g==", "ILRkBDacA/Hq8lS4vwmUQw==", "Fcnpx41i8off67HnLCjD6g==", "bG/xFPRLORcdoTEuIWFoCA==", "oyfakLKwkgiQvoEuhk9VTA==" ], "DDTkLjNbJ/V2uz310z/fuw==": [ "5t439uCeC/gu1OEWWSlheA==" ], "DS3vpAOaY4vfiIx/udLZRg==": [ "Zp9+pixFuNBueE2yO610gQ==", "PIMpTa5HiWLhah5sbziU7w==" ], "DYJh4BkqJxquwUlC97bMfg==": [ "L7QbkTbsy8v3tMfOqNsVKQ==", "+nHq7dak7Hkjcru/xpwzhQ==", "u3Av8Eh05ctMA0eswLGL/w==", "M6D+VTRNXixbmL/0yy1a9w==", "VPXnnF64iZiXGI8n3FF+lw==", "T2QS67+g6RntDqSjp2teiw==" ], "DmuZx55zNhnDgvsTT5yVYw==": [ "SXl2Y2LOY3/aFmsbDvIpow==", "jHi92E7/EboO54Bh8cBB2w==", "g5LZdgQezHXnQfGOzFdKXw==" ], "FdB9K1+1CEpzAW4zwkaAGw==": [ "eTtgQuxLR2tdfiRwFY3Gjw==", "FKQTXMln7RVZ8Bvso0uw+g==", "A1bqcvx0EeeUlRO5lHUXHg==", "Ng5iiCGmoHR+swxooAJCqw==", "Z2gVqii6wCj6i+vSsYJAfQ==", "zWi69uXT/KgXGfthGpnrmQ==", "Ci/HAvcdDokxp0qRBpn32g==", "WuM9uW74v8oBxx5G+PnIsQ==", "RRAwCyx+5LRa0hJdjcXk3Q==", "1UGfcYGDEJl3LBntORtAkg==", "qsYFMtlQAD9SM+IctGJ47A==", "oZ2HBP+W/SPEpO39t0rk9Q==", "VRA9wsSKTemeKWRMUOSQ8A==", "eIxHveLHtbaG2Gvw5MNLGw==", "jJZxGEs6W0UoNszCBT+BbA==", "/DAGRW0SjCjrhjUqgqTmZg==", "pjb5LKdJAfqIzj4N6YBwUQ==", "fayrPya6DVXP9weWvA6obQ==", "qXNASosSuCsudML1MqXPjw==" ], "HDZVD0RFqjZqw94CAmDsAg==": [ "8rxYDEPu2XxazQ3cBUhX0Q==", "UMD4nV1Ky5C5eKUMgtnKzw==", "9uK7ZDYgFtqP786n0QunAg==", "y9xJ6GbX8SdCqjqBWcAKTQ==" ], "HkH7JOZ7zVk8ggpmKHnMxg==": [ "tYrHMwJR2+IKZNZqejG6CA==", "Ovba/OJi1hooRYrIRm6vew==", "4ujx/9tWXnLXiaQL8hGPMg==", "uhcEFlQ5Y56RqwkffBPaug==", "92hwasOdRT3Qwtdx3+Ymjg==", "c3EBqCsce61MGNOLAQRoFQ==" ], "Hr1TetfTnCbToWK+Q1/NLw==": [ "XNkilQLowK7fFFcGXGXo0g==", "1V7EAEuZ5HF3GMIH1SqKVQ==", "rlIHPdC3n0HQJVXto2MqUA==", "7MunWMtYjSZc7Cw7Vl1WRw==", "vSafoZvPBi4XyWwytyKmoQ==", "PGr9ZlGaUfSfWBK3qA3UAg==" ], "IViyNgpFkLysfz2oNJCQ6A==": [ "L7QbkTbsy8v3tMfOqNsVKQ==", "+nHq7dak7Hkjcru/xpwzhQ==", "FzMHDyPt7UleDzkFzsCMrg==", "krjhsgVS6cWh58tlL6ugfg==", "ow8EEGUia8t2W6ehFm2Q1g==", "HfZUhYy0Js3tgtxy1156zQ==" ], "IdaeQutkPjfv4bTMEkXWog==": [ "fXpWtuXNPi3tb2edhk37bw==", "t4oe6DBPNf5Ikk93RfTdig==", "8pGyaLRS1vu6mt0ZaJAg1w==" ], "KEv35rCgD9zHEYNaQPCB6A==": [ "Y5NtVIgOo2LjjySOhtpqgA==", "a6WklDYhYXKGRIopjXMKuw==", "psa6YFVRa1f9Bbg0ykPQdw==" ], "N1RbIRo2SyHosQefv+skDw==": [ "UbmdE2pHXRFccv8l1e02Jw==" ], "PQXz0EQWi7hqoFdjFxre5A==": [ "t/5P2v7l5Us6uU/TayuL5g==", "t/5P2v7l5Us6uU/TayuL5g==" ], "QHV4EMODNNJmbNjIaJf1bg==": [ "4hlQKWgASyO3lo2fByu3Lg==", "oH9GUrUZwnTD/B7HZXwX7A==", "3ukaS4wFZw3C98uakRKpLA==", "rhOFh4qnddtkLBAFz7YOLQ==", "fKt72w71goWuZiVh+wHa+g==", "nxs3JIcLL2Mv7o8/51F1dw==", "D9+NOlBi6FX8NJhT8oVHcA==", "34jKZUtQbaN/dKiP+pyimg==", "lbwTAHoHLyYT3AIO+M7x0A==", "hmeqTWiD2AyHreDwAk5zEA==", "XHx6qufkdiNQ4ThOPaZ7Cg==" ], "Sg7WHD/cpWdFZ7MyPqITSQ==": [ "aXKVm7Dm+JnzHeNplsbXnA==" ], "WrV+rIJLRk8b24xMew9Hkg==": [ "r4EeKQ1+HUg4G/JeyALXtw==", "McSXqVuR6tGJf6vkcFREXg==" ], "XKq3fjedO7d4LSKzSLDcMw==": [ "wJ2K5RC6GNcF23yWwo/ClQ==", "v9s+wrjqS8T+Gv13ICb/hw==", "o9iOw4os3AQQsV1P6JYQ/g==", "Ktk5hZEExnBrqnvP5TBq8A==", "WxJXyAPAm0twg0Sa6CraCQ==", "SuqeYfq0DU93PPLhMlcfdA==", "m04qKG8oaclOoLS97g+q9g==", "6d8PbxNCvsQ81JDCp+EclQ==", "pZcxvsmHDYPkwMOvqmwKtg==", "nXdrTPYJyewaIZB9ybDqoQ==", "ZlXiwfrkwH4AKEF9SpVZyA==", "+vMXtJSeK8g1RwnD/+b+4w==", "gnPnOLbj2/V0jyJHgTPljA==", "0lVKuiEWrTiY4i1yVwl4aQ==", "dTu/y4C8jFna4JvXmym/NQ==", "rv7NKQvuSB9aCiT0itP3Wg==", "JNUrKI0zZxKRrBrBzoBLMQ==", "1djukiGPRxtxIDYdWA6nAA==", "zmFkHbEK+8lW7TKeZffkmQ==", "q8IV0OaGJOcT9aOsTlo4ZA==", "rstjr9tgTpXg6LEasctgFg==", "eNwsUNYw4TmBGCsePQ1C+w==", "UDs3SEk5W11f8Zr4c1P89w==", "bo89sJ5bpNwiYs1HKmEhew==" ], "XRQoUUwhqBcAJ1b8F4oXFg==": [ "HKS2QL87HxGZ+kNv9Ohv6A==", "i9gRgWelYzL7dgZUCFlj5Q==", "POH6436D/7P69Z7CXk+4qw==" ], "ZRpVwDgK9rS2HJv/RQ5Gkg==": [ "dP3lH6efxI+rDx/3sfqhTQ==", "ZSIgoENQ6JuxP4rnSyyi7Q==", "Lr7APYpoHx1Gcopp0lkBGQ==", "K/SChMPcKirzzgJ/2H3Snw==", "GwvwH1WAYCMvkkUHPbMGGQ==" ], "a/C1LgCuivE/bMfk0e2Ybw==": [ "L7QbkTbsy8v3tMfOqNsVKQ==", "+nHq7dak7Hkjcru/xpwzhQ==", "Q3YvGJDHhCOVdPl8wlbQiQ==", "8RhiWuvrta/hRaUfUrb/oA==", "6DLPak8GAuUaNtzh3oep9g==", "breeo2G1CL/f9vP/mBuGqg==" ], "aTfPDP7oJqFwbwjiDbCnWA==": [ "IEMHgBMw35D4hXSAa095xA==" ], "aaqgZLnMiT6K6puliSe4vA==": [ "6FP4s8wPa+Gv4e3xITF6rw==", "cLjtH8DMGP9rRcR7G0FwXQ==", "syQN6IkMqEQ4cR81UqeD/Q==", "Dl5IWlE36LXQNZFom7AfiA==", "yLGlMtmirdDmLVSq1jBtQg==", "3IgZDz5UYkhu/U1/4kSWKg==", "/1CYFiexnJcM7p4YrI/FVg==", "xRcsZnz/pmqPPqPZYbHnNQ==", "SwDBo0PcPcpx9Kg8cJhiMg==", "K6uaVwUZHszfGhRWXdtyLw==", "7SBwpQIypClesqN48zBoOA==", "cgK5G78up7raRd8LrOZKNw==" ], "bcw2EOFjnx1wB4M400Jpew==": [ "fvGjL9hw9hDQockMTb7lrA==", "u7+HgSa7TeEER7vqZGcD4Q==", "gwgU9MEYef7tGC9huNJmjA==", "a2WzG6eILX6PH58wZxT/eg==", "XEpNbYE8baSeNQKfAWr65g==", "rIqJL7bel29V0hJFbPUZ9w==", "/s1EALuKQUNsL6wI6P+L3Q==", "ZINV7lyZu9XBwDcnEkkOmQ==", "rqTdCy5ddJKSpbo9WfySBw==", "CDirM24yx1UPPl5o027PMw==", "3Tb/2rNonPAx7JWdUUQ8oA==", "ERrMXj3isUPJ9ur1x/Fxqg==", "Iw/8/Ghx1xANXejV7+z8Zg==" ], "bfF0cEWD49u6W/lExfuSww==": [ "JULVy5wy3sW0IxhRCyvLzw==", "5WmkIXghmpKM9Lig9VrOxA==", "pA/gdUqtBf9C33OwLzVwUA==", "gY0X2Ivz08MuFcbtUAjw4Q==", "xD7WW9qKNrtcrs3Uqmjqag==", "8MEAnOTOISpJSkWi6WPfVw==", "/zeNBSs/BEl2xiceiql1Bg==", "3wyODHpRAzZnhOjhnPd7/Q==", "0nBHTK879DllWAKX/qnDtQ==", "x/dH4LPb4xyx3VuIAD7n6A==", "jHXrqfXFS2613cOsnAbbPQ==", "/WwwNIXu3P/Dl6bU2HZW1Q==", "6FQUI3OxX4C5skWXKgq80Q==", "gagftKXuSuh9pi4dRu9yPQ==", "gZak1oPB4mrHNgIOnZCrjg==", "86unVXyTxdffdcXWZTYw5g==", "UPzTyNn8ZLXlb+bwRFPPTA==", "QUtTYJuHdkAOgtveagWUfA==", "PcNbuWOo0ahqjfbOQhXvvQ==", "QcOTYeOedG0AUhPSakMpIA==", "rVgBV65FWtFg3jitEqotFA==" ], "dFKSSJF5WrKg9VsNZqM98g==": [ "HTk+AAyRWNCrZTtBLx34Aw==", "FJHSWZFQM9fVMQc3QtVQPw==" ], "eFLULNLLXzpYwmFsV83Z2A==": [ "w9b2nNIUI4FuM87xznV0Pw==", "Mz0ngyR6Id7iin7uAxNAYw==", "hppUsF0legX7lWORapWe7g==", "C+M5Fz7OtMa7mj9LZ6bxFw==", "QI6uWM4Qbaobf2jl8ezerw==", "NP+ftgAXKAxtqkDd2/nZ5Q==", "n62NQEoNh2KDuo0RjqDKag==", "aN5J80ZvkGBs2zb1EoCKAw==", "LSK/jpdA0my/0ITmRM7LRw==", "TxXyqwdsm1MLIWkwCwrl4g==", "n9TO3YkOGkrwZ3JXQbe6GQ==", "dhMoh9p3gbOIA7u0sGqGCQ==", "n+B8KykobCXAQ94pMr3HEQ==", "lJBDe4u1RTOYApw/wCGRBw==", "NiJEOu5Kjh3lsQlrV/cvxw==", "twcXZqY7vb9SGK+fuP/vNg==", "y5V4wHQ+FEdoq8IR6nEOWw==", "cCowLuOsLfTMmPFOoqUVww==", "mRazAXjBcgFrTolNDZHDsA==", "ozOABrlbDimrNXKHKTm4PQ==", "HKrLnQyTw1292mNt3MQ0aQ==", "+aBBge+GaHuGkuNbilZwZQ==", "/tIO7UvmYpD2rJg34Sr/Lw==", "RVCidRUm4D1IKoPhoUi2AA==", "x/E/17qfxsUFUEyIuvFneg==", "3F5EkAY1orHwJiew6BsDzw==", "58CqV1nF0B/Z3xZFLRisig==", "aIssfXhXh+O9Q6gT9fzA4Q==", "fExn+ODrunWOcAM6sOMY2Q==", "wQ52als+baxxZM+7SgfcwQ==", "ORwe+kzFJjOOvg2V1zLttQ==", "+eLe6KFr85wO6TEnOPTz9g==", "DKe3Snv9XIl2dqqQ4ty0VA==", "3BwRA41Fvwd3QICFweyUXA==", "OPy7Fiduw9KEpo8dGN9jJg==", "LvY+0b8eLd3sz+9w+e48OA==", "w7f0WrYy5nUAdHu0TDShKA==", "Fppidu+wYiM99PLiUOgZWg==", "AwJQXoUVWSbzJ5znc4qglQ==", "C+0ShvpHz/LJ1gnkur/F4g==", "w6E5UFnu0txj9rXqXxF7nw==", "18jvRt70rCwvPLdZK5IZgQ==", "wzSMb7x9w2ctbLI2gJ4ZQw==", "vUS/kXBrIAVJCcEVLBHidA==", "0Nqx1PYel2XQJNYhgqQ78A==" ], "eiOy5bizxjO/psTcJ5Gh+g==": [ "wa+sXhxdBo4Y1JRm4G8Fqw==", "8rKA8ZJ1GNONmSHAKpnyGA==" ], "ev1iPKY2UXha+ggKYJjsaQ==": [ "ubvC+5devxtiT2b9I8XPgw==", "gO6zvBRDTB4rta0/41e1gQ==", "JSaaaompsbKsRPOGmqWlSg==", "7p+Ta4Uy+VyMwzbCK/ZUSA==", "EiJx6rOT8KoLX+Wu7/N6HQ==", "G7IyfoPhe9f8QzIGbOfn7Q==", "KGXy4/PIqmqxgmdGe+CSOw==", "lt63SpZsP/G28WfMx2j4zg==", "TLOrmSYL76Du+GI4WD9gMQ==", "dKTnwBWQXrodDyq0efE+iA==", "c7NVXfTsTMVF7aSpsUVoAg==", "R+cOeg14k7ddoOulV2YJPw==", "MBtl9rP7D2DY8aZOJ0U4Qw==", "AtxldZcGaOo56ns2r72+MQ==", "AtFl3bqWHcHaJ9RHQ9OsXA==", "yLcc+OCTtFZEBFHR2T/Nnw==", "tui4wg/rbptEhoXd4jTiWQ==", "+aqImWW/63FSOH4OqNJDeQ==", "cXcVRNX0Kbtuz9UuQfmUNw==", "wKWD/Dk1JsWuC3NsOz8lLQ==", "I2Zt9YsHD1yGZzClxwi8Nw==", "WiBQj7XHKIGrrTQyNBrWmg==", "OeTADeRVaMhDk1Akna9xlA==", "Wtvn0xgob97WvcM7EjfmXA==", "ouSt6xtRrHEbNlGnYNC0Uw==", "P3bwFhcjgNE4VGXZoiVmRA==", "OpCld6iRicihruOWfDVl/A==", "j1B9rh6x/Shr00583Fm/gg==", "42hcSK6smfuaC5vG4Ott/Q==", "k6yDpahkU2/ZfGq/aUK2dw==", "6jCz/VrJ23VzfnqT5f5Srw==", "YU7Z5U1vIuzhiGVwvleZtA==", "9t+uB2Um3fkCqmFx87TgCA==" ], "gHqedlJKvlfFUaKLCsSx5w==": [ "SGu58h9I4IKw+IX4J/uwTg==", "3XJRJsGvjXpvkosCndVfHg==", "xALSv+x7XKVD+0EFfpq9Qw==", "f+mifhQGaTax4VvJBSCSpg==", "w9jXbkPTbBxSV8aWLxzn/w==", "v252Lhr64CaOMO2x3IgBkQ==", "WtNX+KKJMTA5E13Wj9WuMA==", "p6VWIonYblKaG3Rwgi8WZg==", "rQWkLJMiGYoTQoc430zUmQ==", "j8YmUSbHLORXj+i5Mtknvw==", "0/ObkWWwIgSVwxLb9J6Mzw==", "2CM3BoMvZg9NWZfYqarGHA==", "VxnhJhcJDibHkRcU/osXDw==", "5ua2nLPHKNwa9EoB2ADuiQ==", "BLUjU87+rjkM4Sizx1Jxvw==", "PWIiCvSZS6iRuLgswRF8CQ==", "YN57CFin8wJMUdySgEbDDg==", "cCowLuOsLfTMmPFOoqUVww==", "mRazAXjBcgFrTolNDZHDsA==", "ozOABrlbDimrNXKHKTm4PQ==", "HKrLnQyTw1292mNt3MQ0aQ==", "+aBBge+GaHuGkuNbilZwZQ==", "/tIO7UvmYpD2rJg34Sr/Lw==", "RVCidRUm4D1IKoPhoUi2AA==", "x/E/17qfxsUFUEyIuvFneg==", "3F5EkAY1orHwJiew6BsDzw==", "58CqV1nF0B/Z3xZFLRisig==", "aIssfXhXh+O9Q6gT9fzA4Q==", "tim7JKWFrDoMpe+VOdRp6g==", "GnTTW6G1l3dAlgCF3plXLg==", "Wsu5UzNfQFqjm4dwWxgPNA==", "Tmms/OdMfFhomdNX8yeqdg==", "i2VJiQc09WdLRrYlgROY4g==", "3hFva6CKHYz84/DAAl4vYQ==", "m1XLddmNhywlmwx0uiasAA==", "pfL9lFH8EnDQ1pcBADCdlw==", "XIOkhF/HGo7NDscxxXolRw==", "02y47AktmLpSs7TyV8lCmA==", "MFPnXhqi7R/vWR8Pbt8PiA==", "QUke6jnbLM13V2/ms9s8pw==", "8rlUwwauzNJj5fxec9mB0w==", "um++s3UKODBEKMJePUzR0Q==", "qmXzoDBk0VHG0o+XlDk32Q==", "f07gzc6bhMznO+y2blff4w==", "NJcot/jXTfghKCED4k3bTw==" ], "gm9BPVKEWWFxtqQJPXyfHQ==": [ "66v0aqTJ+rWKKSw9QM/UiQ==", "/XMnxvMOAeDdGbdjLczh/Q==", "g5LZdgQezHXnQfGOzFdKXw==" ], "hqd/9D+OkW729P80H901pQ==": [ "28aE+mt81+7B1o+xQFCVdg==" ], "jMyXitPOUCEtLfcUNdw6Zg==": [ "cmqla8jisnjS+p+DA0529w==" ], "jYaqI4DO/pU8eppVudGvPg==": [ "L7QbkTbsy8v3tMfOqNsVKQ==", "+nHq7dak7Hkjcru/xpwzhQ==", "VLmOwtIBlSQardViyo7ZpA==", "FBpZBP7e7f2BzSjJ+ifgBQ==", "DxJuN04StbTZ4XMcl6OLtA==", "aoTbGkTpK3FwA+kn6HQBnw==" ], "k4gCNgIfg7MM/e42ThRx2w==": [ "n83jaRl/T6kiaoMyWtX8xw==", "AZQ9MHTiNLYiRU7sYZlVGw==" ], "kjVZfo8JzLBxs/TQW7gjCA==": [ "IBwplA8saI0ZfUheNf3v8w==", "5tDBtQtoQdaGURIXIcUT2Q==", "+YxXQhrTILcT9YhxMK+sgQ==", "ICMgLhb2hrTu4aoZgv4OJg==", "sJ/+AGrenHKChVgEt+/oCg==", "t+FG7sGtFQWvNo6i1WzJzQ==", "q1zmuMA/fP0Sm4aw9tougg==", "wV05ATqBSzZ6GJceR8XF1w==" ], "o4tvrO4Cuc2PXep4Fk53sA==": [ "O6eQrDqYe8zCvECWFMIzFQ==", "MRnBR1NwPejsF0F/Po53Ew==" ], "oJIAHlP0pGe97iAzAFF0xA==": [ "pjb5LKdJAfqIzj4N6YBwUQ==", "fayrPya6DVXP9weWvA6obQ==", "qXNASosSuCsudML1MqXPjw==", "4e7QYgIO+xMWFH4OQ4f9yA==", "f0km1zTP88JT7aYTZ7d8MQ==", "PTH7algJJJWUW4L+g1tpBQ==", "Pjzsw6+ClTH3tDntlo5n9g==", "t+GPN31gTFWovU+9KQM3nA==", "POFuUisVoRmRJc/rUQ6M1w==", "5+JKWQiYpMfyZXzO0HebRQ==", "PIAhpDt1N9HfzNKvp6fi/w==", "wuCwRzfq5pG4m/kBjeuhHA==", "B8ElLRneqJ2ZPPQyvG1LJA==", "pnUVH8OADSjjKoMer3rokQ==", "ttiQ8Ne17O8KN24UqGvbeA==", "5oBb42rSFxsRbGLiglvWag==", "c9IP9u5A7MOStA19b+RjKw==", "jt0t59uqf5Ysdznl6XSAXA==", "xUVvBnCMD32GQ2LYOKWw0A==" ], "p75sU/+cD5K1Jv37jjSsxQ==": [ "a6VkbY6DpPyOiIT3w0aLQA==", "1cFZ9bO4226NywOWSEqpqA==", "qefz9HpCEPJ3lvjIha2k3Q==", "7C9fLvYVRJxFBN4CqCvk0A==", "BWBAL8HBA2f4WVVXqszTNw==", "G6QnC6Ht4tbSnRDjV4i1vA==", "rEg00U8+//igCt+0+QBUhA==", "S7qx7a03HASsJhyQafvXjg==", "avCxxosOVggwZGQXgntvFQ==", "UkRzJIq1dpEpe+pCeDMBWQ==", "73+OfODwepfBuK+I3748Fg==", "YlNwNNYhMhxVXKAMARrRXA==" ], "pKEOaN2eCFIneHzHE7HYug==": [ "kl+nHl+uiNLzyLIPmJZ+2A==", "1cFZ9bO4226NywOWSEqpqA==", "qefz9HpCEPJ3lvjIha2k3Q==", "7C9fLvYVRJxFBN4CqCvk0A==", "BWBAL8HBA2f4WVVXqszTNw==", "G6QnC6Ht4tbSnRDjV4i1vA==", "rEg00U8+//igCt+0+QBUhA==", "S7qx7a03HASsJhyQafvXjg==", "avCxxosOVggwZGQXgntvFQ==", "UkRzJIq1dpEpe+pCeDMBWQ==", "73+OfODwepfBuK+I3748Fg==", "YlNwNNYhMhxVXKAMARrRXA==" ], "riulbh7DNxLvW7j4IHJ1VA==": [ "A0OZcibIaJ/I+PqV8GXB3w==", "wquj2vV0Nf1IoXVgBObYRA==" ], "roJZvIVMt4WjSq7FlFoG3A==": [ "L7QbkTbsy8v3tMfOqNsVKQ==", "+nHq7dak7Hkjcru/xpwzhQ==", "b6nJlqhDXyHanx5z6KpLBA==", "lztZZhM8DKOpSD1UaKxSYA==", "A1IysEc49jGXChmC+5b76A==", "xoFUsA33ah+6MWsXR1DIaw==" ], "rrdnE/YLwpAII45HQiOssw==": [ "vbb3B2HEkh68zKtbOGgyMQ==", "5TopTOe34y/XKYSNpb8vxA==", "Kgb0OXb48Qy0VFaP/ozc+A==", "eOlvg4lqTz3Su6Gyzrf9Ag==", "ETRAxjVLst09hXUl8FldTw==", "OzJkO78MmDzePTWx0sg2IA==", "jqhqk8o/+99KqV26DBZ2OQ==", "EZ4/6xWzQBrHyWAxzOqWog==", "5x/ItUQpMkFxxiO3pm1+iw==", "oP30Ow5/EeXOCXP35T9fnw==" ], "sm5sCuXecubhzEqZduLhHA==": [ "Os1DfO8E456l/6+3keFvqA==", "O0MX0fzniEDC/IINFuoyRw==", "1BhMfisX7wncejaTurfMmg==", "xj8C0jhrXC6kG1IMTlx5Dg==", "DwHVu3OgkuXRIoJ6gZPduA==", "a067YUjLHWzR99JNl/RtGQ==", "BooDzA4nzaDI1l3E5zAHgg==", "H2CablNBrQ/I5AsUjk5xyw==" ], "tD550emtLUl2wRNyHrPi+w==": [ "icj6a8bc4dYK/DJNvkU0+A==", "yuxIsmGjsa0YFWxCXfxBcA==" ], "uC7d+TJ+SSl/a1e/alHSPg==": [ "p3B5sSxUcI3sJIaO9T4OXA==" ], "ucwDNO54HBA/m5Prl5y8uA==": [ "lXomMj4ef+u4GYISqoXJSA==", "thvY3u/qMHVY/oLiaxhgKA==", "S8oZoEhPJlWCS9nYpiuEUA==", "6oX8p1ex/KW78EOzlmbqsg==" ], "vQtjn4H9BmPSTQWBlhOhfQ==": [ "xLIujTim86EomaRofe4tDg==", "2tfVYVMnFMIJmwmpg1zYLQ==", "EiL50P2QSOoRA18XAAH6Pg==", "4cg1PtftAG9rbhLnCiy8GA==", "KaROgE0QmtiOixMG9Wi1RA==", "t4ytVDYYObtk+u0551GNTA==", "jguV9kU5iHC5V/cF3+b/tg==", "EKs36DFwHVCzU/cF0Be9pQ==", "y0jGDIVZc312BivjXNg1yg==", "TDGtAfBIT1unQk7mFjNXQQ==", "zQPbdPTLszV8VKIt5+3Weg==" ], "yrF61rYEIIm8W+nUWOL4pw==": [ "Rl8J9fWIWNsl1xi+9L/boQ==", "eEIOPn4/BUr8ja4EtI6IHQ==", "3UJthWOIpt1HgtQQKRlRqg==", "ZCt0yW434CaDOfVm9geRKw==", "+Df9kg8EJvjq71n3LXbaeQ==", "qiLMPDa5d6eufHsmVcJ13A==", "oJevmh6JId18tKfcAvK//Q==", "A1D09TCsbOQVpq/+8WoQbg==", "zm9S9CFdip1s25g9TUWF5w==", "kYYDrncBncmKkmFnSd5t3w==", "MbIP6skTvSICAjVnxuqoIg==", "IJS3b296QT7Z41aaGzQcDg==", "w5jdWkfHYKLuNhYijn7NcQ==", "yY0Pdupngyp6vGfDBB9k+g==", "efY13QnKfvccAqcHDbXHGg==", "i5aQNmtFwY4Id/H1OcQ2Cw==", "h9JXqFcXq7vA+7yXIEuGfQ==" ], "z4fnEFpWc1E2kVtgPcyZxA==": [ "PjCYGvBMu8wy3qqxRUwngA==", "ZSIgoENQ6JuxP4rnSyyi7Q==", "Lr7APYpoHx1Gcopp0lkBGQ==", "K/SChMPcKirzzgJ/2H3Snw==", "IQWSy6l9QPBAEUX4RIP13A==" ] }, "enrichments": { "message/vnd.clair.map.vulnerability; enricher=clair.cvss schema=https://csrc.nist.gov/schema/nvd/feed/1.1/cvss-v3.x.json": [ { "+Df9kg8EJvjq71n3LXbaeQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM" } ], "+YxXQhrTILcT9YhxMK+sgQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH" } ], "+eLe6KFr85wO6TEnOPTz9g==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "+nHq7dak7Hkjcru/xpwzhQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM" } ], "/1CYFiexnJcM7p4YrI/FVg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH" } ], "/DAGRW0SjCjrhjUqgqTmZg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW" } ], "/XMnxvMOAeDdGbdjLczh/Q==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM" } ], "/zeNBSs/BEl2xiceiql1Bg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM" } ], "0/ObkWWwIgSVwxLb9J6Mzw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM" } ], "02y47AktmLpSs7TyV8lCmA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH" } ], "0HVDDj50URae9KMuitnGAQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM" } ], "0Nqx1PYel2XQJNYhgqQ78A==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "0hx3AeRTki0QKu49u2uI9A==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM" } ], "0lVKuiEWrTiY4i1yVwl4aQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "0nBHTK879DllWAKX/qnDtQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "0nxqdWkEMqTJy8A94osl3w==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "1BhMfisX7wncejaTurfMmg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM" } ], "1UGfcYGDEJl3LBntORtAkg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "1V7EAEuZ5HF3GMIH1SqKVQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM" } ], "21JEFP/1qdwwKuIXlNd6Og==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW" } ], "28aE+mt81+7B1o+xQFCVdg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL" } ], "2CM3BoMvZg9NWZfYqarGHA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "availabilityImpact": "LOW", "baseScore": 