Running clair-action on amd64 image manifest... 2026-03-27T00:05:09Z INF matchers created component=libvuln/New matchers=[{"docs":"https://pkg.go.dev/github.com/quay/claircore/oracle","name":"oracle"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/photon","name":"photon"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/gobin","name":"gobin"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/alpine","name":"alpine-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/suse","name":"suse"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/ubuntu","name":"ubuntu-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/aws","name":"aws-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/debian","name":"debian-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/java","name":"java-maven"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/python","name":"python"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/rhel/rhcc","name":"rhel-container-matcher"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/ruby","name":"ruby-gem"},{"docs":"https://pkg.go.dev/github.com/quay/claircore/rhel","name":"rhel"}] 2026-03-27T00:05:09Z INF libvuln initialized component=libvuln/New 2026-03-27T00:05:10Z INF registered configured scanners component=libindex/New 2026-03-27T00:05:10Z INF NewLayerScanner: constructing a new layer-scanner component=indexer.NewLayerScanner 2026-03-27T00:05:10Z INF index request start component=libindex/Libindex.Index manifest=sha256:b0021eb794bde60d52bd6f3f38a7bd6e5de3449c291a1359fb8e32457a87e4ca 2026-03-27T00:05:10Z INF starting scan component=indexer/controller/Controller.Index manifest=sha256:b0021eb794bde60d52bd6f3f38a7bd6e5de3449c291a1359fb8e32457a87e4ca 2026-03-27T00:05:10Z INF manifest to be scanned component=indexer/controller/Controller.Index manifest=sha256:b0021eb794bde60d52bd6f3f38a7bd6e5de3449c291a1359fb8e32457a87e4ca state=CheckManifest 2026-03-27T00:05:10Z INF layers fetch start component=indexer/controller/Controller.Index manifest=sha256:b0021eb794bde60d52bd6f3f38a7bd6e5de3449c291a1359fb8e32457a87e4ca state=FetchLayers 2026-03-27T00:05:12Z INF layers fetch success component=indexer/controller/Controller.Index manifest=sha256:b0021eb794bde60d52bd6f3f38a7bd6e5de3449c291a1359fb8e32457a87e4ca state=FetchLayers 2026-03-27T00:05:12Z INF layers fetch done component=indexer/controller/Controller.Index manifest=sha256:b0021eb794bde60d52bd6f3f38a7bd6e5de3449c291a1359fb8e32457a87e4ca state=FetchLayers 2026-03-27T00:05:12Z INF layers scan start component=indexer/controller/Controller.Index manifest=sha256:b0021eb794bde60d52bd6f3f38a7bd6e5de3449c291a1359fb8e32457a87e4ca state=ScanLayers 2026-03-27T00:05:13Z INF layers scan done component=indexer/controller/Controller.Index manifest=sha256:b0021eb794bde60d52bd6f3f38a7bd6e5de3449c291a1359fb8e32457a87e4ca state=ScanLayers 2026-03-27T00:05:13Z INF starting index manifest component=indexer/controller/Controller.Index manifest=sha256:b0021eb794bde60d52bd6f3f38a7bd6e5de3449c291a1359fb8e32457a87e4ca state=IndexManifest 2026-03-27T00:05:13Z INF finishing scan component=indexer/controller/Controller.Index manifest=sha256:b0021eb794bde60d52bd6f3f38a7bd6e5de3449c291a1359fb8e32457a87e4ca state=IndexFinished 2026-03-27T00:05:13Z INF manifest successfully scanned component=indexer/controller/Controller.Index manifest=sha256:b0021eb794bde60d52bd6f3f38a7bd6e5de3449c291a1359fb8e32457a87e4ca state=IndexFinished 2026-03-27T00:05:13Z INF index request done component=libindex/Libindex.Index manifest=sha256:b0021eb794bde60d52bd6f3f38a7bd6e5de3449c291a1359fb8e32457a87e4ca { "manifest_hash": "sha256:b0021eb794bde60d52bd6f3f38a7bd6e5de3449c291a1359fb8e32457a87e4ca", "packages": { "+XM+s3niWaEk1U5jnR5DpA==": { "id": "+XM+s3niWaEk1U5jnR5DpA==", "name": "libyaml", "version": "0.1.7-5.el8", "kind": "binary", "source": { "id": "", "name": "libyaml", "version": "0.1.7-5.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "+Xr7HyTxXf0c8jLaUyo3xA==": { "id": "+Xr7HyTxXf0c8jLaUyo3xA==", "name": "libidn2", "version": "2.2.0-1.el8", "kind": "binary", "source": { "id": "", "name": "libidn2", "version": "2.2.0-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "+hvIC0Et/RtHi7EAFCmfEw==": { "id": "+hvIC0Et/RtHi7EAFCmfEw==", "name": "file-libs", "version": "5.33-27.el8_10", "kind": "binary", "source": { "id": "", "name": "file", "version": "5.33-27.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "+qrxjVH7Im8eBfrz4h4P/w==": { "id": "+qrxjVH7Im8eBfrz4h4P/w==", "name": "shadow-utils", "version": "2:4.6-23.el8_10", "kind": "binary", "source": { "id": "", "name": "shadow-utils", "version": "4.6-23.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "/7wUJedL2cOIe8/qxGJPRw==": { "id": "/7wUJedL2cOIe8/qxGJPRw==", "name": "vim-minimal", "version": "2:8.0.1763-22.el8_10", "kind": "binary", "source": { "id": "", "name": "vim", "version": "8.0.1763-22.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "/rFVHBpcZ6wgJf0WzwOgxg==": { "id": "/rFVHBpcZ6wgJf0WzwOgxg==", "name": "gzip", "version": "1.9-13.el8_5", "kind": "binary", "source": { "id": "", "name": "gzip", "version": "1.9-13.el8_5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "0+adIj3d3gIP0AV4IbrB8Q==": { "id": "0+adIj3d3gIP0AV4IbrB8Q==", "name": "libseccomp", "version": "2.5.2-1.el8", "kind": "binary", "source": { "id": "", "name": "libseccomp", "version": "2.5.2-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "0OmTDjE2VFwzjrB5YQSGRA==": { "id": "0OmTDjE2VFwzjrB5YQSGRA==", "name": "device-mapper", "version": "8:1.02.181-15.el8_10.3", "kind": "binary", "source": { "id": "", "name": "lvm2", "version": "2.03.14-15.el8_10.3", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "1+yTM1fAMLq+dz3TFkyS0A==": { "id": "1+yTM1fAMLq+dz3TFkyS0A==", "name": "libnghttp2", "version": "1.33.0-6.el8_10.1", "kind": "binary", "source": { "id": "", "name": "nghttp2", "version": "1.33.0-6.el8_10.1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "1gormAsAjMuks2JveQRd0Q==": { "id": "1gormAsAjMuks2JveQRd0Q==", "name": "gobject-introspection", "version": "1.56.1-1.el8", "kind": "binary", "source": { "id": "", "name": "gobject-introspection", "version": "1.56.1-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "22yBCZl99yVP86UHT7jTdw==": { "id": "22yBCZl99yVP86UHT7jTdw==", "name": "tzdata", "version": "2026a-1.el8", "kind": "binary", "source": { "id": "", "name": "tzdata", "version": "2026a-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "2Z+8iz8G1tgy6T+X63lxog==": { "id": "2Z+8iz8G1tgy6T+X63lxog==", "name": "python3-subscription-manager-rhsm", "version": "1.28.44-1.el8_10", "kind": "binary", "source": { "id": "", "name": "subscription-manager", "version": "1.28.44-1.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "3+d+oaGDGj9g2+1RFZjY5A==": { "id": "3+d+oaGDGj9g2+1RFZjY5A==", "name": "gmp", "version": "1:6.1.2-11.el8", "kind": "binary", "source": { "id": "", "name": "gmp", "version": "6.1.2-11.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "3jI2apoRMNGhHa141Q5dlQ==": { "id": "3jI2apoRMNGhHa141Q5dlQ==", "name": "libksba", "version": "1.3.5-9.el8_7", "kind": "binary", "source": { "id": "", "name": "libksba", "version": "1.3.5-9.el8_7", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "3tlR7IX1TE1j3MncwIydrw==": { "id": "3tlR7IX1TE1j3MncwIydrw==", "name": "python3-systemd", "version": "234-8.el8", "kind": "binary", "source": { "id": "", "name": "python-systemd", "version": "234-8.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "3uSX4NgBxQvC8LEk48QoOQ==": { "id": "3uSX4NgBxQvC8LEk48QoOQ==", "name": "cyrus-sasl-lib", "version": "2.1.27-6.el8_5", "kind": "binary", "source": { "id": "", "name": "cyrus-sasl", "version": "2.1.27-6.el8_5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "45rvgYmy022Tx6fVWfking==": { "id": "45rvgYmy022Tx6fVWfking==", "name": "publicsuffix-list-dafsa", "version": "20180723-1.el8", "kind": "binary", "source": { "id": "", "name": "publicsuffix-list", "version": "20180723-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "47OMpR7yEmE4lttsyWq3fw==": { "id": "47OMpR7yEmE4lttsyWq3fw==", "name": "libusbx", "version": "1.0.23-4.el8", "kind": "binary", "source": { "id": "", "name": "libusbx", "version": "1.0.23-4.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "4ZgMXaHDWnwPnqKlcJzEIw==": { "id": "4ZgMXaHDWnwPnqKlcJzEIw==", "name": "krb5-libs", "version": "1.18.2-32.el8_10", "kind": "binary", "source": { "id": "", "name": "krb5", "version": "1.18.2-32.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "4flTdmUV4iK1Ax+LXJm8qQ==": { "id": "4flTdmUV4iK1Ax+LXJm8qQ==", "name": "gnutls", "version": "3.6.16-8.el8_10.5", "kind": "binary", "source": { "id": "", "name": "gnutls", "version": "3.6.16-8.el8_10.5", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "4sG4bBloak5Sz907ZDRs6Q==": { "id": "4sG4bBloak5Sz907ZDRs6Q==", "name": "libnsl2", "version": "1.2.0-2.20180605git4a062cf.el8", "kind": "binary", "source": { "id": "", "name": "libnsl2", "version": "1.2.0-2.20180605git4a062cf.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "5734Hg35iaP07ry1Zhh8Og==": { "id": "5734Hg35iaP07ry1Zhh8Og==", "name": "virt-what", "version": "1.25-4.el8", "kind": "binary", "source": { "id": "", "name": "virt-what", "version": "1.25-4.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "5U8sNbKx0xZsaHcVt4MmxA==": { "id": "5U8sNbKx0xZsaHcVt4MmxA==", "name": "chkconfig", "version": "1.19.2-1.el8", "kind": "binary", "source": { "id": "", "name": "chkconfig", "version": "1.19.2-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "6KnijwRsfeerWmf5Zl8NWw==": { "id": "6KnijwRsfeerWmf5Zl8NWw==", "name": "sed", "version": "4.5-5.el8", "kind": "binary", "source": { "id": "", "name": "sed", "version": "4.5-5.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "6xZyX4OBPWwoiUTjpWs79w==": { "id": "6xZyX4OBPWwoiUTjpWs79w==", "name": "python3-gpg", "version": "1.13.1-12.el8", "kind": "binary", "source": { "id": "", "name": "gpgme", "version": "1.13.1-12.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "7eg89eCgA75bJ7WhhN/T4Q==": { "id": "7eg89eCgA75bJ7WhhN/T4Q==", "name": "libtasn1", "version": "4.13-5.el8_10", "kind": "binary", "source": { "id": "", "name": "libtasn1", "version": "4.13-5.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "8A7B+wP+NQQ6gC6TTmfUGQ==": { "id": "8A7B+wP+NQQ6gC6TTmfUGQ==", "name": "kmod-libs", "version": "25-20.el8", "kind": "binary", "source": { "id": "", "name": "kmod", "version": "25-20.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "9uhqFNTCJ7/bpzSlc7qCaQ==": { "id": "9uhqFNTCJ7/bpzSlc7qCaQ==", "name": "libgcrypt", "version": "1.8.5-7.el8_6", "kind": "binary", "source": { "id": "", "name": "libgcrypt", "version": "1.8.5-7.el8_6", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "AITn+e+E6USX79PFnM6qXA==": { "id": "AITn+e+E6USX79PFnM6qXA==", "name": "dnf-data", "version": "4.7.0-21.el8_10", "kind": "binary", "source": { "id": "", "name": "dnf", "version": "4.7.0-21.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "AIs6pmCup5N9+6Ag6e2/og==": { "id": "AIs6pmCup5N9+6Ag6e2/og==", "name": "openssl-libs", "version": "1:1.1.1k-15.el8_6", "kind": "binary", "source": { "id": "", "name": "openssl", "version": "1.1.1k-15.el8_6", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "AJqIL483xCdRd0LDpKujFw==": { "id": "AJqIL483xCdRd0LDpKujFw==", "name": "python3-six", "version": "1.11.0-8.el8", "kind": "binary", "source": { "id": "", "name": "python-six", "version": "1.11.0-8.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "AmBPjOV0Lc4GPISfiGrCKw==": { "id": "AmBPjOV0Lc4GPISfiGrCKw==", "name": "python3-rpm", "version": "4.14.3-32.el8_10", "kind": "binary", "source": { "id": "", "name": "rpm", "version": "4.14.3-32.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "Ar92yKqXUexnY/wgJboLPA==": { "id": "Ar92yKqXUexnY/wgJboLPA==", "name": "passwd", "version": "0.80-4.el8", "kind": "binary", "source": { "id": "", "name": "passwd", "version": "0.80-4.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "AuC6XQzcU/5tB4luIfjLFg==": { "id": "AuC6XQzcU/5tB4luIfjLFg==", "name": "elfutils-libelf", "version": "0.190-2.el8", "kind": "binary", "source": { "id": "", "name": "elfutils", "version": "0.190-2.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "AziZ1oGI+oDXVPzldKNj+w==": { "id": "AziZ1oGI+oDXVPzldKNj+w==", "name": "openldap", "version": "2.4.46-21.el8_10", "kind": "binary", "source": { "id": "", "name": "openldap", "version": "2.4.46-21.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "BK6GpnvgoCqCHIwpWSmgCg==": { "id": "BK6GpnvgoCqCHIwpWSmgCg==", "name": "dbus-glib", "version": "0.110-2.el8", "kind": "binary", "source": { "id": "", "name": "dbus-glib", "version": "0.110-2.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "BPsD0kkdIoK3KQUZ5DpJjw==": { "id": "BPsD0kkdIoK3KQUZ5DpJjw==", "name": "dbus-libs", "version": "1:1.12.8-27.el8_10", "kind": "binary", "source": { "id": "", "name": "dbus", "version": "1.12.8-27.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "BeGZ/KigKefGpHHHa3Q5nQ==": { "id": "BeGZ/KigKefGpHHHa3Q5nQ==", "name": "python3-decorator", "version": "4.2.1-2.el8", "kind": "binary", "source": { "id": "", "name": "python-decorator", "version": "4.2.1-2.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "BmK1zIjr5KsuOODCYwxRCw==": { "id": "BmK1zIjr5KsuOODCYwxRCw==", "name": "libpsl", "version": "0.20.2-6.el8", "kind": "binary", "source": { "id": "", "name": "libpsl", "version": "0.20.2-6.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "C9fRVvzAk5xOX+7uh2Cuhg==": { "id": "C9fRVvzAk5xOX+7uh2Cuhg==", "name": "python3-dateutil", "version": "1:2.6.1-6.el8", "kind": "binary", "source": { "id": "", "name": "python-dateutil", "version": "2.6.1-6.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "CSkO43yn0N0oFVClXWpT+Q==": { "id": "CSkO43yn0N0oFVClXWpT+Q==", "name": "elfutils-default-yama-scope", "version": "0.190-2.el8", "kind": "binary", "source": { "id": "", "name": "elfutils", "version": "0.190-2.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "CbqHQON08ZsUvPS9XDaTFA==": { "id": "CbqHQON08ZsUvPS9XDaTFA==", "name": "rpm", "version": "4.14.3-32.el8_10", "kind": "binary", "source": { "id": "", "name": "rpm", "version": "4.14.3-32.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "Cklbj7Y2kf3vqxqc0m1GHQ==": { "id": "Cklbj7Y2kf3vqxqc0m1GHQ==", "name": "librhsm", "version": "0.0.3-5.el8", "kind": "binary", "source": { "id": "", "name": "librhsm", "version": "0.0.3-5.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "D/ASdBsgxLNlG5Q8U7UPsQ==": { "id": "D/ASdBsgxLNlG5Q8U7UPsQ==", "name": "rootfiles", "version": "8.1-22.el8", "kind": "binary", "source": { "id": "", "name": "rootfiles", "version": "8.1-22.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "D19pBuDXqr+zYC7qXStV3g==": { "id": "D19pBuDXqr+zYC7qXStV3g==", "name": "rpm-build-libs", "version": "4.14.3-32.el8_10", "kind": "binary", "source": { "id": "", "name": "rpm", "version": "4.14.3-32.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "D9iJYSwBt2n6JCuuNo2fKg==": { "id": "D9iJYSwBt2n6JCuuNo2fKg==", "name": "audit-libs", "version": "3.1.2-1.el8_10.1", "kind": "binary", "source": { "id": "", "name": "audit", "version": "3.1.2-1.el8_10.1", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "DV119Dw0W4RdsbJkdoHU9w==": { "id": "DV119Dw0W4RdsbJkdoHU9w==", "name": "curl", "version": "7.61.1-34.el8_10.11", "kind": "binary", "source": { "id": "", "name": "curl", "version": "7.61.1-34.el8_10.11", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "DgyhtZBcSIlVmY6xC8s1mA==": { "id": "DgyhtZBcSIlVmY6xC8s1mA==", "name": "coreutils-single", "version": "8.30-17.el8_10", "kind": "binary", "source": { "id": "", "name": "coreutils", "version": "8.30-17.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "E48eAzELRLsbqfFOwUgqxA==": { "id": "E48eAzELRLsbqfFOwUgqxA==", "name": "python3-libdnf", "version": "0.63.0-21.el8_10", "kind": "binary", "source": { "id": "", "name": "libdnf", "version": "0.63.0-21.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "EGfzPeF6a5hj9x4BwoN25A==": { "id": "EGfzPeF6a5hj9x4BwoN25A==", "name": "libcap", "version": "2.48-6.el8_9", "kind": "binary", "source": { "id": "", "name": "libcap", "version": "2.48-6.el8_9", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "EiNiLT8ulizCzEWcybhizQ==": { "id": "EiNiLT8ulizCzEWcybhizQ==", "name": "lz4-libs", "version": "1.8.3-5.el8_10", "kind": "binary", "source": { "id": "", "name": "lz4", "version": "1.8.3-5.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "F7AOP7tK5AfUXV1g9iTzFA==": { "id": "F7AOP7tK5AfUXV1g9iTzFA==", "name": "mpfr", "version": "3.1.6-1.el8", "kind": "binary", "source": { "id": "", "name": "mpfr", "version": "3.1.6-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "G+gX+j4AbiCorxKiF1UojA==": { "id": "G+gX+j4AbiCorxKiF1UojA==", "name": "libsolv", "version": "0.7.20-6.el8", "kind": "binary", "source": { "id": "", "name": "libsolv", "version": "0.7.20-6.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "GC8sCLqZlu3V+Og4r1yNsA==": { "id": "GC8sCLqZlu3V+Og4r1yNsA==", "name": "cracklib", "version": "2.9.6-15.el8", "kind": "binary", "source": { "id": "", "name": "cracklib", "version": "2.9.6-15.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "GLKhGblbPbPbtDKwfpCv5A==": { "id": "GLKhGblbPbPbtDKwfpCv5A==", "name": "filesystem", "version": "3.8-6.el8", "kind": "binary", "source": { "id": "", "name": "filesystem", "version": "3.8-6.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "Gg1Q6hponuT1eSJHwaJ83w==": { "id": "Gg1Q6hponuT1eSJHwaJ83w==", "name": "libcap-ng", "version": "0.7.11-1.el8", "kind": "binary", "source": { "id": "", "name": "libcap-ng", "version": "0.7.11-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "HMIoZ/TKrKhxI1rD26qmpw==": { "id": "HMIoZ/TKrKhxI1rD26qmpw==", "name": "json-c", "version": "0.13.1-3.el8", "kind": "binary", "source": { "id": "", "name": "json-c", "version": "0.13.1-3.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "IzLcxZDtcvtJR5Gwdq9HDg==": { "id": "IzLcxZDtcvtJR5Gwdq9HDg==", "name": "libattr", "version": "2.4.48-3.el8", "kind": "binary", "source": { "id": "", "name": "attr", "version": "2.4.48-3.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "J34PJ2GThOWZuKVgFIoieA==": { "id": "J34PJ2GThOWZuKVgFIoieA==", "name": "zlib", "version": "1.2.11-25.el8", "kind": "binary", "source": { "id": "", "name": "zlib", "version": "1.2.11-25.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "J71ZeZ+7Xn9GFRPBxHj29A==": { "id": "J71ZeZ+7Xn9GFRPBxHj29A==", "name": "dnf-plugin-subscription-manager", "version": "1.28.44-1.el8_10", "kind": "binary", "source": { "id": "", "name": "subscription-manager", "version": "1.28.44-1.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "J7dBym6EiMbyjZzVXz7NGQ==": { "id": "J7dBym6EiMbyjZzVXz7NGQ==", "name": "libreport-filesystem", "version": "2.9.5-15.el8", "kind": "binary", "source": { "id": "", "name": "libreport", "version": "2.9.5-15.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "JNDNKhJbFTSevs7EALfE9A==": { "id": "JNDNKhJbFTSevs7EALfE9A==", "name": "p11-kit", "version": "0.23.22-2.el8", "kind": "binary", "source": { "id": "", "name": "p11-kit", "version": "0.23.22-2.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "KGlOM4KY1UKhnPM8OE3LmQ==": { "id": "KGlOM4KY1UKhnPM8OE3LmQ==", "name": "dnf", "version": "4.7.0-21.el8_10", "kind": "binary", "source": { "id": "", "name": "dnf", "version": "4.7.0-21.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "L4Nr2hXlTx1unww6deMWHg==": { "id": "L4Nr2hXlTx1unww6deMWHg==", "name": "which", "version": "2.21-21.el8_10", "kind": "binary", "source": { "id": "", "name": "which", "version": "2.21-21.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "LXiVkIlXLq/usMYIwCTH8Q==": { "id": "LXiVkIlXLq/usMYIwCTH8Q==", "name": "libsmartcols", "version": "2.32.1-48.el8_10", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.32.1-48.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "LkoLKEri5dIAb0vFMkSOag==": { "id": "LkoLKEri5dIAb0vFMkSOag==", "name": "glibc-common", "version": "2.28-251.el8_10.31", "kind": "binary", "source": { "id": "", "name": "glibc", "version": "2.28-251.el8_10.31", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "MrVoXn95MCt15WBpU27cdQ==": { "id": "MrVoXn95MCt15WBpU27cdQ==", "name": "libcomps", "version": "0.1.18-1.el8", "kind": "binary", "source": { "id": "", "name": "libcomps", "version": "0.1.18-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "MsEsZZvFpdNmJThgd+KEOQ==": { "id": "MsEsZZvFpdNmJThgd+KEOQ==", "name": "cryptsetup-libs", "version": "2.3.7-7.el8", "kind": "binary", "source": { "id": "", "name": "cryptsetup", "version": "2.3.7-7.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "My6/ywbuLGBpB3zoO8X4Mw==": { "id": "My6/ywbuLGBpB3zoO8X4Mw==", "name": "python3-iniparse", "version": "0.4-31.el8", "kind": "binary", "source": { "id": "", "name": "python-iniparse", "version": "0.4-31.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "N1RbIRo2SyHosQefv+skDw==": { "id": "N1RbIRo2SyHosQefv+skDw==", "name": "gawk", "version": "4.2.1-4.el8", "kind": "binary", "source": { "id": "", "name": "gawk", "version": "4.2.1-4.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "N3ZaMrNJKoumMpaY0smlMQ==": { "id": "N3ZaMrNJKoumMpaY0smlMQ==", "name": "sqlite-libs", "version": "3.26.0-20.el8_10", "kind": "binary", "source": { "id": "", "name": "sqlite", "version": "3.26.0-20.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "N5EuVcX6TPHBo7OPtax5uA==": { "id": "N5EuVcX6TPHBo7OPtax5uA==", "name": "crypto-policies-scripts", "version": "20230731-1.git3177e06.el8", "kind": "binary", "source": { "id": "", "name": "crypto-policies", "version": "20230731-1.git3177e06.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "NguWV8S6YQYvQsGQDJm2Rg==": { "id": "NguWV8S6YQYvQsGQDJm2Rg==", "name": "ncurses-base", "version": "6.1-10.20180224.el8", "kind": "binary", "source": { "id": "", "name": "ncurses", "version": "6.1-10.20180224.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "NsvPyDc//39XTuXcn3j2uQ==": { "id": "NsvPyDc//39XTuXcn3j2uQ==", "name": "gdbm", "version": "1:1.18-2.el8", "kind": "binary", "source": { "id": "", "name": "gdbm", "version": "1.18-2.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "ORsDK2A5479NPB0r01PoXQ==": { "id": "ORsDK2A5479NPB0r01PoXQ==", "name": "libcurl", "version": "7.61.1-34.el8_10.11", "kind": "binary", "source": { "id": "", "name": "curl", "version": "7.61.1-34.el8_10.11", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "P5Se4zJpr8ZUwZNUojfuzA==": { "id": "P5Se4zJpr8ZUwZNUojfuzA==", "name": "libxcrypt", "version": "4.1.1-6.el8", "kind": "binary", "source": { "id": "", "name": "libxcrypt", "version": "4.1.1-6.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "Q0uPb/t/3IQ8GEwlv/J3Cw==": { "id": "Q0uPb/t/3IQ8GEwlv/J3Cw==", "name": "libmount", "version": "2.32.1-48.el8_10", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.32.1-48.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "QC6e3OaV78mjs678tGU2KQ==": { "id": "QC6e3OaV78mjs678tGU2KQ==", "name": "libssh", "version": "0.9.6-16.el8_10", "kind": "binary", "source": { "id": "", "name": "libssh", "version": "0.9.6-16.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "QXEDMSZisv5SUXtJo7Fs5g==": { "id": "QXEDMSZisv5SUXtJo7Fs5g==", "name": "gpgme", "version": "1.13.1-12.el8", "kind": "binary", "source": { "id": "", "name": "gpgme", "version": "1.13.1-12.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "RAOQzs3KvooLVtCFLXzK1A==": { "id": "RAOQzs3KvooLVtCFLXzK1A==", "name": "cracklib-dicts", "version": "2.9.6-15.el8", "kind": "binary", "source": { "id": "", "name": "cracklib", "version": "2.9.6-15.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "RRWuvyUdhwGbBo2a/Ra1hw==": { "id": "RRWuvyUdhwGbBo2a/Ra1hw==", "name": "libselinux", "version": "2.9-11.el8_10", "kind": "binary", "source": { "id": "", "name": "libselinux", "version": "2.9-11.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "RtrzwDgrQgu9S5B72s2sww==": { "id": "RtrzwDgrQgu9S5B72s2sww==", "name": "libunistring", "version": "0.9.9-3.el8", "kind": "binary", "source": { "id": "", "name": "libunistring", "version": "0.9.9-3.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "S0BPcGMogA9sLLDMZAt2lw==": { "id": "S0BPcGMogA9sLLDMZAt2lw==", "name": "subscription-manager", "version": "1.28.44-1.el8_10", "kind": "binary", "source": { "id": "", "name": "subscription-manager", "version": "1.28.44-1.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "S1zou3bxOOiyOoUMO/eJQQ==": { "id": "S1zou3bxOOiyOoUMO/eJQQ==", "name": "dbus-tools", "version": "1:1.12.8-27.el8_10", "kind": "binary", "source": { "id": "", "name": "dbus", "version": "1.12.8-27.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "TARQvmsLVC/S1fQD1jO4Xw==": { "id": "TARQvmsLVC/S1fQD1jO4Xw==", "name": "gdbm-libs", "version": "1:1.18-2.el8", "kind": "binary", "source": { "id": "", "name": "gdbm", "version": "1.18-2.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "TXR7KJtZBKtyqyx2xMKwaw==": { "id": "TXR7KJtZBKtyqyx2xMKwaw==", "name": "python3-idna", "version": "2.5-7.el8_10", "kind": "binary", "source": { "id": "", "name": "python-idna", "version": "2.5-7.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "U3ZkYu9FoEzQITrVBlQtLA==": { "id": "U3ZkYu9FoEzQITrVBlQtLA==", "name": "glibc", "version": "2.28-251.el8_10.31", "kind": "binary", "source": { "id": "", "name": "glibc", "version": "2.28-251.el8_10.31", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "USWNn71p+k059dbiu5HDEA==": { "id": "USWNn71p+k059dbiu5HDEA==", "name": "libassuan", "version": "2.5.1-3.el8", "kind": "binary", "source": { "id": "", "name": "libassuan", "version": "2.5.1-3.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "UUZyda9G/ffvF6rJ5W1UnQ==": { "id": "UUZyda9G/ffvF6rJ5W1UnQ==", "name": "libstdc++", "version": "8.5.0-28.el8_10", "kind": "binary", "source": { "id": "", "name": "gcc", "version": "8.5.0-28.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "VJuF8wQUU1SUCj2y3YozIA==": { "id": "VJuF8wQUU1SUCj2y3YozIA==", "name": "dbus", "version": "1:1.12.8-27.el8_10", "kind": "binary", "source": { "id": "", "name": "dbus", "version": "1.12.8-27.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "VM/912pnziMGSviQmT3pUg==": { "id": "VM/912pnziMGSviQmT3pUg==", "name": "dbus-daemon", "version": "1:1.12.8-27.el8_10", "kind": "binary", "source": { "id": "", "name": "dbus", "version": "1.12.8-27.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "Vax934M9zGbzjdT3Y/XU9w==": { "id": "Vax934M9zGbzjdT3Y/XU9w==", "name": "glibc-minimal-langpack", "version": "2.28-251.el8_10.31", "kind": "binary", "source": { "id": "", "name": "glibc", "version": "2.28-251.el8_10.31", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "VrCmPwuY69qW5jl9ctxOZg==": { "id": "VrCmPwuY69qW5jl9ctxOZg==", "name": "libtirpc", "version": "1.1.4-12.el8_10", "kind": "binary", "source": { "id": "", "name": "libtirpc", "version": "1.1.4-12.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "W66WOQ3v6r7mSn6+o7gaew==": { "id": "W66WOQ3v6r7mSn6+o7gaew==", "name": "popt", "version": "1.18-1.el8", "kind": "binary", "source": { "id": "", "name": "popt", "version": "1.18-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "Wq1n4jzKBPdL9z5l5HD99w==": { "id": "Wq1n4jzKBPdL9z5l5HD99w==", "name": "libarchive", "version": "3.3.3-6.el8_10", "kind": "binary", "source": { "id": "", "name": "libarchive", "version": "3.3.3-6.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "Xl5IW0rSec19xtkQ4OvHUg==": { "id": "Xl5IW0rSec19xtkQ4OvHUg==", "name": "yum", "version": "4.7.0-21.el8_10", "kind": "binary", "source": { "id": "", "name": "dnf", "version": "4.7.0-21.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "YOLwB2DVyMsP6zzH8vXa2Q==": { "id": "YOLwB2DVyMsP6zzH8vXa2Q==", "name": "python3-libcomps", "version": "0.1.18-1.el8", "kind": "binary", "source": { "id": "", "name": "libcomps", "version": "0.1.18-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "YjDcGmvP0/z8VqRiUvkhOQ==": { "id": "YjDcGmvP0/z8VqRiUvkhOQ==", "name": "gnupg2", "version": "2.2.20-4.el8_10", "kind": "binary", "source": { "id": "", "name": "gnupg2", "version": "2.2.20-4.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "Za0y7YiKRidyIBZNIzq/Ng==": { "id": "Za0y7YiKRidyIBZNIzq/Ng==", "name": "librepo", "version": "1.14.2-5.el8", "kind": "binary", "source": { "id": "", "name": "librepo", "version": "1.14.2-5.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "ZwFl2Mr4EcoD5IGpc56beQ==": { "id": "ZwFl2Mr4EcoD5IGpc56beQ==", "name": "usermode", "version": "1.113-2.el8", "kind": "binary", "source": { "id": "", "name": "usermode", "version": "1.113-2.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "aJy3OA6mZ9BbJQmZd/QX4Q==": { "id": "aJy3OA6mZ9BbJQmZd/QX4Q==", "name": "libfdisk", "version": "2.32.1-48.el8_10", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.32.1-48.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "ar0do80Wlk1FaVvtx66g6Q==": { "id": "ar0do80Wlk1FaVvtx66g6Q==", "name": "brotli", "version": "1.0.6-4.el8_10", "kind": "binary", "source": { "id": "", "name": "brotli", "version": "1.0.6-4.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "auI8KtI6OozP7EAIr9UlQQ==": { "id": "auI8KtI6OozP7EAIr9UlQQ==", "name": "pcre2", "version": "10.32-3.el8_6", "kind": "binary", "source": { "id": "", "name": "pcre2", "version": "10.32-3.el8_6", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "b3IQYKOhbHF7Yu0UNJdQZA==": { "id": "b3IQYKOhbHF7Yu0UNJdQZA==", "name": "systemd", "version": "239-82.el8_10.15", "kind": "binary", "source": { "id": "", "name": "systemd", "version": "239-82.el8_10.15", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "bWUdPEYmtshwdmuX5VapfQ==": { "id": "bWUdPEYmtshwdmuX5VapfQ==", "name": "libblkid", "version": "2.32.1-48.el8_10", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.32.1-48.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "bmxL3lydQy0yU8g1iBgovg==": { "id": "bmxL3lydQy0yU8g1iBgovg==", "name": "libsepol", "version": "2.9-3.el8", "kind": "binary", "source": { "id": "", "name": "libsepol", "version": "2.9-3.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "cXCMP7NdkMDf1+Rb1IEktQ==": { "id": "cXCMP7NdkMDf1+Rb1IEktQ==", "name": "libsemanage", "version": "2.9-12.el8_10", "kind": "binary", "source": { "id": "", "name": "libsemanage", "version": "2.9-12.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "d6uHzFpzOxlRgzhjC7LVhw==": { "id": "d6uHzFpzOxlRgzhjC7LVhw==", "name": "python3-syspurpose", "version": "1.28.44-1.el8_10", "kind": "binary", "source": { "id": "", "name": "subscription-manager", "version": "1.28.44-1.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "dHcEYdxiRvfyl/7qt7q4gA==": { "id": "dHcEYdxiRvfyl/7qt7q4gA==", "name": "subscription-manager-rhsm-certificates", "version": "20220623-1.el8", "kind": "binary", "source": { "id": "", "name": "subscription-manager-rhsm-certificates", "version": "20220623-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "dOBT1Qffq44NOVuk9chDyg==": { "id": "dOBT1Qffq44NOVuk9chDyg==", "name": "readline", "version": "7.0-10.el8", "kind": "binary", "source": { "id": "", "name": "readline", "version": "7.0-10.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "dOwQwVL1NxmF6ouACZklrQ==": { "id": "dOwQwVL1NxmF6ouACZklrQ==", "name": "p11-kit-trust", "version": "0.23.22-2.el8", "kind": "binary", "source": { "id": "", "name": "p11-kit", "version": "0.23.22-2.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "dSjxsaDISLUiFwRTCSO8Tg==": { "id": "dSjxsaDISLUiFwRTCSO8Tg==", "name": "crypto-policies", "version": "20230731-1.git3177e06.el8", "kind": "binary", "source": { "id": "", "name": "crypto-policies", "version": "20230731-1.git3177e06.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "eZ7CwFvwDCQu4vzKyuIZgA==": { "id": "eZ7CwFvwDCQu4vzKyuIZgA==", "name": "basesystem", "version": "11-5.el8", "kind": "binary", "source": { "id": "", "name": "basesystem", "version": "11-5.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "f/Al/eNlUhjEgKSV0J2z7w==": { "id": "f/Al/eNlUhjEgKSV0J2z7w==", "name": "python3-pip-wheel", "version": "9.0.3-24.el8", "kind": "binary", "source": { "id": "", "name": "python-pip", "version": "9.0.3-24.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "f1lteJj1IxLDbDb+BI8yjg==": { "id": "f1lteJj1IxLDbDb+BI8yjg==", "name": "ca-certificates", "version": "2025.2.80_v9.0.304-80.2.el8_10", "kind": "binary", "source": { "id": "", "name": "ca-certificates", "version": "2025.2.80_v9.0.304-80.2.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "fG866Ls1uk06DyWALl5MlQ==": { "id": "fG866Ls1uk06DyWALl5MlQ==", "name": "libutempter", "version": "1.1.6-14.el8", "kind": "binary", "source": { "id": "", "name": "libutempter", "version": "1.1.6-14.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "fhwRdrzkdNgBrHGM63hJoA==": { "id": "fhwRdrzkdNgBrHGM63hJoA==", "name": "libnl3", "version": "3.7.0-1.el8", "kind": "binary", "source": { "id": "", "name": "libnl3", "version": "3.7.0-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "fte+oVLt/R5seNeTONNiJg==": { "id": "fte+oVLt/R5seNeTONNiJg==", "name": "python3-hawkey", "version": "0.63.0-21.el8_10", "kind": "binary", "source": { "id": "", "name": "libdnf", "version": "0.63.0-21.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "g146nKetkX1f4hfH1b5RWA==": { "id": "g146nKetkX1f4hfH1b5RWA==", "name": "libdb", "version": "5.3.28-42.el8_4", "kind": "binary", "source": { "id": "", "name": "libdb", "version": "5.3.28-42.el8_4", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "gMqsUnRclTj6iuxHCslNRA==": { "id": "gMqsUnRclTj6iuxHCslNRA==", "name": "libdnf", "version": "0.63.0-21.el8_10", "kind": "binary", "source": { "id": "", "name": "libdnf", "version": "0.63.0-21.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "gOaN4treTmKK7tU+N6AZ1w==": { "id": "gOaN4treTmKK7tU+N6AZ1w==", "name": "pcre", "version": "8.42-6.el8", "kind": "binary", "source": { "id": "", "name": "pcre", "version": "8.42-6.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "gtbMsmX05ZWh+bkM1Wprlw==": { "id": "gtbMsmX05ZWh+bkM1Wprlw==", "name": "bash", "version": "4.4.20-6.el8_10", "kind": "binary", "source": { "id": "", "name": "bash", "version": "4.4.20-6.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "hOkTqAx8HYiWm8D3WyWplQ==": { "id": "hOkTqAx8HYiWm8D3WyWplQ==", "name": "python3-requests", "version": "2.20.0-6.el8_10", "kind": "binary", "source": { "id": "", "name": "python-requests", "version": "2.20.0-6.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "hSTTMcRX1DBcXc+8jKeg3Q==": { "id": "hSTTMcRX1DBcXc+8jKeg3Q==", "name": "libgcc", "version": "8.5.0-28.el8_10", "kind": "binary", "source": { "id": "", "name": "gcc", "version": "8.5.0-28.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "hcJqCsCpWm+XI9JT6ImS5g==": { "id": "hcJqCsCpWm+XI9JT6ImS5g==", "name": "nettle", "version": "3.4.1-7.el8", "kind": "binary", "source": { "id": "", "name": "nettle", "version": "3.4.1-7.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "isPl2YxnCTfcLmUYH6Q0sA==": { "id": "isPl2YxnCTfcLmUYH6Q0sA==", "name": "libuuid", "version": "2.32.1-48.el8_10", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.32.1-48.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "jhG97BZK7587/TvtqUPTgw==": { "id": "jhG97BZK7587/TvtqUPTgw==", "name": "python3-chardet", "version": "3.0.4-7.el8", "kind": "binary", "source": { "id": "", "name": "python-chardet", "version": "3.0.4-7.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "jlgrv5fE+baZ32U4uXZIGQ==": { "id": "jlgrv5fE+baZ32U4uXZIGQ==", "name": "python3-inotify", "version": "0.9.6-13.el8", "kind": "binary", "source": { "id": "", "name": "python-inotify", "version": "0.9.6-13.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "jmNxyfDM4IV/F4mrfNTfyg==": { "id": "jmNxyfDM4IV/F4mrfNTfyg==", "name": "setup", "version": "2.12.2-9.el8", "kind": "binary", "source": { "id": "", "name": "setup", "version": "2.12.2-9.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "jtdCxL/eH5JTPcKstKunJg==": { "id": "jtdCxL/eH5JTPcKstKunJg==", "name": "grep", "version": "3.1-6.el8", "kind": "binary", "source": { "id": "", "name": "grep", "version": "3.1-6.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "k/BpvWmZ5EVfmiPqpZ3pGw==": { "id": "k/BpvWmZ5EVfmiPqpZ3pGw==", "name": "expat", "version": "2.5.0-1.el8_10", "kind": "binary", "source": { "id": "", "name": "expat", "version": "2.5.0-1.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "k4gCNgIfg7MM/e42ThRx2w==": { "id": "k4gCNgIfg7MM/e42ThRx2w==", "name": "libzstd", "version": "1.4.4-1.el8", "kind": "binary", "source": { "id": "", "name": "zstd", "version": "1.4.4-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "kkmdlySMqr3tWLW3k7vWzw==": { "id": "kkmdlySMqr3tWLW3k7vWzw==", "name": "tpm2-tss", "version": "2.3.2-6.el8", "kind": "binary", "source": { "id": "", "name": "tpm2-tss", "version": "2.3.2-6.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "kwc9NYOQig+qWs5qmBRL/w==": { "id": "kwc9NYOQig+qWs5qmBRL/w==", "name": "ncurses-libs", "version": "6.1-10.20180224.el8", "kind": "binary", "source": { "id": "", "name": "ncurses", "version": "6.1-10.20180224.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "lEFbOzBTlWwCqC/ZbjJfgQ==": { "id": "lEFbOzBTlWwCqC/ZbjJfgQ==", "name": "python3-setuptools-wheel", "version": "39.2.0-9.el8_10", "kind": "binary", "source": { "id": "", "name": "python-setuptools", "version": "39.2.0-9.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "lU0MYRg2dg5wynl2dMGsgA==": { "id": "lU0MYRg2dg5wynl2dMGsgA==", "name": "xz-libs", "version": "5.2.4-4.el8_6", "kind": "binary", "source": { "id": "", "name": "xz", "version": "5.2.4-4.el8_6", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "lYi5JiM+Pio9EyvNXaPbYA==": { "id": "lYi5JiM+Pio9EyvNXaPbYA==", "name": "libuser", "version": "0.62-26.el8_10", "kind": "binary", "source": { "id": "", "name": "libuser", "version": "0.62-26.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "ldNOLAK7TCoW1bLQ5KkfvA==": { "id": "ldNOLAK7TCoW1bLQ5KkfvA==", "name": "python3-dbus", "version": "1.2.4-15.el8", "kind": "binary", "source": { "id": "", "name": "dbus-python", "version": "1.2.4-15.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "mAmp7BtGrfzV0HnAKw9sTw==": { "id": "mAmp7BtGrfzV0HnAKw9sTw==", "name": "libsigsegv", "version": "2.11-5.el8", "kind": "binary", "source": { "id": "", "name": "libsigsegv", "version": "2.11-5.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "mkpeQMTn6iNiF+ShBe+oZg==": { "id": "mkpeQMTn6iNiF+ShBe+oZg==", "name": "libverto", "version": "0.3.2-2.el8", "kind": "binary", "source": { "id": "", "name": "libverto", "version": "0.3.2-2.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "mtrWxjnWyzrIFOuHVeUG6g==": { "id": "mtrWxjnWyzrIFOuHVeUG6g==", "name": "tar", "version": "2:1.30-11.el8_10", "kind": "binary", "source": { "id": "", "name": "tar", "version": "1.30-11.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "nDtLoMnkuhspYDn7NZEcjw==": { "id": "nDtLoMnkuhspYDn7NZEcjw==", "name": "findutils", "version": "1:4.6.0-24.el8_10", "kind": "binary", "source": { "id": "", "name": "findutils", "version": "4.6.0-24.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "o4v1nyEgxKUJdf78CSzLEg==": { "id": "o4v1nyEgxKUJdf78CSzLEg==", "name": "libgpg-error", "version": "1.31-1.el8", "kind": "binary", "source": { "id": "", "name": "libgpg-error", "version": "1.31-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "oPxhGBL0xk+N4XwwxvflAQ==": { "id": "oPxhGBL0xk+N4XwwxvflAQ==", "name": "redhat-release", "version": "8.10-0.3.el8", "kind": "binary", "source": { "id": "", "name": "redhat-release", "version": "8.10-0.3.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "oSDtB9GflLljTYeOAikyIQ==": { "id": "oSDtB9GflLljTYeOAikyIQ==", "name": "glib2", "version": "2.56.4-168.el8_10", "kind": "binary", "source": { "id": "", "name": "glib2", "version": "2.56.4-168.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "oW0mvXn9ytTAYEd7IyuyDg==": { "id": "oW0mvXn9ytTAYEd7IyuyDg==", "name": "gdb-gdbserver", "version": "8.2-20.el8", "kind": "binary", "source": { "id": "", "name": "gdb", "version": "8.2-20.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "p9tXHgTBVU/b3sTnwfubzg==": { "id": "p9tXHgTBVU/b3sTnwfubzg==", "name": "libdb-utils", "version": "5.3.28-42.el8_4", "kind": "binary", "source": { "id": "", "name": "libdb", "version": "5.3.28-42.el8_4", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "pY2NT/GP1UxyOuAl2rKgCw==": { "id": "pY2NT/GP1UxyOuAl2rKgCw==", "name": "npth", "version": "1.5-4.el8", "kind": "binary", "source": { "id": "", "name": "npth", "version": "1.5-4.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "pavdJQ8WwVQAaRLOAS++dg==": { "id": "pavdJQ8WwVQAaRLOAS++dg==", "name": "python3-dnf", "version": "4.7.0-21.el8_10", "kind": "binary", "source": { "id": "", "name": "dnf", "version": "4.7.0-21.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "peUaHHW4E9Y6Nd8+gJR5cQ==": { "id": "peUaHHW4E9Y6Nd8+gJR5cQ==", "name": "libssh-config", "version": "0.9.6-16.el8_10", "kind": "binary", "source": { "id": "", "name": "libssh", "version": "0.9.6-16.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "pp9zZ0tBoevZ/s15eFRL8g==": { "id": "pp9zZ0tBoevZ/s15eFRL8g==", "name": "libacl", "version": "2.2.53-3.el8", "kind": "binary", "source": { "id": "", "name": "acl", "version": "2.2.53-3.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "ps1lqMDaJbud3dqz5x5CfA==": { "id": "ps1lqMDaJbud3dqz5x5CfA==", "name": "elfutils-libs", "version": "0.190-2.el8", "kind": "binary", "source": { "id": "", "name": "elfutils", "version": "0.190-2.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "q7A6uCat3mG/Yky6qlBMQg==": { "id": "q7A6uCat3mG/Yky6qlBMQg==", "name": "util-linux", "version": "2.32.1-48.el8_10", "kind": "binary", "source": { "id": "", "name": "util-linux", "version": "2.32.1-48.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "qvQuZ5JqRsZ6gzHsz1Le5A==": { "id": "qvQuZ5JqRsZ6gzHsz1Le5A==", "name": "systemd-pam", "version": "239-82.el8_10.15", "kind": "binary", "source": { "id": "", "name": "systemd", "version": "239-82.el8_10.15", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "r23nOnTJvuvXzj0P21ldlw==": { "id": "r23nOnTJvuvXzj0P21ldlw==", "name": "rpm-libs", "version": "4.14.3-32.el8_10", "kind": "binary", "source": { "id": "", "name": "rpm", "version": "4.14.3-32.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "rFsA2fU/SFo3JGOkxRURTQ==": { "id": "rFsA2fU/SFo3JGOkxRURTQ==", "name": "keyutils-libs", "version": "1.5.10-9.el8", "kind": "binary", "source": { "id": "", "name": "keyutils", "version": "1.5.10-9.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "rwDlHVUTrp+LF00MbLn0mA==": { "id": "rwDlHVUTrp+LF00MbLn0mA==", "name": "python3-urllib3", "version": "1.24.2-9.el8_10", "kind": "binary", "source": { "id": "", "name": "python-urllib3", "version": "1.24.2-9.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "rzLpEiogBq9549TzY8PP6w==": { "id": "rzLpEiogBq9549TzY8PP6w==", "name": "python3-libs", "version": "3.6.8-74.el8_10", "kind": "binary", "source": { "id": "", "name": "python3", "version": "3.6.8-74.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "sEWAakrAuXFBdkDn2+trFA==": { "id": "sEWAakrAuXFBdkDn2+trFA==", "name": "platform-python", "version": "3.6.8-74.el8_10", "kind": "binary", "source": { "id": "", "name": "python3", "version": "3.6.8-74.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "sMrsZHOrW8FfprPHZo6Jww==": { "id": "sMrsZHOrW8FfprPHZo6Jww==", "name": "libmodulemd", "version": "2.13.0-1.el8", "kind": "binary", "source": { "id": "", "name": "libmodulemd", "version": "2.13.0-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "sUhkiUesE2DHTU1IF7t+tw==": { "id": "sUhkiUesE2DHTU1IF7t+tw==", "name": "platform-python-setuptools", "version": "39.2.0-9.el8_10", "kind": "binary", "source": { "id": "", "name": "python-setuptools", "version": "39.2.0-9.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "tM2JfTDykL1Yt0P7VhJHxg==": { "id": "tM2JfTDykL1Yt0P7VhJHxg==", "name": "ima-evm-utils", "version": "1.3.2-12.el8", "kind": "binary", "source": { "id": "", "name": "ima-evm-utils", "version": "1.3.2-12.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "u6GTGpRnqVZhAB+PjTA56Q==": { "id": "u6GTGpRnqVZhAB+PjTA56Q==", "name": "acl", "version": "2.2.53-3.el8", "kind": "binary", "source": { "id": "", "name": "acl", "version": "2.2.53-3.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "u8xY2UxYOt8uq0d1rOKpUw==": { "id": "u8xY2UxYOt8uq0d1rOKpUw==", "name": "dmidecode", "version": "1:3.5-1.el8", "kind": "binary", "source": { "id": "", "name": "dmidecode", "version": "3.5-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "uCw7c1p0VzVV36rFL2/j4Q==": { "id": "uCw7c1p0VzVV36rFL2/j4Q==", "name": "bzip2-libs", "version": "1.0.6-28.el8_10", "kind": "binary", "source": { "id": "", "name": "bzip2", "version": "1.0.6-28.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "v/KoDsdxOHqLHd7du8yyWQ==": { "id": "v/KoDsdxOHqLHd7du8yyWQ==", "name": "lua-libs", "version": "5.3.4-12.el8", "kind": "binary", "source": { "id": "", "name": "lua", "version": "5.3.4-12.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "vSIFFm+3DaXa1ZgWjTcICA==": { "id": "vSIFFm+3DaXa1ZgWjTcICA==", "name": "device-mapper-libs", "version": "8:1.02.181-15.el8_10.3", "kind": "binary", "source": { "id": "", "name": "lvm2", "version": "2.03.14-15.el8_10.3", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "vur+lGxG5l00XAui0auXUg==": { "id": "vur+lGxG5l00XAui0auXUg==", "name": "python3-dnf-plugins-core", "version": "4.0.21-25.el8", "kind": "binary", "source": { "id": "", "name": "dnf-plugins-core", "version": "4.0.21-25.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "w9oQLpJ33Ay0NolWWBXWNg==": { "id": "w9oQLpJ33Ay0NolWWBXWNg==", "name": "python3-cloud-what", "version": "1.28.44-1.el8_10", "kind": "binary", "source": { "id": "", "name": "subscription-manager", "version": "1.28.44-1.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "wQToP4WURQ4/A8LQU1k5kA==": { "id": "wQToP4WURQ4/A8LQU1k5kA==", "name": "langpacks-en", "version": "1.0-12.el8", "kind": "binary", "source": { "id": "", "name": "langpacks", "version": "1.0-12.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "wpJmhjYJz5TYuh0mbRPs4Q==": { "id": "wpJmhjYJz5TYuh0mbRPs4Q==", "name": "info", "version": "6.5-7.el8", "kind": "binary", "source": { "id": "", "name": "texinfo", "version": "6.5-7.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "xTF9l16G3x26txeCsO9Bug==": { "id": "xTF9l16G3x26txeCsO9Bug==", "name": "json-glib", "version": "1.4.4-1.el8", "kind": "binary", "source": { "id": "", "name": "json-glib", "version": "1.4.4-1.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "xY/gcEds28iVWCynxOCw9g==": { "id": "xY/gcEds28iVWCynxOCw9g==", "name": "libcom_err", "version": "1.45.6-7.el8_10", "kind": "binary", "source": { "id": "", "name": "e2fsprogs", "version": "1.45.6-7.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "y0rjD6ImyXM5bKG5kTsocA==": { "id": "y0rjD6ImyXM5bKG5kTsocA==", "name": "pam", "version": "1.3.1-39.el8_10", "kind": "binary", "source": { "id": "", "name": "pam", "version": "1.3.1-39.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "y1KXv1Wa0o6q+5/jJ4FmmA==": { "id": "y1KXv1Wa0o6q+5/jJ4FmmA==", "name": "libxml2", "version": "2.9.7-21.el8_10.3", "kind": "binary", "source": { "id": "", "name": "libxml2", "version": "2.9.7-21.el8_10.3", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "yX08xXm2MSxk7s6Ui2Z6BQ==": { "id": "yX08xXm2MSxk7s6Ui2Z6BQ==", "name": "systemd-libs", "version": "239-82.el8_10.15", "kind": "binary", "source": { "id": "", "name": "systemd", "version": "239-82.el8_10.15", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "ydZ9Nt38kjIKKqCmYtaufg==": { "id": "ydZ9Nt38kjIKKqCmYtaufg==", "name": "python3-pysocks", "version": "1.6.8-3.el8", "kind": "binary", "source": { "id": "", "name": "python-pysocks", "version": "1.6.8-3.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "yl863HYAf2BXq+HaBIFe0A==": { "id": "yl863HYAf2BXq+HaBIFe0A==", "name": "python3-librepo", "version": "1.14.2-5.el8", "kind": "binary", "source": { "id": "", "name": "librepo", "version": "1.14.2-5.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "zAReYdYoHUkp8wr8i3SW2g==": { "id": "zAReYdYoHUkp8wr8i3SW2g==", "name": "libffi", "version": "3.1-24.el8", "kind": "binary", "source": { "id": "", "name": "libffi", "version": "3.1-24.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "zH3pOh7/oPeHGrYavkYSwQ==": { "id": "zH3pOh7/oPeHGrYavkYSwQ==", "name": "python3-gobject-base", "version": "3.28.3-2.el8", "kind": "binary", "source": { "id": "", "name": "pygobject3", "version": "3.28.3-2.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "zJNXvpJr0PFvZ//8umMh/g==": { "id": "zJNXvpJr0PFvZ//8umMh/g==", "name": "python3-ethtool", "version": "0.14-5.el8", "kind": "binary", "source": { "id": "", "name": "python-ethtool", "version": "0.14-5.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" }, "zSt5QJXLkBthUtuJMs0KRA==": { "id": "zSt5QJXLkBthUtuJMs0KRA==", "name": "dbus-common", "version": "1:1.12.8-27.el8_10", "kind": "binary", "source": { "id": "", "name": "dbus", "version": "1.12.8-27.el8_10", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "noarch", "cpe": "" }, "znsTHd8YxJkITXvwFG6YSA==": { "id": "znsTHd8YxJkITXvwFG6YSA==", "name": "libpwquality", "version": "1.4.4-6.el8", "kind": "binary", "source": { "id": "", "name": "libpwquality", "version": "1.4.4-6.el8", "kind": "source", "normalized_version": "", "cpe": "" }, "normalized_version": "", "arch": "x86_64", "cpe": "" } }, "distributions": { "36d25fff-7843-490c-bdfc-66897bc6d090": { "id": "36d25fff-7843-490c-bdfc-66897bc6d090", "did": "rhel", "name": "Red Hat Enterprise Linux Server", "version": "8", "version_code_name": "", "version_id": "8", "arch": "", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "pretty_name": "Red Hat Enterprise Linux Server 8" } }, "repository": { "7cdc9836-8871-4e4e-a79b-f5fb316a17aa": { "id": "7cdc9836-8871-4e4e-a79b-f5fb316a17aa", "name": "cpe:/o:redhat:enterprise_linux:8::baseos", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:baseos:*:*:*:*:*" }, "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64": { "id": "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "name": "cpe:/a:redhat:enterprise_linux:8::appstream", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:a:redhat:enterprise_linux:8:*:appstream:*:*:*:*:*" } }, "environments": { "+XM+s3niWaEk1U5jnR5DpA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "+Xr7HyTxXf0c8jLaUyo3xA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "+hvIC0Et/RtHi7EAFCmfEw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "+qrxjVH7Im8eBfrz4h4P/w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "/7wUJedL2cOIe8/qxGJPRw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "/rFVHBpcZ6wgJf0WzwOgxg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "0+adIj3d3gIP0AV4IbrB8Q==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "0OmTDjE2VFwzjrB5YQSGRA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "1+yTM1fAMLq+dz3TFkyS0A==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "1gormAsAjMuks2JveQRd0Q==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "22yBCZl99yVP86UHT7jTdw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "2Z+8iz8G1tgy6T+X63lxog==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "3+d+oaGDGj9g2+1RFZjY5A==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "3jI2apoRMNGhHa141Q5dlQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "3tlR7IX1TE1j3MncwIydrw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "3uSX4NgBxQvC8LEk48QoOQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "45rvgYmy022Tx6fVWfking==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "47OMpR7yEmE4lttsyWq3fw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "4ZgMXaHDWnwPnqKlcJzEIw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "4flTdmUV4iK1Ax+LXJm8qQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "4sG4bBloak5Sz907ZDRs6Q==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "5734Hg35iaP07ry1Zhh8Og==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "5U8sNbKx0xZsaHcVt4MmxA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "6KnijwRsfeerWmf5Zl8NWw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "6xZyX4OBPWwoiUTjpWs79w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "7eg89eCgA75bJ7WhhN/T4Q==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "8A7B+wP+NQQ6gC6TTmfUGQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "9uhqFNTCJ7/bpzSlc7qCaQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "AITn+e+E6USX79PFnM6qXA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "AIs6pmCup5N9+6Ag6e2/og==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "AJqIL483xCdRd0LDpKujFw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "AmBPjOV0Lc4GPISfiGrCKw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "Ar92yKqXUexnY/wgJboLPA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "AuC6XQzcU/5tB4luIfjLFg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "AziZ1oGI+oDXVPzldKNj+w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "BK6GpnvgoCqCHIwpWSmgCg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "BPsD0kkdIoK3KQUZ5DpJjw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "BeGZ/KigKefGpHHHa3Q5nQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "BmK1zIjr5KsuOODCYwxRCw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "C9fRVvzAk5xOX+7uh2Cuhg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "CSkO43yn0N0oFVClXWpT+Q==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "CbqHQON08ZsUvPS9XDaTFA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "Cklbj7Y2kf3vqxqc0m1GHQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "D/ASdBsgxLNlG5Q8U7UPsQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "D19pBuDXqr+zYC7qXStV3g==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "D9iJYSwBt2n6JCuuNo2fKg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "DV119Dw0W4RdsbJkdoHU9w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "DgyhtZBcSIlVmY6xC8s1mA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "E48eAzELRLsbqfFOwUgqxA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "EGfzPeF6a5hj9x4BwoN25A==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "EiNiLT8ulizCzEWcybhizQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "F7AOP7tK5AfUXV1g9iTzFA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "G+gX+j4AbiCorxKiF1UojA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "GC8sCLqZlu3V+Og4r1yNsA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "GLKhGblbPbPbtDKwfpCv5A==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "Gg1Q6hponuT1eSJHwaJ83w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "HMIoZ/TKrKhxI1rD26qmpw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "IzLcxZDtcvtJR5Gwdq9HDg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "J34PJ2GThOWZuKVgFIoieA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "J71ZeZ+7Xn9GFRPBxHj29A==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "J7dBym6EiMbyjZzVXz7NGQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "JNDNKhJbFTSevs7EALfE9A==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "KGlOM4KY1UKhnPM8OE3LmQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "L4Nr2hXlTx1unww6deMWHg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "LXiVkIlXLq/usMYIwCTH8Q==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "LkoLKEri5dIAb0vFMkSOag==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "MrVoXn95MCt15WBpU27cdQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "MsEsZZvFpdNmJThgd+KEOQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "My6/ywbuLGBpB3zoO8X4Mw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "N1RbIRo2SyHosQefv+skDw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "N3ZaMrNJKoumMpaY0smlMQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "N5EuVcX6TPHBo7OPtax5uA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "NguWV8S6YQYvQsGQDJm2Rg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "NsvPyDc//39XTuXcn3j2uQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "ORsDK2A5479NPB0r01PoXQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "P5Se4zJpr8ZUwZNUojfuzA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "Q0uPb/t/3IQ8GEwlv/J3Cw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "QC6e3OaV78mjs678tGU2KQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "QXEDMSZisv5SUXtJo7Fs5g==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "RAOQzs3KvooLVtCFLXzK1A==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "RRWuvyUdhwGbBo2a/Ra1hw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "RtrzwDgrQgu9S5B72s2sww==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "S0BPcGMogA9sLLDMZAt2lw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "S1zou3bxOOiyOoUMO/eJQQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "TARQvmsLVC/S1fQD1jO4Xw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "TXR7KJtZBKtyqyx2xMKwaw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "U3ZkYu9FoEzQITrVBlQtLA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "USWNn71p+k059dbiu5HDEA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "UUZyda9G/ffvF6rJ5W1UnQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "VJuF8wQUU1SUCj2y3YozIA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "VM/912pnziMGSviQmT3pUg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "Vax934M9zGbzjdT3Y/XU9w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "VrCmPwuY69qW5jl9ctxOZg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "W66WOQ3v6r7mSn6+o7gaew==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "Wq1n4jzKBPdL9z5l5HD99w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "Xl5IW0rSec19xtkQ4OvHUg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "YOLwB2DVyMsP6zzH8vXa2Q==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "YjDcGmvP0/z8VqRiUvkhOQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "Za0y7YiKRidyIBZNIzq/Ng==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "ZwFl2Mr4EcoD5IGpc56beQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "aJy3OA6mZ9BbJQmZd/QX4Q==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "ar0do80Wlk1FaVvtx66g6Q==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "auI8KtI6OozP7EAIr9UlQQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "b3IQYKOhbHF7Yu0UNJdQZA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "bWUdPEYmtshwdmuX5VapfQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "bmxL3lydQy0yU8g1iBgovg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "cXCMP7NdkMDf1+Rb1IEktQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "d6uHzFpzOxlRgzhjC7LVhw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "dHcEYdxiRvfyl/7qt7q4gA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "dOBT1Qffq44NOVuk9chDyg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "dOwQwVL1NxmF6ouACZklrQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "dSjxsaDISLUiFwRTCSO8Tg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "eZ7CwFvwDCQu4vzKyuIZgA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "f/Al/eNlUhjEgKSV0J2z7w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "f1lteJj1IxLDbDb+BI8yjg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "fG866Ls1uk06DyWALl5MlQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "fhwRdrzkdNgBrHGM63hJoA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "fte+oVLt/R5seNeTONNiJg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "g146nKetkX1f4hfH1b5RWA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "gMqsUnRclTj6iuxHCslNRA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "gOaN4treTmKK7tU+N6AZ1w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "gtbMsmX05ZWh+bkM1Wprlw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "hOkTqAx8HYiWm8D3WyWplQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "hSTTMcRX1DBcXc+8jKeg3Q==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "hcJqCsCpWm+XI9JT6ImS5g==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "isPl2YxnCTfcLmUYH6Q0sA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "jhG97BZK7587/TvtqUPTgw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "jlgrv5fE+baZ32U4uXZIGQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "jmNxyfDM4IV/F4mrfNTfyg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "jtdCxL/eH5JTPcKstKunJg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "k/BpvWmZ5EVfmiPqpZ3pGw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "k4gCNgIfg7MM/e42ThRx2w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "kkmdlySMqr3tWLW3k7vWzw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "kwc9NYOQig+qWs5qmBRL/w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "lEFbOzBTlWwCqC/ZbjJfgQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "lU0MYRg2dg5wynl2dMGsgA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "lYi5JiM+Pio9EyvNXaPbYA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "ldNOLAK7TCoW1bLQ5KkfvA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "mAmp7BtGrfzV0HnAKw9sTw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "mkpeQMTn6iNiF+ShBe+oZg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "mtrWxjnWyzrIFOuHVeUG6g==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "nDtLoMnkuhspYDn7NZEcjw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "o4v1nyEgxKUJdf78CSzLEg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "oPxhGBL0xk+N4XwwxvflAQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "oSDtB9GflLljTYeOAikyIQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "oW0mvXn9ytTAYEd7IyuyDg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "p9tXHgTBVU/b3sTnwfubzg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "pY2NT/GP1UxyOuAl2rKgCw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "pavdJQ8WwVQAaRLOAS++dg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "peUaHHW4E9Y6Nd8+gJR5cQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "pp9zZ0tBoevZ/s15eFRL8g==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "ps1lqMDaJbud3dqz5x5CfA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "q7A6uCat3mG/Yky6qlBMQg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "qvQuZ5JqRsZ6gzHsz1Le5A==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "r23nOnTJvuvXzj0P21ldlw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "rFsA2fU/SFo3JGOkxRURTQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "rwDlHVUTrp+LF00MbLn0mA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "rzLpEiogBq9549TzY8PP6w==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "sEWAakrAuXFBdkDn2+trFA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "sMrsZHOrW8FfprPHZo6Jww==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "sUhkiUesE2DHTU1IF7t+tw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "tM2JfTDykL1Yt0P7VhJHxg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "u6GTGpRnqVZhAB+PjTA56Q==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "u8xY2UxYOt8uq0d1rOKpUw==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "uCw7c1p0VzVV36rFL2/j4Q==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "v/KoDsdxOHqLHd7du8yyWQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "vSIFFm+3DaXa1ZgWjTcICA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "vur+lGxG5l00XAui0auXUg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "w9oQLpJ33Ay0NolWWBXWNg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "wQToP4WURQ4/A8LQU1k5kA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "wpJmhjYJz5TYuh0mbRPs4Q==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "xTF9l16G3x26txeCsO9Bug==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "xY/gcEds28iVWCynxOCw9g==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "y0rjD6ImyXM5bKG5kTsocA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "y1KXv1Wa0o6q+5/jJ4FmmA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "yX08xXm2MSxk7s6Ui2Z6BQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "ydZ9Nt38kjIKKqCmYtaufg==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "yl863HYAf2BXq+HaBIFe0A==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "zAReYdYoHUkp8wr8i3SW2g==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "zH3pOh7/oPeHGrYavkYSwQ==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "zJNXvpJr0PFvZ//8umMh/g==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "zSt5QJXLkBthUtuJMs0KRA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ], "znsTHd8YxJkITXvwFG6YSA==": [ { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "36d25fff-7843-490c-bdfc-66897bc6d090", "repository_ids": [ "abf354de-a19f-44e6-b7c5-e6b3ab2fdc64", "7cdc9836-8871-4e4e-a79b-f5fb316a17aa" ] }, { "package_db": "bdb:var/lib/rpm", "introduced_in": "sha256:560e8a00c964383dd7f0b20dda6975e6a6b15b6c1b7ebc7a34eda349da69fa08", "distribution_id": "", "repository_ids": null } ] }, "vulnerabilities": { "+59hq9HnSU0DESYniRPk/A==": { "id": "+59hq9HnSU0DESYniRPk/A==", "updater": "rhel-vex", "name": "CVE-2025-66199", "description": "A flaw was found in OpenSSL. A remote attacker can exploit this vulnerability by sending a specially crafted CompressedCertificate message during the TLS 1.3 handshake. This can cause excessive per-connection memory allocations, leading to resource exhaustion and a Denial of Service (DoS) for affected clients and servers. This issue occurs when TLS 1.3 certificate compression is enabled and negotiated.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-66199 https://bugzilla.redhat.com/show_bug.cgi?id=2430379 https://www.cve.org/CVERecord?id=CVE-2025-66199 https://nvd.nist.gov/vuln/detail/CVE-2025-66199 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-66199.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "+KpTJUEQJKwTpx7pAkIuPQ==": { "id": "+KpTJUEQJKwTpx7pAkIuPQ==", "updater": "rhel-vex", "name": "CVE-2022-2124", "description": "Buffer Over-read in GitHub repository vim/vim prior to 8.2.", "issued": "2022-06-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-2124 https://bugzilla.redhat.com/show_bug.cgi?id=2099558 https://www.cve.org/CVERecord?id=CVE-2022-2124 https://nvd.nist.gov/vuln/detail/CVE-2022-2124 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-2124.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "+VF5B9kk+xL3yRO7HdjhGw==": { "id": "+VF5B9kk+xL3yRO7HdjhGw==", "updater": "rhel-vex", "name": "CVE-2022-2522", "description": "A heap buffer overflow vulnerability was found in vim's ins_compl_infercase_gettext() function of the src/insexpand.c file. This flaw occurs when vim tries to access uninitialized memory when completing a long line. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering a heap-based buffer overflow that causes an application to crash, possibly executing code and corrupting memory.", "issued": "2022-07-25T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-2522 https://bugzilla.redhat.com/show_bug.cgi?id=2112299 https://www.cve.org/CVERecord?id=CVE-2022-2522 https://nvd.nist.gov/vuln/detail/CVE-2022-2522 https://huntr.dev/bounties/3a2d83af-9542-4d93-8784-98b115135a22 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-2522.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "+lfnnYuPvMH1ORZwIFi4Rw==": { "id": "+lfnnYuPvMH1ORZwIFi4Rw==", "updater": "rhel-vex", "name": "CVE-2026-0964", "description": "No description is available for this CVE.", "issued": "2026-02-10T18:44:42Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0964 https://bugzilla.redhat.com/show_bug.cgi?id=2436979 https://www.cve.org/CVERecord?id=CVE-2026-0964 https://nvd.nist.gov/vuln/detail/CVE-2026-0964 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0964.json", "severity": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "libssh", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "+xBrs/DTyBbtVj1W1dAcrw==": { "id": "+xBrs/DTyBbtVj1W1dAcrw==", "updater": "rhel-vex", "name": "CVE-2024-45306", "description": "A heap-buffer overflow was found in Vim. Patch v9.1.0038 optimized how the cursor position is calculated and removed a loop, that verified that the cursor position always points inside a line and does not become invalid by pointing beyond the end of a line. It was assumed that this loop was unnecessary. However, this change made it possible for the cursor position to stay invalid and point beyond the end of a line, which would eventually cause a heap-buffer-overflow when trying to access the line pointer at the specified cursor position.", "issued": "2024-09-02T18:15:36Z", "links": "https://access.redhat.com/security/cve/CVE-2024-45306 https://bugzilla.redhat.com/show_bug.cgi?id=2309275 https://www.cve.org/CVERecord?id=CVE-2024-45306 https://nvd.nist.gov/vuln/detail/CVE-2024-45306 https://github.com/vim/vim/commit/396fd1ec2956307755392a1 https://github.com/vim/vim/releases/tag/v9.1.0038 https://github.com/vim/vim/security/advisories/GHSA-wxf9-c5gx-qrwr https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-45306.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "+ycsm1BnUPWoLs1UF1UcEg==": { "id": "+ycsm1BnUPWoLs1UF1UcEg==", "updater": "rhel-vex", "name": "CVE-2021-28861", "description": "A vulnerability was found in python. This security flaw causes an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of the URI path. This issue may lead to information disclosure.", "issued": "2022-08-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-28861 https://bugzilla.redhat.com/show_bug.cgi?id=2120642 https://www.cve.org/CVERecord?id=CVE-2021-28861 https://nvd.nist.gov/vuln/detail/CVE-2021-28861 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-28861.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-pysocks", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "/FdrObPxFunwRXcZAEO5Tw==": { "id": "/FdrObPxFunwRXcZAEO5Tw==", "updater": "rhel-vex", "name": "CVE-2026-28419", "description": "A flaw was found in Vim, an open-source command-line text editor. This vulnerability, a heap-based buffer underflow, occurs when Vim processes a specially crafted Emacs-style tags file. If a malicious file with a delimiter at the start of a line is opened, Vim attempts to read memory outside its designated area. This could lead to the disclosure of sensitive information or cause the application to crash, resulting in a denial of service.", "issued": "2026-02-27T22:02:55Z", "links": "https://access.redhat.com/security/cve/CVE-2026-28419 https://bugzilla.redhat.com/show_bug.cgi?id=2443482 https://www.cve.org/CVERecord?id=CVE-2026-28419 https://nvd.nist.gov/vuln/detail/CVE-2026-28419 https://github.com/vim/vim/commit/9b7dfa2948c9e1e5e32a5812 https://github.com/vim/vim/releases/tag/v9.2.0075 https://github.com/vim/vim/security/advisories/GHSA-xcc8-r6c5-hvwv https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-28419.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "/LWI0YXkUZMlVPxSYP3hGg==": { "id": "/LWI0YXkUZMlVPxSYP3hGg==", "updater": "rhel-vex", "name": "CVE-2026-3479", "description": "A flaw was found in Python's `pkgutil.get_data()` function, which is used to retrieve data from packages. This function did not properly validate the `resource` argument, allowing a local attacker to perform path traversal attacks. Path traversal enables an attacker to access files and directories stored outside the intended root directory, potentially leading to information disclosure or unintended file access.", "issued": "2026-03-18T18:13:42Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3479 https://bugzilla.redhat.com/show_bug.cgi?id=2448746 https://www.cve.org/CVERecord?id=CVE-2026-3479 https://nvd.nist.gov/vuln/detail/CVE-2026-3479 https://github.com/python/cpython/issues/146121 https://github.com/python/cpython/pull/146122 https://mail.python.org/archives/list/security-announce@python.org/thread/WYLLVQOOCKGK73JM7Z7ZSNOJC4N7BAWY/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3479.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "python-idna", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "/qUHokmxOLHqD3aLG8T5Qg==": { "id": "/qUHokmxOLHqD3aLG8T5Qg==", "updater": "rhel-vex", "name": "CVE-2023-0288", "description": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1189.", "issued": "2023-01-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-0288 https://bugzilla.redhat.com/show_bug.cgi?id=2163130 https://www.cve.org/CVERecord?id=CVE-2023-0288 https://nvd.nist.gov/vuln/detail/CVE-2023-0288 https://huntr.dev/bounties/5d389a18-5026-47df-a5d0-1548a9b555d5 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-0288.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "/y0IFFUo3qK45BLP6MlrAw==": { "id": "/y0IFFUo3qK45BLP6MlrAw==", "updater": "rhel-vex", "name": "CVE-2023-0433", "description": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1225.", "issued": "2023-01-21T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-0433 https://bugzilla.redhat.com/show_bug.cgi?id=2163612 https://www.cve.org/CVERecord?id=CVE-2023-0433 https://nvd.nist.gov/vuln/detail/CVE-2023-0433 https://huntr.dev/bounties/ae933869-a1ec-402a-bbea-d51764c6618e/ https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-0433.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "03rxP00Njciq6m1NhQ60nw==": { "id": "03rxP00Njciq6m1NhQ60nw==", "updater": "rhel-vex", "name": "CVE-2025-11468", "description": "Missing character filtering has been discovered in Python. When folding a long comment in an email header containing exclusively unfoldable characters, the parenthesis would not be preserved. This could be used for injecting headers into email messages where addresses are user-controlled and not sanitized.", "issued": "2026-01-20T21:09:11Z", "links": "https://access.redhat.com/security/cve/CVE-2025-11468 https://bugzilla.redhat.com/show_bug.cgi?id=2431375 https://www.cve.org/CVERecord?id=CVE-2025-11468 https://nvd.nist.gov/vuln/detail/CVE-2025-11468 https://github.com/python/cpython/issues/143935 https://github.com/python/cpython/pull/143936 https://mail.python.org/archives/list/security-announce@python.org/thread/FELSEOLBI2QR6YLG6Q7VYF7FWSGQTKLI/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-11468.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-chardet", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "0Lbh90QY/bvfRRYGD8DIKA==": { "id": "0Lbh90QY/bvfRRYGD8DIKA==", "updater": "rhel-vex", "name": "CVE-2022-4292", "description": "A heap use-after-free flaw was found in Vim's did_set_spelllang() function of the spell.c file. This issue occurs because vim uses freed memory after SpellFileMissing autocmd uses bwipe. This could allows an attacker to trick a user into opening a specially crafted file, triggering a heap use-after-free issue that causes an application to crash, possibly executing code and corrupting memory.", "issued": "2022-12-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-4292 https://bugzilla.redhat.com/show_bug.cgi?id=2151558 https://www.cve.org/CVERecord?id=CVE-2022-4292 https://nvd.nist.gov/vuln/detail/CVE-2022-4292 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-4292.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "0Q3x7RbstwOfH9ELTB6XXg==": { "id": "0Q3x7RbstwOfH9ELTB6XXg==", "updater": "rhel-vex", "name": "CVE-2024-7592", "description": "A flaw was found in the `http.cookies` module in the Python package. When parsing cookies that contain backslashes, under certain circumstances, the module uses an algorithm with quadratic complexity, leading to excessive CPU consumption.", "issued": "2024-08-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-7592 https://bugzilla.redhat.com/show_bug.cgi?id=2305879 https://www.cve.org/CVERecord?id=CVE-2024-7592 https://nvd.nist.gov/vuln/detail/CVE-2024-7592 https://github.com/python/cpython/issues/123067 https://github.com/python/cpython/pull/123075 https://mail.python.org/archives/list/security-announce@python.org/thread/HXJAAAALNUNGCQUS2W7WR6GFIZIHFOOK/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-7592.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "python-pysocks", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "0QzoXQSqkKieJ7Oc+px0JA==": { "id": "0QzoXQSqkKieJ7Oc+px0JA==", "updater": "rhel-vex", "name": "CVE-2025-13837", "description": "A flaw was found in the plistlib module in the Python standard library. The amount of data to read from a Plist file is specified in the file itself. This issue allows a specially crafted Plist file to cause an application to allocate a large amount of memory, potentially resulting in allocations errors, swapping, out-of-memory conditions or even system freezes.", "issued": "2025-12-01T18:13:32Z", "links": "https://access.redhat.com/security/cve/CVE-2025-13837 https://bugzilla.redhat.com/show_bug.cgi?id=2418084 https://www.cve.org/CVERecord?id=CVE-2025-13837 https://nvd.nist.gov/vuln/detail/CVE-2025-13837 https://github.com/python/cpython/issues/119342 https://github.com/python/cpython/pull/119343 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-13837.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "0SKU6CiKSF47hfRbDYMu5w==": { "id": "0SKU6CiKSF47hfRbDYMu5w==", "updater": "rhel-vex", "name": "CVE-2025-12781", "description": "A flaw was found in the base64 module in the Python standard library. The b64decode, standard_b64decode and urlsafe_b64decode functions will always accept the '+' and '/' characters even when an alternative base64 alphabet is specified via the altchars parameter that excludes them. This input validation bypass allows malformed or unexpected data to pass through decoding filters, potentially causing logical errors or data integrity issues in applications relying on strict character sets.", "issued": "2026-01-21T19:34:47Z", "links": "https://access.redhat.com/security/cve/CVE-2025-12781 https://bugzilla.redhat.com/show_bug.cgi?id=2431736 https://www.cve.org/CVERecord?id=CVE-2025-12781 https://nvd.nist.gov/vuln/detail/CVE-2025-12781 https://github.com/python/cpython/issues/125346 https://github.com/python/cpython/pull/141128 https://mail.python.org/archives/list/security-announce@python.org/thread/KRI7GC6S27YV5NJ4FPDALS2WI5ENAFJ6/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-12781.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-pysocks", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "0WWCTKTWgZAx5gQFX5xocQ==": { "id": "0WWCTKTWgZAx5gQFX5xocQ==", "updater": "rhel-vex", "name": "CVE-2026-3479", "description": "A flaw was found in Python's `pkgutil.get_data()` function, which is used to retrieve data from packages. This function did not properly validate the `resource` argument, allowing a local attacker to perform path traversal attacks. Path traversal enables an attacker to access files and directories stored outside the intended root directory, potentially leading to information disclosure or unintended file access.", "issued": "2026-03-18T18:13:42Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3479 https://bugzilla.redhat.com/show_bug.cgi?id=2448746 https://www.cve.org/CVERecord?id=CVE-2026-3479 https://nvd.nist.gov/vuln/detail/CVE-2026-3479 https://github.com/python/cpython/issues/146121 https://github.com/python/cpython/pull/146122 https://mail.python.org/archives/list/security-announce@python.org/thread/WYLLVQOOCKGK73JM7Z7ZSNOJC4N7BAWY/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3479.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "python-urllib3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "0fCtWwB6iclgRvIA+IqiJQ==": { "id": "0fCtWwB6iclgRvIA+IqiJQ==", "updater": "rhel-vex", "name": "CVE-2026-1484", "description": "A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the library may miscalculate buffer boundaries. This can cause memory writes outside the allocated buffer. Applications that process untrusted or extremely large Base64 input using GLib may crash or behave unpredictably.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-1484 https://bugzilla.redhat.com/show_bug.cgi?id=2433259 https://www.cve.org/CVERecord?id=CVE-2026-1484 https://nvd.nist.gov/vuln/detail/CVE-2026-1484 https://gitlab.gnome.org/GNOME/glib/-/issues/3870 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1484.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "0fyRWwwgh1nEGEYJnFa1YQ==": { "id": "0fyRWwwgh1nEGEYJnFa1YQ==", "updater": "rhel-vex", "name": "CVE-2024-43374", "description": "A heap use-after-free vulnerability was found in Vim's alist_add() function. Adding a new file to the argument list triggers Buf* autocommands. In an autocommand, if the buffer that was just opened is closed, including the window where it is shown, it causes the window structure to be freed, containing a reference to the argument list that is being modified. Once the autocommands are completed, references to the window and argument list are no longer valid, causing a use-after-free issue. To trigger this issue, a local attacker or user must add unusual autocommands that wipe a buffer during creation, either manually or by sourcing a malicious plugin, which will cause Vim to crash.", "issued": "2024-08-16T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-43374 https://bugzilla.redhat.com/show_bug.cgi?id=2305259 https://www.cve.org/CVERecord?id=CVE-2024-43374 https://nvd.nist.gov/vuln/detail/CVE-2024-43374 https://github.com/vim/vim/commit/0a6e57b09bc8c76691b367a5babfb79b31b770e8 https://github.com/vim/vim/security/advisories/GHSA-2w8m-443v-cgvw https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-43374.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "0nQ3GJDLY22M176Z5ESg6A==": { "id": "0nQ3GJDLY22M176Z5ESg6A==", "updater": "rhel-vex", "name": "CVE-2025-68972", "description": "A flaw was found in GnuPG. An adversary can exploit this vulnerability by crafting a signed message that includes a form feed character (\\f) at the end of a plaintext line. This allows the adversary to append additional, unsigned text to the message while the signature verification still reports success. This issue leads to an integrity bypass, potentially enabling the spoofing of signed communications.", "issued": "2025-12-27T22:52:30Z", "links": "https://access.redhat.com/security/cve/CVE-2025-68972 https://bugzilla.redhat.com/show_bug.cgi?id=2425646 https://www.cve.org/CVERecord?id=CVE-2025-68972 https://nvd.nist.gov/vuln/detail/CVE-2025-68972 https://gpg.fail/formfeed https://news.ycombinator.com/item?id=46404339 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-68972.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "1czwTF6go1aSr24FSoii2A==": { "id": "1czwTF6go1aSr24FSoii2A==", "updater": "rhel-vex", "name": "CVE-2026-2297", "description": "A flaw was found in CPython. This vulnerability allows a local user with low privileges to bypass security auditing mechanisms. The issue occurs because the SourcelessFileLoader component, responsible for handling older Python compiled files (.pyc), does not properly trigger system audit events. This oversight could enable malicious activities to go undetected, compromising the integrity of the system.", "issued": "2026-03-04T22:10:43Z", "links": "https://access.redhat.com/security/cve/CVE-2026-2297 https://bugzilla.redhat.com/show_bug.cgi?id=2444691 https://www.cve.org/CVERecord?id=CVE-2026-2297 https://nvd.nist.gov/vuln/detail/CVE-2026-2297 https://github.com/python/cpython/commit/482d6f8bdba9da3725d272e8bb4a2d25fb6a603e https://github.com/python/cpython/commit/a51b1b512de1d56b3714b65628a2eae2b07e535e https://github.com/python/cpython/commit/e58e9802b9bec5cdbf48fc9bf1da5f4fda482e86 https://github.com/python/cpython/issues/145506 https://github.com/python/cpython/pull/145507 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-2297.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "python-idna", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "1gGu9bktrmHmqgKrd3EMkA==": { "id": "1gGu9bktrmHmqgKrd3EMkA==", "updater": "rhel-vex", "name": "CVE-2023-46246", "description": "Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function `ga_grow_inner` in in the file `src/alloc.c` at line 748, which is freed in the file `src/ex_docmd.c` in the function `do_cmdline` at line 1010 and then used again in `src/cmdhist.c` at line 759. When using the `:history` command, it's possible that the provided argument overflows the accepted value. Causing an Integer Overflow and potentially later an use-after-free. This vulnerability has been patched in version 9.0.2068.", "issued": "2023-10-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-46246 https://bugzilla.redhat.com/show_bug.cgi?id=2246953 https://www.cve.org/CVERecord?id=CVE-2023-46246 https://nvd.nist.gov/vuln/detail/CVE-2023-46246 https://github.com/vim/vim/security/advisories/GHSA-q22m-h7m2-9mgm https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-46246.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "1lUHOMB3ANHGWpqCBv9Ynw==": { "id": "1lUHOMB3ANHGWpqCBv9Ynw==", "updater": "rhel-vex", "name": "CVE-2026-4105", "description": "A flaw was found in systemd. The systemd-machined service contains an Improper Access Control vulnerability due to insufficient validation of the class parameter in the RegisterMachine D-Bus (Desktop Bus) method. A local unprivileged user can exploit this by attempting to register a machine with a specific class value, which may leave behind a usable, attacker-controlled machine object. This allows the attacker to invoke methods on the privileged object, leading to the execution of arbitrary commands with root privileges on the host system.", "issued": "2026-03-13T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4105 https://bugzilla.redhat.com/show_bug.cgi?id=2447262 https://www.cve.org/CVERecord?id=CVE-2026-4105 https://nvd.nist.gov/vuln/detail/CVE-2026-4105 https://github.com/systemd/systemd/security/advisories/GHSA-4h6x-r8vx-3862 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4105.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "1xumzhZiYuIb5kWEpv/z2Q==": { "id": "1xumzhZiYuIb5kWEpv/z2Q==", "updater": "rhel-vex", "name": "CVE-2022-0235", "description": "A flaw was found in node-fetch. When following a redirect to a third-party domain, node-fetch was forwarding sensitive headers such as \"Authorization,\" \"WWW-Authenticate,\" and \"Cookie\" to potentially untrusted targets. This flaw leads to the exposure of sensitive information to an unauthorized actor.", "issued": "2022-01-14T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-0235 https://bugzilla.redhat.com/show_bug.cgi?id=2044591 https://www.cve.org/CVERecord?id=CVE-2022-0235 https://nvd.nist.gov/vuln/detail/CVE-2022-0235 https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/ https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-0235.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "subscription-manager", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "1y7lpBoDolQF4MOVVHZy0Q==": { "id": "1y7lpBoDolQF4MOVVHZy0Q==", "updater": "rhel-vex", "name": "CVE-2025-1150", "description": "A flaw was found in the ld linker utility of GNU Binutils. A specially-crafted payload may be able to trigger a memory leak, which can lead to an application crash or other undefined behavior.", "issued": "2025-02-10T16:31:07Z", "links": "https://access.redhat.com/security/cve/CVE-2025-1150 https://bugzilla.redhat.com/show_bug.cgi?id=2344681 https://www.cve.org/CVERecord?id=CVE-2025-1150 https://nvd.nist.gov/vuln/detail/CVE-2025-1150 https://sourceware.org/bugzilla/attachment.cgi?id=15887 https://sourceware.org/bugzilla/show_bug.cgi?id=32576 https://vuldb.com/?ctiid.295054 https://vuldb.com/?id.295054 https://www.gnu.org/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-1150.