7.6, "baseSeverity": "HIGH" } ], "2ys6ySRPV45jjaqKiRi8NQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM" } ], "3BwRA41Fvwd3QICFweyUXA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "3IgZDz5UYkhu/U1/4kSWKg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 3.3, "baseSeverity": "LOW" } ], "3Tb/2rNonPAx7JWdUUQ8oA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM" }, { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "3UJthWOIpt1HgtQQKRlRqg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM" } ], "3hFva6CKHYz84/DAAl4vYQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "3ukaS4wFZw3C98uakRKpLA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "3wyODHpRAzZnhOjhnPd7/Q==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH" } ], "4/mftydHpy90Umw3G0mTuQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "42hcSK6smfuaC5vG4Ott/Q==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "4DMC2rzmr/0uqLP6PpG7JQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "4e7QYgIO+xMWFH4OQ4f9yA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "4hlQKWgASyO3lo2fByu3Lg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "4st9LD+2++7vu0j406/Xrw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM" } ], "4ujx/9tWXnLXiaQL8hGPMg==": [ { "version": "3.0", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH" }, { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 6.4, "baseSeverity": "MEDIUM" } ], "5+JKWQiYpMfyZXzO0HebRQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "5B1tQ2BK8z/YjRkYcvwqag==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "5TopTOe34y/XKYSNpb8vxA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "5WmkIXghmpKM9Lig9VrOxA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM" } ], "5oBb42rSFxsRbGLiglvWag==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM" } ], "5t439uCeC/gu1OEWWSlheA==": [ { "version": "3.0", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM" } ], "5x/ItUQpMkFxxiO3pm1+iw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM" } ], "6DLPak8GAuUaNtzh3oep9g==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH" } ], "6FP4s8wPa+Gv4e3xITF6rw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM" } ], "6FQUI3OxX4C5skWXKgq80Q==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "6jCz/VrJ23VzfnqT5f5Srw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM" } ], "6miXGlAYo7AcRZhS83AtIQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW" } ], "6oX8p1ex/KW78EOzlmbqsg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH" } ], "73+OfODwepfBuK+I3748Fg==": [ { "version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "7C9fLvYVRJxFBN4CqCvk0A==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "7MunWMtYjSZc7Cw7Vl1WRw==": [ { "version": "3.0", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH" }, { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM" } ], "7SBwpQIypClesqN48zBoOA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH" } ], "7p+Ta4Uy+VyMwzbCK/ZUSA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL" } ], "86unVXyTxdffdcXWZTYw5g==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM" } ], "8I2jFG8JRR+6+eqqYlXhAg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH" } ], "8MEAnOTOISpJSkWi6WPfVw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM" } ], "8Sec+JvKiQWGqYCOBdZhjg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "LOW", "baseScore": 3.9, "baseSeverity": "LOW" } ], "8TFgFlUtgZLpn2Ire1885g==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM" } ], "8ZxbhBIT+9Mj99/XbMpLSQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM" } ], "8j1slAUDk5hMt1Yun3UG9w==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL" } ], "8pGyaLRS1vu6mt0ZaJAg1w==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM" } ], "8rKA8ZJ1GNONmSHAKpnyGA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH" } ], "8rlUwwauzNJj5fxec9mB0w==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "8rxYDEPu2XxazQ3cBUhX0Q==": [ { "version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "9+MWAgJGmCbODfE2C76Gqg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL" } ], "92hwasOdRT3Qwtdx3+Ymjg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM" } ], "9t+uB2Um3fkCqmFx87TgCA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "A1D09TCsbOQVpq/+8WoQbg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM" } ], "A1IysEc49jGXChmC+5b76A==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH" } ], "A1bqcvx0EeeUlRO5lHUXHg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM" } ], "ABgR53RGqC9VvQwdxY9Jpg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM" } ], "AZQ9MHTiNLYiRU7sYZlVGw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "AtxldZcGaOo56ns2r72+MQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "AwJQXoUVWSbzJ5znc4qglQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM" } ], "B3GLjxsk0fvju/+IzG5Prg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM" } ], "B793JwKYVpka9SzQJ95f0A==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH" } ], "B8ElLRneqJ2ZPPQyvG1LJA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "BJ3b2nevq6iK1UCd/7G48A==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "BUzSiF4P8l2fba8+4vytIw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "BWBAL8HBA2f4WVVXqszTNw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "BooDzA4nzaDI1l3E5zAHgg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM" } ], "C+0ShvpHz/LJ1gnkur/F4g==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "availabilityImpact": "LOW", "baseScore": 7.6, "baseSeverity": "HIGH" } ], "C+M5Fz7OtMa7mj9LZ6bxFw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "COtHtAUMk7T3/UH/P0P8Bg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "CXmq6PlgBV6WEbOmhzfuVg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "Ci/HAvcdDokxp0qRBpn32g==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "D9+NOlBi6FX8NJhT8oVHcA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "DKe3Snv9XIl2dqqQ4ty0VA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM" } ], "Dl5IWlE36LXQNZFom7AfiA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH" } ], "Dn8FqzmeTA8CSJ0ia2P9gg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "DwHVu3OgkuXRIoJ6gZPduA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM" } ], "DxJuN04StbTZ4XMcl6OLtA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH" } ], "EKs36DFwHVCzU/cF0Be9pQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "EQ4eP3gKo3y8JsWUiWr6+g==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "ERrMXj3isUPJ9ur1x/Fxqg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH" } ], "ETRAxjVLst09hXUl8FldTw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "EZ4/6xWzQBrHyWAxzOqWog==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW", "baseScore": 4.8, "baseSeverity": "MEDIUM" } ], "Ea8F2bdzmo0QmE5VcHagUQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL" } ], "EiJx6rOT8KoLX+Wu7/N6HQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "EiL50P2QSOoRA18XAAH6Pg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM" } ], "FJHSWZFQM9fVMQc3QtVQPw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM" } ], "FKQTXMln7RVZ8Bvso0uw+g==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "Fcnpx41i8off67HnLCjD6g==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL" } ], "Fppidu+wYiM99PLiUOgZWg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH" } ], "G6QnC6Ht4tbSnRDjV4i1vA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "G7IyfoPhe9f8QzIGbOfn7Q==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "GC0PrHyRUgy0CoSA0ZEcAg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH" } ], "GwvwH1WAYCMvkkUHPbMGGQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM" } ], "H2CablNBrQ/I5AsUjk5xyw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "attackVector": "PHYSICAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM" } ], "HKS2QL87HxGZ+kNv9Ohv6A==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW", "baseScore": 