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gdb", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "2HeAQXhPVJdqlzjgrvqpHA==": { "id": "2HeAQXhPVJdqlzjgrvqpHA==", "updater": "rhel-vex", "name": "CVE-2022-47007", "description": "A memory leak was found in function stab_demangle_v3_arg in stabs.c in Binutils, allows local attacker to exploit the vulnerability using specially crafted file to cause Denial of Service.", "issued": "2022-06-16T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-47007 https://bugzilla.redhat.com/show_bug.cgi?id=2233980 https://www.cve.org/CVERecord?id=CVE-2022-47007 https://nvd.nist.gov/vuln/detail/CVE-2022-47007 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-47007.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "gdb", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "2I1s1wzUEtlMdLaYOJnDdQ==": { "id": "2I1s1wzUEtlMdLaYOJnDdQ==", "updater": "rhel-vex", "name": "CVE-2025-1795", "description": "A flaw was found in Python. When a separating comma ends up on a folded line during an address list folding of email headers, the comma is unintentionally unicode encoded. The expected behavior is that the separating comma remains unencoded. This can result in the address header being misinterpreted by some mail servers.", "issued": "2025-02-28T18:59:31Z", "links": "https://access.redhat.com/security/cve/CVE-2025-1795 https://bugzilla.redhat.com/show_bug.cgi?id=2349061 https://www.cve.org/CVERecord?id=CVE-2025-1795 https://nvd.nist.gov/vuln/detail/CVE-2025-1795 https://github.com/python/cpython/commit/09fab93c3d857496c0bd162797fab816c311ee48 https://github.com/python/cpython/commit/70754d21c288535e86070ca7a6e90dcb670b8593 https://github.com/python/cpython/commit/9148b77e0af91cdacaa7fe3dfac09635c3fe9a74 https://github.com/python/cpython/issues/100884 https://github.com/python/cpython/pull/100885 https://github.com/python/cpython/pull/119099 https://mail.python.org/archives/list/security-announce@python.org/thread/MB62IZMEC3UM6SGHP5LET5JX2Y7H4ZUR/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-1795.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "python-urllib3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "2U8ppg+02PjFDuM5YqFstQ==": { "id": "2U8ppg+02PjFDuM5YqFstQ==", "updater": "rhel-vex", "name": "CVE-2025-15282", "description": "Missing newline filtering has been discovered in Python. User-controlled data URLs parsed by urllib.request.DataHandler allow injecting headers through newlines in the data URL mediatype.", "issued": "2026-01-20T21:35:13Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15282 https://bugzilla.redhat.com/show_bug.cgi?id=2431366 https://www.cve.org/CVERecord?id=CVE-2025-15282 https://nvd.nist.gov/vuln/detail/CVE-2025-15282 https://github.com/python/cpython/issues/143925 https://github.com/python/cpython/pull/143926 https://mail.python.org/archives/list/security-announce@python.org/thread/X66HL7SISGJT33J53OHXMZT4DFLMHVKF/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15282.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "2YRc0WjeEyZBoYiaOnJbeg==": { "id": "2YRc0WjeEyZBoYiaOnJbeg==", "updater": "rhel-vex", "name": "CVE-2025-66863", "description": "A flaw was found in BinUtils. Attackers can exploit this vulnerability by providing a specially crafted Portable Executable (PE) file. This can lead to a denial of service, making the affected application unavailable.", "issued": "2025-12-29T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-66863 https://bugzilla.redhat.com/show_bug.cgi?id=2425824 https://www.cve.org/CVERecord?id=CVE-2025-66863 https://nvd.nist.gov/vuln/detail/CVE-2025-66863 https://github.com/caozhzh/CRGF-Vul/blob/main/cxxfilt/crash2.md https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-66863.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gdb", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "2xtDbYqjkcEeQ4nILuPI0w==": { "id": "2xtDbYqjkcEeQ4nILuPI0w==", "updater": "rhel-vex", "name": "CVE-2026-4647", "description": "A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files and executables. The issue occurs when processing specially crafted XCOFF object files, where a relocation type value is not properly validated before being used. This can cause the program to read memory outside of intended bounds. As a result, affected tools may crash or expose unintended memory contents, leading to denial-of-service or limited information disclosure risks.", "issued": "2026-03-23T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4647 https://bugzilla.redhat.com/show_bug.cgi?id=2450302 https://www.cve.org/CVERecord?id=CVE-2026-4647 https://nvd.nist.gov/vuln/detail/CVE-2026-4647 https://sourceware.org/bugzilla/show_bug.cgi?id=33919 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4647.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "gdb", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "3CQJ3hzzdmd6QtmVFqakNg==": { "id": "3CQJ3hzzdmd6QtmVFqakNg==", "updater": "rhel-vex", "name": "CVE-2022-2183", "description": "Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.", "issued": "2022-06-23T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-2183 https://bugzilla.redhat.com/show_bug.cgi?id=2102159 https://www.cve.org/CVERecord?id=CVE-2022-2183 https://nvd.nist.gov/vuln/detail/CVE-2022-2183 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-2183.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "3NmGx++6ijeveccqIYQboA==": { "id": "3NmGx++6ijeveccqIYQboA==", "updater": "rhel-vex", "name": "CVE-2022-2126", "description": "Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.", "issued": "2022-06-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-2126 https://bugzilla.redhat.com/show_bug.cgi?id=2099596 https://www.cve.org/CVERecord?id=CVE-2022-2126 https://nvd.nist.gov/vuln/detail/CVE-2022-2126 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-2126.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "3O4IzHXnRQMZXCe1gYATvw==": { "id": "3O4IzHXnRQMZXCe1gYATvw==", "updater": "rhel-vex", "name": "CVE-2026-22185", "description": "A flaw was found in OpenLDAP Lightning Memory-Mapped Database (LMDB) mdb_load. When processing malformed input, a local attacker can exploit a heap buffer underflow vulnerability in the readline() function. This can lead to an out-of-bounds read, potentially causing a denial of service (DoS) and limited disclosure of heap memory contents.", "issued": "2026-01-07T20:26:30Z", "links": "https://access.redhat.com/security/cve/CVE-2026-22185 https://bugzilla.redhat.com/show_bug.cgi?id=2427679 https://www.cve.org/CVERecord?id=CVE-2026-22185 https://nvd.nist.gov/vuln/detail/CVE-2026-22185 https://seclists.org/fulldisclosure/2026/Jan/5 https://seclists.org/fulldisclosure/2026/Jan/8 https://www.openldap.org/ https://www.vulncheck.com/advisories/openldap-lmdb-mdb-load-heap-buffer-underflow-in-readline https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-22185.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "openldap", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "3XGT/WUu2ksTinzHtRqtAQ==": { "id": "3XGT/WUu2ksTinzHtRqtAQ==", "updater": "rhel-vex", "name": "CVE-2020-20703", "description": "A use-after-free flaw was found in Vim. This issue allows a heap buffer overflow leading to a write access violation. This flaw allows the attacker to possibly have control over the write address and value, which may lead to an application crash.", "issued": "2023-06-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-20703 https://bugzilla.redhat.com/show_bug.cgi?id=2216287 https://www.cve.org/CVERecord?id=CVE-2020-20703 https://nvd.nist.gov/vuln/detail/CVE-2020-20703 https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-20703.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "3iyn4/i+eXclk6mSljsR3A==": { "id": "3iyn4/i+eXclk6mSljsR3A==", "updater": "rhel-vex", "name": "CVE-2026-4224", "description": "A stack overflow flaw has been discovered in the python pyexpat module. When an Expat parser with a registered ElementDeclHandler parses an inline document type definition containing a deeply nested content model a C stack overflow occurs. This will result in a program crash.", "issued": "2026-03-16T17:52:26Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4224 https://bugzilla.redhat.com/show_bug.cgi?id=2448181 https://www.cve.org/CVERecord?id=CVE-2026-4224 https://nvd.nist.gov/vuln/detail/CVE-2026-4224 https://github.com/python/cpython/commit/196edfb06a7458377d4d0f4b3cd41724c1f3bd4a https://github.com/python/cpython/commit/e0a8a6da90597a924b300debe045cdb4628ee1f3 https://github.com/python/cpython/commit/eb0e8be3a7e11b87d198a2c3af1ed0eccf532768 https://github.com/python/cpython/issues/145986 https://github.com/python/cpython/pull/145987 https://mail.python.org/archives/list/security-announce@python.org/thread/5M7CGUW3XBRY7II4DK43KF7NQQ3TPZ6R/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4224.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "python-pysocks", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "4/mftydHpy90Umw3G0mTuQ==": { "id": "4/mftydHpy90Umw3G0mTuQ==", "updater": "rhel-vex", "name": "CVE-2018-1000879", "description": "libarchive version commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 onwards (release v3.3.0 onwards) contains a CWE-476: NULL Pointer Dereference vulnerability in ACL parser - libarchive/archive_acl.c, archive_acl_from_text_l() that can result in Crash/DoS. This attack appear to be exploitable via the victim must open a specially crafted archive file.", "issued": "2018-11-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2018-1000879 https://bugzilla.redhat.com/show_bug.cgi?id=1663890 https://www.cve.org/CVERecord?id=CVE-2018-1000879 https://nvd.nist.gov/vuln/detail/CVE-2018-1000879 https://security.access.redhat.com/data/csaf/v2/vex/2018/cve-2018-1000879.json", "severity": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "44HMdOXTmvlsYKs02fsoWg==": { "id": "44HMdOXTmvlsYKs02fsoWg==", "updater": "rhel-vex", "name": "CVE-2025-26603", "description": "A flaw was found in Vim's :redir command. This vulnerability allows a use-after-free condition via redirecting the :display command to a clipboard register (* or +), which allows access to freed memory.", "issued": "2025-02-18T19:04:24Z", "links": "https://access.redhat.com/security/cve/CVE-2025-26603 https://bugzilla.redhat.com/show_bug.cgi?id=2346346 https://www.cve.org/CVERecord?id=CVE-2025-26603 https://nvd.nist.gov/vuln/detail/CVE-2025-26603 https://github.com/vim/vim/commit/c0f0e2380e5954f4a52a131bf6b8 https://github.com/vim/vim/security/advisories/GHSA-63p5-mwg2-787v https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-26603.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "51AFG0DZsinnAeQMziiY/g==": { "id": "51AFG0DZsinnAeQMziiY/g==", "updater": "rhel-vex", "name": "CVE-2022-2344", "description": "A heap-based buffer overflow was found in Vim in the ins_compl_add function in the insexpand.c file. This issue occurs due to a read past the end of a buffer when a specially crafted input is processed. This flaw allows an attacker who can trick a user into opening a specially crafted file into triggering the heap-based buffer overflow, causing the application to crash, possibly executing code and corrupting memory.", "issued": "2022-07-06T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-2344 https://bugzilla.redhat.com/show_bug.cgi?id=2106787 https://www.cve.org/CVERecord?id=CVE-2022-2344 https://nvd.nist.gov/vuln/detail/CVE-2022-2344 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-2344.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "5AbLv21i0RwmCpiIbrPVrQ==": { "id": "5AbLv21i0RwmCpiIbrPVrQ==", "updater": "rhel-vex", "name": "CVE-2024-3651", "description": "A flaw was found in the python-idna library. A malicious argument was sent to the idna.encode() function can trigger an uncontrolled resource consumption, resulting in a denial of service.", "issued": "2024-04-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-3651 https://bugzilla.redhat.com/show_bug.cgi?id=2274779 https://www.cve.org/CVERecord?id=CVE-2024-3651 https://nvd.nist.gov/vuln/detail/CVE-2024-3651 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-3651.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "python-idna", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "5B1tQ2BK8z/YjRkYcvwqag==": { "id": "5B1tQ2BK8z/YjRkYcvwqag==", "updater": "rhel-vex", "name": "CVE-2019-19244", "description": "A flaw was found in the way SQLite handled certain types of SQL queries using DISTINCT, OVER and ORDER BY clauses. A remote attacker could exploit this flaw by providing a malicious SQL query that, when processed by an application linked to SQLite, would crash the application causing a denial of service.", "issued": "2019-11-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2019-19244 https://bugzilla.redhat.com/show_bug.cgi?id=1777945 https://www.cve.org/CVERecord?id=CVE-2019-19244 https://nvd.nist.gov/vuln/detail/CVE-2019-19244 https://security.access.redhat.com/data/csaf/v2/vex/2019/cve-2019-19244.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "sqlite", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "5ZHvcDYhgzWjwNpRgF2u1w==": { "id": "5ZHvcDYhgzWjwNpRgF2u1w==", "updater": "rhel-vex", "name": "CVE-2025-1795", "description": "A flaw was found in Python. When a separating comma ends up on a folded line during an address list folding of email headers, the comma is unintentionally unicode encoded. The expected behavior is that the separating comma remains unencoded. This can result in the address header being misinterpreted by some mail servers.", "issued": "2025-02-28T18:59:31Z", "links": "https://access.redhat.com/security/cve/CVE-2025-1795 https://bugzilla.redhat.com/show_bug.cgi?id=2349061 https://www.cve.org/CVERecord?id=CVE-2025-1795 https://nvd.nist.gov/vuln/detail/CVE-2025-1795 https://github.com/python/cpython/commit/09fab93c3d857496c0bd162797fab816c311ee48 https://github.com/python/cpython/commit/70754d21c288535e86070ca7a6e90dcb670b8593 https://github.com/python/cpython/commit/9148b77e0af91cdacaa7fe3dfac09635c3fe9a74 https://github.com/python/cpython/issues/100884 https://github.com/python/cpython/pull/100885 https://github.com/python/cpython/pull/119099 https://mail.python.org/archives/list/security-announce@python.org/thread/MB62IZMEC3UM6SGHP5LET5JX2Y7H4ZUR/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-1795.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "5kVYfr7KmavVo0SEj/y25A==": { "id": "5kVYfr7KmavVo0SEj/y25A==", "updater": "rhel-vex", "name": "CVE-2026-0865", "description": "Missing newline filtering has been discovered in Python. User-controlled header names and values containing newlines can allow injecting HTTP headers.", "issued": "2026-01-20T21:26:15Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0865 https://bugzilla.redhat.com/show_bug.cgi?id=2431367 https://www.cve.org/CVERecord?id=CVE-2026-0865 https://nvd.nist.gov/vuln/detail/CVE-2026-0865 https://github.com/python/cpython/issues/143916 https://github.com/python/cpython/pull/143917 https://mail.python.org/archives/list/security-announce@python.org/thread/BJ6QPHNSHJTS3A7CFV6IBMCAP2DWRVNT/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0865.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-requests", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "673FKazcUiydbfN5c6amaw==": { "id": "673FKazcUiydbfN5c6amaw==", "updater": "rhel-vex", "name": "CVE-2020-19190", "description": "A flaw has been identified in the ncurses library. This issue occurs when processing a crafted terminfo database, causing a heap-based buffer overflow, resulting in an application crash.", "issued": "2019-05-03T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-19190 https://bugzilla.redhat.com/show_bug.cgi?id=2234923 https://www.cve.org/CVERecord?id=CVE-2020-19190 https://nvd.nist.gov/vuln/detail/CVE-2020-19190 https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-19190.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "6Cqvzp5JbuVfHsuYnIJNFw==": { "id": "6Cqvzp5JbuVfHsuYnIJNFw==", "updater": "rhel-vex", "name": "CVE-2026-4438", "description": "A flaw was found in the GNU C library (glibc). When applications use the `gethostbyaddr` or `gethostbyaddr_r` functions with a `nsswitch.conf` configuration that specifies glibc's DNS backend, the library may return an invalid DNS hostname. This violates the DNS specification and could lead to applications receiving incorrect hostname information, potentially impacting network operations or security decisions.", "issued": "2026-03-20T19:59:06Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4438 https://bugzilla.redhat.com/show_bug.cgi?id=2449783 https://www.cve.org/CVERecord?id=CVE-2026-4438 https://nvd.nist.gov/vuln/detail/CVE-2026-4438 https://sourceware.org/bugzilla/show_bug.cgi?id=34015 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4438.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "6FQUI3OxX4C5skWXKgq80Q==": { "id": "6FQUI3OxX4C5skWXKgq80Q==", "updater": "rhel-vex", "name": "CVE-2023-0464", "description": "A security vulnerability has been identified in all supported OpenSSL versions related to verifying X.509 certificate chains that include policy constraints. This flaw allows attackers to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial of service (DoS) attack on affected systems. Policy processing is disabled by default but can be enabled by passing the -policy' argument to the command line utilities or calling the X509_VERIFY_PARAM_set1_policies()' function.", "issued": "2023-03-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-0464 https://bugzilla.redhat.com/show_bug.cgi?id=2181082 https://www.cve.org/CVERecord?id=CVE-2023-0464 https://nvd.nist.gov/vuln/detail/CVE-2023-0464 https://www.openssl.org/news/secadv/20230322.txt https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-0464.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "6No5yfLpdjKQAqBbObX62w==": { "id": "6No5yfLpdjKQAqBbObX62w==", "updater": "rhel-vex", "name": "CVE-2026-3644", "description": "A control character validation flaw has been discovered in the Python http.cookie module. The Morsel.update(), |= operator, and unpickling paths were not patched to resolve CVE-2026-0672, allowing control characters to bypass input validation. Additionally, BaseCookie.js_output() lacked the output validation applied to BaseCookie.output().", "issued": "2026-03-16T17:37:31Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3644 https://bugzilla.redhat.com/show_bug.cgi?id=2448168 https://www.cve.org/CVERecord?id=CVE-2026-3644 https://nvd.nist.gov/vuln/detail/CVE-2026-3644 https://github.com/python/cpython/commit/57e88c1cf95e1481b94ae57abe1010469d47a6b4 https://github.com/python/cpython/issues/145599 https://github.com/python/cpython/pull/145600 https://mail.python.org/archives/list/security-announce@python.org/thread/H6CADMBCDRFGWCMOXWUIHFJNV43GABJ7/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3644.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-pysocks", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "6srDgOZ+YIS0FRZgw8H3dQ==": { "id": "6srDgOZ+YIS0FRZgw8H3dQ==", "updater": "rhel-vex", "name": "CVE-2025-12084", "description": "A flaw was found in cpython. This vulnerability allows impacted availability via a quadratic algorithm in `xml.dom.minidom` methods, such as `appendChild()`, when building excessively nested documents due to a dependency on `_clear_id_cache()`", "issued": "2025-12-03T18:55:32Z", "links": "https://access.redhat.com/security/cve/CVE-2025-12084 https://bugzilla.redhat.com/show_bug.cgi?id=2418655 https://www.cve.org/CVERecord?id=CVE-2025-12084 https://nvd.nist.gov/vuln/detail/CVE-2025-12084 https://github.com/python/cpython/issues/142145 https://github.com/python/cpython/pull/142146 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-12084.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "python-urllib3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "6uWKAOOhnCzOP66XzRNHpQ==": { "id": "6uWKAOOhnCzOP66XzRNHpQ==", "updater": "rhel-vex", "name": "CVE-2026-28418", "description": "A flaw was found in Vim. When processing a specially crafted Emacs-style tags file, a heap-based buffer overflow out-of-bounds read vulnerability allows an attacker to trick Vim into reading up to 7 bytes beyond its allocated memory boundary. This could lead to information disclosure or potentially affect the integrity of the application.", "issued": "2026-02-27T21:58:37Z", "links": "https://access.redhat.com/security/cve/CVE-2026-28418 https://bugzilla.redhat.com/show_bug.cgi?id=2443481 https://www.cve.org/CVERecord?id=CVE-2026-28418 https://nvd.nist.gov/vuln/detail/CVE-2026-28418 https://github.com/vim/vim/commit/f6a7f469a9c0d09e84cd6cb https://github.com/vim/vim/releases/tag/v9.2.0074 https://github.com/vim/vim/security/advisories/GHSA-h4mf-vg97-hj8j https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-28418.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "7BqZ85Y0HqXnSt1eckMoLw==": { "id": "7BqZ85Y0HqXnSt1eckMoLw==", "updater": "rhel-vex", "name": "CVE-2026-4424", "description": "A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a specially crafted RAR archive, leading to the disclosure of sensitive heap memory information without requiring authentication or user interaction.", "issued": "2026-03-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4424 https://bugzilla.redhat.com/show_bug.cgi?id=2449006 https://www.cve.org/CVERecord?id=CVE-2026-4424 https://nvd.nist.gov/vuln/detail/CVE-2026-4424 https://github.com/libarchive/libarchive/pull/2898 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4424.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "High", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "7Kh5ggV/z2iWKQY4y4UFqA==": { "id": "7Kh5ggV/z2iWKQY4y4UFqA==", "updater": "rhel-vex", "name": "CVE-2022-2849", "description": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0220.", "issued": "2022-08-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-2849 https://bugzilla.redhat.com/show_bug.cgi?id=2122137 https://www.cve.org/CVERecord?id=CVE-2022-2849 https://nvd.nist.gov/vuln/detail/CVE-2022-2849 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-2849.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "7LR3Wvveuky1RC7umH2lpA==": { "id": "7LR3Wvveuky1RC7umH2lpA==", "updater": "rhel-vex", "name": "CVE-2025-12084", "description": "A flaw was found in cpython. This vulnerability allows impacted availability via a quadratic algorithm in `xml.dom.minidom` methods, such as `appendChild()`, when building excessively nested documents due to a dependency on `_clear_id_cache()`", "issued": "2025-12-03T18:55:32Z", "links": "https://access.redhat.com/security/cve/CVE-2025-12084 https://bugzilla.redhat.com/show_bug.cgi?id=2418655 https://www.cve.org/CVERecord?id=CVE-2025-12084 https://nvd.nist.gov/vuln/detail/CVE-2025-12084 https://github.com/python/cpython/issues/142145 https://github.com/python/cpython/pull/142146 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-12084.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "python-chardet", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "7Puka2o1jq4jSr2Hekrfhg==": { "id": "7Puka2o1jq4jSr2Hekrfhg==", "updater": "rhel-vex", "name": "CVE-2026-1757", "description": "A flaw was identified in the interactive shell of the xmllint utility, part of the libxml2 project, where memory allocated for user input is not properly released under certain conditions. When a user submits input consisting only of whitespace, the program skips command execution but fails to free the allocated buffer. Repeating this action causes memory to continuously accumulate. Over time, this can exhaust system memory and terminate the xmllint process, creating a denial-of-service condition on the local system.", "issued": "2026-02-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-1757 https://bugzilla.redhat.com/show_bug.cgi?id=2435940 https://www.cve.org/CVERecord?id=CVE-2026-1757 https://nvd.nist.gov/vuln/detail/CVE-2026-1757 https://gitlab.gnome.org/GNOME/libxml2/-/issues/1009 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1757.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "7aapmz15/k/YqkvmoJ7SCQ==": { "id": "7aapmz15/k/YqkvmoJ7SCQ==", "updater": "rhel-vex", "name": "CVE-2025-5245", "description": "A denial-of-service vulnerability has been identified in GNU Binutils, affecting versions up to 2.44. The flaw resides within the debug_type_samep function in the /binutils/debug.c file of the objdump component. An attacker with local access can trigger a program crash by manipulating input data, leading to a denial of service for the objdump utility.", "issued": "2025-05-27T14:31:12Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5245 https://bugzilla.redhat.com/show_bug.cgi?id=2368771 https://www.cve.org/CVERecord?id=CVE-2025-5245 https://nvd.nist.gov/vuln/detail/CVE-2025-5245 https://sourceware.org/bugzilla/attachment.cgi?id=16004 https://sourceware.org/bugzilla/show_bug.cgi?id=32829 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=6c3458a8b7ee7d39f070c7b2350851cb2110c65a https://vuldb.com/?ctiid.310347 https://vuldb.com/?id.310347 https://vuldb.com/?submit.584635 https://www.gnu.org/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5245.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "gdb", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "7ofrmUWHF/JaWIAozzwOXg==": { "id": "7ofrmUWHF/JaWIAozzwOXg==", "updater": "rhel-vex", "name": "CVE-2026-28422", "description": "A flaw was found in Vim, an open-source command-line text editor. A local user could exploit a stack-buffer-overflow vulnerability in the `build_stl_str_hl()` function by rendering a statusline with a multi-byte fill character on a very wide terminal. This could lead to an integrity impact, where data might be modified.", "issued": "2026-02-27T22:08:11Z", "links": "https://access.redhat.com/security/cve/CVE-2026-28422 https://bugzilla.redhat.com/show_bug.cgi?id=2443475 https://www.cve.org/CVERecord?id=CVE-2026-28422 https://nvd.nist.gov/vuln/detail/CVE-2026-28422 https://github.com/vim/vim/commit/4e5b9e31cb7484ad156f https://github.com/vim/vim/releases/tag/v9.2.0078 https://github.com/vim/vim/security/advisories/GHSA-gmqx-prf2-8mwf https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-28422.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "7s5ZfLjeeO29XXGVHOgzCw==": { "id": "7s5ZfLjeeO29XXGVHOgzCw==", "updater": "rhel-vex", "name": "CVE-2026-0990", "description": "A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function when an XML catalog contains a delegate URI entry that references itself. A remote attacker could exploit this configuration-dependent issue by providing a specially crafted XML catalog, leading to infinite recursion and call stack exhaustion. This ultimately results in a segmentation fault, causing a Denial of Service (DoS) by crashing affected applications.", "issued": "2026-01-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0990 https://bugzilla.redhat.com/show_bug.cgi?id=2429959 https://www.cve.org/CVERecord?id=CVE-2026-0990 https://nvd.nist.gov/vuln/detail/CVE-2026-0990 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0990.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "86unVXyTxdffdcXWZTYw5g==": { "id": "86unVXyTxdffdcXWZTYw5g==", "updater": "rhel-vex", "name": "CVE-2023-0465", "description": "A flaw was found in OpenSSL. Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. OpenSSL and other certificate policy checks silently ignore invalid certificate policies in leaf certificates that are skipped for that certificate. A malicious CA could use this to deliberately assert invalid certificate policies to circumvent policy checking on the certificate altogether. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function.", "issued": "2023-03-28T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-0465 https://bugzilla.redhat.com/show_bug.cgi?id=2182561 https://www.cve.org/CVERecord?id=CVE-2023-0465 https://nvd.nist.gov/vuln/detail/CVE-2023-0465 https://www.openssl.org/news/secadv/20230328.txt https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-0465.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "8D3i4K1ylUr5dGk9imV9zA==": { "id": "8D3i4K1ylUr5dGk9imV9zA==", "updater": "rhel-vex", "name": "CVE-2025-69420", "description": "A flaw was found in OpenSSL. A type confusion vulnerability exists in the TimeStamp Response verification code, where an ASN1_TYPE union member is accessed without proper type validation. A remote attacker can exploit this by providing a malformed TimeStamp Response to an application that verifies timestamp responses. This can lead to an invalid or NULL pointer dereference, resulting in a Denial of Service (DoS) due to an application crash.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-69420 https://bugzilla.redhat.com/show_bug.cgi?id=2430388 https://www.cve.org/CVERecord?id=CVE-2025-69420 https://nvd.nist.gov/vuln/detail/CVE-2025-69420 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69420.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "8I2jFG8JRR+6+eqqYlXhAg==": { "id": "8I2jFG8JRR+6+eqqYlXhAg==", "updater": "rhel-vex", "name": "CVE-2018-20225", "description": "A vulnerability was found in python-pip due to a flaw in the --extra-index-url option, where it installs the version with the highest version number, even if the user intended to obtain a private package from a private index. Exploitation requires that the package does not already exist in the public index, allowing an attacker to place the package there with an arbitrary version number.", "issued": "2020-04-28T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2018-20225 https://bugzilla.redhat.com/show_bug.cgi?id=1835736 https://www.cve.org/CVERecord?id=CVE-2018-20225 https://nvd.nist.gov/vuln/detail/CVE-2018-20225 https://cowlicks.website/posts/arbitrary-code-execution-from-pips-extra-index-url.html https://security.access.redhat.com/data/csaf/v2/vex/2018/cve-2018-20225.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "python-pip", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "8NzOQ06ZOWB4dGF1caLaqw==": { "id": "8NzOQ06ZOWB4dGF1caLaqw==", "updater": "rhel-vex", "name": "CVE-2022-0351", "description": "A flaw was found in vim. The vulnerability occurs due to too many recursions, which can lead to a segmentation fault. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution.", "issued": "2022-01-23T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-0351 https://bugzilla.redhat.com/show_bug.cgi?id=2046436 https://www.cve.org/CVERecord?id=CVE-2022-0351 https://nvd.nist.gov/vuln/detail/CVE-2022-0351 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-0351.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "8Sec+JvKiQWGqYCOBdZhjg==": { "id": "8Sec+JvKiQWGqYCOBdZhjg==", "updater": "rhel-vex", "name": "CVE-2025-5918", "description": "A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memory corruption, or a denial-of-service condition.", "issued": "2025-05-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5918 https://bugzilla.redhat.com/show_bug.cgi?id=2370877 https://www.cve.org/CVERecord?id=CVE-2025-5918 https://nvd.nist.gov/vuln/detail/CVE-2025-5918 https://github.com/libarchive/libarchive/pull/2584 https://github.com/libarchive/libarchive/releases/tag/v3.8.0 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5918.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "8ZxbhBIT+9Mj99/XbMpLSQ==": { "id": "8ZxbhBIT+9Mj99/XbMpLSQ==", "updater": "rhel-vex", "name": "CVE-2024-0232", "description": "A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading to a denial of service.", "issued": "2023-10-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-0232 https://bugzilla.redhat.com/show_bug.cgi?id=2243754 https://www.cve.org/CVERecord?id=CVE-2024-0232 https://nvd.nist.gov/vuln/detail/CVE-2024-0232 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-0232.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "sqlite", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "8ZyKfU1iRX/ALcBXZw5gzg==": { "id": "8ZyKfU1iRX/ALcBXZw5gzg==", "updater": "rhel-vex", "name": "CVE-2026-3442", "description": "A flaw was found in GNU Binutils. This vulnerability, a heap-based buffer overflow, specifically an out-of-bounds read, exists in the bfd linker component. An attacker could exploit this by convincing a user to process a specially crafted malicious XCOFF object file. Successful exploitation may lead to the disclosure of sensitive information or cause the application to crash, resulting in an application level denial of service.", "issued": "2026-03-02T11:11:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3442 https://bugzilla.redhat.com/show_bug.cgi?id=2443828 https://www.cve.org/CVERecord?id=CVE-2026-3442 https://nvd.nist.gov/vuln/detail/CVE-2026-3442 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3442.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "gdb", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "8eAn4NQQeDd2Rw8yk+dKxQ==": { "id": "8eAn4NQQeDd2Rw8yk+dKxQ==", "updater": "rhel-vex", "name": "CVE-2025-62813", "description": "No description is available for this CVE.", "issued": "2025-10-23T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-62813 https://bugzilla.redhat.com/show_bug.cgi?id=2405977 https://www.cve.org/CVERecord?id=CVE-2025-62813 https://nvd.nist.gov/vuln/detail/CVE-2025-62813 https://github.com/lz4/lz4/commit/f64efec011c058bd70348576438abac222fe6c82 https://github.com/lz4/lz4/pull/1593 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-62813.json", "severity": "Unknown", "normalized_severity": "Unknown", "package": { "id": "", "name": "lz4", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "8qOJVWAut1+UqTXPOWH12g==": { "id": "8qOJVWAut1+UqTXPOWH12g==", "updater": "rhel-vex", "name": "CVE-2025-8291", "description": "A zip file handling flaw has been discovered in the python standard library `zipfile` module. The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory (EOCD) Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be abused to create ZIP archives that are handled differently by the 'zipfile' module compared to other ZIP implementations.", "issued": "2025-10-07T18:10:05Z", "links": "https://access.redhat.com/security/cve/CVE-2025-8291 https://bugzilla.redhat.com/show_bug.cgi?id=2402342 https://www.cve.org/CVERecord?id=CVE-2025-8291 https://nvd.nist.gov/vuln/detail/CVE-2025-8291 https://github.com/python/cpython/commit/162997bb70e067668c039700141770687bc8f267 https://github.com/python/cpython/commit/333d4a6f4967d3ace91492a39ededbcf3faa76a6 https://github.com/python/cpython/issues/139700 https://github.com/python/cpython/pull/139702 https://mail.python.org/archives/list/security-announce@python.org/thread/QECOPWMTH4VPPJAXAH2BGTA4XADOP62G/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-8291.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "8rvqTFlh9aOz4UvxQN0SBQ==": { "id": "8rvqTFlh9aOz4UvxQN0SBQ==", "updater": "rhel-vex", "name": "CVE-2026-3479", "description": "A flaw was found in Python's `pkgutil.get_data()` function, which is used to retrieve data from packages. This function did not properly validate the `resource` argument, allowing a local attacker to perform path traversal attacks. Path traversal enables an attacker to access files and directories stored outside the intended root directory, potentially leading to information disclosure or unintended file access.", "issued": "2026-03-18T18:13:42Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3479 https://bugzilla.redhat.com/show_bug.cgi?id=2448746 https://www.cve.org/CVERecord?id=CVE-2026-3479 https://nvd.nist.gov/vuln/detail/CVE-2026-3479 https://github.com/python/cpython/issues/146121 https://github.com/python/cpython/pull/146122 https://mail.python.org/archives/list/security-announce@python.org/thread/WYLLVQOOCKGK73JM7Z7ZSNOJC4N7BAWY/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3479.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "8rxYDEPu2XxazQ3cBUhX0Q==": { "id": "8rxYDEPu2XxazQ3cBUhX0Q==", "updater": "rhel-vex", "name": "CVE-2019-9923", "description": "pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers.", "issued": "2019-01-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2019-9923 https://bugzilla.redhat.com/show_bug.cgi?id=1691764 https://www.cve.org/CVERecord?id=CVE-2019-9923 https://nvd.nist.gov/vuln/detail/CVE-2019-9923 https://security.access.redhat.com/data/csaf/v2/vex/2019/cve-2019-9923.json", "severity": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "tar", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "92KuvWwbPhsQNPu0knrHAQ==": { "id": "92KuvWwbPhsQNPu0knrHAQ==", "updater": "rhel-vex", "name": "CVE-2025-6170", "description": "A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections.", "issued": "2025-06-16T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-6170 https://bugzilla.redhat.com/show_bug.cgi?id=2372952 https://www.cve.org/CVERecord?id=CVE-2025-6170 https://nvd.nist.gov/vuln/detail/CVE-2025-6170 https://gitlab.gnome.org/GNOME/libxml2/-/issues/941 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-6170.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "97PwDrD8knMveLXwKCvQjA==": { "id": "97PwDrD8knMveLXwKCvQjA==", "updater": "rhel-vex", "name": "CVE-2026-22795", "description": "A flaw was found in OpenSSL. This type confusion vulnerability allows a remote attacker to cause a Denial of Service (DoS) by tricking a user or application into processing a maliciously crafted PKCS#12 (Personal Information Exchange Syntax Standard) file. The vulnerability leads to an invalid or NULL pointer dereference, resulting in an application crash.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-22795 https://bugzilla.redhat.com/show_bug.cgi?id=2430389 https://www.cve.org/CVERecord?id=CVE-2026-22795 https://nvd.nist.gov/vuln/detail/CVE-2026-22795 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-22795.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "9eDj3xAYS0YvRWNm2Itp6g==": { "id": "9eDj3xAYS0YvRWNm2Itp6g==", "updater": "rhel-vex", "name": "CVE-2023-48232", "description": "A flaw was found in Vim, an open source command line text editor. A floating point exception may occur when calculating the line offset for overlong lines when smooth scrolling is enabled and the cpo-settings include the 'n' flag. This issue may occur when a window border is present and when the wrapped line continues on the next physical line directly in the window border because the 'cpo' setting includes the 'n' flag. Only users with non-default settings are affected and the exception should only result in a crash.", "issued": "2023-11-16T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-48232 https://bugzilla.redhat.com/show_bug.cgi?id=2250269 https://www.cve.org/CVERecord?id=CVE-2023-48232 https://nvd.nist.gov/vuln/detail/CVE-2023-48232 http://www.openwall.com/lists/oss-security/2023/11/16/1 https://github.com/vim/vim/commit/cb0b99f0672d8446585d26e998343dceca17d1ce https://github.com/vim/vim/security/advisories/GHSA-f6cx-x634-hqpw https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-48232.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "9uK7ZDYgFtqP786n0QunAg==": { "id": "9uK7ZDYgFtqP786n0QunAg==", "updater": "rhel-vex", "name": "CVE-2023-39804", "description": "A flaw was found in tar. This issue occurs when extended attributes are processed in PAX archives, and could allow an attacker to cause an application crash, resulting in a denial of service.", "issued": "2023-12-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-39804 https://bugzilla.redhat.com/show_bug.cgi?id=2254067 https://www.cve.org/CVERecord?id=CVE-2023-39804 https://nvd.nist.gov/vuln/detail/CVE-2023-39804 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-39804.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "tar", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "9zRC9UwUH2bQs1UcHQ5UTQ==": { "id": "9zRC9UwUH2bQs1UcHQ5UTQ==", "updater": "rhel-vex", "name": "CVE-2019-9937", "description": "In SQLite 3.27.2, interleaving reads and writes in a single transaction with an fts5 virtual table will lead to a NULL Pointer Dereference in fts5ChunkIterate in sqlite3.c. This is related to ext/fts5/fts5_hash.c and ext/fts5/fts5_index.c.", "issued": "2019-03-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2019-9937 https://bugzilla.redhat.com/show_bug.cgi?id=1692357 https://www.cve.org/CVERecord?id=CVE-2019-9937 https://nvd.nist.gov/vuln/detail/CVE-2019-9937 https://security.access.redhat.com/data/csaf/v2/vex/2019/cve-2019-9937.json", "severity": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "sqlite", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "AE8Cp1u8I9t52OYW7oGU4w==": { "id": "AE8Cp1u8I9t52OYW7oGU4w==", "updater": "rhel-vex", "name": "CVE-2024-57970", "description": "A flaw was found in the libarchive library. A specially-crafted tar file may trigger a head-based buffer over-read condition due to incorrect handling of truncation in the middle of a long GNU linkname. This issue can cause an application crash leading to a denial of service.", "issued": "2025-02-16T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-57970 https://bugzilla.redhat.com/show_bug.cgi?id=2345954 https://www.cve.org/CVERecord?id=CVE-2024-57970 https://nvd.nist.gov/vuln/detail/CVE-2024-57970 https://github.com/libarchive/libarchive/issues/2415 https://github.com/libarchive/libarchive/pull/2422 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-57970.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ASsR3uc++wGMpVPI6Ty/CQ==": { "id": "ASsR3uc++wGMpVPI6Ty/CQ==", "updater": "rhel-vex", "name": "CVE-2025-13837", "description": "A flaw was found in the plistlib module in the Python standard library. The amount of data to read from a Plist file is specified in the file itself. This issue allows a specially crafted Plist file to cause an application to allocate a large amount of memory, potentially resulting in allocations errors, swapping, out-of-memory conditions or even system freezes.", "issued": "2025-12-01T18:13:32Z", "links": "https://access.redhat.com/security/cve/CVE-2025-13837 https://bugzilla.redhat.com/show_bug.cgi?id=2418084 https://www.cve.org/CVERecord?id=CVE-2025-13837 https://nvd.nist.gov/vuln/detail/CVE-2025-13837 https://github.com/python/cpython/issues/119342 https://github.com/python/cpython/pull/119343 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-13837.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "python-urllib3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "AVN8GsOv8a1FshuHMOCEFQ==": { "id": "AVN8GsOv8a1FshuHMOCEFQ==", "updater": "rhel-vex", "name": "CVE-2023-5441", "description": "A NULL pointer dereference vulnerability was found in Vim. This flaw allows an attacker who can trick a user into processing a specially crafted file to trigger the NULL pointer dereference, causing the application to crash.", "issued": "2023-10-01T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-5441 https://bugzilla.redhat.com/show_bug.cgi?id=2242926 https://www.cve.org/CVERecord?id=CVE-2023-5441 https://nvd.nist.gov/vuln/detail/CVE-2023-5441 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-5441.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "AZQ9MHTiNLYiRU7sYZlVGw==": { "id": "AZQ9MHTiNLYiRU7sYZlVGw==", "updater": "rhel-vex", "name": "CVE-2022-4899", "description": "A vulnerability was found in zstd. This flaw allows an attacker to supply an empty string as an argument to the command line tool to cause a buffer overrun.", "issued": "2022-07-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-4899 https://bugzilla.redhat.com/show_bug.cgi?id=2179864 https://www.cve.org/CVERecord?id=CVE-2022-4899 https://nvd.nist.gov/vuln/detail/CVE-2022-4899 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-4899.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "zstd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "AhAaKQm9f+CHHYES49vDJA==": { "id": "AhAaKQm9f+CHHYES49vDJA==", "updater": "rhel-vex", "name": "CVE-2026-3441", "description": "A flaw was found in GNU Binutils. This heap-based buffer overflow vulnerability, specifically an out-of-bounds read in the bfd linker, allows an attacker to gain access to sensitive information. By convincing a user to process a specially crafted XCOFF object file, an attacker can trigger this flaw, potentially leading to information disclosure or an application level denial of service.", "issued": "2026-03-02T11:11:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3441 https://bugzilla.redhat.com/show_bug.cgi?id=2443826 https://www.cve.org/CVERecord?id=CVE-2026-3441 https://nvd.nist.gov/vuln/detail/CVE-2026-3441 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3441.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "gdb", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "BDHNuXowfbvClBvOFyafuw==": { "id": "BDHNuXowfbvClBvOFyafuw==", "updater": "rhel-vex", "name": "CVE-2026-0672", "description": "An injection flaw has been discovered in Python. When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control characters within cookie names, values, and parameters.", "issued": "2026-01-20T21:52:33Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0672 https://bugzilla.redhat.com/show_bug.cgi?id=2431374 https://www.cve.org/CVERecord?id=CVE-2026-0672 https://nvd.nist.gov/vuln/detail/CVE-2026-0672 https://github.com/python/cpython/issues/143919 https://github.com/python/cpython/pull/143920 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0672.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-chardet", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "BaCEAnApXB2nG8bNgZYh8A==": { "id": "BaCEAnApXB2nG8bNgZYh8A==", "updater": "rhel-vex", "name": "CVE-2026-0865", "description": "Missing newline filtering has been discovered in Python. User-controlled header names and values containing newlines can allow injecting HTTP headers.", "issued": "2026-01-20T21:26:15Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0865 https://bugzilla.redhat.com/show_bug.cgi?id=2431367 https://www.cve.org/CVERecord?id=CVE-2026-0865 https://nvd.nist.gov/vuln/detail/CVE-2026-0865 https://github.com/python/cpython/issues/143916 https://github.com/python/cpython/pull/143917 https://mail.python.org/archives/list/security-announce@python.org/thread/BJ6QPHNSHJTS3A7CFV6IBMCAP2DWRVNT/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0865.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-chardet", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "BooDzA4nzaDI1l3E5zAHgg==": { "id": "BooDzA4nzaDI1l3E5zAHgg==", "updater": "rhel-vex", "name": "CVE-2021-3997", "description": "A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp.", "issued": "2022-01-10T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-3997 https://bugzilla.redhat.com/show_bug.cgi?id=2024639 https://www.cve.org/CVERecord?id=CVE-2021-3997 https://nvd.nist.gov/vuln/detail/CVE-2021-3997 https://www.openwall.com/lists/oss-security/2022/01/10/2 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-3997.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "CcA4hbnNxCLZFO+JaXimTA==": { "id": "CcA4hbnNxCLZFO+JaXimTA==", "updater": "rhel-vex", "name": "CVE-2026-0965", "description": "No description is available for this CVE.", "issued": "2026-02-10T18:47:22Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0965 https://bugzilla.redhat.com/show_bug.cgi?id=2436980 https://www.cve.org/CVERecord?id=CVE-2026-0965 https://nvd.nist.gov/vuln/detail/CVE-2026-0965 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0965.json", "severity": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libssh", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Cggnnfz5Wzg9ATdQxbGmzA==": { "id": "Cggnnfz5Wzg9ATdQxbGmzA==", "updater": "rhel-vex", "name": "CVE-2025-69646", "description": "A flaw was found in binutils. A local attacker can exploit this vulnerability by supplying a malicious input file containing malformed DWARF debug_rnglists data. This can cause the objdump tool to enter an unbounded logging loop, leading to excessive CPU and I/O usage and preventing analysis completion. This issue results in a Denial of Service (DoS).", "issued": "2026-03-06T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-69646 https://bugzilla.redhat.com/show_bug.cgi?id=2445264 https://www.cve.org/CVERecord?id=CVE-2025-69646 https://nvd.nist.gov/vuln/detail/CVE-2025-69646 https://sourceware.org/bugzilla/show_bug.cgi?id=33638 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=598704a00cbac5e85c2bedd363357b5bf6fcee33 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69646.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gdb", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "CmyRue/WkBX1Qz85wfQgsw==": { "id": "CmyRue/WkBX1Qz85wfQgsw==", "updater": "rhel-vex", "name": "CVE-2026-33412", "description": "A flaw was found in Vim. By including a newline character in a pattern passed to Vim's glob() function, an attacker may be able to execute arbitrary shell commands. This command injection vulnerability allows for arbitrary code execution, depending on the user's shell settings.", "issued": "2026-03-24T19:43:07Z", "links": "https://access.redhat.com/security/cve/CVE-2026-33412 https://bugzilla.redhat.com/show_bug.cgi?id=2450907 https://www.cve.org/CVERecord?id=CVE-2026-33412 https://nvd.nist.gov/vuln/detail/CVE-2026-33412 https://github.com/vim/vim/commit/645ed6597d1ea896c712cd7ddbb6edee79577e9a https://github.com/vim/vim/releases/tag/v9.2.0202 https://github.com/vim/vim/security/advisories/GHSA-w5jw-f54h-x46c https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33412.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "High", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "CvjRL5Vt6iKO3rAxTsWlRA==": { "id": "CvjRL5Vt6iKO3rAxTsWlRA==", "updater": "rhel-vex", "name": "CVE-2023-4738", "description": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1848.", "issued": "2023-09-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4738 https://bugzilla.redhat.com/show_bug.cgi?id=2237176 https://www.cve.org/CVERecord?id=CVE-2023-4738 https://nvd.nist.gov/vuln/detail/CVE-2023-4738 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4738.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "DCJWTSOK+NcIJh77NAV0Tg==": { "id": "DCJWTSOK+NcIJh77NAV0Tg==", "updater": "rhel-vex", "name": "CVE-2025-69651", "description": "A flaw was found in binutils. An attacker could exploit this vulnerability by providing a crafted Executable and Linkable Format (ELF) binary with malformed relocation or symbol data. Processing this malicious binary leads to an invalid pointer free, which triggers memory corruption checks and causes the program to terminate.", "issued": "2026-03-06T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-69651 https://bugzilla.redhat.com/show_bug.cgi?id=2445299 https://www.cve.org/CVERecord?id=CVE-2025-69651 https://nvd.nist.gov/vuln/detail/CVE-2025-69651 https://sourceware.org/bugzilla/show_bug.cgi?id=33700 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ea4bc025abdba85a90e26e13f551c16a44bfa921 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69651.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gdb", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "DDWmqlxBSfXi2KJJ5mwTNg==": { "id": "DDWmqlxBSfXi2KJJ5mwTNg==", "updater": "rhel-vex", "name": "CVE-2025-60753", "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", "issued": "2025-11-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-60753 https://bugzilla.redhat.com/show_bug.cgi?id=2412648 https://www.cve.org/CVERecord?id=CVE-2025-60753 https://nvd.nist.gov/vuln/detail/CVE-2025-60753 https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753 https://github.com/libarchive/libarchive/issues/2725 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-60753.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "DPVx3CfY6Y1/Hy5jae1w0Q==": { "id": "DPVx3CfY6Y1/Hy5jae1w0Q==", "updater": "rhel-vex", "name": "CVE-2023-4733", "description": "A flaw was found in Vim, where it is vulnerable to a use-after-free in the buflist_altfpos function. This flaw allows a specially crafted file to crash software, use unexpected values, or possibly execute code when opened in Vim.", "issued": "2023-09-04T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4733 https://bugzilla.redhat.com/show_bug.cgi?id=2237315 https://www.cve.org/CVERecord?id=CVE-2023-4733 https://nvd.nist.gov/vuln/detail/CVE-2023-4733 https://huntr.dev/bounties/1ce1fd8c-050a-4373-8004-b35b61590217/ https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4733.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "DW/4SK9Xjx4oTESW12y3sw==": { "id": "DW/4SK9Xjx4oTESW12y3sw==", "updater": "rhel-vex", "name": "CVE-2026-3644", "description": "A control character validation flaw has been discovered in the Python http.cookie module. The Morsel.update(), |= operator, and unpickling paths were not patched to resolve CVE-2026-0672, allowing control characters to bypass input validation. Additionally, BaseCookie.js_output() lacked the output validation applied to BaseCookie.output().", "issued": "2026-03-16T17:37:31Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3644 https://bugzilla.redhat.com/show_bug.cgi?id=2448168 https://www.cve.org/CVERecord?id=CVE-2026-3644 https://nvd.nist.gov/vuln/detail/CVE-2026-3644 https://github.com/python/cpython/commit/57e88c1cf95e1481b94ae57abe1010469d47a6b4 https://github.com/python/cpython/issues/145599 https://github.com/python/cpython/pull/145600 https://mail.python.org/archives/list/security-announce@python.org/thread/H6CADMBCDRFGWCMOXWUIHFJNV43GABJ7/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3644.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-chardet", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "EKs36DFwHVCzU/cF0Be9pQ==": { "id": "EKs36DFwHVCzU/cF0Be9pQ==", "updater": "rhel-vex", "name": "CVE-2023-29499", "description": "A flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to the expected format, leading to denial of service.", "issued": "2022-12-14T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-29499 https://bugzilla.redhat.com/show_bug.cgi?id=2211828 https://www.cve.org/CVERecord?id=CVE-2023-29499 https://nvd.nist.gov/vuln/detail/CVE-2023-29499 https://gitlab.gnome.org/GNOME/glib/-/issues/2794 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-29499.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "EQ4eP3gKo3y8JsWUiWr6+g==": { "id": "EQ4eP3gKo3y8JsWUiWr6+g==", "updater": "rhel-vex", "name": "CVE-2018-1000880", "description": "libarchive version commit 9693801580c0cf7c70e862d305270a16b52826a7 onwards (release v3.2.0 onwards) contains a CWE-20: Improper Input Validation vulnerability in WARC parser - libarchive/archive_read_support_format_warc.c, _warc_read() that can result in DoS - quasi-infinite run time and disk usage from tiny file. This attack appear to be exploitable via the victim must open a specially crafted WARC file.", "issued": "2018-11-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2018-1000880 https://bugzilla.redhat.com/show_bug.cgi?id=1663892 https://www.cve.org/CVERecord?id=CVE-2018-1000880 https://nvd.nist.gov/vuln/detail/CVE-2018-1000880 https://security.access.redhat.com/data/csaf/v2/vex/2018/cve-2018-1000880.json", "severity": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "EiJx6rOT8KoLX+Wu7/N6HQ==": { "id": "EiJx6rOT8KoLX+Wu7/N6HQ==", "updater": "rhel-vex", "name": "CVE-2025-27113", "description": "A flaw was found in libxml2. This vulnerability allows a NULL pointer dereference, leading to a potential crash or denial of service via a crafted XML pattern.", "issued": "2025-02-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-27113 https://bugzilla.redhat.com/show_bug.cgi?id=2346410 https://www.cve.org/CVERecord?id=CVE-2025-27113 https://nvd.nist.gov/vuln/detail/CVE-2025-27113 https://gitlab.gnome.org/GNOME/libxml2/-/issues/861 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-27113.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "EiL50P2QSOoRA18XAAH6Pg==": { "id": "EiL50P2QSOoRA18XAAH6Pg==", "updater": "rhel-vex", "name": "CVE-2023-32665", "description": "A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service.", "issued": "2022-12-14T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-32665 https://bugzilla.redhat.com/show_bug.cgi?id=2211827 https://www.cve.org/CVERecord?id=CVE-2023-32665 https://nvd.nist.gov/vuln/detail/CVE-2023-32665 https://gitlab.gnome.org/GNOME/glib/-/issues/2121 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-32665.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ElIjMFAz33tt/XVMysRkdA==": { "id": "ElIjMFAz33tt/XVMysRkdA==", "updater": "rhel-vex", "name": "CVE-2026-0988", "description": "A flaw was found in glib. Missing validation of offset and count parameters in the g_buffered_input_stream_peek() function can lead to an integer overflow during length calculation. When specially crafted values are provided, this overflow results in an incorrect size being passed to memcpy(), triggering a buffer overflow. This can cause application crashes, leading to a Denial of Service (DoS).", "issued": "2026-01-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0988 https://bugzilla.redhat.com/show_bug.cgi?id=2429886 https://www.cve.org/CVERecord?id=CVE-2026-0988 https://nvd.nist.gov/vuln/detail/CVE-2026-0988 https://gitlab.gnome.org/GNOME/glib/-/issues/3851 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0988.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "EsiiaRDqHnT4qMA0SyLf7g==": { "id": "EsiiaRDqHnT4qMA0SyLf7g==", "updater": "rhel-vex", "name": "CVE-2022-2210", "description": "Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.", "issued": "2022-06-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-2210 https://bugzilla.redhat.com/show_bug.cgi?id=2102177 https://www.cve.org/CVERecord?id=CVE-2022-2210 https://nvd.nist.gov/vuln/detail/CVE-2022-2210 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-2210.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "F3w1LQu9kIztJMqZd4X5wA==": { "id": "F3w1LQu9kIztJMqZd4X5wA==", "updater": "rhel-vex", "name": "CVE-2025-12781", "description": "A flaw was found in the base64 module in the Python standard library. The b64decode, standard_b64decode and urlsafe_b64decode functions will always accept the '+' and '/' characters even when an alternative base64 alphabet is specified via the altchars parameter that excludes them. This input validation bypass allows malformed or unexpected data to pass through decoding filters, potentially causing logical errors or data integrity issues in applications relying on strict character sets.", "issued": "2026-01-21T19:34:47Z", "links": "https://access.redhat.com/security/cve/CVE-2025-12781 https://bugzilla.redhat.com/show_bug.cgi?id=2431736 https://www.cve.org/CVERecord?id=CVE-2025-12781 https://nvd.nist.gov/vuln/detail/CVE-2025-12781 https://github.com/python/cpython/issues/125346 https://github.com/python/cpython/pull/141128 https://mail.python.org/archives/list/security-announce@python.org/thread/KRI7GC6S27YV5NJ4FPDALS2WI5ENAFJ6/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-12781.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-chardet", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "FcCCWzjx2/VQlGmMszSY2A==": { "id": "FcCCWzjx2/VQlGmMszSY2A==", "updater": "rhel-vex", "name": "CVE-2022-2345", "description": "A use-after-free vulnerability was found in Vim in the skipwhite function in the charset.c file. This issue occurs because an already freed memory is used when a specially crafted input is processed. This flaw allows an attacker who can trick a user into opening a specially crafted file into triggering the use-after-free, and cause the application to crash, possibly executing code and corrupting memory.", "issued": "2022-07-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-2345 https://bugzilla.redhat.com/show_bug.cgi?id=2106775 https://www.cve.org/CVERecord?id=CVE-2022-2345 https://nvd.nist.gov/vuln/detail/CVE-2022-2345 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-2345.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Fp999hDC/lucBsNHwOlp/A==": { "id": "Fp999hDC/lucBsNHwOlp/A==", "updater": "rhel-vex", "name": "CVE-2024-13176", "description": "A timing side-channel vulnerability was found in OpenSSL. This vulnerability allows an attacker to recover the private key. However, measuring the timing would require local access to the signing application or a fast network connection with low latency. There is a timing signal of around 300 nanoseconds when the top word of the inverted ECDSA nonce value is zero. This issue can happen with significant probability only for some of the supported elliptic curves. In particular, the NIST P-521 curve is affected.", "issued": "2025-01-20T13:29:57Z", "links": "https://access.redhat.com/security/cve/CVE-2024-13176 https://bugzilla.redhat.com/show_bug.cgi?id=2338999 https://www.cve.org/CVERecord?id=CVE-2024-13176 https://nvd.nist.gov/vuln/detail/CVE-2024-13176 https://www.oracle.com/security-alerts/cpuapr2025.html#AppendixMSQL https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-13176.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "G7IyfoPhe9f8QzIGbOfn7Q==": { "id": "G7IyfoPhe9f8QzIGbOfn7Q==", "updater": "rhel-vex", "name": "CVE-2023-45322", "description": "A flaw was found in libxml2. In an out-of-memory condition or when limiting the memory allocation, processing a XML document using the HTML parser may result in a use-after-free vulnerability.", "issued": "2023-08-23T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-45322 https://bugzilla.redhat.com/show_bug.cgi?id=2242945 https://www.cve.org/CVERecord?id=CVE-2023-45322 https://nvd.nist.gov/vuln/detail/CVE-2023-45322 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-45322.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "H2CablNBrQ/I5AsUjk5xyw==": { "id": "H2CablNBrQ/I5AsUjk5xyw==", "updater": "rhel-vex", "name": "CVE-2018-20839", "description": "systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the KDGKBMODE (aka current keyboard mode) check is mishandled.", "issued": "2019-05-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2018-20839 https://bugzilla.redhat.com/show_bug.cgi?id=1716955 https://www.cve.org/CVERecord?id=CVE-2018-20839 https://nvd.nist.gov/vuln/detail/CVE-2018-20839 https://security.access.redhat.com/data/csaf/v2/vex/2018/cve-2018-20839.json", "severity": "CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "HB9r/GLycEmk6aXttwtBlw==": { "id": "HB9r/GLycEmk6aXttwtBlw==", "updater": "rhel-vex", "name": "CVE-2025-11468", "description": "Missing character filtering has been discovered in Python. When folding a long comment in an email header containing exclusively unfoldable characters, the parenthesis would not be preserved. This could be used for injecting headers into email messages where addresses are user-controlled and not sanitized.", "issued": "2026-01-20T21:09:11Z", "links": "https://access.redhat.com/security/cve/CVE-2025-11468 https://bugzilla.redhat.com/show_bug.cgi?id=2431375 https://www.cve.org/CVERecord?id=CVE-2025-11468 https://nvd.nist.gov/vuln/detail/CVE-2025-11468 https://github.com/python/cpython/issues/143935 https://github.com/python/cpython/pull/143936 https://mail.python.org/archives/list/security-announce@python.org/thread/FELSEOLBI2QR6YLG6Q7VYF7FWSGQTKLI/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-11468.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "HGLU1ajDNBbTQE08Dx2bTA==": { "id": "HGLU1ajDNBbTQE08Dx2bTA==", "updater": "rhel-vex", "name": "CVE-2022-3296", "description": "A stack-based buffer overflow vulnerability was found in vim's ex_finally() function of the src/ex_eval.c file. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering a bug that causes an application to crash, possibly executing code and corrupting memory.", "issued": "2022-09-25T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-3296 https://bugzilla.redhat.com/show_bug.cgi?id=2129835 https://www.cve.org/CVERecord?id=CVE-2022-3296 https://nvd.nist.gov/vuln/detail/CVE-2022-3296 https://huntr.dev/bounties/958866b8-526a-4979-9471-39392e0c9077 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-3296.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "HKC5OmG9MqL8R48yLMM6fA==": { "id": "HKC5OmG9MqL8R48yLMM6fA==", "updater": "rhel-vex", "name": "CVE-2021-28861", "description": "A vulnerability was found in python. This security flaw causes an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of the URI path. This issue may lead to information disclosure.", "issued": "2022-08-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-28861 https://bugzilla.redhat.com/show_bug.cgi?id=2120642 https://www.cve.org/CVERecord?id=CVE-2021-28861 https://nvd.nist.gov/vuln/detail/CVE-2021-28861 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-28861.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-requests", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "HKrLnQyTw1292mNt3MQ0aQ==": { "id": "HKrLnQyTw1292mNt3MQ0aQ==", "updater": "rhel-vex", "name": "CVE-2024-7592", "description": "A flaw was found in the `http.cookies` module in the Python package. When parsing cookies that contain backslashes, under certain circumstances, the module uses an algorithm with quadratic complexity, leading to excessive CPU consumption.", "issued": "2024-08-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-7592 https://bugzilla.redhat.com/show_bug.cgi?id=2305879 https://www.cve.org/CVERecord?id=CVE-2024-7592 https://nvd.nist.gov/vuln/detail/CVE-2024-7592 https://github.com/python/cpython/issues/123067 https://github.com/python/cpython/pull/123075 https://mail.python.org/archives/list/security-announce@python.org/thread/HXJAAAALNUNGCQUS2W7WR6GFIZIHFOOK/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-7592.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "HNpGGr9eP5twQKC3yCh1mA==": { "id": "HNpGGr9eP5twQKC3yCh1mA==", "updater": "rhel-vex", "name": "CVE-2025-5915", "description": "A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer over-read due to the size of a filter block potentially exceeding the Lempel-Ziv-Storer-Schieber (LZSS) window. This means the library may attempt to read beyond the allocated memory buffer, which can result in unpredictable program behavior, crashes (denial of service), or the disclosure of sensitive information from adjacent memory regions.", "issued": "2025-05-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5915 https://bugzilla.redhat.com/show_bug.cgi?id=2370865 https://www.cve.org/CVERecord?id=CVE-2025-5915 https://nvd.nist.gov/vuln/detail/CVE-2025-5915 https://github.com/libarchive/libarchive/pull/2599 https://github.com/libarchive/libarchive/releases/tag/v3.8.0 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5915.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "HTk+AAyRWNCrZTtBLx34Aw==": { "id": "HTk+AAyRWNCrZTtBLx34Aw==", "updater": "rhel-vex", "name": "CVE-2024-25260", "description": "A NULL pointer dereference vulnerability in the elfutils library has been discovered. This vulnerability occurs within the handle_verdef() function in the readelf.c source file. A NULL pointer dereference typically happens when a program attempts to access memory using a pointer that is not pointing anywhere (i.e., it's NULL), leading to a crash or potentially exploitable behavior.", "issued": "2024-02-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-25260 https://bugzilla.redhat.com/show_bug.cgi?id=2265194 https://www.cve.org/CVERecord?id=CVE-2024-25260 https://nvd.nist.gov/vuln/detail/CVE-2024-25260 https://github.com/schsiung/fuzzer_issues/issues/1 https://sourceware.org/bugzilla/show_bug.cgi?id=31058 https://sourceware.org/elfutils/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-25260.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "elfutils", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "HuLJLN6ajygY/CpLyzV5lw==": { "id": "HuLJLN6ajygY/CpLyzV5lw==", "updater": "rhel-vex", "name": "CVE-2023-45803", "description": "A flaw was found in urllib3, an HTTP client library for Python. urllib3 doesn't remove the HTTP request body when an HTTP redirect response using status 301, 302, or 303, after changing the method in a request from one that could accept a request body such as `POST` to `GET`, as is required by HTTP RFCs. This issue requires a previously trusted service to become compromised in order to have an impact on confidentiality, therefore, the exploitability of this vulnerability is low. Additionally, many users aren't putting sensitive data in HTTP request bodies; if this is the case, this vulnerability isn't exploitable.", "issued": "2023-10-13T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-45803 https://bugzilla.redhat.com/show_bug.cgi?id=2246840 https://www.cve.org/CVERecord?id=CVE-2023-45803 https://nvd.nist.gov/vuln/detail/CVE-2023-45803 https://github.com/urllib3/urllib3/commit/4e98d57809dacab1cbe625fddeec1a290c478ea9 https://github.com/urllib3/urllib3/security/advisories/GHSA-g4mx-q9vg-27p4 https://www.rfc-editor.org/rfc/rfc9110.html#name-get https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-45803.json", "severity": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-pip", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "HuOxI+pWjgGV0XsBvltzlg==": { "id": "HuOxI+pWjgGV0XsBvltzlg==", "updater": "rhel-vex", "name": "CVE-2020-19187", "description": "A flaw was found in the ncurses library. This issue occurs when processing a crafted terminfo database, causing a heap-based buffer overflow, resulting in an application crash, leading to a denial of service.", "issued": "2019-05-03T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-19187 https://bugzilla.redhat.com/show_bug.cgi?id=2234911 https://www.cve.org/CVERecord?id=CVE-2020-19187 https://nvd.nist.gov/vuln/detail/CVE-2020-19187 https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-19187.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "HvAQAThranK/gZBKAMXIlQ==": { "id": "HvAQAThranK/gZBKAMXIlQ==", "updater": "rhel-vex", "name": "CVE-2022-2129", "description": "Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.", "issued": "2022-06-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-2129 https://bugzilla.redhat.com/show_bug.cgi?id=2099586 https://www.cve.org/CVERecord?id=CVE-2022-2129 https://nvd.nist.gov/vuln/detail/CVE-2022-2129 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-2129.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "I5AcHDwdqjNXYrX5U6Xd+Q==": { "id": "I5AcHDwdqjNXYrX5U6Xd+Q==", "updater": "rhel-vex", "name": "CVE-2026-4224", "description": "A stack overflow flaw has been discovered in the python pyexpat module. When an Expat parser with a registered ElementDeclHandler parses an inline document type definition containing a deeply nested content model a C stack overflow occurs. This will result in a program crash.", "issued": "2026-03-16T17:52:26Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4224 https://bugzilla.redhat.com/show_bug.cgi?id=2448181 https://www.cve.org/CVERecord?id=CVE-2026-4224 https://nvd.nist.gov/vuln/detail/CVE-2026-4224 https://github.com/python/cpython/commit/196edfb06a7458377d4d0f4b3cd41724c1f3bd4a https://github.com/python/cpython/commit/e0a8a6da90597a924b300debe045cdb4628ee1f3 https://github.com/python/cpython/commit/eb0e8be3a7e11b87d198a2c3af1ed0eccf532768 https://github.com/python/cpython/issues/145986 https://github.com/python/cpython/pull/145987 https://mail.python.org/archives/list/security-announce@python.org/thread/5M7CGUW3XBRY7II4DK43KF7NQQ3TPZ6R/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4224.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "python-urllib3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "IItHEdPWz5fl9O7ZhzjDAA==": { "id": "IItHEdPWz5fl9O7ZhzjDAA==", "updater": "rhel-vex", "name": "CVE-2026-0672", "description": "An injection flaw has been discovered in Python. When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control characters within cookie names, values, and parameters.", "issued": "2026-01-20T21:52:33Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0672 https://bugzilla.redhat.com/show_bug.cgi?id=2431374 https://www.cve.org/CVERecord?id=CVE-2026-0672 https://nvd.nist.gov/vuln/detail/CVE-2026-0672 https://github.com/python/cpython/issues/143919 https://github.com/python/cpython/pull/143920 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0672.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "IKGCixrMtEsf6YEORF/lZQ==": { "id": "IKGCixrMtEsf6YEORF/lZQ==", "updater": "rhel-vex", "name": "CVE-2025-15282", "description": "Missing newline filtering has been discovered in Python. User-controlled data URLs parsed by urllib.request.DataHandler allow injecting headers through newlines in the data URL mediatype.", "issued": "2026-01-20T21:35:13Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15282 https://bugzilla.redhat.com/show_bug.cgi?id=2431366 https://www.cve.org/CVERecord?id=CVE-2025-15282 https://nvd.nist.gov/vuln/detail/CVE-2025-15282 https://github.com/python/cpython/issues/143925 https://github.com/python/cpython/pull/143926 https://mail.python.org/archives/list/security-announce@python.org/thread/X66HL7SISGJT33J53OHXMZT4DFLMHVKF/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15282.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-requests", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "IeBTzkrNIMGYDHelqBwwcw==": { "id": "IeBTzkrNIMGYDHelqBwwcw==", "updater": "rhel-vex", "name": "CVE-2023-1127", "description": "A flaw was found in Vim. A division by zero in the scrolldown function may lead to a denial of service, modified memory, and possibly remote execution.", "issued": "2023-03-01T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-1127 https://bugzilla.redhat.com/show_bug.cgi?id=2174662 https://www.cve.org/CVERecord?id=CVE-2023-1127 https://nvd.nist.gov/vuln/detail/CVE-2023-1127 https://huntr.dev/bounties/2d4d309e-4c96-415f-9070-36d0815f1beb https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-1127.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Iqou63Nn3CjFju1fFGg5Gw==": { "id": "Iqou63Nn3CjFju1fFGg5Gw==", "updater": "rhel-vex", "name": "CVE-2022-3705", "description": "A use-after-free flaw was found in the qf_update_buffer function in vim. This issue allows a specially crafted file to crash a program, use unexpected values, or execute code.", "issued": "2022-10-26T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-3705 https://bugzilla.redhat.com/show_bug.cgi?id=2139086 https://www.cve.org/CVERecord?id=CVE-2022-3705 https://nvd.nist.gov/vuln/detail/CVE-2022-3705 https://vuldb.com/?id.212324 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-3705.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "JOmMpFFsgsXa+1a+3dXgUw==": { "id": "JOmMpFFsgsXa+1a+3dXgUw==", "updater": "rhel-vex", "name": "CVE-2022-47011", "description": "A memory leak flaw was found in binutils. This flaw allows an attacker to use a set of steps to trigger a memory leak and perform a denial of service, resulting in a loss of the system's availability.", "issued": "2022-06-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-47011 https://bugzilla.redhat.com/show_bug.cgi?id=2233992 https://www.cve.org/CVERecord?id=CVE-2022-47011 https://nvd.nist.gov/vuln/detail/CVE-2022-47011 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-47011.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "gdb", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "JPMWR4OeAHyWFf3Dg2jJaA==": { "id": "JPMWR4OeAHyWFf3Dg2jJaA==", "updater": "rhel-vex", "name": "CVE-2025-11414", "description": "A flaw was found in binutils. Processing a specially crafted object file with the ld linker can trigger an out-of-bounds read in the get_link_hash_entry function in the bfd/elflink.c file due to an improper check, causing a crash and resulting in a denial of service.", "issued": "2025-10-07T22:32:07Z", "links": "https://access.redhat.com/security/cve/CVE-2025-11414 https://bugzilla.redhat.com/show_bug.cgi?id=2402424 https://www.cve.org/CVERecord?id=CVE-2025-11414 https://nvd.nist.gov/vuln/detail/CVE-2025-11414 https://sourceware.org/bugzilla/show_bug.cgi?id=33450 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=aeaaa9af6359c8e394ce9cf24911fec4f4d23703 https://vuldb.com/?id.327350 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-11414.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gdb", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "JkfL4zTu19bPyxWl/9w1/g==": { "id": "JkfL4zTu19bPyxWl/9w1/g==", "updater": "rhel-vex", "name": "CVE-2025-3198", "description": "A vulnerability has been found in GNU Binutils 2.43/2.44 and classified as problematic. Affected by this vulnerability is the function display_info of the file binutils/bucomm.c of the component objdump. The manipulation leads to memory leak. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The patch is named ba6ad3a18cb26b79e0e3b84c39f707535bbc344d. It is recommended to apply a patch to fix this issue.", "issued": "2025-04-04T01:31:08Z", "links": "https://access.redhat.com/security/cve/CVE-2025-3198 https://bugzilla.redhat.com/show_bug.cgi?id=2357358 https://www.cve.org/CVERecord?id=CVE-2025-3198 https://nvd.nist.gov/vuln/detail/CVE-2025-3198 https://sourceware.org/bugzilla/show_bug.cgi?id=32716 https://sourceware.org/bugzilla/show_bug.cgi?id=32716#c0 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ba6ad3a18cb26b79e0e3b84c39f707535bbc344d https://vuldb.com/?ctiid.303151 https://vuldb.com/?id.303151 https://vuldb.com/?submit.545773 https://www.gnu.org/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-3198.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gdb", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "KI3wu46QST5Yt6mx2sKmLg==": { "id": "KI3wu46QST5Yt6mx2sKmLg==", "updater": "rhel-vex", "name": "CVE-2026-4224", "description": "A stack overflow flaw has been discovered in the python pyexpat module. When an Expat parser with a registered ElementDeclHandler parses an inline document type definition containing a deeply nested content model a C stack overflow occurs. This will result in a program crash.", "issued": "2026-03-16T17:52:26Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4224 https://bugzilla.redhat.com/show_bug.cgi?id=2448181 https://www.cve.org/CVERecord?id=CVE-2026-4224 https://nvd.nist.gov/vuln/detail/CVE-2026-4224 https://github.com/python/cpython/commit/196edfb06a7458377d4d0f4b3cd41724c1f3bd4a https://github.com/python/cpython/commit/e0a8a6da90597a924b300debe045cdb4628ee1f3 https://github.com/python/cpython/commit/eb0e8be3a7e11b87d198a2c3af1ed0eccf532768 https://github.com/python/cpython/issues/145986 https://github.com/python/cpython/pull/145987 https://mail.python.org/archives/list/security-announce@python.org/thread/5M7CGUW3XBRY7II4DK43KF7NQQ3TPZ6R/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4224.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "python-idna", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "KNzZYG1QHglBEh6yFYGXlA==": { "id": "KNzZYG1QHglBEh6yFYGXlA==", "updater": "rhel-vex", "name": "CVE-2025-1215", "description": "A flaw was found in Vim. A local user may be able to trigger memory corruption by using the `--log` option with a non-existent path, which can lead to an application crash or other undefined behavior.", "issued": "2025-02-12T18:31:06Z", "links": "https://access.redhat.com/security/cve/CVE-2025-1215 https://bugzilla.redhat.com/show_bug.cgi?id=2345318 https://www.cve.org/CVERecord?id=CVE-2025-1215 https://nvd.nist.gov/vuln/detail/CVE-2025-1215 https://github.com/vim/vim/commit/c5654b84480822817bb7b69ebc97c174c91185e9 https://github.com/vim/vim/issues/16606 https://github.com/vim/vim/releases/tag/v9.1.1097 https://vuldb.com/?ctiid.295174 https://vuldb.com/?id.295174 https://vuldb.com/?submit.497546 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-1215.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "KaROgE0QmtiOixMG9Wi1RA==": { "id": "KaROgE0QmtiOixMG9Wi1RA==", "updater": "rhel-vex", "name": "CVE-2023-32636", "description": "A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect glib distributors who followed the guidance of glib developers to backport the initial fix for CVE-2023-29499.", "issued": "2022-12-14T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-32636 https://bugzilla.redhat.com/show_bug.cgi?id=2211833 https://www.cve.org/CVERecord?id=CVE-2023-32636 https://nvd.nist.gov/vuln/detail/CVE-2023-32636 https://discourse.gnome.org/t/multiple-fixes-for-gvariant-normalisation-issues-in-glib/12835 https://gitlab.gnome.org/GNOME/glib/-/issues/2841 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-32636.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "L+OsSQwlzLxq3WjvQ9tY6g==": { "id": "L+OsSQwlzLxq3WjvQ9tY6g==", "updater": "rhel-vex", "name": "CVE-2025-1152", "description": "A flaw was found in the ld linker utility of GNU Binutils. A specially-crafted payload may be able to trigger a memory leak, which can lead to an application crash or other undefined behavior.", "issued": "2025-02-10T18:00:09Z", "links": "https://access.redhat.com/security/cve/CVE-2025-1152 https://bugzilla.redhat.com/show_bug.cgi?id=2344723 https://www.cve.org/CVERecord?id=CVE-2025-1152 https://nvd.nist.gov/vuln/detail/CVE-2025-1152 https://sourceware.org/bugzilla/attachment.cgi?id=15887 https://sourceware.org/bugzilla/show_bug.cgi?id=32576 https://vuldb.com/?ctiid.295056 https://vuldb.com/?id.295056 https://www.gnu.org/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-1152.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gdb", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "L/NPj/F6GL+hQBcinpdSCw==": { "id": "L/NPj/F6GL+hQBcinpdSCw==", "updater": "rhel-vex", "name": "CVE-2026-28417", "description": "A flaw was found in Vim, an open-source command-line text editor. Specifically, an operating system (OS) command injection vulnerability exists in the `netrw` standard plugin. A remote attacker could exploit this by tricking a user into opening a specially crafted URL, such as one using the `scp://` protocol handler. Successful exploitation allows the attacker to execute arbitrary shell commands with the same privileges as the Vim process, leading to potential system compromise.", "issued": "2026-02-27T21:54:35Z", "links": "https://access.redhat.com/security/cve/CVE-2026-28417 https://bugzilla.redhat.com/show_bug.cgi?id=2443455 https://www.cve.org/CVERecord?id=CVE-2026-28417 https://nvd.nist.gov/vuln/detail/CVE-2026-28417 https://github.com/vim/vim/commit/79348dbbc09332130f4c860 https://github.com/vim/vim/releases/tag/v9.2.0073 https://github.com/vim/vim/security/advisories/GHSA-m3xh-9434-g336 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-28417.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "L3k0cIIlkMGQFiWnZm8Mlg==": { "id": "L3k0cIIlkMGQFiWnZm8Mlg==", "updater": "rhel-vex", "name": "CVE-2025-12781", "description": "A flaw was found in the base64 module in the Python standard library. The b64decode, standard_b64decode and urlsafe_b64decode functions will always accept the '+' and '/' characters even when an alternative base64 alphabet is specified via the altchars parameter that excludes them. This input validation bypass allows malformed or unexpected data to pass through decoding filters, potentially causing logical errors or data integrity issues in applications relying on strict character sets.", "issued": "2026-01-21T19:34:47Z", "links": "https://access.redhat.com/security/cve/CVE-2025-12781 https://bugzilla.redhat.com/show_bug.cgi?id=2431736 https://www.cve.org/CVERecord?id=CVE-2025-12781 https://nvd.nist.gov/vuln/detail/CVE-2025-12781 https://github.com/python/cpython/issues/125346 https://github.com/python/cpython/pull/141128 https://mail.python.org/archives/list/security-announce@python.org/thread/KRI7GC6S27YV5NJ4FPDALS2WI5ENAFJ6/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-12781.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "LOJuHEJYOJa8Zdw16qUEbQ==": { "id": "LOJuHEJYOJa8Zdw16qUEbQ==", "updater": "rhel-vex", "name": "CVE-2025-11468", "description": "Missing character filtering has been discovered in Python. When folding a long comment in an email header containing exclusively unfoldable characters, the parenthesis would not be preserved. This could be used for injecting headers into email messages where addresses are user-controlled and not sanitized.", "issued": "2026-01-20T21:09:11Z", "links": "https://access.redhat.com/security/cve/CVE-2025-11468 https://bugzilla.redhat.com/show_bug.cgi?id=2431375 https://www.cve.org/CVERecord?id=CVE-2025-11468 https://nvd.nist.gov/vuln/detail/CVE-2025-11468 https://github.com/python/cpython/issues/143935 https://github.com/python/cpython/pull/143936 https://mail.python.org/archives/list/security-announce@python.org/thread/FELSEOLBI2QR6YLG6Q7VYF7FWSGQTKLI/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-11468.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-pysocks", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "LUv9IT9UKLOPh/lo0L/z2A==": { "id": "LUv9IT9UKLOPh/lo0L/z2A==", "updater": "rhel-vex", "name": "CVE-2026-4111", "description": "A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archive_read_data() processing path. When a specially crafted RAR5 archive is processed, the decompression routine may enter a state where internal logic prevents forward progress. This condition results in an infinite loop that continuously consumes CPU resources. Because the archive passes checksum validation and appears structurally valid, affected applications cannot detect the issue before processing. This can allow attackers to cause persistent denial-of-service conditions in services that automatically process archives.", "issued": "2026-03-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4111 https://bugzilla.redhat.com/show_bug.cgi?id=2446453 https://www.cve.org/CVERecord?id=CVE-2026-4111 https://nvd.nist.gov/vuln/detail/CVE-2026-4111 https://github.com/libarchive/libarchive/pull/2877 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4111.