3.3, "baseSeverity": "LOW" } ], "HKrLnQyTw1292mNt3MQ0aQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "HfZUhYy0Js3tgtxy1156zQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM" } ], "HsgdR+ZUz/buofS6xN/cdA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW", "baseScore": 4.8, "baseSeverity": "MEDIUM" } ], "I2Zt9YsHD1yGZzClxwi8Nw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "IEMHgBMw35D4hXSAa095xA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL" } ], "IJS3b296QT7Z41aaGzQcDg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM" } ], "IQWSy6l9QPBAEUX4RIP13A==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM" } ], "J6V4je3mZjkDf/lc+6NV1Q==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW" } ], "JSaaaompsbKsRPOGmqWlSg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "JULVy5wy3sW0IxhRCyvLzw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "K/SChMPcKirzzgJ/2H3Snw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM" } ], "KGXy4/PIqmqxgmdGe+CSOw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW", "baseScore": 2.5, "baseSeverity": "LOW" } ], "KY9BKlq4Gj8NzFJAjVvZ0Q==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH" } ], "KaROgE0QmtiOixMG9Wi1RA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" }, { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "Kgb0OXb48Qy0VFaP/ozc+A==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW", "baseScore": 4.8, "baseSeverity": "MEDIUM" } ], "KrdA+ZSJ60jp3zLcReaBRQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW", "baseScore": 4.8, "baseSeverity": "MEDIUM" } ], "L7QbkTbsy8v3tMfOqNsVKQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "LSK/jpdA0my/0ITmRM7LRw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH" } ], "Lr7APYpoHx1Gcopp0lkBGQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM" } ], "LvY+0b8eLd3sz+9w+e48OA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "MBtl9rP7D2DY8aZOJ0U4Qw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "MFPnXhqi7R/vWR8Pbt8PiA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM" } ], "MRnBR1NwPejsF0F/Po53Ew==": [ { "version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" }, { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "LOW", "baseScore": 4.4, "baseSeverity": "MEDIUM" } ], "MbIP6skTvSICAjVnxuqoIg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM" } ], "McSXqVuR6tGJf6vkcFREXg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL" } ], "NJcot/jXTfghKCED4k3bTw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "NP+ftgAXKAxtqkDd2/nZ5Q==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "Ng5iiCGmoHR+swxooAJCqw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH" } ], "O0MX0fzniEDC/IINFuoyRw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM" } ], "O6eQrDqYe8zCvECWFMIzFQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "LOW", "baseScore": 4.4, "baseSeverity": "MEDIUM" } ], "ORwe+kzFJjOOvg2V1zLttQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "OWjo5jp0o/r2whDDnWp0vw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.3, "baseSeverity": "MEDIUM" } ], "OeTADeRVaMhDk1Akna9xlA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "Os1DfO8E456l/6+3keFvqA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH" } ], "Ovba/OJi1hooRYrIRm6vew==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM" } ], "OzJkO78MmDzePTWx0sg2IA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM" } ], "P3bwFhcjgNE4VGXZoiVmRA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "PGr9ZlGaUfSfWBK3qA3UAg==": [ { "version": "3.0", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH" }, { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 6.4, "baseSeverity": "MEDIUM" } ], "PIMpTa5HiWLhah5sbziU7w==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM" } ], "POFuUisVoRmRJc/rUQ6M1w==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM" } ], "POH6436D/7P69Z7CXk+4qw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM" } ], "PTH7algJJJWUW4L+g1tpBQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM" } ], "PjCYGvBMu8wy3qqxRUwngA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM" } ], "Pjzsw6+ClTH3tDntlo5n9g==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH" } ], "Q56kx76uLWIhLRNIyon0jg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM" } ], "QI6uWM4Qbaobf2jl8ezerw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM" } ], "QUke6jnbLM13V2/ms9s8pw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "availabilityImpact": "LOW", "baseScore": 7.6, "baseSeverity": "HIGH" } ], "QUtTYJuHdkAOgtveagWUfA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM" } ], "QwCNWThma/kKdhYxvbKjGQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "R+cOeg14k7ddoOulV2YJPw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH" } ], "RRAwCyx+5LRa0hJdjcXk3Q==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "RVCidRUm4D1IKoPhoUi2AA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "RXbXUJmL/Bm70R9lVz2Aqw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "Rl8J9fWIWNsl1xi+9L/boQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM" } ], "S7qx7a03HASsJhyQafvXjg==": [ { "version": "3.0", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM" } ], "S8oZoEhPJlWCS9nYpiuEUA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "SGu58h9I4IKw+IX4J/uwTg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "T2QS67+g6RntDqSjp2teiw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM" } ], "TDGtAfBIT1unQk7mFjNXQQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM" } ], "Tmms/OdMfFhomdNX8yeqdg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "TxXyqwdsm1MLIWkwCwrl4g==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH" } ], "UBjIgC7Uc/Jv2H/pnNmGgQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "UMD4nV1Ky5C5eKUMgtnKzw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW", "baseScore": 3.3, "baseSeverity": "LOW" } ], "UPzTyNn8ZLXlb+bwRFPPTA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "UbmdE2pHXRFccv8l1e02Jw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH" } ], "UkRzJIq1dpEpe+pCeDMBWQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "V3pl8W8hmQWZZasRgG5a8w==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "LOW", "baseScore": 3.9, "baseSeverity": "LOW" } ], "VPXnnF64iZiXGI8n3FF+lw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH" } ], "VRA9wsSKTemeKWRMUOSQ8A==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM" } ], "VxnhJhcJDibHkRcU/osXDw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "W/d4trZ7jb2yxjrq4cNOWA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW", "baseScore": 3.3, "baseSeverity": "LOW" } ], "WHB3WNu2RgNXJhjw7mBJLw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH" } ], "WbmUGgkmxoaGa9IhjWsUzA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "WiBQj7XHKIGrrTQyNBrWmg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "Wsu5UzNfQFqjm4dwWxgPNA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "Wtvn0xgob97WvcM7EjfmXA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH" } ], "XEpNbYE8baSeNQKfAWr65g==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM" }, { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "XHx6qufkdiNQ4ThOPaZ7Cg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL" } ], "XIOkhF/HGo7NDscxxXolRw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH" } ], "XNkilQLowK7fFFcGXGXo0g==": [ { "version": "3.0", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH" }, { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM" } ], "Xa22jaVc91z8CL55umm+fA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM" } ], "Y5NtVIgOo2LjjySOhtpqgA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM" } ], "YN57CFin8wJMUdySgEbDDg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "YRGOKGOFaSHJHQuJdCol5w==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM" } ], "YlNwNNYhMhxVXKAMARrRXA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "YxArgGZ2k3AOfJkjsHVAEg==": [ { "version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "Z2gVqii6wCj6i+vSsYJAfQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM" } ], "ZAEbqGvurMVFPbaWIUuMsQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH" } ], "ZCt0yW434CaDOfVm9geRKw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM" } ], "ZDI3BbfBdOVsLpV2RldMaA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM" } ], "ZGYWl+p1RrOT0HzaEzSTjg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM" } ], "ZINV7lyZu9XBwDcnEkkOmQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM" } ], "ZNUx9b6Gk9ggFU4V1BHIPQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM" } ], "ZSIgoENQ6JuxP4rnSyyi7Q==": [ { "version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" }, { "version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "ZvX4VR3jvMBd1Wq+RxNTgg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH" } ], "a6VkbY6DpPyOiIT3w0aLQA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH" } ], "a6WklDYhYXKGRIopjXMKuw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH" } ], "aN5J80ZvkGBs2zb1EoCKAw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "aW0iaUuIHg86jDWhWtL7pQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "LOW", "baseScore": 3.9, "baseSeverity": "LOW" } ], "aXKVm7Dm+JnzHeNplsbXnA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "aoTbGkTpK3FwA+kn6HQBnw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM" } ], "arc3e7T1PhjZvuuztkD40g==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "avCxxosOVggwZGQXgntvFQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "ay8SZz7e5oUxSq/eln9epA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "breeo2G1CL/f9vP/mBuGqg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM" } ], "c3EBqCsce61MGNOLAQRoFQ==": [ { "version": "3.0", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH" }, { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 6.4, "baseSeverity": "MEDIUM" } ], "c7NVXfTsTMVF7aSpsUVoAg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "c9IP9u5A7MOStA19b+RjKw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW" } ], "cXcVRNX0Kbtuz9UuQfmUNw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM" } ], "cgK5G78up7raRd8LrOZKNw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM" } ], "cmqla8jisnjS+p+DA0529w==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "dKTnwBWQXrodDyq0efE+iA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "dP3lH6efxI+rDx/3sfqhTQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM" } ], "dTu/y4C8jFna4JvXmym/NQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH" } ], "dUct0H4Fen89ZeNxqRrDMg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW", "baseScore": 2.8, "baseSeverity": "LOW" } ], "dhMoh9p3gbOIA7u0sGqGCQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "availabilityImpact": "LOW", "baseScore": 7.6, "baseSeverity": "HIGH" } ], "eEIOPn4/BUr8ja4EtI6IHQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM" } ], "eIxHveLHtbaG2Gvw5MNLGw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW" } ], "eNwsUNYw4TmBGCsePQ1C+w==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM" } ], "eOlvg4lqTz3Su6Gyzrf9Ag==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM" } ], "eTtgQuxLR2tdfiRwFY3Gjw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "efY13QnKfvccAqcHDbXHGg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM" } ], "eqoqeJN8gMUINJLH2PXP7g==": [ { "version": "3.0", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM" } ], "ewHp/5RPgtChNiB8fQaApQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "f+mifhQGaTax4VvJBSCSpg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "f0km1zTP88JT7aYTZ7d8MQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "fExn+ODrunWOcAM6sOMY2Q==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "fKt72w71goWuZiVh+wHa+g==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "fayrPya6DVXP9weWvA6obQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "fbasw5HIvtLhMJi0PCBjEA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH" } ], "fotaIKpz80a9St4ZCdXtGg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "fsOyUQZjzqQ9jgr0bJS+gA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH" } ], "fvGjL9hw9hDQockMTb7lrA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "g5LZdgQezHXnQfGOzFdKXw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH" } ], "gO6zvBRDTB4rta0/41e1gQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "gY0X2Ivz08MuFcbtUAjw4Q==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL" }, { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL" } ], "gcwLQ0nzcXGeX+WVj5zBaA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "gqNlp+zMbwHq1FhCyd5krQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM" } ], "gwgU9MEYef7tGC9huNJmjA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "h9JXqFcXq7vA+7yXIEuGfQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM" } ], "havwgv5z7TxcCEPKPQ7K9Q==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM" } ], "hmeqTWiD2AyHreDwAk5zEA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL" } ], "hppUsF0legX7lWORapWe7g==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "i2VJiQc09WdLRrYlgROY4g==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM" } ], "i5aQNmtFwY4Id/H1OcQ2Cw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM" } ], "i9gRgWelYzL7dgZUCFlj5Q==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM" } ], "icj6a8bc4dYK/DJNvkU0+A==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "j1B9rh6x/Shr00583Fm/gg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "j8YmUSbHLORXj+i5Mtknvw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH" } ], "jHXrqfXFS2613cOsnAbbPQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL" } ], "jHi92E7/EboO54Bh8cBB2w==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM" } ], "jJZxGEs6W0UoNszCBT+BbA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM" } ], "jqhqk8o/+99KqV26DBZ2OQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "jt0t59uqf5Ysdznl6XSAXA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM" } ], "k4h1ljDFG4vbtDcBj51PfQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "kl+nHl+uiNLzyLIPmJZ+2A==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH" } ], "l1/qopzsE7Edjkd1o4THEA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW" } ], "lHXxq+uu8bqjCiNYJSLThw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "lMO/fWY33YTgxeTQS9ahOQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM" } ], "lXomMj4ef+u4GYISqoXJSA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL" } ], "lbwTAHoHLyYT3AIO+M7x0A==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "lkpy3aG6JVPgJ/H4gsHLxg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH" } ], "lt63SpZsP/G28WfMx2j4zg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL" } ], "mTRhXv2RRRE1V99LYYJaQQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "mzH5InrtX2D7A+1HPD0Ipg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM" } ], "n+B8KykobCXAQ94pMr3HEQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "n7pgOvbE5kcvTytZ+btYxA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "n83jaRl/T6kiaoMyWtX8xw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 4.7, "baseSeverity": "MEDIUM" } ], "n9TO3YkOGkrwZ3JXQbe6GQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM" } ], "nNkfCouC7eKdpQ16WKRlmw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL" } ], "nXdrTPYJyewaIZB9ybDqoQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM" } ], "nqU9dNTDJgnF1kHabSdMNw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "nxs3JIcLL2Mv7o8/51F1dw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "o9iOw4os3AQQsV1P6JYQ/g==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH" } ], "oH9GUrUZwnTD/B7HZXwX7A==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH" } ], "oJevmh6JId18tKfcAvK//Q==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM" } ], "oP30Ow5/EeXOCXP35T9fnw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "oZ2HBP+W/SPEpO39t0rk9Q==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW", "baseScore": 