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "High", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Lr7APYpoHx1Gcopp0lkBGQ==": { "id": "Lr7APYpoHx1Gcopp0lkBGQ==", "updater": "rhel-vex", "name": "CVE-2019-14250", "description": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow.", "issued": "2019-08-09T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2019-14250 https://bugzilla.redhat.com/show_bug.cgi?id=1739490 https://www.cve.org/CVERecord?id=CVE-2019-14250 https://nvd.nist.gov/vuln/detail/CVE-2019-14250 https://security.access.redhat.com/data/csaf/v2/vex/2019/cve-2019-14250.json", "severity": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gcc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Lt2Hg7sVYgz0GD7ldFmjjA==": { "id": "Lt2Hg7sVYgz0GD7ldFmjjA==", "updater": "rhel-vex", "name": "CVE-2026-32777", "description": "A flaw was found in libexpat. A remote attacker could exploit this vulnerability by providing specially crafted Document Type Definition (DTD) content. This could lead to an infinite loop during parsing, resulting in a Denial of Service (DoS) for the application using libexpat.", "issued": "2026-03-16T06:58:06Z", "links": "https://access.redhat.com/security/cve/CVE-2026-32777 https://bugzilla.redhat.com/show_bug.cgi?id=2447890 https://www.cve.org/CVERecord?id=CVE-2026-32777 https://nvd.nist.gov/vuln/detail/CVE-2026-32777 https://github.com/libexpat/libexpat/issues/1161 https://github.com/libexpat/libexpat/pull/1159 https://github.com/libexpat/libexpat/pull/1162 https://issues.oss-fuzz.com/issues/486993411 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-32777.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "M2K8uKmhLKONQLUJ7T8K4A==": { "id": "M2K8uKmhLKONQLUJ7T8K4A==", "updater": "rhel-vex", "name": "CVE-2026-0865", "description": "Missing newline filtering has been discovered in Python. User-controlled header names and values containing newlines can allow injecting HTTP headers.", "issued": "2026-01-20T21:26:15Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0865 https://bugzilla.redhat.com/show_bug.cgi?id=2431367 https://www.cve.org/CVERecord?id=CVE-2026-0865 https://nvd.nist.gov/vuln/detail/CVE-2026-0865 https://github.com/python/cpython/issues/143916 https://github.com/python/cpython/pull/143917 https://mail.python.org/archives/list/security-announce@python.org/thread/BJ6QPHNSHJTS3A7CFV6IBMCAP2DWRVNT/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0865.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-idna", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "MEg0AwIv/OJJHh+ITUIgUA==": { "id": "MEg0AwIv/OJJHh+ITUIgUA==", "updater": "rhel-vex", "name": "CVE-2025-13837", "description": "A flaw was found in the plistlib module in the Python standard library. The amount of data to read from a Plist file is specified in the file itself. This issue allows a specially crafted Plist file to cause an application to allocate a large amount of memory, potentially resulting in allocations errors, swapping, out-of-memory conditions or even system freezes.", "issued": "2025-12-01T18:13:32Z", "links": "https://access.redhat.com/security/cve/CVE-2025-13837 https://bugzilla.redhat.com/show_bug.cgi?id=2418084 https://www.cve.org/CVERecord?id=CVE-2025-13837 https://nvd.nist.gov/vuln/detail/CVE-2025-13837 https://github.com/python/cpython/issues/119342 https://github.com/python/cpython/pull/119343 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-13837.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "python-pysocks", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "MRnBR1NwPejsF0F/Po53Ew==": { "id": "MRnBR1NwPejsF0F/Po53Ew==", "updater": "rhel-vex", "name": "CVE-2019-8905", "description": "do_core_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printable, a different vulnerability than CVE-2018-10360.", "issued": "2019-02-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2019-8905 https://bugzilla.redhat.com/show_bug.cgi?id=1679181 https://www.cve.org/CVERecord?id=CVE-2019-8905 https://nvd.nist.gov/vuln/detail/CVE-2019-8905 https://security.access.redhat.com/data/csaf/v2/vex/2019/cve-2019-8905.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "file", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "NDM7PAlxc6PY84xuHZUHaw==": { "id": "NDM7PAlxc6PY84xuHZUHaw==", "updater": "rhel-vex", "name": "CVE-2021-28861", "description": "A vulnerability was found in python. This security flaw causes an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of the URI path. This issue may lead to information disclosure.", "issued": "2022-08-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-28861 https://bugzilla.redhat.com/show_bug.cgi?id=2120642 https://www.cve.org/CVERecord?id=CVE-2021-28861 https://nvd.nist.gov/vuln/detail/CVE-2021-28861 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-28861.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-chardet", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "NSfENcXaS5J2JOnnjb5pHQ==": { "id": "NSfENcXaS5J2JOnnjb5pHQ==", "updater": "rhel-vex", "name": "CVE-2022-0391", "description": "A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\\r' and '\\n' in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks.", "issued": "2021-04-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-0391 https://bugzilla.redhat.com/show_bug.cgi?id=2047376 https://www.cve.org/CVERecord?id=CVE-2022-0391 https://nvd.nist.gov/vuln/detail/CVE-2022-0391 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-0391.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-requests", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "O3w5rL20hshUUEC8mHo7ww==": { "id": "O3w5rL20hshUUEC8mHo7ww==", "updater": "rhel-vex", "name": "CVE-2025-11839", "description": "A security flaw has been discovered in GNU Binutils 2.45. Impacted is the function tg_tag_type of the file prdbg.c. Performing a manipulation results in unchecked return value. The attack needs to be approached locally. The exploit has been released to the public and may be used for attacks.", "issued": "2025-10-16T14:02:13Z", "links": "https://access.redhat.com/security/cve/CVE-2025-11839 https://bugzilla.redhat.com/show_bug.cgi?id=2404439 https://www.cve.org/CVERecord?id=CVE-2025-11839 https://nvd.nist.gov/vuln/detail/CVE-2025-11839 https://sourceware.org/bugzilla/attachment.cgi?id=16344 https://sourceware.org/bugzilla/show_bug.cgi?id=33448 https://vuldb.com/?ctiid.328774 https://vuldb.com/?id.328774 https://vuldb.com/?submit.661279 https://www.gnu.org/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-11839.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gdb", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "O6eQrDqYe8zCvECWFMIzFQ==": { "id": "O6eQrDqYe8zCvECWFMIzFQ==", "updater": "rhel-vex", "name": "CVE-2019-8906", "description": "do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused.", "issued": "2019-01-03T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2019-8906 https://bugzilla.redhat.com/show_bug.cgi?id=1679175 https://www.cve.org/CVERecord?id=CVE-2019-8906 https://nvd.nist.gov/vuln/detail/CVE-2019-8906 https://security.access.redhat.com/data/csaf/v2/vex/2019/cve-2019-8906.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "file", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "O8fIVXqcGshIonMWsEH9gA==": { "id": "O8fIVXqcGshIonMWsEH9gA==", "updater": "rhel-vex", "name": "CVE-2025-5916", "description": "A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Archive (WARC) file that claims to have more than INT64_MAX - 4 content bytes. An attacker could craft a malicious WARC archive to induce this overflow, potentially leading to unpredictable program behavior, memory corruption, or a denial-of-service condition within applications that process such archives using libarchive. This bug affects libarchive versions prior to 3.8.0.", "issued": "2025-05-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5916 https://bugzilla.redhat.com/show_bug.cgi?id=2370872 https://www.cve.org/CVERecord?id=CVE-2025-5916 https://nvd.nist.gov/vuln/detail/CVE-2025-5916 https://github.com/libarchive/libarchive/pull/2568 https://github.com/libarchive/libarchive/releases/tag/v3.8.0 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5916.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "OFdQC3/0S5rItoyqpACTFw==": { "id": "OFdQC3/0S5rItoyqpACTFw==", "updater": "rhel-vex", "name": "CVE-2026-4224", "description": "A stack overflow flaw has been discovered in the python pyexpat module. When an Expat parser with a registered ElementDeclHandler parses an inline document type definition containing a deeply nested content model a C stack overflow occurs. This will result in a program crash.", "issued": "2026-03-16T17:52:26Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4224 https://bugzilla.redhat.com/show_bug.cgi?id=2448181 https://www.cve.org/CVERecord?id=CVE-2026-4224 https://nvd.nist.gov/vuln/detail/CVE-2026-4224 https://github.com/python/cpython/commit/196edfb06a7458377d4d0f4b3cd41724c1f3bd4a https://github.com/python/cpython/commit/e0a8a6da90597a924b300debe045cdb4628ee1f3 https://github.com/python/cpython/commit/eb0e8be3a7e11b87d198a2c3af1ed0eccf532768 https://github.com/python/cpython/issues/145986 https://github.com/python/cpython/pull/145987 https://mail.python.org/archives/list/security-announce@python.org/thread/5M7CGUW3XBRY7II4DK43KF7NQQ3TPZ6R/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4224.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "OImuQ4u5D1zXYGJgGxZUqA==": { "id": "OImuQ4u5D1zXYGJgGxZUqA==", "updater": "rhel-vex", "name": "CVE-2023-48234", "description": "A flaw was found in Vim, an open source command line text editor. When getting the count for a normal mode z command, it may overflow if large counts are given. The impact is low because user interaction is required and a crash may not happen in all situations.", "issued": "2023-11-16T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-48234 https://bugzilla.redhat.com/show_bug.cgi?id=2250271 https://www.cve.org/CVERecord?id=CVE-2023-48234 https://nvd.nist.gov/vuln/detail/CVE-2023-48234 http://www.openwall.com/lists/oss-security/2023/11/16/1 https://github.com/vim/vim/commit/58f9befca1fa172068effad7f2ea5a9d6a7b0cca https://github.com/vim/vim/security/advisories/GHSA-59gw-c949-6phq https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-48234.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "OLKvdPVgT9/lPcflJTxE3Q==": { "id": "OLKvdPVgT9/lPcflJTxE3Q==", "updater": "rhel-vex", "name": "CVE-2025-68160", "description": "A flaw was found in OpenSSL. This vulnerability involves an out-of-bounds write in the line-buffering BIO filter, which can lead to memory corruption. While exploitation is unlikely to be under direct attacker control, a successful attack could cause an application to crash, resulting in a Denial of Service (DoS).", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-68160 https://bugzilla.redhat.com/show_bug.cgi?id=2430380 https://www.cve.org/CVERecord?id=CVE-2025-68160 https://nvd.nist.gov/vuln/detail/CVE-2025-68160 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-68160.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "OPNDKUsVLJt2v1gO1zvkBA==": { "id": "OPNDKUsVLJt2v1gO1zvkBA==", "updater": "rhel-vex", "name": "CVE-2025-1632", "description": "A flaw was found in the bsdunzip utility of libarchive. In affected versions, a specially crafted file may trigger a null pointer dereference. This issue can lead to an application crash or other unexpected behavior. This bug does not compromise the integrity or availability of the base system.", "issued": "2025-02-24T13:31:08Z", "links": "https://access.redhat.com/security/cve/CVE-2025-1632 https://bugzilla.redhat.com/show_bug.cgi?id=2347309 https://www.cve.org/CVERecord?id=CVE-2025-1632 https://nvd.nist.gov/vuln/detail/CVE-2025-1632 https://github.com/Ekkosun/pocs/blob/main/bsdunzip-poc https://vuldb.com/?ctiid.296619 https://vuldb.com/?id.296619 https://vuldb.com/?submit.496460 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-1632.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "OWS4rb8siWCzvYT9F1I76A==": { "id": "OWS4rb8siWCzvYT9F1I76A==", "updater": "rhel-vex", "name": "CVE-2025-7039", "description": "A flaw was found in glib. An integer overflow during temporary file creation leads to an out-of-bounds memory access, allowing an attacker to potentially perform path traversal or access private temporary file content by creating symbolic links. This vulnerability allows a local attacker to manipulate file paths and access unauthorized data. The core issue stems from insufficient validation of file path lengths during temporary file operations.", "issued": "2025-07-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-7039 https://bugzilla.redhat.com/show_bug.cgi?id=2392423 https://www.cve.org/CVERecord?id=CVE-2025-7039 https://nvd.nist.gov/vuln/detail/CVE-2025-7039 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-7039.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Oi3Y6I7JDcoQrQyH+jMXWw==": { "id": "Oi3Y6I7JDcoQrQyH+jMXWw==", "updater": "rhel-vex", "name": "CVE-2025-14087", "description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "issued": "2025-12-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14087 https://bugzilla.redhat.com/show_bug.cgi?id=2419093 https://www.cve.org/CVERecord?id=CVE-2025-14087 https://nvd.nist.gov/vuln/detail/CVE-2025-14087 https://gitlab.gnome.org/GNOME/glib/-/issues/3834 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14087.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "OpUahpCA4oBceG962KxTMA==": { "id": "OpUahpCA4oBceG962KxTMA==", "updater": "rhel-vex", "name": "CVE-2026-22796", "description": "A flaw was found in OpenSSL. This type confusion vulnerability allows a remote attacker to cause a denial of service (DoS) by providing specially crafted PKCS#7 data to an application that performs signature verification. The vulnerability occurs because the application accesses an ASN1_TYPE union member without proper type validation, leading to an invalid or NULL pointer dereference and a crash.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-22796 https://bugzilla.redhat.com/show_bug.cgi?id=2430390 https://www.cve.org/CVERecord?id=CVE-2026-22796 https://nvd.nist.gov/vuln/detail/CVE-2026-22796 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-22796.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "PcNbuWOo0ahqjfbOQhXvvQ==": { "id": "PcNbuWOo0ahqjfbOQhXvvQ==", "updater": "rhel-vex", "name": "CVE-2024-41996", "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "issued": "2024-08-26T06:15:04Z", "links": "https://access.redhat.com/security/cve/CVE-2024-41996 https://bugzilla.redhat.com/show_bug.cgi?id=2307826 https://www.cve.org/CVERecord?id=CVE-2024-41996 https://nvd.nist.gov/vuln/detail/CVE-2024-41996 https://dheatattack.gitlab.io/details/ https://dheatattack.gitlab.io/faq/ https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1 https://github.com/openssl/openssl/issues/17374 https://openssl-library.org/post/2022-10-21-tls-groups-configuration/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-41996.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "PeyY3NcZskFbdv80IsU0GA==": { "id": "PeyY3NcZskFbdv80IsU0GA==", "updater": "rhel-vex", "name": "CVE-2023-1264", "description": "A NULL pointer dereference vulnerability was discovered in vim's utfc_ptr2len() function in the mbyte.c file. This issue is due to using a NULL pointer with the nested :open command. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering an issue that causes an application to crash, leading to a denial of service.", "issued": "2023-03-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-1264 https://bugzilla.redhat.com/show_bug.cgi?id=2176413 https://www.cve.org/CVERecord?id=CVE-2023-1264 https://nvd.nist.gov/vuln/detail/CVE-2023-1264 https://huntr.dev/bounties/b2989095-88f3-413a-9a39-c1c58a6e6815 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-1264.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "PzCq95UXnHxg/MGN+3UsFg==": { "id": "PzCq95UXnHxg/MGN+3UsFg==", "updater": "rhel-vex", "name": "CVE-2025-11468", "description": "Missing character filtering has been discovered in Python. When folding a long comment in an email header containing exclusively unfoldable characters, the parenthesis would not be preserved. This could be used for injecting headers into email messages where addresses are user-controlled and not sanitized.", "issued": "2026-01-20T21:09:11Z", "links": "https://access.redhat.com/security/cve/CVE-2025-11468 https://bugzilla.redhat.com/show_bug.cgi?id=2431375 https://www.cve.org/CVERecord?id=CVE-2025-11468 https://nvd.nist.gov/vuln/detail/CVE-2025-11468 https://github.com/python/cpython/issues/143935 https://github.com/python/cpython/pull/143936 https://mail.python.org/archives/list/security-announce@python.org/thread/FELSEOLBI2QR6YLG6Q7VYF7FWSGQTKLI/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-11468.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-idna", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Q0R0snWmmMqzIGenxa3xgA==": { "id": "Q0R0snWmmMqzIGenxa3xgA==", "updater": "rhel-vex", "name": "CVE-2024-0397", "description": "A vulnerability was found in Python. A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “cert_store_stats()” and “get_ca_certs()”. The race condition can be triggered if the methods are called at the same time that certificates are loaded into the SSLContext, such as during the TLS handshake with a configured certificate directory.", "issued": "2024-06-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-0397 https://bugzilla.redhat.com/show_bug.cgi?id=2301891 https://www.cve.org/CVERecord?id=CVE-2024-0397 https://nvd.nist.gov/vuln/detail/CVE-2024-0397 https://mail.python.org/archives/list/security-announce@python.org/thread/BMAK5BCGKYWNJOACVUSLUF6SFGBIM4VP/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-0397.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "python-requests", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Q97JvkIPdBB9Bs7AhtfZcw==": { "id": "Q97JvkIPdBB9Bs7AhtfZcw==", "updater": "rhel-vex", "name": "CVE-2026-0967", "description": "No description is available for this CVE.", "issued": "2026-02-10T18:47:09Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0967 https://bugzilla.redhat.com/show_bug.cgi?id=2436981 https://www.cve.org/CVERecord?id=CVE-2026-0967 https://nvd.nist.gov/vuln/detail/CVE-2026-0967 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0967.json", "severity": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libssh", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "QA/RR9QV3AWWQrJtEcrL9g==": { "id": "QA/RR9QV3AWWQrJtEcrL9g==", "updater": "rhel-vex", "name": "CVE-2022-3256", "description": "A heap use-after-free vulnerability was found in vim's movemark() function of the src/mark.c file. This issue occurs because vim uses freed memory when 'autocmd' changes the mark. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering a heap use-after-free that causes an application to crash, possibly executing code and corrupting memory.", "issued": "2022-09-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-3256 https://bugzilla.redhat.com/show_bug.cgi?id=2132571 https://www.cve.org/CVERecord?id=CVE-2022-3256 https://nvd.nist.gov/vuln/detail/CVE-2022-3256 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-3256.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "QFNrGxfixF7srX8h0Bv09A==": { "id": "QFNrGxfixF7srX8h0Bv09A==", "updater": "rhel-vex", "name": "CVE-2021-3236", "description": "A NULL pointer dereference vulnerability was found in Vim in the ex_buffer_all function in the src/buffer.c file. This flaw allows an attacker who can trick a user into processing a specially crafted file to trigger the NULL pointer dereference, causing the application to crash.", "issued": "2021-01-14T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-3236 https://bugzilla.redhat.com/show_bug.cgi?id=2231531 https://www.cve.org/CVERecord?id=CVE-2021-3236 https://nvd.nist.gov/vuln/detail/CVE-2021-3236 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-3236.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "QSNBg/XspHcBwSxBTMU4rg==": { "id": "QSNBg/XspHcBwSxBTMU4rg==", "updater": "rhel-vex", "name": "CVE-2025-50181", "description": "A flaw was found in urllib3. The `PoolManager` class allows redirects to be disabled by configuring retries in a specific manner, effectively bypassing intended HTTP redirection behavior. A network attacker can leverage this configuration to manipulate request flows and disrupt service. This bypass occurs through improper handling of retry parameters during PoolManager instantiation. This issue can reult in a denial of service or unintended data exposure due to altered request destinations.", "issued": "2025-06-19T01:08:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-50181 https://bugzilla.redhat.com/show_bug.cgi?id=2373799 https://www.cve.org/CVERecord?id=CVE-2025-50181 https://nvd.nist.gov/vuln/detail/CVE-2025-50181 https://github.com/urllib3/urllib3/commit/f05b1329126d5be6de501f9d1e3e36738bc08857 https://github.com/urllib3/urllib3/security/advisories/GHSA-pq67-6m6q-mj2v https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-50181.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-pip", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "QUtTYJuHdkAOgtveagWUfA==": { "id": "QUtTYJuHdkAOgtveagWUfA==", "updater": "rhel-vex", "name": "CVE-2023-0466", "description": "A flaw was found in OpenSSL. The X509_VERIFY_PARAM_add0_policy() function is documented to enable the certificate policy check when doing certificate verification implicitly. However, implementing the function does not enable the check, allowing certificates with invalid or incorrect policies to pass the certificate verification. Suddenly enabling the policy check could break existing deployments, so it was decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() function. The applications that require OpenSSL to perform certificate policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly enable the policy check by calling X509_VERIFY_PARAM_set_flags() with the X509_V_FLAG_POLICY_CHECK flag argument. Certificate policy checks are disabled by default in OpenSSL and are not commonly used by applications.", "issued": "2023-03-28T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-0466 https://bugzilla.redhat.com/show_bug.cgi?id=2182565 https://www.cve.org/CVERecord?id=CVE-2023-0466 https://nvd.nist.gov/vuln/detail/CVE-2023-0466 https://www.openssl.org/news/secadv/20230328.txt https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-0466.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "QcOTYeOedG0AUhPSakMpIA==": { "id": "QcOTYeOedG0AUhPSakMpIA==", "updater": "rhel-vex", "name": "CVE-2024-4741", "description": "A use-after-free vulnerability was found in OpenSSL. Calling the OpenSSL API SSL_free_buffers function may cause memory to be accessed that was previously freed in some situations.", "issued": "2024-05-28T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-4741 https://bugzilla.redhat.com/show_bug.cgi?id=2283757 https://www.cve.org/CVERecord?id=CVE-2024-4741 https://nvd.nist.gov/vuln/detail/CVE-2024-4741 https://www.openssl.org/news/secadv/20240528.txt https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-4741.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "QjeO2zYbebGNLlXq8Nnt1A==": { "id": "QjeO2zYbebGNLlXq8Nnt1A==", "updater": "rhel-vex", "name": "CVE-2025-15282", "description": "Missing newline filtering has been discovered in Python. User-controlled data URLs parsed by urllib.request.DataHandler allow injecting headers through newlines in the data URL mediatype.", "issued": "2026-01-20T21:35:13Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15282 https://bugzilla.redhat.com/show_bug.cgi?id=2431366 https://www.cve.org/CVERecord?id=CVE-2025-15282 https://nvd.nist.gov/vuln/detail/CVE-2025-15282 https://github.com/python/cpython/issues/143925 https://github.com/python/cpython/pull/143926 https://mail.python.org/archives/list/security-announce@python.org/thread/X66HL7SISGJT33J53OHXMZT4DFLMHVKF/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15282.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-pysocks", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Qsq6pjHJA+B7ogwJGi6kYg==": { "id": "Qsq6pjHJA+B7ogwJGi6kYg==", "updater": "rhel-vex", "name": "CVE-2026-0672", "description": "An injection flaw has been discovered in Python. When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control characters within cookie names, values, and parameters.", "issued": "2026-01-20T21:52:33Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0672 https://bugzilla.redhat.com/show_bug.cgi?id=2431374 https://www.cve.org/CVERecord?id=CVE-2026-0672 https://nvd.nist.gov/vuln/detail/CVE-2026-0672 https://github.com/python/cpython/issues/143919 https://github.com/python/cpython/pull/143920 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0672.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-requests", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "RHeiKN7ijeFN3v3rvcCNeg==": { "id": "RHeiKN7ijeFN3v3rvcCNeg==", "updater": "rhel-vex", "name": "CVE-2025-1151", "description": "A flaw was found in the ld linker utility of GNU Binutils. A specially-crafted payload may be able to trigger a memory leak, which can lead to an application crash or other undefined behavior.", "issued": "2025-02-10T17:00:10Z", "links": "https://access.redhat.com/security/cve/CVE-2025-1151 https://bugzilla.redhat.com/show_bug.cgi?id=2344713 https://www.cve.org/CVERecord?id=CVE-2025-1151 https://nvd.nist.gov/vuln/detail/CVE-2025-1151 https://sourceware.org/bugzilla/attachment.cgi?id=15887 https://sourceware.org/bugzilla/show_bug.cgi?id=32576 https://vuldb.com/?ctiid.295055 https://vuldb.com/?id.295055 https://www.gnu.org/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-1151.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gdb", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "RHl01lzywe1fy6zlGFllvA==": { "id": "RHl01lzywe1fy6zlGFllvA==", "updater": "rhel-vex", "name": "CVE-2026-0966", "description": "No description is available for this CVE.", "issued": "2026-02-10T18:47:15Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0966 https://bugzilla.redhat.com/show_bug.cgi?id=2433121 https://www.cve.org/CVERecord?id=CVE-2026-0966 https://nvd.nist.gov/vuln/detail/CVE-2026-0966 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0966.json", "severity": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "libssh", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "RRG09C5MDFvOwPKAQ4ueAQ==": { "id": "RRG09C5MDFvOwPKAQ4ueAQ==", "updater": "rhel-vex", "name": "CVE-2022-0235", "description": "A flaw was found in node-fetch. When following a redirect to a third-party domain, node-fetch was forwarding sensitive headers such as \"Authorization,\" \"WWW-Authenticate,\" and \"Cookie\" to potentially untrusted targets. This flaw leads to the exposure of sensitive information to an unauthorized actor.", "issued": "2022-01-14T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-0235 https://bugzilla.redhat.com/show_bug.cgi?id=2044591 https://www.cve.org/CVERecord?id=CVE-2022-0235 https://nvd.nist.gov/vuln/detail/CVE-2022-0235 https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/ https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-0235.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "subscription-manager-rhsm-certificates", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "RTeFy2wjnmJGIbne+RTWzg==": { "id": "RTeFy2wjnmJGIbne+RTWzg==", "updater": "rhel-vex", "name": "CVE-2021-3974", "description": "A flaw was found in vim. A possible use-after-free vulnerability could allow an attacker to input a specially crafted file leading to a crash or code execution. The highest threat from this vulnerability is to system availability.", "issued": "2021-11-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-3974 https://bugzilla.redhat.com/show_bug.cgi?id=2025061 https://www.cve.org/CVERecord?id=CVE-2021-3974 https://nvd.nist.gov/vuln/detail/CVE-2021-3974 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-3974.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "RVCidRUm4D1IKoPhoUi2AA==": { "id": "RVCidRUm4D1IKoPhoUi2AA==", "updater": "rhel-vex", "name": "CVE-2019-9674", "description": "A ZIP bomb attack was found in the Python zipfile module. A remote attacker could abuse this flaw by providing a specially crafted ZIP file that, when decompressed by zipfile, would exhaust system resources resulting in a denial of service.", "issued": "2019-03-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2019-9674 https://bugzilla.redhat.com/show_bug.cgi?id=1800749 https://www.cve.org/CVERecord?id=CVE-2019-9674 https://nvd.nist.gov/vuln/detail/CVE-2019-9674 https://security.access.redhat.com/data/csaf/v2/vex/2019/cve-2019-9674.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "RX1HGLUK7YuvgmHUK1EmJA==": { "id": "RX1HGLUK7YuvgmHUK1EmJA==", "updater": "rhel-vex", "name": "CVE-2025-66862", "description": "A flaw was found in binutils. Processing a specially crafted PE file with cxxfilt can trigger a heap-based buffer over-read in the gnu_special function in the cplus-dem.c file, causing a crash and resulting in a denial of service.", "issued": "2025-12-29T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-66862 https://bugzilla.redhat.com/show_bug.cgi?id=2425825 https://www.cve.org/CVERecord?id=CVE-2025-66862 https://nvd.nist.gov/vuln/detail/CVE-2025-66862 https://github.com/caozhzh/CRGF-Vul/blob/main/cxxfilt/crash3.md https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-66862.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gdb", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "RX9KYQqzC2oXPBjwPgDRKw==": { "id": "RX9KYQqzC2oXPBjwPgDRKw==", "updater": "rhel-vex", "name": "CVE-2022-3153", "description": "NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0404.", "issued": "2022-09-08T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-3153 https://bugzilla.redhat.com/show_bug.cgi?id=2126401 https://www.cve.org/CVERecord?id=CVE-2022-3153 https://nvd.nist.gov/vuln/detail/CVE-2022-3153 https://huntr.dev/bounties/68331124-620d-48bc-a8fa-cd947b26270a/ https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-3153.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "RYqFgDYIttLgJc8B82sK/w==": { "id": "RYqFgDYIttLgJc8B82sK/w==", "updater": "rhel-vex", "name": "CVE-2025-66382", "description": "A flaw was found in libexpat. This vulnerability allows a denial of service (DoS) by processing a crafted file with an approximate size of 2 MiB, leading to dozens of seconds of processing time.", "issued": "2025-11-28T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-66382 https://bugzilla.redhat.com/show_bug.cgi?id=2417661 https://www.cve.org/CVERecord?id=CVE-2025-66382 https://nvd.nist.gov/vuln/detail/CVE-2025-66382 https://github.com/libexpat/libexpat/issues/1076 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-66382.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "RaV+zUwgwOTaTguKt0FeTA==": { "id": "RaV+zUwgwOTaTguKt0FeTA==", "updater": "rhel-vex", "name": "CVE-2024-0397", "description": "A vulnerability was found in Python. A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “cert_store_stats()” and “get_ca_certs()”. The race condition can be triggered if the methods are called at the same time that certificates are loaded into the SSLContext, such as during the TLS handshake with a configured certificate directory.", "issued": "2024-06-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-0397 https://bugzilla.redhat.com/show_bug.cgi?id=2301891 https://www.cve.org/CVERecord?id=CVE-2024-0397 https://nvd.nist.gov/vuln/detail/CVE-2024-0397 https://mail.python.org/archives/list/security-announce@python.org/thread/BMAK5BCGKYWNJOACVUSLUF6SFGBIM4VP/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-0397.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "python-pysocks", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "RpD+LASWgToMtGHvWZS8Fw==": { "id": "RpD+LASWgToMtGHvWZS8Fw==", "updater": "rhel-vex", "name": "CVE-2026-4224", "description": "A stack overflow flaw has been discovered in the python pyexpat module. When an Expat parser with a registered ElementDeclHandler parses an inline document type definition containing a deeply nested content model a C stack overflow occurs. This will result in a program crash.", "issued": "2026-03-16T17:52:26Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4224 https://bugzilla.redhat.com/show_bug.cgi?id=2448181 https://www.cve.org/CVERecord?id=CVE-2026-4224 https://nvd.nist.gov/vuln/detail/CVE-2026-4224 https://github.com/python/cpython/commit/196edfb06a7458377d4d0f4b3cd41724c1f3bd4a https://github.com/python/cpython/commit/e0a8a6da90597a924b300debe045cdb4628ee1f3 https://github.com/python/cpython/commit/eb0e8be3a7e11b87d198a2c3af1ed0eccf532768 https://github.com/python/cpython/issues/145986 https://github.com/python/cpython/pull/145987 https://mail.python.org/archives/list/security-announce@python.org/thread/5M7CGUW3XBRY7II4DK43KF7NQQ3TPZ6R/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4224.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "python-chardet", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "S7qx7a03HASsJhyQafvXjg==": { "id": "S7qx7a03HASsJhyQafvXjg==", "updater": "rhel-vex", "name": "CVE-2018-19211", "description": "In ncurses 6.1, there is a NULL pointer dereference at function _nc_parse_entry in parse_entry.c that will lead to a denial of service attack. The product proceeds to the dereference code path even after a \"dubious character `*' in name or alias field\" detection.", "issued": "2018-10-28T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2018-19211 https://bugzilla.redhat.com/show_bug.cgi?id=1652600 https://www.cve.org/CVERecord?id=CVE-2018-19211 https://nvd.nist.gov/vuln/detail/CVE-2018-19211 https://security.access.redhat.com/data/csaf/v2/vex/2018/cve-2018-19211.json", "severity": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "SCyWi9GWaGqLJ1zck/DqFg==": { "id": "SCyWi9GWaGqLJ1zck/DqFg==", "updater": "rhel-vex", "name": "CVE-2025-69648", "description": "A flaw was found in binutils. Processing a specially crafted ELF binary file containing malformed DWARF .debug_rnglists data with the readelf program can trigger an infinite loop and result in a denial of service.", "issued": "2026-03-09T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-69648 https://bugzilla.redhat.com/show_bug.cgi?id=2445774 https://www.cve.org/CVERecord?id=CVE-2025-69648 https://nvd.nist.gov/vuln/detail/CVE-2025-69648 https://sourceware.org/bugzilla/show_bug.cgi?id=33641 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=598704a00cbac5e85c2bedd363357b5bf6fcee33 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69648.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gdb", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "SHxE0qXbBmDEp/LL1ieJeA==": { "id": "SHxE0qXbBmDEp/LL1ieJeA==", "updater": "rhel-vex", "name": "CVE-2020-19189", "description": "A flaw has been identified in the ncurses library. This issue occurs when processing a crafted terminfo database, causing a heap-based buffer overflow, resulting in an application crash.", "issued": "2019-05-03T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-19189 https://bugzilla.redhat.com/show_bug.cgi?id=2234926 https://www.cve.org/CVERecord?id=CVE-2020-19189 https://nvd.nist.gov/vuln/detail/CVE-2020-19189 https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-19189.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "SRWVKBpKSVVu6JElqG0j6Q==": { "id": "SRWVKBpKSVVu6JElqG0j6Q==", "updater": "rhel-vex", "name": "CVE-2025-66864", "description": "A flaw was found in binutils. Processing a specially crafted PE file with cxxfilt can trigger a NULL pointer dereference in the d_print_comp_inner function in the cp-demangle.c file, causing a crash and resulting in a denial of service.", "issued": "2025-12-29T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-66864 https://bugzilla.redhat.com/show_bug.cgi?id=2425827 https://www.cve.org/CVERecord?id=CVE-2025-66864 https://nvd.nist.gov/vuln/detail/CVE-2025-66864 https://github.com/caozhzh/CRGF-Vul/blob/main/cxxfilt/crash5.md https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-66864.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gdb", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Sh5iugkp1bJb68yP8NCHYw==": { "id": "Sh5iugkp1bJb68yP8NCHYw==", "updater": "rhel-vex", "name": "CVE-2025-69649", "description": "A flaw was found in binutils. Processing a specially crafted ELF binary file containing malformed header fields with the readelf program can trigger a NULL pointer dereference, causing a crash and resulting in a denial of service.", "issued": "2026-03-06T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-69649 https://bugzilla.redhat.com/show_bug.cgi?id=2445298 https://www.cve.org/CVERecord?id=CVE-2025-69649 https://nvd.nist.gov/vuln/detail/CVE-2025-69649 https://sourceware.org/bugzilla/show_bug.cgi?id=33697 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=66a3492ce68e1ae45b2489bd9a815c39ea5d7f66 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69649.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gdb", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "SlXya5x7Y15uc1rOkyoBzw==": { "id": "SlXya5x7Y15uc1rOkyoBzw==", "updater": "rhel-vex", "name": "CVE-2023-2610", "description": "Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1532.", "issued": "2023-05-10T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-2610 https://bugzilla.redhat.com/show_bug.cgi?id=2209048 https://www.cve.org/CVERecord?id=CVE-2023-2610 https://nvd.nist.gov/vuln/detail/CVE-2023-2610 https://huntr.dev/bounties/31e67340-935b-4f6c-a923-f7246bc29c7d https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-2610.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "T26f6qNU6mdwz9bi2U/ZDw==": { "id": "T26f6qNU6mdwz9bi2U/ZDw==", "updater": "rhel-vex", "name": "CVE-2024-7592", "description": "A flaw was found in the `http.cookies` module in the Python package. When parsing cookies that contain backslashes, under certain circumstances, the module uses an algorithm with quadratic complexity, leading to excessive CPU consumption.", "issued": "2024-08-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-7592 https://bugzilla.redhat.com/show_bug.cgi?id=2305879 https://www.cve.org/CVERecord?id=CVE-2024-7592 https://nvd.nist.gov/vuln/detail/CVE-2024-7592 https://github.com/python/cpython/issues/123067 https://github.com/python/cpython/pull/123075 https://mail.python.org/archives/list/security-announce@python.org/thread/HXJAAAALNUNGCQUS2W7WR6GFIZIHFOOK/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-7592.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "python-chardet", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "T8K0wLud5USYruAj/m0TEQ==": { "id": "T8K0wLud5USYruAj/m0TEQ==", "updater": "rhel-vex", "name": "CVE-2026-0968", "description": "No description is available for this CVE.", "issued": "2026-02-10T18:46:58Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0968 https://bugzilla.redhat.com/show_bug.cgi?id=2436982 https://www.cve.org/CVERecord?id=CVE-2026-0968 https://nvd.nist.gov/vuln/detail/CVE-2026-0968 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0968.json", "severity": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libssh", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "TBSsZAwwnPH/fFHOEaS+9A==": { "id": "TBSsZAwwnPH/fFHOEaS+9A==", "updater": "rhel-vex", "name": "CVE-2026-3644", "description": "A control character validation flaw has been discovered in the Python http.cookie module. The Morsel.update(), |= operator, and unpickling paths were not patched to resolve CVE-2026-0672, allowing control characters to bypass input validation. Additionally, BaseCookie.js_output() lacked the output validation applied to BaseCookie.output().", "issued": "2026-03-16T17:37:31Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3644 https://bugzilla.redhat.com/show_bug.cgi?id=2448168 https://www.cve.org/CVERecord?id=CVE-2026-3644 https://nvd.nist.gov/vuln/detail/CVE-2026-3644 https://github.com/python/cpython/commit/57e88c1cf95e1481b94ae57abe1010469d47a6b4 https://github.com/python/cpython/issues/145599 https://github.com/python/cpython/pull/145600 https://mail.python.org/archives/list/security-announce@python.org/thread/H6CADMBCDRFGWCMOXWUIHFJNV43GABJ7/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3644.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-requests", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "TIUHqaUKKu0zuzq4PMzGjQ==": { "id": "TIUHqaUKKu0zuzq4PMzGjQ==", "updater": "rhel-vex", "name": "CVE-2025-29768", "description": "A flaw was found in Vim's zip.vim plugin. This vulnerability allows potential data loss via specially crafted zip files when a user views the archive in Vim and presses 'x' on an unusual filename.", "issued": "2025-03-13T17:04:56Z", "links": "https://access.redhat.com/security/cve/CVE-2025-29768 https://bugzilla.redhat.com/show_bug.cgi?id=2352418 https://www.cve.org/CVERecord?id=CVE-2025-29768 https://nvd.nist.gov/vuln/detail/CVE-2025-29768 https://github.com/vim/vim/commit/f209dcd3defb95bae21b2740910e6aa7bb940531 https://github.com/vim/vim/security/advisories/GHSA-693p-m996-3rmf https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-29768.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "TLOrmSYL76Du+GI4WD9gMQ==": { "id": "TLOrmSYL76Du+GI4WD9gMQ==", "updater": "rhel-vex", "name": "CVE-2024-34459", "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", "issued": "2024-05-08T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-34459 https://bugzilla.redhat.com/show_bug.cgi?id=2280532 https://www.cve.org/CVERecord?id=CVE-2024-34459 https://nvd.nist.gov/vuln/detail/CVE-2024-34459 https://gitlab.gnome.org/GNOME/libxml2/-/issues/720 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-34459.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "TuBnhFrkwMqIcYtYYgNGNQ==": { "id": "TuBnhFrkwMqIcYtYYgNGNQ==", "updater": "rhel-vex", "name": "CVE-2026-3784", "description": "A flaw was found in curl. This vulnerability allows curl to wrongly reuse an existing HTTP proxy connection when performing a CONNECT request to a server, even if the new request uses different authentication credentials for the HTTP proxy. This improper connection reuse could lead to an attacker gaining unauthorized access to resources or information intended for a different user.", "issued": "2026-03-11T10:09:21Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3784 https://bugzilla.redhat.com/show_bug.cgi?id=2446449 https://www.cve.org/CVERecord?id=CVE-2026-3784 https://nvd.nist.gov/vuln/detail/CVE-2026-3784 http://www.openwall.com/lists/oss-security/2026/03/11/3 https://curl.se/docs/CVE-2026-3784.html https://curl.se/docs/CVE-2026-3784.json https://hackerone.com/reports/3584903 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3784.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Tv6N0BCims5fmH43fbNOmg==": { "id": "Tv6N0BCims5fmH43fbNOmg==", "updater": "rhel-vex", "name": "CVE-2024-7592", "description": "A flaw was found in the `http.cookies` module in the Python package. When parsing cookies that contain backslashes, under certain circumstances, the module uses an algorithm with quadratic complexity, leading to excessive CPU consumption.", "issued": "2024-08-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-7592 https://bugzilla.redhat.com/show_bug.cgi?id=2305879 https://www.cve.org/CVERecord?id=CVE-2024-7592 https://nvd.nist.gov/vuln/detail/CVE-2024-7592 https://github.com/python/cpython/issues/123067 https://github.com/python/cpython/pull/123075 https://mail.python.org/archives/list/security-announce@python.org/thread/HXJAAAALNUNGCQUS2W7WR6GFIZIHFOOK/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-7592.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "python-requests", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "U1be97VjLR6yfSi22DmTAQ==": { "id": "U1be97VjLR6yfSi22DmTAQ==", "updater": "rhel-vex", "name": "CVE-2022-2845", "description": "Improper Validation of Specified Quantity in Input in GitHub repository vim/vim prior to 9.0.0218.", "issued": "2022-08-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-2845 https://bugzilla.redhat.com/show_bug.cgi?id=2119844 https://www.cve.org/CVERecord?id=CVE-2022-2845 https://nvd.nist.gov/vuln/detail/CVE-2022-2845 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-2845.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "UEG6aNWvy75Yh0kBuIwVEQ==": { "id": "UEG6aNWvy75Yh0kBuIwVEQ==", "updater": "rhel-vex", "name": "CVE-2026-0672", "description": "An injection flaw has been discovered in Python. When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control characters within cookie names, values, and parameters.", "issued": "2026-01-20T21:52:33Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0672 https://bugzilla.redhat.com/show_bug.cgi?id=2431374 https://www.cve.org/CVERecord?id=CVE-2026-0672 https://nvd.nist.gov/vuln/detail/CVE-2026-0672 https://github.com/python/cpython/issues/143919 https://github.com/python/cpython/pull/143920 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0672.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-urllib3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "UHPuLzqXgEeZNwKL4JNwbA==": { "id": "UHPuLzqXgEeZNwKL4JNwbA==", "updater": "rhel-vex", "name": "CVE-2025-12781", "description": "A flaw was found in the base64 module in the Python standard library. The b64decode, standard_b64decode and urlsafe_b64decode functions will always accept the '+' and '/' characters even when an alternative base64 alphabet is specified via the altchars parameter that excludes them. This input validation bypass allows malformed or unexpected data to pass through decoding filters, potentially causing logical errors or data integrity issues in applications relying on strict character sets.", "issued": "2026-01-21T19:34:47Z", "links": "https://access.redhat.com/security/cve/CVE-2025-12781 https://bugzilla.redhat.com/show_bug.cgi?id=2431736 https://www.cve.org/CVERecord?id=CVE-2025-12781 https://nvd.nist.gov/vuln/detail/CVE-2025-12781 https://github.com/python/cpython/issues/125346 https://github.com/python/cpython/pull/141128 https://mail.python.org/archives/list/security-announce@python.org/thread/KRI7GC6S27YV5NJ4FPDALS2WI5ENAFJ6/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-12781.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-urllib3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "UMD4nV1Ky5C5eKUMgtnKzw==": { "id": "UMD4nV1Ky5C5eKUMgtnKzw==", "updater": "rhel-vex", "name": "CVE-2021-20193", "description": "A flaw was found in the src/list.c of tar. This flaw allows an attacker who can submit a crafted input file to tar to cause uncontrolled consumption of memory. The highest threat from this vulnerability is to system availability.", "issued": "2021-01-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-20193 https://bugzilla.redhat.com/show_bug.cgi?id=1917565 https://www.cve.org/CVERecord?id=CVE-2021-20193 https://nvd.nist.gov/vuln/detail/CVE-2021-20193 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-20193.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "tar", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "UOAlOehogrqcbNaDKr0doQ==": { "id": "UOAlOehogrqcbNaDKr0doQ==", "updater": "rhel-vex", "name": "CVE-2024-47814", "description": "A flaw was found in Vim. When closing a buffer visible in a window, a `BufWinLeave` auto command can trigger a use-after-free if this auto command happens to reopen the same buffer in a new split window. This issue can potentially cause Vim to crash, leading to a denial of service.", "issued": "2024-10-07T21:16:01Z", "links": "https://access.redhat.com/security/cve/CVE-2024-47814 https://bugzilla.redhat.com/show_bug.cgi?id=2317096 https://www.cve.org/CVERecord?id=CVE-2024-47814 https://nvd.nist.gov/vuln/detail/CVE-2024-47814 https://github.com/vim/vim/commit/51b62387be93c65fa56bbabe1c3 https://github.com/vim/vim/security/advisories/GHSA-rj48-v4mq-j4vg https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-47814.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "UOrqZdPsDAE7TMBGzRjRYw==": { "id": "UOrqZdPsDAE7TMBGzRjRYw==", "updater": "rhel-vex", "name": "CVE-2025-22134", "description": "A flaw was found in Vim. Due to Vim not properly terminating visual mode, a heap buffer overflow condition may be triggered when a user switches buffers using the `:all` command. This issue may lead to unexpected behavior, such as an application crash or memory corruption.", "issued": "2025-01-13T20:41:08Z", "links": "https://access.redhat.com/security/cve/CVE-2025-22134 https://bugzilla.redhat.com/show_bug.cgi?id=2337437 https://www.cve.org/CVERecord?id=CVE-2025-22134 https://nvd.nist.gov/vuln/detail/CVE-2025-22134 https://github.com/vim/vim/commit/c9a1e257f1630a0866447e53a564f7ff96a80ead https://github.com/vim/vim/security/advisories/GHSA-5rgf-26wj-48v8 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-22134.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "UPzTyNn8ZLXlb+bwRFPPTA==": { "id": "UPzTyNn8ZLXlb+bwRFPPTA==", "updater": "rhel-vex", "name": "CVE-2023-2650", "description": "A flaw was found in OpenSSL resulting in a possible denial of service while translating ASN.1 object identifiers. Applications that use OBJ_obj2txt() directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience long delays when processing messages, which may lead to a denial of service.", "issued": "2023-05-30T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-2650 https://bugzilla.redhat.com/show_bug.cgi?id=2207947 https://www.cve.org/CVERecord?id=CVE-2023-2650 https://nvd.nist.gov/vuln/detail/CVE-2023-2650 https://www.openssl.org/news/secadv/20230530.txt https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-2650.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "UbmdE2pHXRFccv8l1e02Jw==": { "id": "UbmdE2pHXRFccv8l1e02Jw==", "updater": "rhel-vex", "name": "CVE-2023-4156", "description": "A heap out-of-bounds read flaw was found in builtin.c in the gawk package. This issue may lead to a crash and could be used to read sensitive information.", "issued": "2023-06-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4156 https://bugzilla.redhat.com/show_bug.cgi?id=2215930 https://www.cve.org/CVERecord?id=CVE-2023-4156 https://nvd.nist.gov/vuln/detail/CVE-2023-4156 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4156.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "gawk", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "UfDqdDXC4UjrcGdw3H8XUw==": { "id": "UfDqdDXC4UjrcGdw3H8XUw==", "updater": "rhel-vex", "name": "CVE-2022-0391", "description": "A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\\r' and '\\n' in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks.", "issued": "2021-04-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-0391 https://bugzilla.redhat.com/show_bug.cgi?id=2047376 https://www.cve.org/CVERecord?id=CVE-2022-0391 https://nvd.nist.gov/vuln/detail/CVE-2022-0391 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-0391.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-idna", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "UgwdZtkosQeghW09BsfJjA==": { "id": "UgwdZtkosQeghW09BsfJjA==", "updater": "rhel-vex", "name": "CVE-2024-47081", "description": "A flaw was found in the Requests HTTP library. This vulnerability allows leakage of .netrc credentials to third parties via maliciously crafted URLs that exploit a URL parsing issue.", "issued": "2025-06-09T17:57:47Z", "links": "https://access.redhat.com/security/cve/CVE-2024-47081 https://bugzilla.redhat.com/show_bug.cgi?id=2371272 https://www.cve.org/CVERecord?id=CVE-2024-47081 https://nvd.nist.gov/vuln/detail/CVE-2024-47081 http://seclists.org/fulldisclosure/2025/Jun/2 http://www.openwall.com/lists/oss-security/2025/06/03/11 http://www.openwall.com/lists/oss-security/2025/06/03/9 http://www.openwall.com/lists/oss-security/2025/06/04/1 http://www.openwall.com/lists/oss-security/2025/06/04/6 https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef https://github.com/psf/requests/pull/6965 https://github.com/psf/requests/security/advisories/GHSA-9hjg-9r4m-mvj7 https://requests.readthedocs.io/en/latest/api/#requests.Session.trust_env https://seclists.org/fulldisclosure/2025/Jun/2 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-47081.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-requests", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Uixi3NpD7bsj8347JEnfwg==": { "id": "Uixi3NpD7bsj8347JEnfwg==", "updater": "rhel-vex", "name": "CVE-2026-2297", "description": "A flaw was found in CPython. This vulnerability allows a local user with low privileges to bypass security auditing mechanisms. The issue occurs because the SourcelessFileLoader component, responsible for handling older Python compiled files (.pyc), does not properly trigger system audit events. This oversight could enable malicious activities to go undetected, compromising the integrity of the system.", "issued": "2026-03-04T22:10:43Z", "links": "https://access.redhat.com/security/cve/CVE-2026-2297 https://bugzilla.redhat.com/show_bug.cgi?id=2444691 https://www.cve.org/CVERecord?id=CVE-2026-2297 https://nvd.nist.gov/vuln/detail/CVE-2026-2297 https://github.com/python/cpython/commit/482d6f8bdba9da3725d272e8bb4a2d25fb6a603e https://github.com/python/cpython/commit/a51b1b512de1d56b3714b65628a2eae2b07e535e https://github.com/python/cpython/commit/e58e9802b9bec5cdbf48fc9bf1da5f4fda482e86 https://github.com/python/cpython/issues/145506 https://github.com/python/cpython/pull/145507 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-2297.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "python-requests", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "UoEFDYM+Gqf2mdRJh5HUFw==": { "id": "UoEFDYM+Gqf2mdRJh5HUFw==", "updater": "rhel-vex", "name": "CVE-2025-45582", "description": "A relative path traversal flaw was found in the gnu tar utility. When archives with relative paths are extracted without the ‘--keep-old-files’ (‘-k’), the extraction process may overwrite existing files that the current user has access to. The server may be impacted if these files are critical to the operation of some service.", "issued": "2025-07-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-45582 https://bugzilla.redhat.com/show_bug.cgi?id=2379592 https://www.cve.org/CVERecord?id=CVE-2025-45582 https://nvd.nist.gov/vuln/detail/CVE-2025-45582 https://github.com/i900008/vulndb/blob/main/Gnu_tar_vuln.md https://www.gnu.org/software/tar/ https://www.gnu.org/software/tar/manual/html_node/Integrity.html#Integrity https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-45582.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "tar", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "V/VaeR+VQP9ghCWJlyIJiw==": { "id": "V/VaeR+VQP9ghCWJlyIJiw==", "updater": "rhel-vex", "name": "CVE-2023-0512", "description": "A divide-by-zero flaw was found in Vim's adjust_skipcol() function in the move.c file. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering a floating point exception error and causing an application to crash, eventually leading to a denial of service.", "issued": "2023-01-30T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-0512 https://bugzilla.redhat.com/show_bug.cgi?id=2165798 https://www.cve.org/CVERecord?id=CVE-2023-0512 https://nvd.nist.gov/vuln/detail/CVE-2023-0512 https://huntr.dev/bounties/de83736a-1936-4872-830b-f1e9b0ad2a74 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-0512.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "V0dW0FHIKMPfoxwf/zxegA==": { "id": "V0dW0FHIKMPfoxwf/zxegA==", "updater": "rhel-vex", "name": "CVE-2023-48706", "description": "A heap use-after-free flaw was found in the vim package. When executing a `:s` command for the first time and using a sub-replace-special atom inside the substitution part, it is possible that the recursive `:s` call causes memory to be freed, which may later then be accessed by the initial `:s` command. This issue may result in Vim crashing.", "issued": "2023-11-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-48706 https://bugzilla.redhat.com/show_bug.cgi?id=2251118 https://www.cve.org/CVERecord?id=CVE-2023-48706 https://nvd.nist.gov/vuln/detail/CVE-2023-48706 http://www.openwall.com/lists/oss-security/2023/11/22/3 https://github.com/vim/vim/security/advisories/GHSA-c8qm-x72m-q53q https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-48706.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "V2CgExfOPEvJaof825pkpg==": { "id": "V2CgExfOPEvJaof825pkpg==", "updater": "rhel-vex", "name": "CVE-2023-48235", "description": "A flaw as found in Vim, an open source command line text editor. When parsing relative ex addresses, one may unintentionally cause an overflow. Ironically, this happens in the existing overflow check because the line number becomes negative and LONG_MAX - lnum will cause the overflow. The impact is low because user interaction is required and a crash may not happen in all situations.", "issued": "2023-11-16T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-48235 https://bugzilla.redhat.com/show_bug.cgi?id=2250272 https://www.cve.org/CVERecord?id=CVE-2023-48235 https://nvd.nist.gov/vuln/detail/CVE-2023-48235 http://www.openwall.com/lists/oss-security/2023/11/16/1 https://github.com/vim/vim/commit/060623e4a3bc72b011e7cd92bedb3bfb64e06200 https://github.com/vim/vim/security/advisories/GHSA-6g74-hr6q-pr8g https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-48235.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "V6WiZIJiGpkWp76w/xMpMg==": { "id": "V6WiZIJiGpkWp76w/xMpMg==", "updater": "rhel-vex", "name": "CVE-2021-3927", "description": "A flaw was found in vim. A possible heap-based buffer overflow could allow an attacker to input a specially crafted file leading to a crash or code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "issued": "2021-10-26T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-3927 https://bugzilla.redhat.com/show_bug.cgi?id=2021290 https://www.cve.org/CVERecord?id=CVE-2021-3927 https://nvd.nist.gov/vuln/detail/CVE-2021-3927 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-3927.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "VLzwKVDYC7fQrtcpCzjXjA==": { "id": "VLzwKVDYC7fQrtcpCzjXjA==", "updater": "rhel-vex", "name": "CVE-2025-69418", "description": "A flaw was found in OpenSSL. When applications directly call the low-level CRYPTO_ocb128_encrypt() or CRYPTO_ocb128_decrypt() functions with non-block-aligned lengths in a single call on hardware-accelerated builds, the trailing 1-15 bytes of a message may be exposed in cleartext. These exposed bytes are not covered by the authentication tag, allowing an attacker to read or tamper with them without detection.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-69418 https://bugzilla.redhat.com/show_bug.cgi?id=2430381 https://www.cve.org/CVERecord?id=CVE-2025-69418 https://nvd.nist.gov/vuln/detail/CVE-2025-69418 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69418.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "VW1GAyIwhh7S5uYWVWHndg==": { "id": "VW1GAyIwhh7S5uYWVWHndg==", "updater": "rhel-vex", "name": "CVE-2026-0865", "description": "Missing newline filtering has been discovered in Python. User-controlled header names and values containing newlines can allow injecting HTTP headers.", "issued": "2026-01-20T21:26:15Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0865 https://bugzilla.redhat.com/show_bug.cgi?id=2431367 https://www.cve.org/CVERecord?id=CVE-2026-0865 https://nvd.nist.gov/vuln/detail/CVE-2026-0865 https://github.com/python/cpython/issues/143916 https://github.com/python/cpython/pull/143917 https://mail.python.org/archives/list/security-announce@python.org/thread/BJ6QPHNSHJTS3A7CFV6IBMCAP2DWRVNT/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0865.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-pysocks", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "VsocCwaFpF6PzdX5PxR+sQ==": { "id": "VsocCwaFpF6PzdX5PxR+sQ==", "updater": "rhel-vex", "name": "CVE-2020-19185", "description": "A flaw has been identified in the ncurses library. This issue occurs when processing a crafted terminfo database, causing a heap-based buffer overflow, resulting in an application crash, causing denial of service.", "issued": "2019-05-03T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-19185 https://bugzilla.redhat.com/show_bug.cgi?id=2234924 https://www.cve.org/CVERecord?id=CVE-2020-19185 https://nvd.nist.gov/vuln/detail/CVE-2020-19185 https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-19185.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "VxFvUIFW/ggjbRiLIr95eA==": { "id": "VxFvUIFW/ggjbRiLIr95eA==", "updater": "rhel-vex", "name": "CVE-2022-3352", "description": "Use After Free in GitHub repository vim/vim prior to 9.0.0614.", "issued": "2022-09-29T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-3352 https://bugzilla.redhat.com/show_bug.cgi?id=2131087 https://www.cve.org/CVERecord?id=CVE-2022-3352 https://nvd.nist.gov/vuln/detail/CVE-2022-3352 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-3352.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "W/DMqBRMDYVkVH3D67luGg==": { "id": "W/DMqBRMDYVkVH3D67luGg==", "updater": "rhel-vex", "name": "CVE-2025-64118", "description": "A flaw was found in node-tar, a Tar utility for Node.js. This vulnerability allows a local attacker to potentially disclose sensitive information. When the .t (or .list) function is used with { sync: true } to read tar entry contents, and the tar file is concurrently modified on disk to a smaller size, the function may return uninitialized memory contents. This could lead to the exposure of arbitrary data.", "issued": "2025-10-30T17:50:20Z", "links": "https://access.redhat.com/security/cve/CVE-2025-64118 https://bugzilla.redhat.com/show_bug.cgi?id=2407440 https://www.cve.org/CVERecord?id=CVE-2025-64118 https://nvd.nist.gov/vuln/detail/CVE-2025-64118 https://github.com/isaacs/node-tar/commit/5330eb04bc43014f216e5c271b40d5c00d45224d https://github.com/isaacs/node-tar/issues/445 https://github.com/isaacs/node-tar/pull/446 https://github.com/isaacs/node-tar/security/advisories/GHSA-29xp-372q-xqph https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-64118.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "tar", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "W/d4trZ7jb2yxjrq4cNOWA==": { "id": "W/d4trZ7jb2yxjrq4cNOWA==", "updater": "rhel-vex", "name": "CVE-2022-3219", "description": "A vulnerability was found in GnuPG. GnuPG can spin on a relatively small input by crafting a public key with thousands of signatures attached and compressed down to a few kilobytes. This issue can potentially cause a denial of service.", "issued": "2022-09-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-3219 https://bugzilla.redhat.com/show_bug.cgi?id=2127010 https://www.cve.org/CVERecord?id=CVE-2022-3219 https://nvd.nist.gov/vuln/detail/CVE-2022-3219 https://dev.gnupg.org/D556 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-3219.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "W/luN+8ATXgpDXBwGSF/pg==": { "id": "W/luN+8ATXgpDXBwGSF/pg==", "updater": "rhel-vex", "name": "CVE-2024-7592", "description": "A flaw was found in the `http.cookies` module in the Python package. When parsing cookies that contain backslashes, under certain circumstances, the module uses an algorithm with quadratic complexity, leading to excessive CPU consumption.", "issued": "2024-08-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-7592 https://bugzilla.redhat.com/show_bug.cgi?id=2305879 https://www.cve.org/CVERecord?id=CVE-2024-7592 https://nvd.nist.gov/vuln/detail/CVE-2024-7592 https://github.com/python/cpython/issues/123067 https://github.com/python/cpython/pull/123075 https://mail.python.org/archives/list/security-announce@python.org/thread/HXJAAAALNUNGCQUS2W7WR6GFIZIHFOOK/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-7592.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "python-idna", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "WcChSpNAL6V9Xfxc9AqW7g==": { "id": "WcChSpNAL6V9Xfxc9AqW7g==", "updater": "rhel-vex", "name": "CVE-2025-15469", "description": "A flaw was found in openssl. When a user signs or verifies files larger than 16MB using the `openssl dgst` command with one-shot algorithms, the tool silently truncates the input to 16MB. This creates an integrity gap, allowing trailing data beyond the initial 16MB to be modified without detection because it remains unauthenticated. This vulnerability primarily impacts workflows that both sign and verify files using the affected `openssl dgst` command.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15469 https://bugzilla.redhat.com/show_bug.cgi?id=2430378 https://www.cve.org/CVERecord?id=CVE-2025-15469 https://nvd.nist.gov/vuln/detail/CVE-2025-15469 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15469.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "WrpEmXG3UQVXDtuJyW9Xqw==": { "id": "WrpEmXG3UQVXDtuJyW9Xqw==", "updater": "rhel-vex", "name": "CVE-2023-48231", "description": "A heap use-after-free flaw was found in the vim package. When executing a `:s` command for the first time and using a sub-replace-special atom inside the substitution, it is possible that the recursive `:s` call causes memory to be freed, which may later then be accessed by the initial `:s` command. This issue may result in Vim crashing.", "issued": "2023-11-16T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-48231 https://bugzilla.redhat.com/show_bug.cgi?id=2250268 https://www.cve.org/CVERecord?id=CVE-2023-48231 https://nvd.nist.gov/vuln/detail/CVE-2023-48231 http://www.openwall.com/lists/oss-security/2023/11/16/1 https://github.com/vim/vim/commit/25aabc2b8ee1e19ced6f4da9d866cf9378fc4c5a https://github.com/vim/vim/security/advisories/GHSA-8g46-v9ff-c765 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-48231.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "X76rv8qz0AOeJGI5l/lqrQ==": { "id": "X76rv8qz0AOeJGI5l/lqrQ==", "updater": "rhel-vex", "name": "CVE-2026-4519", "description": "A flaw was found in Python. The `webbrowser.open()` API, used to launch web browsers, does not properly sanitize input. This allows a remote attacker to craft a malicious URL containing leading dashes. When such a URL is opened, certain web browsers may interpret these dashes as command-line options, which could lead to unexpected behavior, information disclosure, or potentially arbitrary code execution, impacting the integrity of the system.", "issued": "2026-03-20T15:08:32Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4519 https://bugzilla.redhat.com/show_bug.cgi?id=2449649 https://www.cve.org/CVERecord?id=CVE-2026-4519 https://nvd.nist.gov/vuln/detail/CVE-2026-4519 https://github.com/python/cpython/issues/143930 https://github.com/python/cpython/pull/143931 https://mail.python.org/archives/list/security-announce@python.org/thread/AY5NDSS433JK56Q7Q5IS7B37QFZVVOUS/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4519.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L", "normalized_severity": "High", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "X7m1cNxZLfIu0QhEhZjOnw==": { "id": "X7m1cNxZLfIu0QhEhZjOnw==", "updater": "rhel-vex", "name": "CVE-2025-11468", "description": "Missing character filtering has been discovered in Python. When folding a long comment in an email header containing exclusively unfoldable characters, the parenthesis would not be preserved. This could be used for injecting headers into email messages where addresses are user-controlled and not sanitized.", "issued": "2026-01-20T21:09:11Z", "links": "https://access.redhat.com/security/cve/CVE-2025-11468 https://bugzilla.redhat.com/show_bug.cgi?id=2431375 https://www.cve.org/CVERecord?id=CVE-2025-11468 https://nvd.nist.gov/vuln/detail/CVE-2025-11468 https://github.com/python/cpython/issues/143935 https://github.com/python/cpython/pull/143936 https://mail.python.org/archives/list/security-announce@python.org/thread/FELSEOLBI2QR6YLG6Q7VYF7FWSGQTKLI/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-11468.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-requests", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "XBPbp8y7tQfOXxugP7H2xg==": { "id": "XBPbp8y7tQfOXxugP7H2xg==", "updater": "rhel-vex", "name": "CVE-2022-2343", "description": "A heap-based buffer overflow was found in Vim in the ins_compl_add function in the insexpand.c file. This issue occurs due to a read past the end of a buffer when a specially crafted input is processed. This flaw allows an attacker who can trick a user into opening a specially crafted file into triggering the heap-based buffer overflow, causing the application to crash, possibly executing code and corrupting memory.", "issued": "2022-07-06T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-2343 https://bugzilla.redhat.com/show_bug.cgi?id=2106779 https://www.cve.org/CVERecord?id=CVE-2022-2343 https://nvd.nist.gov/vuln/detail/CVE-2022-2343 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-2343.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "XBiy/XVR6SoThCkYUmkD1g==": { "id": "XBiy/XVR6SoThCkYUmkD1g==", "updater": "rhel-vex", "name": "CVE-2026-33056", "description": "A flaw was found in tar-rs, a Rust library for reading and writing tar archives. When unpacking a crafted tar archive, an attacker can exploit a symbolic link vulnerability. By including a symlink followed by a directory with the same name, the library incorrectly applies file permissions to the symlink's target. This allows an attacker to modify the permissions of arbitrary directories outside the intended extraction location.", "issued": "2026-03-20T07:11:10Z", "links": "https://access.redhat.com/security/cve/CVE-2026-33056 https://bugzilla.redhat.com/show_bug.cgi?id=2449490 https://www.cve.org/CVERecord?id=CVE-2026-33056 https://nvd.nist.gov/vuln/detail/CVE-2026-33056 https://github.com/alexcrichton/tar-rs/commit/17b1fd84e632071cb8eef9d3709bf347bd266446 https://github.com/alexcrichton/tar-rs/security/advisories/GHSA-j4xf-2g29-59ph https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33056.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "tar", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "XP670IqcB/aFplD9WLyt7w==": { "id": "XP670IqcB/aFplD9WLyt7w==", "updater": "rhel-vex", "name": "CVE-2025-69652", "description": "A flaw was found in binutils. Processing a specially crafted ELF binary file containing malformed DWARF abbrev or debug information with the readelf program using the -w abbrev command line option can trigger an abort, causing a crash and resulting in a denial of service.", "issued": "2026-03-06T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-69652 https://bugzilla.redhat.com/show_bug.cgi?id=2445296 https://www.cve.org/CVERecord?id=CVE-2025-69652 https://nvd.nist.gov/vuln/detail/CVE-2025-69652 https://sourceware.org/bugzilla/show_bug.cgi?id=33701 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=44b79abd0fa12e7947252eb4c6e5d16ed6033e01 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69652.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gdb", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "XPOG4An8TvwJ6LYP+35lBg==": { "id": "XPOG4An8TvwJ6LYP+35lBg==", "updater": "rhel-vex", "name": "CVE-2023-1170", "description": "A heap-based buffer overflow vulnerability was found in Vim's utf_ptr2char() function of the src/mbyte.c file. This flaw occurs because there is access to invalid memory with put in visual block mode. An attacker can trick a user into opening a specially crafted file, triggering an out-of-bounds read that causes an application to crash, leading to a denial of service.", "issued": "2023-03-04T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-1170 https://bugzilla.redhat.com/show_bug.cgi?id=2176462 https://www.cve.org/CVERecord?id=CVE-2023-1170 https://nvd.nist.gov/vuln/detail/CVE-2023-1170 https://huntr.dev/bounties/286e0090-e654-46d2-ac60-29f81799d0a4 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-1170.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "XSE0A5He8iDNjDGX19fZ+Q==": { "id": "XSE0A5He8iDNjDGX19fZ+Q==", "updater": "rhel-vex", "name": "CVE-2023-2609", "description": "NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1531.", "issued": "2023-05-09T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-2609 https://bugzilla.redhat.com/show_bug.cgi?id=2209050 https://www.cve.org/CVERecord?id=CVE-2023-2609 https://nvd.nist.gov/vuln/detail/CVE-2023-2609 https://huntr.dev/bounties/1679be5a-565f-4a44-a430-836412a0b622 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-2609.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "XbpXfbeApuDuIKvY0/qWiA==": { "id": "XbpXfbeApuDuIKvY0/qWiA==", "updater": "rhel-vex", "name": "CVE-2026-3731", "description": "A flaw was found in libssh. A remote attacker could trigger an out-of-bounds read vulnerability in the SFTP Extension Name Handler by manipulating the `idx` argument in the `sftp_extensions_get_name` or `sftp_extensions_get_data` functions. This could lead to a Denial of Service (DoS), making the affected system unresponsive.", "issued": "2026-03-08T10:32:19Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3731 https://bugzilla.redhat.com/show_bug.cgi?id=2445579 https://www.cve.org/CVERecord?id=CVE-2026-3731 https://nvd.nist.gov/vuln/detail/CVE-2026-3731 https://gitlab.com/libssh/libssh-mirror/-/commit/855a0853ad3abd4a6cd85ce06fce6d8d4c7a0b60 https://vuldb.com/?ctiid.349709 https://vuldb.com/?id.349709 https://vuldb.com/?submit.767120 https://www.libssh.org/files/0.12/libssh-0.12.0.tar.xz https://www.libssh.org/security/advisories/libssh-2026-sftp-extensions.txt https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3731.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "libssh", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Xef33helMNY0m81xUaoICA==": { "id": "Xef33helMNY0m81xUaoICA==", "updater": "rhel-vex", "name": "CVE-2025-12781", "description": "A flaw was found in the base64 module in the Python standard library. The b64decode, standard_b64decode and urlsafe_b64decode functions will always accept the '+' and '/' characters even when an alternative base64 alphabet is specified via the altchars parameter that excludes them. This input validation bypass allows malformed or unexpected data to pass through decoding filters, potentially causing logical errors or data integrity issues in applications relying on strict character sets.", "issued": "2026-01-21T19:34:47Z", "links": "https://access.redhat.com/security/cve/CVE-2025-12781 https://bugzilla.redhat.com/show_bug.cgi?id=2431736 https://www.cve.org/CVERecord?id=CVE-2025-12781 https://nvd.nist.gov/vuln/detail/CVE-2025-12781 https://github.com/python/cpython/issues/125346 https://github.com/python/cpython/pull/141128 https://mail.python.org/archives/list/security-announce@python.org/thread/KRI7GC6S27YV5NJ4FPDALS2WI5ENAFJ6/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-12781.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-requests", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "XygysGe2kdlyCRQHM1fu3w==": { "id": "XygysGe2kdlyCRQHM1fu3w==", "updater": "rhel-vex", "name": "CVE-2025-5917", "description": "A vulnerability has been identified in the libarchive library. This flaw involves an 'off-by-one' miscalculation when handling prefixes and suffixes for file names. This can lead to a 1-byte write overflow. While seemingly small, such an overflow can corrupt adjacent memory, leading to unpredictable program behavior, crashes, or in specific circumstances, could be leveraged as a building block for more sophisticated exploitation. This bug affects libarchive versions prior to 3.8.0.", "issued": "2025-05-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5917 https://bugzilla.redhat.com/show_bug.cgi?id=2370874 https://www.cve.org/CVERecord?id=CVE-2025-5917 https://nvd.nist.gov/vuln/detail/CVE-2025-5917 https://github.com/libarchive/libarchive/pull/2588 https://github.com/libarchive/libarchive/releases/tag/v3.8.0 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5917.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "YMiTPWo8SG0+9AgJSFVFYQ==": { "id": "YMiTPWo8SG0+9AgJSFVFYQ==", "updater": "rhel-vex", "name": "CVE-2024-22667", "description": "A stack-based buffer overflow flaw was found in Vim. The did_set_langmap function in map.c calls sprintf to write to the error buffer that is passed down to the option callback functions. That buffer can be overflown, possibly leading to memory corruption and escalation of privileges.", "issued": "2024-02-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-22667 https://bugzilla.redhat.com/show_bug.cgi?id=2262999 https://www.cve.org/CVERecord?id=CVE-2024-22667 https://nvd.nist.gov/vuln/detail/CVE-2024-22667 https://github.com/vim/vim/commit/b39b240c386a5a29241415541f1c99e2e6b8ce47 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-22667.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "YQrL91DJL9zY732ctog9Ng==": { "id": "YQrL91DJL9zY732ctog9Ng==", "updater": "rhel-vex", "name": "CVE-2023-48237", "description": "A flaw was found in Vim, an open source command line text editor. In affected versions, when shifting lines in operator pending mode and using a large value, it may be possible to overflow the size of the integer. The impact is low because user interaction is required and a crash may not happen in all situations.", "issued": "2023-11-16T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-48237 https://bugzilla.redhat.com/show_bug.cgi?id=2250274 https://www.cve.org/CVERecord?id=CVE-2023-48237 https://nvd.nist.gov/vuln/detail/CVE-2023-48237 http://www.openwall.com/lists/oss-security/2023/11/16/1 https://github.com/vim/vim/commit/6bf131888a3d1de62bbfa8a7ea03c0ddccfd496e https://github.com/vim/vim/security/advisories/GHSA-f2m2-v387-gv87 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-48237.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "YiJlkUTKf0/7+ORZMmQ2cw==": { "id": "YiJlkUTKf0/7+ORZMmQ2cw==", "updater": "rhel-vex", "name": "CVE-2025-25724", "description": "A flaw was found in the libarchive package. Affected versions of libarchive do not check a strftime return value, which can lead to a denial of service or unspecified other impacts via a crafted TAR archive that is read with a verbose value of 2. For example, the 100-byte buffer may not be sufficient for a custom locale.", "issued": "2025-03-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-25724 https://bugzilla.redhat.com/show_bug.cgi?id=2349221 https://www.cve.org/CVERecord?id=CVE-2025-25724 https://nvd.nist.gov/vuln/detail/CVE-2025-25724 https://gist.github.com/Ekkosun/a83870ce7f3b7813b9b462a395e8ad92 https://github.com/Ekkosun/pocs/blob/main/bsdtarbug https://github.com/libarchive/libarchive/blob/b439d586f53911c84be5e380445a8a259e19114c/tar/util.c#L751-L752 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-25724.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Z8ui/8R+NfFb7zLfc+Vxgw==": { "id": "Z8ui/8R+NfFb7zLfc+Vxgw==", "updater": "rhel-vex", "name": "CVE-2018-20786", "description": "libvterm through 0+bzr726, as used in Vim and other products, mishandles certain out-of-memory conditions, leading to a denial of service (application crash), related to screen.c, state.c, and vterm.c.", "issued": "2018-12-24T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2018-20786 https://bugzilla.redhat.com/show_bug.cgi?id=1680588 https://www.cve.org/CVERecord?id=CVE-2018-20786 https://nvd.nist.gov/vuln/detail/CVE-2018-20786 https://security.access.redhat.com/data/csaf/v2/vex/2018/cve-2018-20786.json", "severity": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ZTGiJlkqcqrCLJSY/Sq8lA==": { "id": "ZTGiJlkqcqrCLJSY/Sq8lA==", "updater": "rhel-vex", "name": "CVE-2020-19186", "description": "A flaw has been identified in the ncurses library. This issue occurs when processing a crafted terminfo database, causing a buffer over-read, resulting in an application crash.", "issued": "2019-05-03T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-19186 https://bugzilla.redhat.com/show_bug.cgi?id=2234908 https://www.cve.org/CVERecord?id=CVE-2020-19186 https://nvd.nist.gov/vuln/detail/CVE-2020-19186 https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-19186.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ZkEez7f24VNVhTaTCDhuEg==": { "id": "ZkEez7f24VNVhTaTCDhuEg==", "updater": "rhel-vex", "name": "CVE-2025-15468", "description": "A flaw was found in openssl. A remote attacker could trigger a NULL pointer dereference by sending an unknown or unsupported cipher ID during the client hello callback in applications using the QUIC (Quick UDP Internet Connections) protocol. This vulnerability, occurring when the SSL_CIPHER_find() function is called in this specific context, leads to an abnormal termination of the running process, causing a Denial of Service (DoS).", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15468 https://bugzilla.redhat.com/show_bug.cgi?id=2430377 https://www.cve.org/CVERecord?id=CVE-2025-15468 https://nvd.nist.gov/vuln/detail/CVE-2025-15468 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15468.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ZlxfTVb/4bi6yWQ+JLaOnw==": { "id": "ZlxfTVb/4bi6yWQ+JLaOnw==", "updater": "rhel-vex", "name": "CVE-2026-2297", "description": "A flaw was found in CPython. This vulnerability allows a local user with low privileges to bypass security auditing mechanisms. The issue occurs because the SourcelessFileLoader component, responsible for handling older Python compiled files (.pyc), does not properly trigger system audit events. This oversight could enable malicious activities to go undetected, compromising the integrity of the system.", "issued": "2026-03-04T22:10:43Z", "links": "https://access.redhat.com/security/cve/CVE-2026-2297 https://bugzilla.redhat.com/show_bug.cgi?id=2444691 https://www.cve.org/CVERecord?id=CVE-2026-2297 https://nvd.nist.gov/vuln/detail/CVE-2026-2297 https://github.com/python/cpython/commit/482d6f8bdba9da3725d272e8bb4a2d25fb6a603e https://github.com/python/cpython/commit/a51b1b512de1d56b3714b65628a2eae2b07e535e https://github.com/python/cpython/commit/e58e9802b9bec5cdbf48fc9bf1da5f4fda482e86 https://github.com/python/cpython/issues/145506 https://github.com/python/cpython/pull/145507 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-2297.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Znm2hdK/FULQhTTGTVX59Q==": { "id": "Znm2hdK/FULQhTTGTVX59Q==", "updater": "rhel-vex", "name": "CVE-2026-3783", "description": "A flaw was found in curl. When an OAuth2 bearer token is used for an HTTP(S) transfer that redirects to a second URL, curl could unintentionally leak the token. This occurs if the second hostname has entries in the `.netrc` file, allowing the bearer token intended for the first host to be sent to the redirected host. This information disclosure could allow an attacker to gain unauthorized access.", "issued": "2026-03-11T10:09:08Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3783 https://bugzilla.redhat.com/show_bug.cgi?id=2446450 https://www.cve.org/CVERecord?id=CVE-2026-3783 https://nvd.nist.gov/vuln/detail/CVE-2026-3783 http://www.openwall.com/lists/oss-security/2026/03/11/2 https://curl.se/docs/CVE-2026-3783.html https://curl.se/docs/CVE-2026-3783.json https://hackerone.com/reports/3583983 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3783.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Zp9+pixFuNBueE2yO610gQ==": { "id": "Zp9+pixFuNBueE2yO610gQ==", "updater": "rhel-vex", "name": "CVE-2024-56433", "description": "A flaw was found in shadow-utils. Affected versions of shadow-utils establish a default /etc/subuid behavior, for example, uid 100000 through 165535 for the first user account, that can conflict with the uids of users defined on locally administered networks. This issue potentially leads to account takeover by leveraging newuidmap for access to an NFS home directory or same-host resources for remote logins by these local network users.", "issued": "2024-12-26T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-56433 https://bugzilla.redhat.com/show_bug.cgi?id=2334165 https://www.cve.org/CVERecord?id=CVE-2024-56433 https://nvd.nist.gov/vuln/detail/CVE-2024-56433 https://github.com/shadow-maint/shadow/blob/e2512d5741d4a44bdd81a8c2d0029b6222728cf0/etc/login.defs#L238-L241 https://github.com/shadow-maint/shadow/issues/1157 https://github.com/shadow-maint/shadow/releases/tag/4.4 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-56433.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "shadow-utils", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ZvX4VR3jvMBd1Wq+RxNTgg==": { "id": "ZvX4VR3jvMBd1Wq+RxNTgg==", "updater": "rhel-vex", "name": "CVE-2020-35512", "description": "A use-after-free flaw was found in D-Bus when a system has multiple usernames sharing the same UID. When a set of policy rules references these usernames, D-Bus may free some memory in the heap, which is still used by data structures necessary for the other usernames sharing the UID, possibly leading to a crash or other undefined behaviors.", "issued": "2020-06-30T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-35512 https://bugzilla.redhat.com/show_bug.cgi?id=1909101 https://www.cve.org/CVERecord?id=CVE-2020-35512 https://nvd.nist.gov/vuln/detail/CVE-2020-35512 https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-35512.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "dbus", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "Zx0z+bRcZxzR1A+jusBsAA==": { "id": "Zx0z+bRcZxzR1A+jusBsAA==", "updater": "rhel-vex", "name": "CVE-2025-12084", "description": "A flaw was found in cpython. This vulnerability allows impacted availability via a quadratic algorithm in `xml.dom.minidom` methods, such as `appendChild()`, when building excessively nested documents due to a dependency on `_clear_id_cache()`", "issued": "2025-12-03T18:55:32Z", "links": "https://access.redhat.com/security/cve/CVE-2025-12084 https://bugzilla.redhat.com/show_bug.cgi?id=2418655 https://www.cve.org/CVERecord?id=CVE-2025-12084 https://nvd.nist.gov/vuln/detail/CVE-2025-12084 https://github.com/python/cpython/issues/142145 https://github.com/python/cpython/pull/142146 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-12084.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "python-idna", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "a067YUjLHWzR99JNl/RtGQ==": { "id": "a067YUjLHWzR99JNl/RtGQ==", "updater": "rhel-vex", "name": "CVE-2025-4598", "description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process.\n\nA SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "issued": "2025-05-29T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-4598 https://bugzilla.redhat.com/show_bug.cgi?id=2369242 https://www.cve.org/CVERecord?id=CVE-2025-4598 https://nvd.nist.gov/vuln/detail/CVE-2025-4598 https://www.openwall.com/lists/oss-security/2025/05/29/3 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-4598.