3.7, "baseSeverity": "LOW" } ], "oi+xJA0boxRY5yWPOBsJFw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL" } ], "ouSt6xtRrHEbNlGnYNC0Uw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "ow8EEGUia8t2W6ehFm2Q1g==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH" } ], "oyfakLKwkgiQvoEuhk9VTA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL" } ], "p+MFXsGF7YbCXGsNdOy5gg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH" } ], "p2gxShXxoUHwRgR2ANJ+CQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH" } ], "p6VWIonYblKaG3Rwgi8WZg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "pA/gdUqtBf9C33OwLzVwUA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM" } ], "pTZOjhousl549buzLryOCA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "pZcxvsmHDYPkwMOvqmwKtg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM" } ], "pfL9lFH8EnDQ1pcBADCdlw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "pnUVH8OADSjjKoMer3rokQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 5.7, "baseSeverity": "MEDIUM" } ], "psa6YFVRa1f9Bbg0ykPQdw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH" } ], "q1zmuMA/fP0Sm4aw9tougg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "qXNASosSuCsudML1MqXPjw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH" } ], "qefz9HpCEPJ3lvjIha2k3Q==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH" } ], "qiLMPDa5d6eufHsmVcJ13A==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM" } ], "qsYFMtlQAD9SM+IctGJ47A==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 5.7, "baseSeverity": "MEDIUM" } ], "r4EeKQ1+HUg4G/JeyALXtw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL" } ], "rEg00U8+//igCt+0+QBUhA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "rIqJL7bel29V0hJFbPUZ9w==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH" } ], "rQWkLJMiGYoTQoc430zUmQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH" } ], "rVgBV65FWtFg3jitEqotFA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM" } ], "rkTtYvrd12uyxklXyGzF1A==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "rlIHPdC3n0HQJVXto2MqUA==": [ { "version": "3.0", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH" }, { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 6.4, "baseSeverity": "MEDIUM" } ], "rqTdCy5ddJKSpbo9WfySBw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "rstjr9tgTpXg6LEasctgFg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM" } ], "slNt5MUPoZUlUUPr/YisNg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM" } ], "t+FG7sGtFQWvNo6i1WzJzQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL" } ], "t+GPN31gTFWovU+9KQM3nA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM" } ], "t/5P2v7l5Us6uU/TayuL5g==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL" } ], "t4oe6DBPNf5Ikk93RfTdig==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM" } ], "tYrHMwJR2+IKZNZqejG6CA==": [ { "version": "3.0", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH" }, { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM" } ], "thvY3u/qMHVY/oLiaxhgKA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "tim7JKWFrDoMpe+VOdRp6g==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "tjzeYSIOXVDYaOmt58hKxA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW", "baseScore": 3.7, "baseSeverity": "LOW" } ], "ttiQ8Ne17O8KN24UqGvbeA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW", "baseScore": 3.7, "baseSeverity": "LOW" } ], "tui4wg/rbptEhoXd4jTiWQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "u7+HgSa7TeEER7vqZGcD4Q==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM" } ], "ubvC+5devxtiT2b9I8XPgw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "uhcEFlQ5Y56RqwkffBPaug==": [ { "version": "3.0", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH" }, { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM" } ], "uxd8tIEkk+r2hWTEgvyv8w==": [ { "version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "v252Lhr64CaOMO2x3IgBkQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "v9s+wrjqS8T+Gv13ICb/hw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "vSafoZvPBi4XyWwytyKmoQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM" } ], "vZmGRLHy3p0AEiSLAMSdrA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.0, "baseSeverity": "CRITICAL" } ], "vbb3B2HEkh68zKtbOGgyMQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM" } ], "vc4u+Qr6h02g9HVH5yVCIw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH" } ], "w+2jX+j+SJAeE1GKFrFFUg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "w5jdWkfHYKLuNhYijn7NcQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM" } ], "w6E5UFnu0txj9rXqXxF7nw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "w7f0WrYy5nUAdHu0TDShKA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH" } ], "w9b2nNIUI4FuM87xznV0Pw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "w9jXbkPTbBxSV8aWLxzn/w==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM" } ], "wHuOkcGp9LHaNHajGAhAkQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW", "baseScore": 3.7, "baseSeverity": "LOW" } ], "wa+sXhxdBo4Y1JRm4G8Fqw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW", "baseScore": 3.3, "baseSeverity": "LOW" } ], "wbkfHSeMnwURYLEYuqhPlw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "wquj2vV0Nf1IoXVgBObYRA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" }, { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "wuCwRzfq5pG4m/kBjeuhHA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "x/dH4LPb4xyx3VuIAD7n6A==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM" } ], "x7UVxc9fjdM7vNUVwudQGw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL" } ], "xALSv+x7XKVD+0EFfpq9Qw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "xD7WW9qKNrtcrs3Uqmjqag==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM" } ], "xLIujTim86EomaRofe4tDg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM" } ], "xRcsZnz/pmqPPqPZYbHnNQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM" } ], "xUVvBnCMD32GQ2LYOKWw0A==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW" } ], "xj8C0jhrXC6kG1IMTlx5Dg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL" } ], "xoFUsA33ah+6MWsXR1DIaw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM" } ], "y0jGDIVZc312BivjXNg1yg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "y5V4wHQ+FEdoq8IR6nEOWw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "y9xJ6GbX8SdCqjqBWcAKTQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM" } ], "yLGlMtmirdDmLVSq1jBtQg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM" } ], "yLcc+OCTtFZEBFHR2T/Nnw==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "yY0Pdupngyp6vGfDBB9k+g==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM" } ], "yuxIsmGjsa0YFWxCXfxBcA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL" } ], "yvPadVM0tnN/2SPeW4dXXg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM" } ], "z/wClzhcU+IxlG8lX3F3aQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH" } ], "zF8HhCrapUcFsur5Zlm4iA==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH" } ], "zQPbdPTLszV8VKIt5+3Weg==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH" } ], "zWi69uXT/KgXGfthGpnrmQ==": [ { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM" } ] } ] } } pod: test-component-pac-vrbmoe-on-pull-request-z4gzf-clair-scan-pod | container step-oci-attach-report: Selecting auth Using token