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "a07qb78c11TyWWWHsH4psQ==": { "id": "a07qb78c11TyWWWHsH4psQ==", "updater": "rhel-vex", "name": "CVE-2022-2208", "description": "NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163.", "issued": "2022-06-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-2208 https://bugzilla.redhat.com/show_bug.cgi?id=2102183 https://www.cve.org/CVERecord?id=CVE-2022-2208 https://nvd.nist.gov/vuln/detail/CVE-2022-2208 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-2208.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "akH2im5I6UO0h5CQuDQHFA==": { "id": "akH2im5I6UO0h5CQuDQHFA==", "updater": "rhel-vex", "name": "CVE-2026-2297", "description": "A flaw was found in CPython. This vulnerability allows a local user with low privileges to bypass security auditing mechanisms. The issue occurs because the SourcelessFileLoader component, responsible for handling older Python compiled files (.pyc), does not properly trigger system audit events. This oversight could enable malicious activities to go undetected, compromising the integrity of the system.", "issued": "2026-03-04T22:10:43Z", "links": "https://access.redhat.com/security/cve/CVE-2026-2297 https://bugzilla.redhat.com/show_bug.cgi?id=2444691 https://www.cve.org/CVERecord?id=CVE-2026-2297 https://nvd.nist.gov/vuln/detail/CVE-2026-2297 https://github.com/python/cpython/commit/482d6f8bdba9da3725d272e8bb4a2d25fb6a603e https://github.com/python/cpython/commit/a51b1b512de1d56b3714b65628a2eae2b07e535e https://github.com/python/cpython/commit/e58e9802b9bec5cdbf48fc9bf1da5f4fda482e86 https://github.com/python/cpython/issues/145506 https://github.com/python/cpython/pull/145507 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-2297.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "python-urllib3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "arAeA+ef8B8ruucb/xLoSw==": { "id": "arAeA+ef8B8ruucb/xLoSw==", "updater": "rhel-vex", "name": "CVE-2023-5344", "description": "A heap-based buffer overflow vulnerability was found in Vim's trunc_string() function of the src/message.c file. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering a heap-based buffer overflow that causes an application to crash, leading to a denial of service.", "issued": "2023-10-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-5344 https://bugzilla.redhat.com/show_bug.cgi?id=2242141 https://www.cve.org/CVERecord?id=CVE-2023-5344 https://nvd.nist.gov/vuln/detail/CVE-2023-5344 https://huntr.dev/bounties/530cb762-899e-48d7-b50e-dad09eb775bf/ https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-5344.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "b5Q5nzPs6XcIUCSUIh/M/Q==": { "id": "b5Q5nzPs6XcIUCSUIh/M/Q==", "updater": "rhel-vex", "name": "CVE-2023-4734", "description": "Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1846.", "issued": "2023-09-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4734 https://bugzilla.redhat.com/show_bug.cgi?id=2237161 https://www.cve.org/CVERecord?id=CVE-2023-4734 https://nvd.nist.gov/vuln/detail/CVE-2023-4734 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4734.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "bF9V8Q+jW+PBeQBCR7S6iA==": { "id": "bF9V8Q+jW+PBeQBCR7S6iA==", "updater": "rhel-vex", "name": "CVE-2022-2207", "description": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.", "issued": "2022-06-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-2207 https://bugzilla.redhat.com/show_bug.cgi?id=2102185 https://www.cve.org/CVERecord?id=CVE-2022-2207 https://nvd.nist.gov/vuln/detail/CVE-2022-2207 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-2207.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "bHe+8ia3YyV1Th/BtOcchg==": { "id": "bHe+8ia3YyV1Th/BtOcchg==", "updater": "rhel-vex", "name": "CVE-2024-7592", "description": "A flaw was found in the `http.cookies` module in the Python package. When parsing cookies that contain backslashes, under certain circumstances, the module uses an algorithm with quadratic complexity, leading to excessive CPU consumption.", "issued": "2024-08-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-7592 https://bugzilla.redhat.com/show_bug.cgi?id=2305879 https://www.cve.org/CVERecord?id=CVE-2024-7592 https://nvd.nist.gov/vuln/detail/CVE-2024-7592 https://github.com/python/cpython/issues/123067 https://github.com/python/cpython/pull/123075 https://mail.python.org/archives/list/security-announce@python.org/thread/HXJAAAALNUNGCQUS2W7WR6GFIZIHFOOK/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-7592.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "python-urllib3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "c3QkP/yJeF7ab7E44UCX+g==": { "id": "c3QkP/yJeF7ab7E44UCX+g==", "updater": "rhel-vex", "name": "CVE-2022-2175", "description": "A heap buffer over-read vulnerability was found in Vim's put_on_cmdline() function of the src/ex_getln.c file. This issue occurs due to invalid memory access when using an expression on the command line. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering a heap buffer overflow that causes an application to crash and corrupt memory.", "issued": "2022-06-23T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-2175 https://bugzilla.redhat.com/show_bug.cgi?id=2101293 https://www.cve.org/CVERecord?id=CVE-2022-2175 https://nvd.nist.gov/vuln/detail/CVE-2022-2175 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-2175.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "cCowLuOsLfTMmPFOoqUVww==": { "id": "cCowLuOsLfTMmPFOoqUVww==", "updater": "rhel-vex", "name": "CVE-2024-0397", "description": "A vulnerability was found in Python. A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “cert_store_stats()” and “get_ca_certs()”. The race condition can be triggered if the methods are called at the same time that certificates are loaded into the SSLContext, such as during the TLS handshake with a configured certificate directory.", "issued": "2024-06-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-0397 https://bugzilla.redhat.com/show_bug.cgi?id=2301891 https://www.cve.org/CVERecord?id=CVE-2024-0397 https://nvd.nist.gov/vuln/detail/CVE-2024-0397 https://mail.python.org/archives/list/security-announce@python.org/thread/BMAK5BCGKYWNJOACVUSLUF6SFGBIM4VP/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-0397.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ceTKXu0VXNJravgPXNfQWg==": { "id": "ceTKXu0VXNJravgPXNfQWg==", "updater": "rhel-vex", "name": "CVE-2022-4293", "description": "A floating point exception flaw was found in Vim's num_divide() function of the eval.c file. This issue occurs when dividing the largest negative number by -1. This could allow an attacker to trick a user into opening a specially crafted file, triggering an application to crash and leading to a denial of service.", "issued": "2022-12-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-4293 https://bugzilla.redhat.com/show_bug.cgi?id=2151566 https://www.cve.org/CVERecord?id=CVE-2022-4293 https://nvd.nist.gov/vuln/detail/CVE-2022-4293 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-4293.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "cqYWiTibDLM7aibErMKang==": { "id": "cqYWiTibDLM7aibErMKang==", "updater": "rhel-vex", "name": "CVE-2026-4437", "description": "A flaw was found in glibc (the GNU C Library). When an application uses the `gethostbyaddr` or `gethostbyaddr_r` functions with a `nsswitch.conf` configuration that specifies glibc's DNS backend, a remote attacker can send a specially crafted DNS (Domain Name System) response. This crafted response can cause the application to incorrectly interpret a non-answer section of the DNS response as a valid answer, leading to potential misbehavior or incorrect information processing.", "issued": "2026-03-20T19:59:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4437 https://bugzilla.redhat.com/show_bug.cgi?id=2449777 https://www.cve.org/CVERecord?id=CVE-2026-4437 https://nvd.nist.gov/vuln/detail/CVE-2026-4437 https://sourceware.org/bugzilla/show_bug.cgi?id=34014 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4437.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "glibc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "dG2ixdfwYydJuQ4jnTFFmQ==": { "id": "dG2ixdfwYydJuQ4jnTFFmQ==", "updater": "rhel-vex", "name": "CVE-2023-4781", "description": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1873.", "issued": "2023-09-05T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4781 https://bugzilla.redhat.com/show_bug.cgi?id=2237575 https://www.cve.org/CVERecord?id=CVE-2023-4781 https://nvd.nist.gov/vuln/detail/CVE-2023-4781 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4781.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "e6RLffn4P5I017uugB6Njg==": { "id": "e6RLffn4P5I017uugB6Njg==", "updater": "rhel-vex", "name": "CVE-2022-2286", "description": "Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.", "issued": "2022-07-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-2286 https://bugzilla.redhat.com/show_bug.cgi?id=2103875 https://www.cve.org/CVERecord?id=CVE-2022-2286 https://nvd.nist.gov/vuln/detail/CVE-2022-2286 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-2286.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "edEnut7DPh4a05O2pRFGjQ==": { "id": "edEnut7DPh4a05O2pRFGjQ==", "updater": "rhel-vex", "name": "CVE-2024-57360", "description": "A flaw was found in the nm utility of binutils. A local user who specifies the `--without-symbol-versions` option on a specially crafted ELF file can trigger a segmentation fault condition. This may lead to an application crash or other undefined behavior.", "issued": "2025-01-21T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-57360 https://bugzilla.redhat.com/show_bug.cgi?id=2339263 https://www.cve.org/CVERecord?id=CVE-2024-57360 https://nvd.nist.gov/vuln/detail/CVE-2024-57360 https://sourceware.org/bugzilla/show_bug.cgi?id=32467 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-57360.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "gdb", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "egxL7gQ8gjdaORJVFgFReg==": { "id": "egxL7gQ8gjdaORJVFgFReg==", "updater": "rhel-vex", "name": "CVE-2022-0391", "description": "A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\\r' and '\\n' in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks.", "issued": "2021-04-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-0391 https://bugzilla.redhat.com/show_bug.cgi?id=2047376 https://www.cve.org/CVERecord?id=CVE-2022-0391 https://nvd.nist.gov/vuln/detail/CVE-2022-0391 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-0391.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-pysocks", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ehSWTDUoG+BH+LHLsiC70g==": { "id": "ehSWTDUoG+BH+LHLsiC70g==", "updater": "rhel-vex", "name": "CVE-2021-28861", "description": "A vulnerability was found in python. This security flaw causes an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of the URI path. This issue may lead to information disclosure.", "issued": "2022-08-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-28861 https://bugzilla.redhat.com/show_bug.cgi?id=2120642 https://www.cve.org/CVERecord?id=CVE-2021-28861 https://nvd.nist.gov/vuln/detail/CVE-2021-28861 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-28861.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-idna", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "elSFHo+R9v0XUiVY7GGVmw==": { "id": "elSFHo+R9v0XUiVY7GGVmw==", "updater": "rhel-vex", "name": "CVE-2025-24014", "description": "A flaw was found in Vim. In silent Ex mode (-s -e), Vim typically doesn't show a screen and operates silently in batch mode, however, it is possible to trigger the function that handles the scrolling of a GUI version of Vim via binary characters. The function that handles the scrolling may trigger a redraw, which will access the ScreenLines pointer and can cause a segmentation fault condition. This may lead to an application crash or other undefined behavior.", "issued": "2025-01-20T22:53:14Z", "links": "https://access.redhat.com/security/cve/CVE-2025-24014 https://bugzilla.redhat.com/show_bug.cgi?id=2339074 https://www.cve.org/CVERecord?id=CVE-2025-24014 https://nvd.nist.gov/vuln/detail/CVE-2025-24014 https://github.com/vim/vim/commit/9d1bed5eccdbb46a26b8a484f5e9163c40e63919 https://github.com/vim/vim/security/advisories/GHSA-j3g9-wg22-v955 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-24014.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "eohUFw28jV3sGLZE2CBPXA==": { "id": "eohUFw28jV3sGLZE2CBPXA==", "updater": "rhel-vex", "name": "CVE-2025-4878", "description": "A vulnerability was found in libssh, where an uninitialized variable exists under certain conditions in the privatekey_from_file() function. This flaw can be triggered if the file specified by the filename doesn't exist and may lead to possible signing failures or heap corruption.", "issued": "2025-06-24T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-4878 https://bugzilla.redhat.com/show_bug.cgi?id=2376184 https://www.cve.org/CVERecord?id=CVE-2025-4878 https://nvd.nist.gov/vuln/detail/CVE-2025-4878 https://git.libssh.org/projects/libssh.git/commit/?id=697650caa97eaf7623924c75f9fcfec6dd423cd1 https://git.libssh.org/projects/libssh.git/commit/?id=b35ee876adc92a208d47194772e99f9c71e0bedb https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-4878.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "libssh", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "eqoqeJN8gMUINJLH2PXP7g==": { "id": "eqoqeJN8gMUINJLH2PXP7g==", "updater": "rhel-vex", "name": "CVE-2018-1000654", "description": "GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 contains a DoS, specifically CPU usage will reach 100% when running asn1Paser against the POC due to an issue in _asn1_expand_object_id(p_tree), after a long time, the program will be killed. This attack appears to be exploitable via parsing a crafted file.", "issued": "2018-08-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2018-1000654 https://bugzilla.redhat.com/show_bug.cgi?id=1621972 https://www.cve.org/CVERecord?id=CVE-2018-1000654 https://nvd.nist.gov/vuln/detail/CVE-2018-1000654 https://security.access.redhat.com/data/csaf/v2/vex/2018/cve-2018-1000654.json", "severity": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libtasn1", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ewwoJlh1bCncbMqa2UMArQ==": { "id": "ewwoJlh1bCncbMqa2UMArQ==", "updater": "rhel-vex", "name": "CVE-2021-28861", "description": "A vulnerability was found in python. This security flaw causes an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of the URI path. This issue may lead to information disclosure.", "issued": "2022-08-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-28861 https://bugzilla.redhat.com/show_bug.cgi?id=2120642 https://www.cve.org/CVERecord?id=CVE-2021-28861 https://nvd.nist.gov/vuln/detail/CVE-2021-28861 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-28861.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-urllib3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ezoawVDPz3HO9IXGPtjgpA==": { "id": "ezoawVDPz3HO9IXGPtjgpA==", "updater": "rhel-vex", "name": "CVE-2023-0054", "description": "An out-of-bounds write flaw was found in Vim, in the do_string_sub function in the eval.c file. The issue occurs because of an invalid memory access due to a missing check of the return value of the vim_regsub function when a specially crafted input is processed. This flaw allows an attacker who can trick a user into opening a specially crafted file to trigger the out-of-bounds write, causing the application to crash.", "issued": "2023-01-03T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-0054 https://bugzilla.redhat.com/show_bug.cgi?id=2161349 https://www.cve.org/CVERecord?id=CVE-2023-0054 https://nvd.nist.gov/vuln/detail/CVE-2023-0054 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-0054.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "fAdvMXEMEzhZECRlwcsBQw==": { "id": "fAdvMXEMEzhZECRlwcsBQw==", "updater": "rhel-vex", "name": "CVE-2026-28420", "description": "A flaw was found in Vim. A remote attacker could exploit a heap-based buffer overflow and an out-of-bounds read vulnerability in Vim's terminal emulator. This occurs when processing specially crafted Unicode supplementary plane characters, potentially leading to information disclosure and denial of service.", "issued": "2026-02-27T22:04:36Z", "links": "https://access.redhat.com/security/cve/CVE-2026-28420 https://bugzilla.redhat.com/show_bug.cgi?id=2443484 https://www.cve.org/CVERecord?id=CVE-2026-28420 https://nvd.nist.gov/vuln/detail/CVE-2026-28420 https://github.com/vim/vim/commit/bb6de2105b160e729c34063 https://github.com/vim/vim/releases/tag/v9.2.0076 https://github.com/vim/vim/security/advisories/GHSA-rvj2-jrf9-2phg https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-28420.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "fDX8Rmzn/DJugoRo6x4meQ==": { "id": "fDX8Rmzn/DJugoRo6x4meQ==", "updater": "rhel-vex", "name": "CVE-2026-4519", "description": "A flaw was found in Python. The `webbrowser.open()` API, used to launch web browsers, does not properly sanitize input. This allows a remote attacker to craft a malicious URL containing leading dashes. When such a URL is opened, certain web browsers may interpret these dashes as command-line options, which could lead to unexpected behavior, information disclosure, or potentially arbitrary code execution, impacting the integrity of the system.", "issued": "2026-03-20T15:08:32Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4519 https://bugzilla.redhat.com/show_bug.cgi?id=2449649 https://www.cve.org/CVERecord?id=CVE-2026-4519 https://nvd.nist.gov/vuln/detail/CVE-2026-4519 https://github.com/python/cpython/issues/143930 https://github.com/python/cpython/pull/143931 https://mail.python.org/archives/list/security-announce@python.org/thread/AY5NDSS433JK56Q7Q5IS7B37QFZVVOUS/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4519.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L", "normalized_severity": "High", "package": { "id": "", "name": "python-requests", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "fXpWtuXNPi3tb2edhk37bw==": { "id": "fXpWtuXNPi3tb2edhk37bw==", "updater": "rhel-vex", "name": "CVE-2024-2236", "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", "issued": "2024-03-06T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-2236 https://bugzilla.redhat.com/show_bug.cgi?id=2245218 https://www.cve.org/CVERecord?id=CVE-2024-2236 https://nvd.nist.gov/vuln/detail/CVE-2024-2236 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-2236.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "libgcrypt", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "fayrPya6DVXP9weWvA6obQ==": { "id": "fayrPya6DVXP9weWvA6obQ==", "updater": "rhel-vex", "name": "CVE-2024-7264", "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "issued": "2024-07-31T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-7264 https://bugzilla.redhat.com/show_bug.cgi?id=2301888 https://www.cve.org/CVERecord?id=CVE-2024-7264 https://nvd.nist.gov/vuln/detail/CVE-2024-7264 https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixMSQL https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-7264.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ffh1gI30nIybKK6dKOCoRQ==": { "id": "ffh1gI30nIybKK6dKOCoRQ==", "updater": "rhel-vex", "name": "CVE-2026-3479", "description": "A flaw was found in Python's `pkgutil.get_data()` function, which is used to retrieve data from packages. This function did not properly validate the `resource` argument, allowing a local attacker to perform path traversal attacks. Path traversal enables an attacker to access files and directories stored outside the intended root directory, potentially leading to information disclosure or unintended file access.", "issued": "2026-03-18T18:13:42Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3479 https://bugzilla.redhat.com/show_bug.cgi?id=2448746 https://www.cve.org/CVERecord?id=CVE-2026-3479 https://nvd.nist.gov/vuln/detail/CVE-2026-3479 https://github.com/python/cpython/issues/146121 https://github.com/python/cpython/pull/146122 https://mail.python.org/archives/list/security-announce@python.org/thread/WYLLVQOOCKGK73JM7Z7ZSNOJC4N7BAWY/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3479.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "python-pysocks", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "fif9qI07GkSMgPXlinbuQA==": { "id": "fif9qI07GkSMgPXlinbuQA==", "updater": "rhel-vex", "name": "CVE-2023-0049", "description": "A flaw was found in vim, which is vulnerable to an out-of-bounds read in the build_stl_str_hl function. This flaw allows a specially crafted file to cause information disclosure, data integrity corruption, or crash the software.", "issued": "2023-01-04T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-0049 https://bugzilla.redhat.com/show_bug.cgi?id=2158269 https://www.cve.org/CVERecord?id=CVE-2023-0049 https://nvd.nist.gov/vuln/detail/CVE-2023-0049 https://huntr.dev/bounties/5e6f325c-ba54-4bf0-b050-dca048fd3fd9/ https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-0049.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "fo9ZV8ogW4pH1m9Ok9+sfA==": { "id": "fo9ZV8ogW4pH1m9Ok9+sfA==", "updater": "rhel-vex", "name": "CVE-2023-1175", "description": "A flaw was found in Vim. There is an incorrect calculation of buffer size issue found in Vim's yank_copy_line() function of the register.c file. This flaw allows illegal memory access when using virtual editing as \"startspaces\" goes negative. An attacker can trick a user into opening a specially crafted file, triggering an issue that causes an application to crash leading to a denial of service, corrupting memory, and possibly executing code.", "issued": "2023-03-04T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-1175 https://bugzilla.redhat.com/show_bug.cgi?id=2176457 https://www.cve.org/CVERecord?id=CVE-2023-1175 https://nvd.nist.gov/vuln/detail/CVE-2023-1175 https://huntr.dev/bounties/7e93fc17-92eb-4ae7-b01a-93bb460b643e https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-1175.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "fvGjL9hw9hDQockMTb7lrA==": { "id": "fvGjL9hw9hDQockMTb7lrA==", "updater": "rhel-vex", "name": "CVE-2021-4209", "description": "A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances.", "issued": "2021-12-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-4209 https://bugzilla.redhat.com/show_bug.cgi?id=2044156 https://www.cve.org/CVERecord?id=CVE-2021-4209 https://nvd.nist.gov/vuln/detail/CVE-2021-4209 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-4209.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "gnutls", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "g2An50OQKC789kuHGVj0QQ==": { "id": "g2An50OQKC789kuHGVj0QQ==", "updater": "rhel-vex", "name": "CVE-2026-3479", "description": "A flaw was found in Python's `pkgutil.get_data()` function, which is used to retrieve data from packages. This function did not properly validate the `resource` argument, allowing a local attacker to perform path traversal attacks. Path traversal enables an attacker to access files and directories stored outside the intended root directory, potentially leading to information disclosure or unintended file access.", "issued": "2026-03-18T18:13:42Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3479 https://bugzilla.redhat.com/show_bug.cgi?id=2448746 https://www.cve.org/CVERecord?id=CVE-2026-3479 https://nvd.nist.gov/vuln/detail/CVE-2026-3479 https://github.com/python/cpython/issues/146121 https://github.com/python/cpython/pull/146122 https://mail.python.org/archives/list/security-announce@python.org/thread/WYLLVQOOCKGK73JM7Z7ZSNOJC4N7BAWY/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3479.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "python-requests", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "g2DaM6gaWaxAPXuqyAlaNQ==": { "id": "g2DaM6gaWaxAPXuqyAlaNQ==", "updater": "rhel-vex", "name": "CVE-2025-13837", "description": "A flaw was found in the plistlib module in the Python standard library. The amount of data to read from a Plist file is specified in the file itself. This issue allows a specially crafted Plist file to cause an application to allocate a large amount of memory, potentially resulting in allocations errors, swapping, out-of-memory conditions or even system freezes.", "issued": "2025-12-01T18:13:32Z", "links": "https://access.redhat.com/security/cve/CVE-2025-13837 https://bugzilla.redhat.com/show_bug.cgi?id=2418084 https://www.cve.org/CVERecord?id=CVE-2025-13837 https://nvd.nist.gov/vuln/detail/CVE-2025-13837 https://github.com/python/cpython/issues/119342 https://github.com/python/cpython/pull/119343 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-13837.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "python-chardet", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "gOoanwheVEMPIj3ay9q0Rw==": { "id": "gOoanwheVEMPIj3ay9q0Rw==", "updater": "rhel-vex", "name": "CVE-2025-11494", "description": "An out of bounds read flaw has been discovered in the GNU Binutils package. The impacted function is _bfd_x86_elf_late_size_sections of the file bfd/elfxx-x86.c of the component Linker. The manipulation results in out-of-bounds read. The attack needs to be approached locally.", "issued": "2025-10-08T19:32:07Z", "links": "https://access.redhat.com/security/cve/CVE-2025-11494 https://bugzilla.redhat.com/show_bug.cgi?id=2402559 https://www.cve.org/CVERecord?id=CVE-2025-11494 https://nvd.nist.gov/vuln/detail/CVE-2025-11494 https://sourceware.org/bugzilla/attachment.cgi?id=16389 https://sourceware.org/bugzilla/show_bug.cgi?id=33499 https://sourceware.org/bugzilla/show_bug.cgi?id=33499#c2 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=b6ac5a8a5b82f0ae6a4642c8d7149b325f4cc60a https://vuldb.com/?ctiid.327619 https://vuldb.com/?id.327619 https://vuldb.com/?submit.668281 https://www.gnu.org/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-11494.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gdb", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "gaFOKxy9D9KR/Iyd+kDZoA==": { "id": "gaFOKxy9D9KR/Iyd+kDZoA==", "updater": "rhel-vex", "name": "CVE-2025-50182", "description": "A flaw was found in urllib3. The library fails to properly validate redirect URLs, allowing an attacker to manipulate redirect chains when used in environments like Pyodide utilizing the JavaScript Fetch API. This lack of validation can enable a remote attacker to control the redirect destination, leading to arbitrary URL redirection. Consequently, an attacker can redirect users to malicious websites. This \nvulnerability stems from a failure to constrain the redirect target.", "issued": "2025-06-19T01:42:44Z", "links": "https://access.redhat.com/security/cve/CVE-2025-50182 https://bugzilla.redhat.com/show_bug.cgi?id=2373800 https://www.cve.org/CVERecord?id=CVE-2025-50182 https://nvd.nist.gov/vuln/detail/CVE-2025-50182 https://github.com/urllib3/urllib3/commit/7eb4a2aafe49a279c29b6d1f0ed0f42e9736194f https://github.com/urllib3/urllib3/security/advisories/GHSA-48p4-8xcf-vxj5 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-50182.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-pip", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "gagftKXuSuh9pi4dRu9yPQ==": { "id": "gagftKXuSuh9pi4dRu9yPQ==", "updater": "rhel-vex", "name": "CVE-2024-2511", "description": "A flaw was found in OpenSSL. A malicious client can trigger an uncontrolled memory consumption, resulting in a Denial of Service. This issue occurs due to OpenSSL's TLSv1.3 session cache going into an incorrect state, leading to it failing to flush properly as it fills. OpenSSL must be configured with the non-default SSL_OP_NO_TICKET option enabled to be vulnerable. This issue only affects TLSv1.3 servers, while TLS clients are not affected.", "issued": "2024-04-08T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-2511 https://bugzilla.redhat.com/show_bug.cgi?id=2274020 https://www.cve.org/CVERecord?id=CVE-2024-2511 https://nvd.nist.gov/vuln/detail/CVE-2024-2511 https://www.openssl.org/news/vulnerabilities.html https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-2511.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "gmqGkQm3k8TsG16sKIYfSA==": { "id": "gmqGkQm3k8TsG16sKIYfSA==", "updater": "rhel-vex", "name": "CVE-2026-0989", "description": "A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested \u003cinclude\u003e directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This may lead to stack exhaustion and application crashes, creating a denial-of-service risk.", "issued": "2026-01-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0989 https://bugzilla.redhat.com/show_bug.cgi?id=2429933 https://www.cve.org/CVERecord?id=CVE-2026-0989 https://nvd.nist.gov/vuln/detail/CVE-2026-0989 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0989.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "gvJyRhPprr0T5NUOZbL8vw==": { "id": "gvJyRhPprr0T5NUOZbL8vw==", "updater": "rhel-vex", "name": "CVE-2026-0865", "description": "Missing newline filtering has been discovered in Python. User-controlled header names and values containing newlines can allow injecting HTTP headers.", "issued": "2026-01-20T21:26:15Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0865 https://bugzilla.redhat.com/show_bug.cgi?id=2431367 https://www.cve.org/CVERecord?id=CVE-2026-0865 https://nvd.nist.gov/vuln/detail/CVE-2026-0865 https://github.com/python/cpython/issues/143916 https://github.com/python/cpython/pull/143917 https://mail.python.org/archives/list/security-announce@python.org/thread/BJ6QPHNSHJTS3A7CFV6IBMCAP2DWRVNT/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0865.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-urllib3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "gweJFzg3Re8BHu4K4SVk7Q==": { "id": "gweJFzg3Re8BHu4K4SVk7Q==", "updater": "rhel-vex", "name": "CVE-2022-0391", "description": "A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\\r' and '\\n' in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks.", "issued": "2021-04-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-0391 https://bugzilla.redhat.com/show_bug.cgi?id=2047376 https://www.cve.org/CVERecord?id=CVE-2022-0391 https://nvd.nist.gov/vuln/detail/CVE-2022-0391 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-0391.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-urllib3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "h+JQERWc6sTv0UlbUL2zUw==": { "id": "h+JQERWc6sTv0UlbUL2zUw==", "updater": "rhel-vex", "name": "CVE-2025-15282", "description": "Missing newline filtering has been discovered in Python. User-controlled data URLs parsed by urllib.request.DataHandler allow injecting headers through newlines in the data URL mediatype.", "issued": "2026-01-20T21:35:13Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15282 https://bugzilla.redhat.com/show_bug.cgi?id=2431366 https://www.cve.org/CVERecord?id=CVE-2025-15282 https://nvd.nist.gov/vuln/detail/CVE-2025-15282 https://github.com/python/cpython/issues/143925 https://github.com/python/cpython/pull/143926 https://mail.python.org/archives/list/security-announce@python.org/thread/X66HL7SISGJT33J53OHXMZT4DFLMHVKF/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15282.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-idna", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "h6rS2s3xilGaG0a+pIjl8A==": { "id": "h6rS2s3xilGaG0a+pIjl8A==", "updater": "rhel-vex", "name": "CVE-2026-3644", "description": "A control character validation flaw has been discovered in the Python http.cookie module. The Morsel.update(), |= operator, and unpickling paths were not patched to resolve CVE-2026-0672, allowing control characters to bypass input validation. Additionally, BaseCookie.js_output() lacked the output validation applied to BaseCookie.output().", "issued": "2026-03-16T17:37:31Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3644 https://bugzilla.redhat.com/show_bug.cgi?id=2448168 https://www.cve.org/CVERecord?id=CVE-2026-3644 https://nvd.nist.gov/vuln/detail/CVE-2026-3644 https://github.com/python/cpython/commit/57e88c1cf95e1481b94ae57abe1010469d47a6b4 https://github.com/python/cpython/issues/145599 https://github.com/python/cpython/pull/145600 https://mail.python.org/archives/list/security-announce@python.org/thread/H6CADMBCDRFGWCMOXWUIHFJNV43GABJ7/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3644.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "hKXUjhCdirXJFb4AYrM/cA==": { "id": "hKXUjhCdirXJFb4AYrM/cA==", "updater": "rhel-vex", "name": "CVE-2025-15282", "description": "Missing newline filtering has been discovered in Python. User-controlled data URLs parsed by urllib.request.DataHandler allow injecting headers through newlines in the data URL mediatype.", "issued": "2026-01-20T21:35:13Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15282 https://bugzilla.redhat.com/show_bug.cgi?id=2431366 https://www.cve.org/CVERecord?id=CVE-2025-15282 https://nvd.nist.gov/vuln/detail/CVE-2025-15282 https://github.com/python/cpython/issues/143925 https://github.com/python/cpython/pull/143926 https://mail.python.org/archives/list/security-announce@python.org/thread/X66HL7SISGJT33J53OHXMZT4DFLMHVKF/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15282.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-urllib3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "hZdERz1EWLQGkk6fSyBCpA==": { "id": "hZdERz1EWLQGkk6fSyBCpA==", "updater": "rhel-vex", "name": "CVE-2026-28421", "description": "A flaw was found in Vim. This vulnerability, a heap-buffer-overflow and a segmentation fault, exists in the swap file recovery logic. A local attacker could exploit this by providing a specially crafted swap file. This could lead to a denial of service (DoS) or potentially information disclosure.", "issued": "2026-02-27T22:06:34Z", "links": "https://access.redhat.com/security/cve/CVE-2026-28421 https://bugzilla.redhat.com/show_bug.cgi?id=2443474 https://www.cve.org/CVERecord?id=CVE-2026-28421 https://nvd.nist.gov/vuln/detail/CVE-2026-28421 https://github.com/vim/vim/commit/65c1a143c331c886dc28 https://github.com/vim/vim/releases/tag/v9.2.0077 https://github.com/vim/vim/security/advisories/GHSA-r2gw-2x48-jj5p https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-28421.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "hwqsvhHibzRJMdcO0Y7E0g==": { "id": "hwqsvhHibzRJMdcO0Y7E0g==", "updater": "rhel-vex", "name": "CVE-2024-0397", "description": "A vulnerability was found in Python. A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “cert_store_stats()” and “get_ca_certs()”. The race condition can be triggered if the methods are called at the same time that certificates are loaded into the SSLContext, such as during the TLS handshake with a configured certificate directory.", "issued": "2024-06-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-0397 https://bugzilla.redhat.com/show_bug.cgi?id=2301891 https://www.cve.org/CVERecord?id=CVE-2024-0397 https://nvd.nist.gov/vuln/detail/CVE-2024-0397 https://mail.python.org/archives/list/security-announce@python.org/thread/BMAK5BCGKYWNJOACVUSLUF6SFGBIM4VP/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-0397.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "python-chardet", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "i+eVvPBLSkybYsX5Z1vMLg==": { "id": "i+eVvPBLSkybYsX5Z1vMLg==", "updater": "rhel-vex", "name": "CVE-2025-12781", "description": "A flaw was found in the base64 module in the Python standard library. The b64decode, standard_b64decode and urlsafe_b64decode functions will always accept the '+' and '/' characters even when an alternative base64 alphabet is specified via the altchars parameter that excludes them. This input validation bypass allows malformed or unexpected data to pass through decoding filters, potentially causing logical errors or data integrity issues in applications relying on strict character sets.", "issued": "2026-01-21T19:34:47Z", "links": "https://access.redhat.com/security/cve/CVE-2025-12781 https://bugzilla.redhat.com/show_bug.cgi?id=2431736 https://www.cve.org/CVERecord?id=CVE-2025-12781 https://nvd.nist.gov/vuln/detail/CVE-2025-12781 https://github.com/python/cpython/issues/125346 https://github.com/python/cpython/pull/141128 https://mail.python.org/archives/list/security-announce@python.org/thread/KRI7GC6S27YV5NJ4FPDALS2WI5ENAFJ6/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-12781.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-idna", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "iAxBL6sAuYYG5ESjHYw+4g==": { "id": "iAxBL6sAuYYG5ESjHYw+4g==", "updater": "rhel-vex", "name": "CVE-2026-0672", "description": "An injection flaw has been discovered in Python. When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control characters within cookie names, values, and parameters.", "issued": "2026-01-20T21:52:33Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0672 https://bugzilla.redhat.com/show_bug.cgi?id=2431374 https://www.cve.org/CVERecord?id=CVE-2026-0672 https://nvd.nist.gov/vuln/detail/CVE-2026-0672 https://github.com/python/cpython/issues/143919 https://github.com/python/cpython/pull/143920 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0672.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-idna", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "iIJ3iFT8vGB4mCBd76OYIQ==": { "id": "iIJ3iFT8vGB4mCBd76OYIQ==", "updater": "rhel-vex", "name": "CVE-2026-3644", "description": "A control character validation flaw has been discovered in the Python http.cookie module. The Morsel.update(), |= operator, and unpickling paths were not patched to resolve CVE-2026-0672, allowing control characters to bypass input validation. Additionally, BaseCookie.js_output() lacked the output validation applied to BaseCookie.output().", "issued": "2026-03-16T17:37:31Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3644 https://bugzilla.redhat.com/show_bug.cgi?id=2448168 https://www.cve.org/CVERecord?id=CVE-2026-3644 https://nvd.nist.gov/vuln/detail/CVE-2026-3644 https://github.com/python/cpython/commit/57e88c1cf95e1481b94ae57abe1010469d47a6b4 https://github.com/python/cpython/issues/145599 https://github.com/python/cpython/pull/145600 https://mail.python.org/archives/list/security-announce@python.org/thread/H6CADMBCDRFGWCMOXWUIHFJNV43GABJ7/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3644.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-urllib3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "iJziBNBVqQTVHt6lbLLDSg==": { "id": "iJziBNBVqQTVHt6lbLLDSg==", "updater": "rhel-vex", "name": "CVE-2025-1795", "description": "A flaw was found in Python. When a separating comma ends up on a folded line during an address list folding of email headers, the comma is unintentionally unicode encoded. The expected behavior is that the separating comma remains unencoded. This can result in the address header being misinterpreted by some mail servers.", "issued": "2025-02-28T18:59:31Z", "links": "https://access.redhat.com/security/cve/CVE-2025-1795 https://bugzilla.redhat.com/show_bug.cgi?id=2349061 https://www.cve.org/CVERecord?id=CVE-2025-1795 https://nvd.nist.gov/vuln/detail/CVE-2025-1795 https://github.com/python/cpython/commit/09fab93c3d857496c0bd162797fab816c311ee48 https://github.com/python/cpython/commit/70754d21c288535e86070ca7a6e90dcb670b8593 https://github.com/python/cpython/commit/9148b77e0af91cdacaa7fe3dfac09635c3fe9a74 https://github.com/python/cpython/issues/100884 https://github.com/python/cpython/pull/100885 https://github.com/python/cpython/pull/119099 https://mail.python.org/archives/list/security-announce@python.org/thread/MB62IZMEC3UM6SGHP5LET5JX2Y7H4ZUR/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-1795.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "python-idna", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "iZHLZ+g3o9R/vUGfKUsh6A==": { "id": "iZHLZ+g3o9R/vUGfKUsh6A==", "updater": "rhel-vex", "name": "CVE-2022-3234", "description": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0483.", "issued": "2022-09-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-3234 https://bugzilla.redhat.com/show_bug.cgi?id=2129370 https://www.cve.org/CVERecord?id=CVE-2022-3234 https://nvd.nist.gov/vuln/detail/CVE-2022-3234 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-3234.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "icj6a8bc4dYK/DJNvkU0+A==": { "id": "icj6a8bc4dYK/DJNvkU0+A==", "updater": "rhel-vex", "name": "CVE-2022-41409", "description": "A flaw was found in PCRE2, where it is susceptible to an integer overflow vulnerability triggered by a negative repeat value in the pcre2test subject line that causes infinite looping. This flaw allows a remote attacker to pass specially crafted data to the application, initiating an integer overflow and executing a denial of service (DoS) attack.", "issued": "2023-07-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-41409 https://bugzilla.redhat.com/show_bug.cgi?id=2260814 https://www.cve.org/CVERecord?id=CVE-2022-41409 https://nvd.nist.gov/vuln/detail/CVE-2022-41409 https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35 https://github.com/PCRE2Project/pcre2/issues/141 https://github.com/advisories/GHSA-4qfx-v7wh-3q4j https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-41409.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "pcre2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ieASPdYzGxWke8nZZhE02Q==": { "id": "ieASPdYzGxWke8nZZhE02Q==", "updater": "rhel-vex", "name": "CVE-2018-20657", "description": "A vulnerability was found in the demangle_template function in GNU libiberty, as distributed in GNU Binutils, where a memory leak could occur, a specially crafted file could cause the application to consume excessive memory, potentially leading to a crash.", "issued": "2018-12-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2018-20657 https://bugzilla.redhat.com/show_bug.cgi?id=1664708 https://www.cve.org/CVERecord?id=CVE-2018-20657 https://nvd.nist.gov/vuln/detail/CVE-2018-20657 https://security.access.redhat.com/data/csaf/v2/vex/2018/cve-2018-20657.json", "severity": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gcc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "itYEG55IaGIvoAtHTB2zJg==": { "id": "itYEG55IaGIvoAtHTB2zJg==", "updater": "rhel-vex", "name": "CVE-2026-26269", "description": "A flaw was found in Vim. A stack-based buffer overflow in the NetBeans integration can be triggered in the special_keys function in the src/netbeans.c file via a malicious NetBeans server due to improper bounds checking, most likely resulting in a denial of service or in arbitrary command execution.", "issued": "2026-02-13T19:18:41Z", "links": "https://access.redhat.com/security/cve/CVE-2026-26269 https://bugzilla.redhat.com/show_bug.cgi?id=2439755 https://www.cve.org/CVERecord?id=CVE-2026-26269 https://nvd.nist.gov/vuln/detail/CVE-2026-26269 https://github.com/vim/vim/commit/c5f312aad8e4179e437f81ad39a860cd0ef11970 https://github.com/vim/vim/releases/tag/v9.1.2148 https://github.com/vim/vim/security/advisories/GHSA-9w5c-hwr9-hc68 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-26269.