for quay.io/redhat-appstudio-qe/integration2-knlu/test-component-pac-vrbmoe Attaching clair-report-amd64.json to quay.io/redhat-appstudio-qe/integration2-knlu/test-component-pac-vrbmoe@sha256:565c0f7a8659c55322b310383b140ba2a7c72a624fb84acf305d7af04c891072 Executing: oras attach --no-tty --format go-template={{.digest}} --registry-config /home/oras/auth.json --artifact-type application/vnd.redhat.clair-report+json quay.io/redhat-appstudio-qe/integration2-knlu/test-component-pac-vrbmoe@sha256:565c0f7a8659c55322b310383b140ba2a7c72a624fb84acf305d7af04c891072 clair-report-amd64.json:application/vnd.redhat.clair-report+json pod: test-component-pac-vrbmoe-on-pull-request-z4gzf-clair-scan-pod | container step-conftest-vulnerabilities: [ { "filename": "/tekton/home/clair-result-amd64.json", "namespace": "required_checks", "successes": 4, "warnings": [ { "msg": "Found packages with high vulnerabilities associated with RHSA fixes. Consider updating to a newer version of those packages, they may no longer be affected by the reported CVEs.", "metadata": { "details": { "description": "Vulnerabilities found: platform-python-setuptools-39.2.0-6.el8 (CVE-2024-6345), nss-3.67.0-7.el8_5 (CVE-2023-0767), nss-softokn-freebl-3.67.0-7.el8_5 (CVE-2023-0767), openssl-libs-1:1.1.1k-6.el8_5 (CVE-2023-0286), freetype-2.9.1-4.el8_3.1 (CVE-2025-27363), libnghttp2-1.33.0-3.el8_2.1 (CVE-2023-44487), glibc-2.28-189.1.el8 (CVE-2023-4911, CVE-2024-2961, CVE-2024-33599), nss-sysinit-3.67.0-7.el8_5 (CVE-2023-0767), expat-2.2.5-8.el8 (CVE-2022-40674), glibc-minimal-langpack-2.28-189.1.el8 (CVE-2023-4911, CVE-2024-2961, CVE-2024-33599), cups-libs-1:2.2.6-45.el8_6.2 (CVE-2023-32360), libksba-1.3.5-7.el8 (CVE-2022-3515, CVE-2022-47629), rsync-3.1.3-14.el8_6.2 (CVE-2022-29154, CVE-2024-12085), systemd-libs-239-58.el8 (CVE-2022-2526), python3-setuptools-wheel-39.2.0-6.el8 (CVE-2024-6345), nss-util-3.67.0-7.el8_5 (CVE-2023-0767), nss-softokn-3.67.0-7.el8_5 (CVE-2023-0767), java-17-openjdk-headless-1:17.0.3.0.7-2.el8_6 (CVE-2022-34169, CVE-2023-21930, CVE-2024-20918, CVE-2024-20932, CVE-2024-20952, CVE-2024-21147), krb5-libs-1.18.2-14.el8 (CVE-2022-42898, CVE-2024-3596), python3-libs-3.6.8-45.el8 (CVE-2023-24329, CVE-2023-40217, CVE-2023-6597), glibc-common-2.28-189.1.el8 (CVE-2023-4911, CVE-2024-2961, CVE-2024-33599), libxml2-2.9.7-13.el8 (CVE-2024-56171, CVE-2025-24928), platform-python-3.6.8-45.el8 (CVE-2023-24329, CVE-2023-40217, CVE-2023-6597)", "name": "clair_high_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 42 } }, { "msg": "Found packages with unpatched high vulnerabilities. These vulnerabilities don't have a known fix at this time.", "metadata": { "details": { "description": "Vulnerabilities found: ubi8/openjdk-17-runtime-1.13-1.1655306380 (RHBA-2023:0030), krb5-libs-1.18.2-14.el8 (CVE-2022-42898), python3-libs-3.6.8-45.el8 (CVE-2024-12718, CVE-2025-4138, CVE-2025-4517), libxml2-2.9.7-13.el8 (CVE-2025-49794, CVE-2025-49795, CVE-2025-49796), platform-python-3.6.8-45.el8 (CVE-2024-12718, CVE-2025-4138, CVE-2025-4517)", "name": "clair_unpatched_high_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 11 } }, { "msg": "Found packages with medium vulnerabilities associated with RHSA fixes. Consider updating to a newer version of those packages, they may no longer be affected by the reported CVEs.", "metadata": { "details": { "description": "Vulnerabilities found: libcurl-7.61.1-22.el8 (CVE-2022-22576, CVE-2022-27774, CVE-2022-27776, CVE-2022-27782, CVE-2022-32206, CVE-2022-32208, CVE-2023-23916, CVE-2023-27535, CVE-2023-27536, CVE-2023-28321, CVE-2023-46218, CVE-2024-2398), bzip2-libs-1.0.6-26.el8 (CVE-2019-12900), platform-python-setuptools-39.2.0-6.el8 (CVE-2022-40897), nss-3.67.0-7.el8_5 (CVE-2023-5388, CVE-2023-6135), ncurses-base-6.1-9.20180224.el8 (CVE-2023-29491), rpm-4.14.3-23.el8 (CVE-2021-35937, CVE-2021-35938, CVE-2021-35939), nss-softokn-freebl-3.67.0-7.el8_5 (CVE-2023-5388, CVE-2023-6135), openssl-libs-1:1.1.1k-6.el8_5 (CVE-2022-1292, CVE-2022-2068, CVE-2022-2097, CVE-2022-4304, CVE-2022-4450, CVE-2023-0215, CVE-2024-2408), curl-7.61.1-22.el8 (CVE-2022-22576, CVE-2022-27774, CVE-2022-27776, CVE-2022-27782, CVE-2022-32206, CVE-2022-32208, CVE-2023-23916, CVE-2023-27535, CVE-2023-27536, CVE-2023-28321, CVE-2023-46218, CVE-2024-2398), gnutls-3.6.16-4.el8 (CVE-2022-2509, CVE-2023-0361, CVE-2023-5981, CVE-2024-0553, CVE-2024-12243, CVE-2024-28834), libstdc++-8.5.0-10.el8 (CVE-2020-11023), libjpeg-turbo-1.5.3-12.el8 (CVE-2020-13790), libcom_err-1.45.6-4.el8 (CVE-2022-1304), libtasn1-4.13-3.el8 (CVE-2021-46848, CVE-2024-12133), freetype-2.9.1-4.el8_3.1 (CVE-2022-27404, CVE-2022-27405, CVE-2022-27406), sqlite-libs-3.26.0-15.el8 (CVE-2020-24736, CVE-2020-35527, CVE-2022-35737, CVE-2023-7104), libnghttp2-1.33.0-3.el8_2.1 (CVE-2024-28182), glibc-2.28-189.1.el8 (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2024-33600, CVE-2025-0395, CVE-2025-4802), libgcrypt-1.8.5-6.el8 (CVE-2021-40528), nss-sysinit-3.67.0-7.el8_5 (CVE-2023-5388, CVE-2023-6135), expat-2.2.5-8.el8 (CVE-2022-25313, CVE-2022-25314, CVE-2022-43680, CVE-2023-52425, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-8176), gnupg2-2.2.20-2.el8 (CVE-2022-34903), glibc-minimal-langpack-2.28-189.1.el8 (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2024-33600, CVE-2025-0395, CVE-2025-4802), rpm-libs-4.14.3-23.el8 (CVE-2021-35937, CVE-2021-35938, CVE-2021-35939), pcre2-10.32-2.el8 (CVE-2022-1586), cups-libs-1:2.2.6-45.el8_6.2 (CVE-2023-32324, CVE-2023-34241, CVE-2024-35235), tar-2:1.30-5.el8 (CVE-2022-48303), rsync-3.1.3-14.el8_6.2 (CVE-2022-37434, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747), systemd-libs-239-58.el8 (CVE-2022-3821, CVE-2022-4415, CVE-2023-26604, CVE-2023-7008), gmp-1:6.1.2-10.el8 (CVE-2021-43618), libgcc-8.5.0-10.el8 (CVE-2020-11023), harfbuzz-1.7.5-3.el8 (CVE-2023-25193), libssh-config-0.9.6-3.el8 (CVE-2023-1667, CVE-2023-2283, CVE-2023-48795), libcap-2.48-2.el8 (CVE-2023-2603), avahi-libs-0.7-20.el8 (CVE-2021-3468, CVE-2023-1981, CVE-2023-38469, CVE-2023-38470, CVE-2023-38471, CVE-2023-38472, CVE-2023-38473), python3-setuptools-wheel-39.2.0-6.el8 (CVE-2022-40897), nss-util-3.67.0-7.el8_5 (CVE-2023-5388, CVE-2023-6135), nss-softokn-3.67.0-7.el8_5 (CVE-2023-5388, CVE-2023-6135), ncurses-libs-6.1-9.20180224.el8 (CVE-2023-29491), java-17-openjdk-headless-1:17.0.3.0.7-2.el8_6 (CVE-2022-21540, CVE-2022-21541, CVE-2022-21549, CVE-2022-21618, CVE-2022-21626, CVE-2022-21628, CVE-2022-33068, CVE-2023-21835, CVE-2023-21939, CVE-2023-21954, CVE-2023-21967, CVE-2023-22025, CVE-2023-22036, CVE-2023-22041, CVE-2023-22049, CVE-2023-22081, CVE-2023-25193, CVE-2023-48161, CVE-2024-20919, CVE-2024-20921, CVE-2024-20945, CVE-2024-21011, CVE-2024-21068, CVE-2024-21094, CVE-2024-21131, CVE-2024-21138, CVE-2024-21140, CVE-2024-21145, CVE-2024-21208, CVE-2024-21210, CVE-2024-21217, CVE-2024-21235, CVE-2025-21502, CVE-2025-21587, CVE-2025-30691, CVE-2025-30698), krb5-libs-1.18.2-14.el8 (CVE-2024-37370, CVE-2024-37371, CVE-2025-24528, CVE-2025-3576), python3-libs-3.6.8-45.el8 (CVE-2015-20107, CVE-2020-10735, CVE-2021-28861, CVE-2022-0391, CVE-2022-45061, CVE-2022-48560, CVE-2022-48564, CVE-2023-27043, CVE-2024-0450, CVE-2024-11168, CVE-2024-6232, CVE-2024-6923, CVE-2024-9287), zlib-1.2.11-18.el8_5 (CVE-2022-37434), dbus-libs-1:1.12.8-18.el8 (CVE-2022-42010, CVE-2022-42011, CVE-2022-42012, CVE-2023-34969), glib2-2.56.4-158.el8 (CVE-2022-32792, CVE-2022-32816, CVE-2022-32891), glibc-common-2.28-189.1.el8 (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2024-33600, CVE-2025-0395, CVE-2025-4802), libxml2-2.9.7-13.el8 (CVE-2016-3709, CVE-2022-29824, CVE-2022-40303, CVE-2022-40304, CVE-2022-49043, CVE-2023-28484, CVE-2023-29469, CVE-2023-39615, CVE-2024-25062, CVE-2025-32414), platform-python-3.6.8-45.el8 (CVE-2015-20107, CVE-2020-10735, CVE-2021-28861, CVE-2022-0391, CVE-2022-45061, CVE-2022-48560, CVE-2022-48564, CVE-2023-27043, CVE-2024-0450, CVE-2024-11168, CVE-2024-6232, CVE-2024-6923, CVE-2024-9287), libssh-0.9.6-3.el8 (CVE-2023-1667, CVE-2023-2283, CVE-2023-48795)", "name": "clair_medium_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 214 } }, { "msg": "Found packages with unpatched medium vulnerabilities. These vulnerabilities don't have a known fix at this time.", "metadata": { "details": { "description": "Vulnerabilities found: libzstd-1.4.4-1.el8 (CVE-2022-4899), lcms2-2.9-2.el8 (CVE-2018-16435), platform-python-setuptools-39.2.0-6.el8 (CVE-2025-47273), nss-3.67.0-7.el8_5 (CVE-2024-6602), ncurses-base-6.1-9.20180224.el8 (CVE-2018-19217), nss-softokn-freebl-3.67.0-7.el8_5 (CVE-2024-6602), openssl-libs-1:1.1.1k-6.el8_5 (CVE-2023-0466), libjpeg-turbo-1.5.3-12.el8 (CVE-2019-2201), coreutils-single-8.30-12.el8 (CVE-2025-5278), lz4-libs-1.8.3-3.el8_4 (CVE-2019-17543), libgcrypt-1.8.5-6.el8 (CVE-2019-12904, CVE-2024-2236), nss-sysinit-3.67.0-7.el8_5 (CVE-2024-6602), expat-2.2.5-8.el8 (CVE-2022-23990), libarchive-3.3.3-3.el8_5 (CVE-2024-57970, CVE-2025-25724), shadow-utils-2:4.6-16.el8 (CVE-2024-56433), cups-libs-1:2.2.6-45.el8_6.2 (CVE-2023-4504), elfutils-libelf-0.186-1.el8 (CVE-2021-33294), file-libs-5.33-20.el8 (CVE-2019-8905), rsync-3.1.3-14.el8_6.2 (CVE-2024-12086), systemd-libs-239-58.el8 (CVE-2018-20839, CVE-2025-4598), avahi-libs-0.7-20.el8 (CVE-2024-52615, CVE-2024-52616), python3-setuptools-wheel-39.2.0-6.el8 (CVE-2025-47273), nss-util-3.67.0-7.el8_5 (CVE-2024-6602), nss-softokn-3.67.0-7.el8_5 (CVE-2024-6602), ncurses-libs-6.1-9.20180224.el8 (CVE-2018-19217), java-17-openjdk-headless-1:17.0.3.0.7-2.el8_6 (CVE-2025-31344), krb5-libs-1.18.2-14.el8 (CVE-2023-5455), python3-libs-3.6.8-45.el8 (CVE-2025-0938, CVE-2025-4330, CVE-2025-4435, CVE-2025-6069), glib2-2.56.4-158.el8 (CVE-2024-34397, CVE-2024-52533, CVE-2025-4373), libxml2-2.9.7-13.el8 (CVE-2025-6021), python3-pip-wheel-9.0.3-22.el8 (CVE-2024-47081, CVE-2025-50181, CVE-2025-50182), platform-python-3.6.8-45.el8 (CVE-2025-0938, CVE-2025-4330, CVE-2025-4435, CVE-2025-6069)", "name": "clair_unpatched_medium_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 46 } }, { "msg": "Found packages with low/negligible vulnerabilities associated with RHSA fixes. Consider updating to a newer version of those packages, they may no longer be affected by the reported CVEs.", "metadata": { "details": { "description": "Vulnerabilities found: libcurl-7.61.1-22.el8 (CVE-2022-35252, CVE-2022-43552, CVE-2023-28322, CVE-2023-38546), openssl-libs-1:1.1.1k-6.el8_5 (CVE-2023-3446, CVE-2023-3817, CVE-2023-5678, CVE-2024-5535), curl-7.61.1-22.el8 (CVE-2022-35252, CVE-2022-43552, CVE-2023-28322, CVE-2023-38546), sqlite-libs-3.26.0-15.el8 (CVE-2020-35525), glibc-2.28-189.1.el8 (CVE-2024-33601, CVE-2024-33602), libarchive-3.3.3-3.el8_5 (CVE-2022-36227), glibc-minimal-langpack-2.28-189.1.el8 (CVE-2024-33601, CVE-2024-33602), openldap-2.4.46-18.el8 (CVE-2023-2953), shadow-utils-2:4.6-16.el8 (CVE-2023-4641), cups-libs-1:2.2.6-45.el8_6.2 (CVE-2024-47175), rsync-3.1.3-14.el8_6.2 (CVE-2016-9840), libssh-config-0.9.6-3.el8 (CVE-2023-6004, CVE-2023-6918), libcap-2.48-2.el8 (CVE-2023-2602), java-17-openjdk-headless-1:17.0.3.0.7-2.el8_6 (CVE-2022-21619, CVE-2022-21624, CVE-2022-39399, CVE-2023-21843, CVE-2023-21937, CVE-2023-21938, CVE-2023-21968, CVE-2023-22006, CVE-2023-22044, CVE-2023-22045, CVE-2024-21012), krb5-libs-1.18.2-14.el8 (CVE-2024-26458, CVE-2024-26461), python3-libs-3.6.8-45.el8 (CVE-2024-4032), glibc-common-2.28-189.1.el8 (CVE-2024-33601, CVE-2024-33602), platform-python-3.6.8-45.el8 (CVE-2024-4032), libssh-0.9.6-3.el8 (CVE-2023-6004, CVE-2023-6918)", "name": "clair_low_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 44 } }, { "msg": "Found packages with unpatched low/negligible vulnerabilities. These vulnerabilities don't have a known fix at this time.", "metadata": { "details": { "description": "Vulnerabilities found: libzstd-1.4.4-1.el8 (CVE-2021-24032), libcurl-7.61.1-22.el8 (CVE-2023-27534, CVE-2024-11053, CVE-2024-7264), nss-3.67.0-7.el8_5 (CVE-2020-12413, CVE-2024-7531), ncurses-base-6.1-9.20180224.el8 (CVE-2018-19211, CVE-2020-19185, CVE-2020-19186, CVE-2020-19187, CVE-2020-19188, CVE-2020-19189, CVE-2020-19190, CVE-2021-39537, CVE-2023-45918, CVE-2023-50495), nss-softokn-freebl-3.67.0-7.el8_5 (CVE-2020-12413, CVE-2024-7531), openssl-libs-1:1.1.1k-6.el8_5 (CVE-2023-0464, CVE-2023-0465, CVE-2023-2650, CVE-2024-0727, CVE-2024-13176, CVE-2024-2511, CVE-2024-41996, CVE-2024-4741), curl-7.61.1-22.el8 (CVE-2023-27534, CVE-2024-11053, CVE-2024-7264), ca-certificates-2021.2.50-80.0.el8_4 (CVE-2023-37920), gnutls-3.6.16-4.el8 (CVE-2021-4209), libstdc++-8.5.0-10.el8 (CVE-2018-20657, CVE-2019-14250, CVE-2022-27943), libjpeg-turbo-1.5.3-12.el8 (CVE-2020-35538), libtasn1-4.13-3.el8 (CVE-2018-1000654), sqlite-libs-3.26.0-15.el8 (CVE-2019-19244, CVE-2019-9936, CVE-2019-9937, CVE-2023-36191, CVE-2024-0232), nss-sysinit-3.67.0-7.el8_5 (CVE-2020-12413, CVE-2024-7531), gnupg2-2.2.20-2.el8 (CVE-2022-3219, CVE-2025-30258), libarchive-3.3.3-3.el8_5 (CVE-2018-1000879, CVE-2018-1000880, CVE-2020-21674, CVE-2025-1632, CVE-2025-5914, CVE-2025-5915, CVE-2025-5916, CVE-2025-5917, CVE-2025-5918), libpng-2:1.6.34-5.el8 (CVE-2019-7317, CVE-2022-3857), gawk-4.2.1-4.el8 (CVE-2023-4156), unzip-6.0-46.el8 (CVE-2021-4217, CVE-2022-0529, CVE-2022-0530), pcre2-10.32-2.el8 (CVE-2022-41409), cups-libs-1:2.2.6-45.el8_6.2 (CVE-2021-25317), tar-2:1.30-5.el8 (CVE-2019-9923, CVE-2021-20193, CVE-2023-39804), elfutils-libelf-0.186-1.el8 (CVE-2024-25260), file-libs-5.33-20.el8 (CVE-2019-8906), systemd-libs-239-58.el8 (CVE-2021-3997), libgcc-8.5.0-10.el8 (CVE-2018-20657, CVE-2019-14250, CVE-2022-27943), avahi-libs-0.7-20.el8 (CVE-2017-6519), nss-util-3.67.0-7.el8_5 (CVE-2020-12413, CVE-2024-7531), nss-softokn-3.67.0-7.el8_5 (CVE-2020-12413, CVE-2024-7531), ncurses-libs-6.1-9.20180224.el8 (CVE-2018-19211, CVE-2020-19185, CVE-2020-19186, CVE-2020-19187, CVE-2020-19188, CVE-2020-19189, CVE-2020-19190, CVE-2021-39537, CVE-2023-45918, CVE-2023-50495), java-17-openjdk-headless-1:17.0.3.0.7-2.el8_6 (CVE-2022-3857), python3-libs-3.6.8-45.el8 (CVE-2019-9674, CVE-2024-0397, CVE-2024-7592, CVE-2025-1795), dbus-libs-1:1.12.8-18.el8 (CVE-2020-35512), glib2-2.56.4-158.el8 (CVE-2023-29499, CVE-2023-32611, CVE-2023-32636, CVE-2023-32665, CVE-2025-3360), libxml2-2.9.7-13.el8 (CVE-2023-45322, CVE-2024-34459, CVE-2025-27113, CVE-2025-32415, CVE-2025-6170), python3-pip-wheel-9.0.3-22.el8 (CVE-2018-20225), platform-python-3.6.8-45.el8 (CVE-2019-9674, CVE-2024-0397, CVE-2024-7592, CVE-2025-1795)", "name": "clair_unpatched_low_vulnerabilities", "url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial" }, "vulnerabilities_number": 107 } } ] } ] {"vulnerabilities":{"critical":0,"high":42,"medium":214,"low":44,"unknown":0},"unpatched_vulnerabilities":{"critical":0,"high":11,"medium":46,"low":107,"unknown":0}} {"image": {"pullspec": "quay.io/redhat-appstudio-qe/integration2-knlu/test-component-pac-vrbmoe:on-pr-5317705287d427a5b8ea6186aaebec2fce6ccb89", "digests": ["sha256:565c0f7a8659c55322b310383b140ba2a7c72a624fb84acf305d7af04c891072"]}} {"result":"SUCCESS","timestamp":"2025-09-12T13:31:38+00:00","note":"Task clair-scan completed: Refer to Tekton task result SCAN_OUTPUT for vulnerabilities scanned by Clair.","namespace":"default","successes":0,"failures":0,"warnings":0} pod: test-component-pac-vrbmoe-on-pull-request-z4gzf-clamav-scan-pod | init container: prepare 2025/09/12 13:30:38 Entrypoint initialization pod: test-component-pac-vrbmoe-on-pull-request-z4gzf-clamav-scan-pod | init container: place-scripts