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "j1KIfSLRyAo+5FqbDzJbtg==": { "id": "j1KIfSLRyAo+5FqbDzJbtg==", "updater": "rhel-vex", "name": "CVE-2025-5278", "description": "A flaw was found in GNU Coreutils. The sort utility's begfield() function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitive data.", "issued": "2025-05-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5278 https://bugzilla.redhat.com/show_bug.cgi?id=2368764 https://www.cve.org/CVERecord?id=CVE-2025-5278 https://nvd.nist.gov/vuln/detail/CVE-2025-5278 https://cgit.git.savannah.gnu.org/cgit/coreutils.git/commit/?id=8c9602e3a145e9596dc1a63c6ed67865814b6633 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5278.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "coreutils", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "j3ZqykJHcZEFQ6dcMT9aVw==": { "id": "j3ZqykJHcZEFQ6dcMT9aVw==", "updater": "rhel-vex", "name": "CVE-2022-2819", "description": "A flaw was found in vim. The vulnerability occurs due to illegal memory access and leads to a heap buffer overflow vulnerability. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution.", "issued": "2022-08-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-2819 https://bugzilla.redhat.com/show_bug.cgi?id=2118594 https://www.cve.org/CVERecord?id=CVE-2022-2819 https://nvd.nist.gov/vuln/detail/CVE-2022-2819 https://huntr.dev/bounties/0a9bd71e-66b8-4eb1-9566-7dfd9b097e59 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-2819.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "jTwm60AD+XTA3yIHi3iqEQ==": { "id": "jTwm60AD+XTA3yIHi3iqEQ==", "updater": "rhel-vex", "name": "CVE-2024-43802", "description": "A flaw was found in Vim. This issue may allow a heap-buffer overflow via improper management of the typeahead buffer, leading to crashes when error messages occur in combination with several long mappings.", "issued": "2024-08-26T19:15:07Z", "links": "https://access.redhat.com/security/cve/CVE-2024-43802 https://bugzilla.redhat.com/show_bug.cgi?id=2307995 https://www.cve.org/CVERecord?id=CVE-2024-43802 https://nvd.nist.gov/vuln/detail/CVE-2024-43802 https://github.com/vim/vim/commit/322ba9108612bead5eb https://github.com/vim/vim/security/advisories/GHSA-4ghr-c62x-cqfh https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-43802.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "jfp+c+PKanOnw+Lw57qE5g==": { "id": "jfp+c+PKanOnw+Lw57qE5g==", "updater": "rhel-vex", "name": "CVE-2025-12084", "description": "A flaw was found in cpython. This vulnerability allows impacted availability via a quadratic algorithm in `xml.dom.minidom` methods, such as `appendChild()`, when building excessively nested documents due to a dependency on `_clear_id_cache()`", "issued": "2025-12-03T18:55:32Z", "links": "https://access.redhat.com/security/cve/CVE-2025-12084 https://bugzilla.redhat.com/show_bug.cgi?id=2418655 https://www.cve.org/CVERecord?id=CVE-2025-12084 https://nvd.nist.gov/vuln/detail/CVE-2025-12084 https://github.com/python/cpython/issues/142145 https://github.com/python/cpython/pull/142146 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-12084.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "python-pysocks", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "jgVhVeO9/YbK6QImKhbvLQ==": { "id": "jgVhVeO9/YbK6QImKhbvLQ==", "updater": "rhel-vex", "name": "CVE-2025-15282", "description": "Missing newline filtering has been discovered in Python. User-controlled data URLs parsed by urllib.request.DataHandler allow injecting headers through newlines in the data URL mediatype.", "issued": "2026-01-20T21:35:13Z", "links": "https://access.redhat.com/security/cve/CVE-2025-15282 https://bugzilla.redhat.com/show_bug.cgi?id=2431366 https://www.cve.org/CVERecord?id=CVE-2025-15282 https://nvd.nist.gov/vuln/detail/CVE-2025-15282 https://github.com/python/cpython/issues/143925 https://github.com/python/cpython/pull/143926 https://mail.python.org/archives/list/security-announce@python.org/thread/X66HL7SISGJT33J53OHXMZT4DFLMHVKF/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15282.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-chardet", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "jguV9kU5iHC5V/cF3+b/tg==": { "id": "jguV9kU5iHC5V/cF3+b/tg==", "updater": "rhel-vex", "name": "CVE-2025-3360", "description": "A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the g_date_time_new_from_iso8601() function.", "issued": "2025-04-07T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-3360 https://bugzilla.redhat.com/show_bug.cgi?id=2357754 https://www.cve.org/CVERecord?id=CVE-2025-3360 https://nvd.nist.gov/vuln/detail/CVE-2025-3360 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-3360.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "jw1ZiDut5Ot+DyVFjCrixg==": { "id": "jw1ZiDut5Ot+DyVFjCrixg==", "updater": "rhel-vex", "name": "CVE-2020-19188", "description": "A flaw was found in the ncurses library. This issue occurs when processing a crafted terminfo database, causing a stack-based buffer overflow, resulting in an application crash, leading to a denial of service.", "issued": "2019-05-03T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2020-19188 https://bugzilla.redhat.com/show_bug.cgi?id=2234913 https://www.cve.org/CVERecord?id=CVE-2020-19188 https://nvd.nist.gov/vuln/detail/CVE-2020-19188 https://security.access.redhat.com/data/csaf/v2/vex/2020/cve-2020-19188.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "kHYhz+Ju6zcIuR1FCDCg4w==": { "id": "kHYhz+Ju6zcIuR1FCDCg4w==", "updater": "rhel-vex", "name": "CVE-2023-4750", "description": "A flaw was found in Vim, where it is vulnerable to a use-after-free in the bt_quickfix function. This flaw allows a specially crafted file to crash software, use unexpected values, or possibly execute code when opened in Vim.", "issued": "2023-09-04T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4750 https://bugzilla.redhat.com/show_bug.cgi?id=2237314 https://www.cve.org/CVERecord?id=CVE-2023-4750 https://nvd.nist.gov/vuln/detail/CVE-2023-4750 https://huntr.dev/bounties/1ab3ebdf-fe7d-4436-b483-9a586e03b0ea https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4750.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "l5AEESyfpNpnPm34u+0bTg==": { "id": "l5AEESyfpNpnPm34u+0bTg==", "updater": "rhel-vex", "name": "CVE-2025-11412", "description": "A flaw was found in binutils. Processing a specially crafted object file with the ld linker can trigger an out-of-bounds read in the bfd_elf_gc_record_vtentry function in the bfd/elflink.c file due to a missing sanity check, causing a crash and resulting in a denial of service.", "issued": "2025-10-07T22:02:08Z", "links": "https://access.redhat.com/security/cve/CVE-2025-11412 https://bugzilla.redhat.com/show_bug.cgi?id=2402425 https://www.cve.org/CVERecord?id=CVE-2025-11412 https://nvd.nist.gov/vuln/detail/CVE-2025-11412 https://sourceware.org/bugzilla/show_bug.cgi?id=33452 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=047435dd988a3975d40c6626a8f739a0b2e154bc https://vuldb.com/?id.327348 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-11412.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gdb", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "l9DAmrINa0dPyz6ozpbqKQ==": { "id": "l9DAmrINa0dPyz6ozpbqKQ==", "updater": "rhel-vex", "name": "CVE-2026-4519", "description": "A flaw was found in Python. The `webbrowser.open()` API, used to launch web browsers, does not properly sanitize input. This allows a remote attacker to craft a malicious URL containing leading dashes. When such a URL is opened, certain web browsers may interpret these dashes as command-line options, which could lead to unexpected behavior, information disclosure, or potentially arbitrary code execution, impacting the integrity of the system.", "issued": "2026-03-20T15:08:32Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4519 https://bugzilla.redhat.com/show_bug.cgi?id=2449649 https://www.cve.org/CVERecord?id=CVE-2026-4519 https://nvd.nist.gov/vuln/detail/CVE-2026-4519 https://github.com/python/cpython/issues/143930 https://github.com/python/cpython/pull/143931 https://mail.python.org/archives/list/security-announce@python.org/thread/AY5NDSS433JK56Q7Q5IS7B37QFZVVOUS/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4519.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L", "normalized_severity": "High", "package": { "id": "", "name": "python-chardet", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "l9THlKxyUvM7UOUHCvs1ow==": { "id": "l9THlKxyUvM7UOUHCvs1ow==", "updater": "rhel-vex", "name": "CVE-2023-4752", "description": "A flaw was found in Vim, where it is vulnerable to a use-after-free in the ins_compl_get_exp function. This flaw allows a specially crafted file to crash software, use unexpected values, or possibly execute code when opened in Vim.", "issued": "2023-09-04T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4752 https://bugzilla.redhat.com/show_bug.cgi?id=2237311 https://www.cve.org/CVERecord?id=CVE-2023-4752 https://nvd.nist.gov/vuln/detail/CVE-2023-4752 https://huntr.dev/bounties/85f62dd7-ed84-4fa2-b265-8a369a318757 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4752.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "lFkdER2UVItP2QL8wxaMgQ==": { "id": "lFkdER2UVItP2QL8wxaMgQ==", "updater": "rhel-vex", "name": "CVE-2022-2182", "description": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.", "issued": "2022-06-23T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-2182 https://bugzilla.redhat.com/show_bug.cgi?id=2102153 https://www.cve.org/CVERecord?id=CVE-2022-2182 https://nvd.nist.gov/vuln/detail/CVE-2022-2182 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-2182.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "lRaCpcZFF+BKGc3aURxKOQ==": { "id": "lRaCpcZFF+BKGc3aURxKOQ==", "updater": "rhel-vex", "name": "CVE-2025-11468", "description": "Missing character filtering has been discovered in Python. When folding a long comment in an email header containing exclusively unfoldable characters, the parenthesis would not be preserved. This could be used for injecting headers into email messages where addresses are user-controlled and not sanitized.", "issued": "2026-01-20T21:09:11Z", "links": "https://access.redhat.com/security/cve/CVE-2025-11468 https://bugzilla.redhat.com/show_bug.cgi?id=2431375 https://www.cve.org/CVERecord?id=CVE-2025-11468 https://nvd.nist.gov/vuln/detail/CVE-2025-11468 https://github.com/python/cpython/issues/143935 https://github.com/python/cpython/pull/143936 https://mail.python.org/archives/list/security-announce@python.org/thread/FELSEOLBI2QR6YLG6Q7VYF7FWSGQTKLI/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-11468.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-urllib3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "lTxqrYXeYbLpr+nsN3WwrQ==": { "id": "lTxqrYXeYbLpr+nsN3WwrQ==", "updater": "rhel-vex", "name": "CVE-2025-11495", "description": "A heap based buffer overflow flaw has been discovered in the GNU Binutils package. The affected element is the function elf_x86_64_relocate_section of the file elf64-x86-64.c of the component Linker. This manipulation causes heap-based buffer overflow. The attack can only be executed locally.", "issued": "2025-10-08T20:02:07Z", "links": "https://access.redhat.com/security/cve/CVE-2025-11495 https://bugzilla.redhat.com/show_bug.cgi?id=2402584 https://www.cve.org/CVERecord?id=CVE-2025-11495 https://nvd.nist.gov/vuln/detail/CVE-2025-11495 https://sourceware.org/bugzilla/attachment.cgi?id=16393 https://sourceware.org/bugzilla/show_bug.cgi?id=33502 https://sourceware.org/bugzilla/show_bug.cgi?id=33502#c3 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=6b21c8b2ecfef5c95142cbc2c32f185cb1c26ab0 https://vuldb.com/?ctiid.327620 https://vuldb.com/?id.327620 https://vuldb.com/?submit.668290 https://www.gnu.org/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-11495.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gdb", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "lXiQSfkAH0A3O7OqeMnGEQ==": { "id": "lXiQSfkAH0A3O7OqeMnGEQ==", "updater": "rhel-vex", "name": "CVE-2026-2297", "description": "A flaw was found in CPython. This vulnerability allows a local user with low privileges to bypass security auditing mechanisms. The issue occurs because the SourcelessFileLoader component, responsible for handling older Python compiled files (.pyc), does not properly trigger system audit events. This oversight could enable malicious activities to go undetected, compromising the integrity of the system.", "issued": "2026-03-04T22:10:43Z", "links": "https://access.redhat.com/security/cve/CVE-2026-2297 https://bugzilla.redhat.com/show_bug.cgi?id=2444691 https://www.cve.org/CVERecord?id=CVE-2026-2297 https://nvd.nist.gov/vuln/detail/CVE-2026-2297 https://github.com/python/cpython/commit/482d6f8bdba9da3725d272e8bb4a2d25fb6a603e https://github.com/python/cpython/commit/a51b1b512de1d56b3714b65628a2eae2b07e535e https://github.com/python/cpython/commit/e58e9802b9bec5cdbf48fc9bf1da5f4fda482e86 https://github.com/python/cpython/issues/145506 https://github.com/python/cpython/pull/145507 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-2297.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "python-pysocks", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "lZiFMI351XcLDHAbozFiVA==": { "id": "lZiFMI351XcLDHAbozFiVA==", "updater": "rhel-vex", "name": "CVE-2025-66865", "description": "A flaw was found in binutils. Processing a specially crafted PE file with cxxfilt can trigger a stack overflow in the d_print_comp_inner function in the cp-demangle.c file, causing a crash and resulting in a denial of service.", "issued": "2025-12-29T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-66865 https://bugzilla.redhat.com/show_bug.cgi?id=2425822 https://www.cve.org/CVERecord?id=CVE-2025-66865 https://nvd.nist.gov/vuln/detail/CVE-2025-66865 https://github.com/caozhzh/CRGF-Vul/blob/main/cxxfilt/crash4.md https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-66865.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gdb", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "lfVbpkMq8YOg/b4JSebHaw==": { "id": "lfVbpkMq8YOg/b4JSebHaw==", "updater": "rhel-vex", "name": "CVE-2022-2980", "description": "A NULL pointer dereference vulnerability was found in vim's do_mouse() function of the src/mouse.c file. The issue occurs with a mouse click when it is not initialized. This flaw allows an attacker to trick a user into opening a specially crafted input file, triggering the vulnerability that could cause an application to crash.", "issued": "2022-08-25T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-2980 https://bugzilla.redhat.com/show_bug.cgi?id=2123709 https://www.cve.org/CVERecord?id=CVE-2022-2980 https://nvd.nist.gov/vuln/detail/CVE-2022-2980 https://huntr.dev/bounties/6e7b12a5-242c-453d-b39e-9625d563b0ea https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-2980.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "mI9JKeeVkntTLnpx+TF0Zw==": { "id": "mI9JKeeVkntTLnpx+TF0Zw==", "updater": "rhel-vex", "name": "CVE-2024-41965", "description": "A vulnerability was found in Vim versions before 9.1.0648 that can cause the program to crash. This issue happens when a user abandons a modified file, and Vim tries to save it as an Untitled file. Due to a mistake in handling this process, Vim accidentally tries to free up memory twice, which can lead to problems, causing the program to crash. This issue can be exploited by someone with local access to the system.", "issued": "2024-08-01T22:21:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-41965 https://bugzilla.redhat.com/show_bug.cgi?id=2302419 https://www.cve.org/CVERecord?id=CVE-2024-41965 https://nvd.nist.gov/vuln/detail/CVE-2024-41965 https://github.com/vim/vim/commit/b29f4abcd4b3382fa746edd1d0562b7b48c https://github.com/vim/vim/security/advisories/GHSA-46pw-v7qw-xc2f https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-41965.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "mRazAXjBcgFrTolNDZHDsA==": { "id": "mRazAXjBcgFrTolNDZHDsA==", "updater": "rhel-vex", "name": "CVE-2025-6069", "description": "A denial-of-service (DoS) vulnerability has been discovered in Python's html.parser.HTMLParser class. When processing specially malformed HTML input, the parsing runtime can become quadratic with respect to the input size. This significantly increased processing time can lead to excessive resource consumption, ultimately causing a denial-of-service condition in applications that rely on this parser.", "issued": "2025-06-17T13:39:46Z", "links": "https://access.redhat.com/security/cve/CVE-2025-6069 https://bugzilla.redhat.com/show_bug.cgi?id=2373234 https://www.cve.org/CVERecord?id=CVE-2025-6069 https://nvd.nist.gov/vuln/detail/CVE-2025-6069 https://github.com/python/cpython/commit/4455cbabf991e202185a25a631af206f60bbc949 https://github.com/python/cpython/commit/6eb6c5dbfb528bd07d77b60fd71fd05d81d45c41 https://github.com/python/cpython/commit/d851f8e258c7328814943e923a7df81bca15df4b https://github.com/python/cpython/issues/135462 https://github.com/python/cpython/pull/135464 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-6069.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "mzSj3AoO3VuIyyY8gHHX/g==": { "id": "mzSj3AoO3VuIyyY8gHHX/g==", "updater": "rhel-vex", "name": "CVE-2025-13837", "description": "A flaw was found in the plistlib module in the Python standard library. The amount of data to read from a Plist file is specified in the file itself. This issue allows a specially crafted Plist file to cause an application to allocate a large amount of memory, potentially resulting in allocations errors, swapping, out-of-memory conditions or even system freezes.", "issued": "2025-12-01T18:13:32Z", "links": "https://access.redhat.com/security/cve/CVE-2025-13837 https://bugzilla.redhat.com/show_bug.cgi?id=2418084 https://www.cve.org/CVERecord?id=CVE-2025-13837 https://nvd.nist.gov/vuln/detail/CVE-2025-13837 https://github.com/python/cpython/issues/119342 https://github.com/python/cpython/pull/119343 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-13837.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "python-requests", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "n15W0TwZ9VZhVkvCzUirNQ==": { "id": "n15W0TwZ9VZhVkvCzUirNQ==", "updater": "rhel-vex", "name": "CVE-2023-48236", "description": "A flaw was found in Vim, an open source command line text editor. When using the z= command, the user may overflow the count with values larger than MAX_INT. The impact is low because user interaction is required and a crash may not happen in all situations.", "issued": "2023-11-16T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-48236 https://bugzilla.redhat.com/show_bug.cgi?id=2250273 https://www.cve.org/CVERecord?id=CVE-2023-48236 https://nvd.nist.gov/vuln/detail/CVE-2023-48236 http://www.openwall.com/lists/oss-security/2023/11/16/1 https://github.com/vim/vim/commit/73b2d3790cad5694fc0ed0db2926e4220c48d968 https://github.com/vim/vim/security/advisories/GHSA-pr4c-932v-8hx5 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-48236.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "n83jaRl/T6kiaoMyWtX8xw==": { "id": "n83jaRl/T6kiaoMyWtX8xw==", "updater": "rhel-vex", "name": "CVE-2021-24032", "description": "A flaw was found in zstd. While the final file mode is reflective of the input file, when compressing or uncompressing, the file can temporarily gain greater permissions than the input and potentially leading to security issues (especially if large files are being handled).", "issued": "2021-02-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-24032 https://bugzilla.redhat.com/show_bug.cgi?id=1928090 https://www.cve.org/CVERecord?id=CVE-2021-24032 https://nvd.nist.gov/vuln/detail/CVE-2021-24032 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-24032.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "zstd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "nPacRRVDC7G1d2+ku8zXJQ==": { "id": "nPacRRVDC7G1d2+ku8zXJQ==", "updater": "rhel-vex", "name": "CVE-2023-4735", "description": "Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1847.", "issued": "2023-09-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4735 https://bugzilla.redhat.com/show_bug.cgi?id=2237165 https://www.cve.org/CVERecord?id=CVE-2023-4735 https://nvd.nist.gov/vuln/detail/CVE-2023-4735 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4735.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "nYtstWEUOCTbjAlmYOKURA==": { "id": "nYtstWEUOCTbjAlmYOKURA==", "updater": "rhel-vex", "name": "CVE-2025-4516", "description": "A vulnerability has been identified in CPython's bytes.decode() function when used with the \"unicode_escape\" encoding and the \"ignore\" or \"replace\" error handling modes. This flaw can result in the incorrect decoding of byte strings. While this may not directly lead to traditional security breaches like data exfiltration, the resulting unexpected program behavior could introduce instability, logic errors, or unintended side effects within applications that rely on this specific decoding functionality.", "issued": "2025-05-15T13:29:20Z", "links": "https://access.redhat.com/security/cve/CVE-2025-4516 https://bugzilla.redhat.com/show_bug.cgi?id=2366509 https://www.cve.org/CVERecord?id=CVE-2025-4516 https://nvd.nist.gov/vuln/detail/CVE-2025-4516 https://github.com/python/cpython/commit/69b4387f78f413e8c47572a85b3478c47eba8142 https://github.com/python/cpython/commit/9f69a58623bd01349a18ba0c7a9cb1dad6a51e8e https://github.com/python/cpython/issues/133767 https://github.com/python/cpython/pull/129648 https://mail.python.org/archives/list/security-announce@python.org/thread/L75IPBBTSCYEF56I2M4KIW353BB3AY74/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-4516.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ngbKDtxhn33NKWC2lhOQNQ==": { "id": "ngbKDtxhn33NKWC2lhOQNQ==", "updater": "rhel-vex", "name": "CVE-2026-1485", "description": "A flaw was found in Glib's content type parsing logic. This buffer underflow vulnerability occurs because the length of a header line is stored in a signed integer, which can lead to integer wraparound for very large inputs. This results in pointer underflow and out-of-bounds memory access. Exploitation requires a local user to install or process a specially crafted treemagic file, which can lead to local denial of service or application instability.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-1485 https://bugzilla.redhat.com/show_bug.cgi?id=2433325 https://www.cve.org/CVERecord?id=CVE-2026-1485 https://nvd.nist.gov/vuln/detail/CVE-2026-1485 https://gitlab.gnome.org/GNOME/glib/-/issues/3871 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1485.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "npBrFSWnZYxq9cizdfDfCQ==": { "id": "npBrFSWnZYxq9cizdfDfCQ==", "updater": "rhel-vex", "name": "CVE-2026-1489", "description": "A flaw was found in GLib. An integer overflow vulnerability in its Unicode case conversion implementation can lead to memory corruption. By processing specially crafted and extremely large Unicode strings, an attacker could trigger an undersized memory allocation, resulting in out-of-bounds writes. This could cause applications utilizing GLib for string conversion to crash or become unstable.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-1489 https://bugzilla.redhat.com/show_bug.cgi?id=2433348 https://www.cve.org/CVERecord?id=CVE-2026-1489 https://nvd.nist.gov/vuln/detail/CVE-2026-1489 https://gitlab.gnome.org/GNOME/glib/-/issues/3872 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1489.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "npQpPXYG8xMJ1LRSVSnKGA==": { "id": "npQpPXYG8xMJ1LRSVSnKGA==", "updater": "rhel-vex", "name": "CVE-2025-8114", "description": "A flaw was found in libssh, a library that implements the SSH protocol. When calculating the session ID during the key exchange (KEX) process, an allocation failure in cryptographic functions may lead to a NULL pointer dereference. This issue can cause the client or server to crash.", "issued": "2025-07-24T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-8114 https://bugzilla.redhat.com/show_bug.cgi?id=2383220 https://www.cve.org/CVERecord?id=CVE-2025-8114 https://nvd.nist.gov/vuln/detail/CVE-2025-8114 https://git.libssh.org/projects/libssh.git/commit/?id=53ac23ded4cb2c5463f6c4cd1525331bd578812d https://git.libssh.org/projects/libssh.git/commit/?id=65f363c9 https://www.libssh.org/security/advisories/CVE-2025-8114.txt https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-8114.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libssh", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "oK9oPvrpHd64fnZC33FqWQ==": { "id": "oK9oPvrpHd64fnZC33FqWQ==", "updater": "rhel-vex", "name": "CVE-2024-35195", "description": "An incorrect control flow implementation vulnerability was found in Requests. If the first request in a session is made with verify=False, all subsequent requests to the same host will continue to ignore cert verification.", "issued": "2024-05-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-35195 https://bugzilla.redhat.com/show_bug.cgi?id=2282114 https://www.cve.org/CVERecord?id=CVE-2024-35195 https://nvd.nist.gov/vuln/detail/CVE-2024-35195 https://github.com/psf/requests/security/advisories/GHSA-9wx4-h78v-vm56 https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-35195.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-requests", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "oTcCYgyQzzwP5CSMcm0fgw==": { "id": "oTcCYgyQzzwP5CSMcm0fgw==", "updater": "rhel-vex", "name": "CVE-2026-3644", "description": "A control character validation flaw has been discovered in the Python http.cookie module. The Morsel.update(), |= operator, and unpickling paths were not patched to resolve CVE-2026-0672, allowing control characters to bypass input validation. Additionally, BaseCookie.js_output() lacked the output validation applied to BaseCookie.output().", "issued": "2026-03-16T17:37:31Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3644 https://bugzilla.redhat.com/show_bug.cgi?id=2448168 https://www.cve.org/CVERecord?id=CVE-2026-3644 https://nvd.nist.gov/vuln/detail/CVE-2026-3644 https://github.com/python/cpython/commit/57e88c1cf95e1481b94ae57abe1010469d47a6b4 https://github.com/python/cpython/issues/145599 https://github.com/python/cpython/pull/145600 https://mail.python.org/archives/list/security-announce@python.org/thread/H6CADMBCDRFGWCMOXWUIHFJNV43GABJ7/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3644.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-idna", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ob+uYMwmWV+c5hgfuQcS4g==": { "id": "ob+uYMwmWV+c5hgfuQcS4g==", "updater": "rhel-vex", "name": "CVE-2026-2297", "description": "A flaw was found in CPython. This vulnerability allows a local user with low privileges to bypass security auditing mechanisms. The issue occurs because the SourcelessFileLoader component, responsible for handling older Python compiled files (.pyc), does not properly trigger system audit events. This oversight could enable malicious activities to go undetected, compromising the integrity of the system.", "issued": "2026-03-04T22:10:43Z", "links": "https://access.redhat.com/security/cve/CVE-2026-2297 https://bugzilla.redhat.com/show_bug.cgi?id=2444691 https://www.cve.org/CVERecord?id=CVE-2026-2297 https://nvd.nist.gov/vuln/detail/CVE-2026-2297 https://github.com/python/cpython/commit/482d6f8bdba9da3725d272e8bb4a2d25fb6a603e https://github.com/python/cpython/commit/a51b1b512de1d56b3714b65628a2eae2b07e535e https://github.com/python/cpython/commit/e58e9802b9bec5cdbf48fc9bf1da5f4fda482e86 https://github.com/python/cpython/issues/145506 https://github.com/python/cpython/pull/145507 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-2297.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "python-chardet", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "okc7CXh1NpRPB/Al5CqVEQ==": { "id": "okc7CXh1NpRPB/Al5CqVEQ==", "updater": "rhel-vex", "name": "CVE-2025-12084", "description": "A flaw was found in cpython. This vulnerability allows impacted availability via a quadratic algorithm in `xml.dom.minidom` methods, such as `appendChild()`, when building excessively nested documents due to a dependency on `_clear_id_cache()`", "issued": "2025-12-03T18:55:32Z", "links": "https://access.redhat.com/security/cve/CVE-2025-12084 https://bugzilla.redhat.com/show_bug.cgi?id=2418655 https://www.cve.org/CVERecord?id=CVE-2025-12084 https://nvd.nist.gov/vuln/detail/CVE-2025-12084 https://github.com/python/cpython/issues/142145 https://github.com/python/cpython/pull/142146 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-12084.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "python-requests", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "oyxA82zmAaBe+3q0DsXvlg==": { "id": "oyxA82zmAaBe+3q0DsXvlg==", "updater": "rhel-vex", "name": "CVE-2022-1720", "description": "A heap buffer over-read vulnerability was found in Vim's grab_file_name() function of the src/findfile.c file. This flaw occurs because the function reads after the NULL terminates the line with \"gf\" in Visual block mode. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering a heap buffer over-read vulnerability that causes an application to crash and corrupt memory.", "issued": "2022-05-13T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-1720 https://bugzilla.redhat.com/show_bug.cgi?id=2099979 https://www.cve.org/CVERecord?id=CVE-2022-1720 https://nvd.nist.gov/vuln/detail/CVE-2022-1720 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-1720.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "p2qAiuM4AsdQ5J4fBWvbBA==": { "id": "p2qAiuM4AsdQ5J4fBWvbBA==", "updater": "rhel-vex", "name": "CVE-2025-14512", "description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "issued": "2025-12-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14512 https://bugzilla.redhat.com/show_bug.cgi?id=2421339 https://www.cve.org/CVERecord?id=CVE-2025-14512 https://nvd.nist.gov/vuln/detail/CVE-2025-14512 https://gitlab.gnome.org/GNOME/glib/-/issues/3845 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14512.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "pHGzp9VrblcbScC5+Smlsw==": { "id": "pHGzp9VrblcbScC5+Smlsw==", "updater": "rhel-vex", "name": "CVE-2022-2287", "description": "Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.", "issued": "2022-07-03T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-2287 https://bugzilla.redhat.com/show_bug.cgi?id=2103876 https://www.cve.org/CVERecord?id=CVE-2022-2287 https://nvd.nist.gov/vuln/detail/CVE-2022-2287 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-2287.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "pNvSycGn7gLye4CiTp9Jfg==": { "id": "pNvSycGn7gLye4CiTp9Jfg==", "updater": "rhel-vex", "name": "CVE-2025-66861", "description": "A flaw was found in binutils. Processing a specially crafted PE file with cxxfilt can trigger an out-of-bounds read in the d_unqualified_name function in the cp-demangle.c file, causing a crash and resulting in a denial of service.", "issued": "2025-12-29T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-66861 https://bugzilla.redhat.com/show_bug.cgi?id=2425823 https://www.cve.org/CVERecord?id=CVE-2025-66861 https://nvd.nist.gov/vuln/detail/CVE-2025-66861 https://github.com/caozhzh/CRGF-Vul/blob/main/cxxfilt/crash1.md https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-66861.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gdb", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "pjb5LKdJAfqIzj4N6YBwUQ==": { "id": "pjb5LKdJAfqIzj4N6YBwUQ==", "updater": "rhel-vex", "name": "CVE-2024-11053", "description": "A flaw was found in curl. A logic error when processing credentials from the .netrc file while performing redirects allows the transfer of credentials from the original host to the followed-to host under certain circumstances, leaking the credentials to the followed-to host.", "issued": "2024-12-11T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-11053 https://bugzilla.redhat.com/show_bug.cgi?id=2331191 https://www.cve.org/CVERecord?id=CVE-2024-11053 https://nvd.nist.gov/vuln/detail/CVE-2024-11053 https://www.oracle.com/security-alerts/cpujan2025.html#AppendixMSQL https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-11053.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "pmCB2EtMSe61wNVwqFFrnA==": { "id": "pmCB2EtMSe61wNVwqFFrnA==", "updater": "rhel-vex", "name": "CVE-2023-4751", "description": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1331.", "issued": "2023-09-03T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-4751 https://bugzilla.redhat.com/show_bug.cgi?id=2237187 https://www.cve.org/CVERecord?id=CVE-2023-4751 https://nvd.nist.gov/vuln/detail/CVE-2023-4751 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-4751.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "pzg14a+qOI6g7i9Au06u2g==": { "id": "pzg14a+qOI6g7i9Au06u2g==", "updater": "rhel-vex", "name": "CVE-2022-0391", "description": "A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\\r' and '\\n' in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks.", "issued": "2021-04-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-0391 https://bugzilla.redhat.com/show_bug.cgi?id=2047376 https://www.cve.org/CVERecord?id=CVE-2022-0391 https://nvd.nist.gov/vuln/detail/CVE-2022-0391 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-0391.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-chardet", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "qC/lM94bJkHuTCcx6Z47mQ==": { "id": "qC/lM94bJkHuTCcx6Z47mQ==", "updater": "rhel-vex", "name": "CVE-2026-32778", "description": "A flaw was found in libexpat. This vulnerability allows an attacker to trigger a NULL pointer dereference in the `setContext` function. This occurs when the system attempts to retry an operation after an out-of-memory condition, which can lead to a Denial of Service (DoS) for the affected application.", "issued": "2026-03-16T07:02:34Z", "links": "https://access.redhat.com/security/cve/CVE-2026-32778 https://bugzilla.redhat.com/show_bug.cgi?id=2447885 https://www.cve.org/CVERecord?id=CVE-2026-32778 https://nvd.nist.gov/vuln/detail/CVE-2026-32778 https://github.com/libexpat/libexpat/pull/1159 https://github.com/libexpat/libexpat/pull/1163 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-32778.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "qLKE5FPE1uFy2EI3DXoXng==": { "id": "qLKE5FPE1uFy2EI3DXoXng==", "updater": "rhel-vex", "name": "CVE-2022-2125", "description": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.", "issued": "2022-06-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-2125 https://bugzilla.redhat.com/show_bug.cgi?id=2099590 https://www.cve.org/CVERecord?id=CVE-2022-2125 https://nvd.nist.gov/vuln/detail/CVE-2022-2125 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-2125.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "qQlDfDcxbClFscvUpgpkzw==": { "id": "qQlDfDcxbClFscvUpgpkzw==", "updater": "rhel-vex", "name": "CVE-2025-1795", "description": "A flaw was found in Python. When a separating comma ends up on a folded line during an address list folding of email headers, the comma is unintentionally unicode encoded. The expected behavior is that the separating comma remains unencoded. This can result in the address header being misinterpreted by some mail servers.", "issued": "2025-02-28T18:59:31Z", "links": "https://access.redhat.com/security/cve/CVE-2025-1795 https://bugzilla.redhat.com/show_bug.cgi?id=2349061 https://www.cve.org/CVERecord?id=CVE-2025-1795 https://nvd.nist.gov/vuln/detail/CVE-2025-1795 https://github.com/python/cpython/commit/09fab93c3d857496c0bd162797fab816c311ee48 https://github.com/python/cpython/commit/70754d21c288535e86070ca7a6e90dcb670b8593 https://github.com/python/cpython/commit/9148b77e0af91cdacaa7fe3dfac09635c3fe9a74 https://github.com/python/cpython/issues/100884 https://github.com/python/cpython/pull/100885 https://github.com/python/cpython/pull/119099 https://mail.python.org/archives/list/security-announce@python.org/thread/MB62IZMEC3UM6SGHP5LET5JX2Y7H4ZUR/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-1795.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "python-chardet", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "qXNASosSuCsudML1MqXPjw==": { "id": "qXNASosSuCsudML1MqXPjw==", "updater": "rhel-vex", "name": "CVE-2023-27534", "description": "A path traversal vulnerability exists in curl \u003c8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's home directory. Attackers can exploit this flaw to bypass filtering or execute arbitrary code by crafting a path like /~2/foo while accessing a server with a specific user.", "issued": "2023-03-20T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-27534 https://bugzilla.redhat.com/show_bug.cgi?id=2179069 https://www.cve.org/CVERecord?id=CVE-2023-27534 https://nvd.nist.gov/vuln/detail/CVE-2023-27534 https://curl.se/docs/CVE-2023-27534.html https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-27534.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "qzacS0b7CmuysOF4NB9bew==": { "id": "qzacS0b7CmuysOF4NB9bew==", "updater": "rhel-vex", "name": "CVE-2022-2923", "description": "A flaw was found in vim, where it is vulnerable to a NULL pointer dereference in the sug_filltree function. This flaw allows a specially crafted file to crash the software.", "issued": "2022-08-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-2923 https://bugzilla.redhat.com/show_bug.cgi?id=2120989 https://www.cve.org/CVERecord?id=CVE-2022-2923 https://nvd.nist.gov/vuln/detail/CVE-2022-2923 https://huntr.dev/bounties/fd3a3ab8-ab0f-452f-afea-8c613e283fd2 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-2923.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "r9BDsmDLqKI78VyZcCu5BQ==": { "id": "r9BDsmDLqKI78VyZcCu5BQ==", "updater": "rhel-vex", "name": "CVE-2026-3479", "description": "A flaw was found in Python's `pkgutil.get_data()` function, which is used to retrieve data from packages. This function did not properly validate the `resource` argument, allowing a local attacker to perform path traversal attacks. Path traversal enables an attacker to access files and directories stored outside the intended root directory, potentially leading to information disclosure or unintended file access.", "issued": "2026-03-18T18:13:42Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3479 https://bugzilla.redhat.com/show_bug.cgi?id=2448746 https://www.cve.org/CVERecord?id=CVE-2026-3479 https://nvd.nist.gov/vuln/detail/CVE-2026-3479 https://github.com/python/cpython/issues/146121 https://github.com/python/cpython/pull/146122 https://mail.python.org/archives/list/security-announce@python.org/thread/WYLLVQOOCKGK73JM7Z7ZSNOJC4N7BAWY/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3479.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "python-chardet", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "rCI1GSL47zJlliQotxXM4Q==": { "id": "rCI1GSL47zJlliQotxXM4Q==", "updater": "rhel-vex", "name": "CVE-2026-2673", "description": "A key group selection preference flaw has been discovered in OpenSSL. An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the \"DEFAULT\" keyword. A less preferred key exchange may be used even when a more preferred group is supported by both client and server, if the group was not included among the client's initial predicated keyshares. This will sometimes be the case with the new hybrid post-quantum groups, if the client chooses to defer their use until specifically requested by the server. No OpenSSL FIPS modules are affected by this issue, the code in question lies outside the FIPS boundary.", "issued": "2026-03-13T13:23:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-2673 https://bugzilla.redhat.com/show_bug.cgi?id=2447327 https://www.cve.org/CVERecord?id=CVE-2026-2673 https://nvd.nist.gov/vuln/detail/CVE-2026-2673 https://github.com/openssl/openssl/commit/2157c9d81f7b0bd7dfa25b960e928ec28e8dd63f https://github.com/openssl/openssl/commit/85977e013f32ceb96aa034c0e741adddc1a05e34 https://openssl-library.org/news/secadv/20260313.txt https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-2673.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "rEg00U8+//igCt+0+QBUhA==": { "id": "rEg00U8+//igCt+0+QBUhA==", "updater": "rhel-vex", "name": "CVE-2023-50495", "description": "A vulnerability was found in the NCurses package, where a segmentation fault may be triggered through _nc_wrap_entry().", "issued": "2023-12-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-50495 https://bugzilla.redhat.com/show_bug.cgi?id=2254244 https://www.cve.org/CVERecord?id=CVE-2023-50495 https://nvd.nist.gov/vuln/detail/CVE-2023-50495 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-50495.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "rGA6qmM/6m0TL55H2C5Ipw==": { "id": "rGA6qmM/6m0TL55H2C5Ipw==", "updater": "rhel-vex", "name": "CVE-2025-69645", "description": "A flaw was found in binutils, specifically in the `objdump` utility. A local attacker can exploit this vulnerability by providing a specially crafted binary file containing malformed DWARF (Debugging With Attributed Record Formats) debug information. This can lead to a logic error during the processing of DWARF compilation units, causing the `objdump` utility to crash and resulting in a denial of service.", "issued": "2026-03-06T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-69645 https://bugzilla.redhat.com/show_bug.cgi?id=2445261 https://www.cve.org/CVERecord?id=CVE-2025-69645 https://nvd.nist.gov/vuln/detail/CVE-2025-69645 https://sourceware.org/bugzilla/show_bug.cgi?id=33637 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=cdb728d4da6184631989b192f1022c219dea7677 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69645.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gdb", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "rT/p3P1cyaL5OCy5Hg0CnA==": { "id": "rT/p3P1cyaL5OCy5Hg0CnA==", "updater": "rhel-vex", "name": "CVE-2025-69650", "description": "A flaw was found in binutils. Processing a specially crafted ELF binary file containing malformed relocation data with the readelf program can trigger a double free, causing a crash and resulting in a denial of service.", "issued": "2026-03-06T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-69650 https://bugzilla.redhat.com/show_bug.cgi?id=2445293 https://www.cve.org/CVERecord?id=CVE-2025-69650 https://nvd.nist.gov/vuln/detail/CVE-2025-69650 https://sourceware.org/bugzilla/show_bug.cgi?id=33698 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ea4bc025abdba85a90e26e13f551c16a44bfa921 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69650.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gdb", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "rVgBV65FWtFg3jitEqotFA==": { "id": "rVgBV65FWtFg3jitEqotFA==", "updater": "rhel-vex", "name": "CVE-2024-0727", "description": "A flaw was found in OpenSSL. The optional ContentInfo fields can be set to null, even if the \"type\" is a valid value, which can lead to a null dereference error that may cause a denial of service.", "issued": "2024-01-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-0727 https://bugzilla.redhat.com/show_bug.cgi?id=2259944 https://www.cve.org/CVERecord?id=CVE-2024-0727 https://nvd.nist.gov/vuln/detail/CVE-2024-0727 https://github.com/openssl/openssl/pull/23362 https://www.openssl.org/news/secadv/20240125.txt https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-0727.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "rfyVleP0iFAaKAccoWyLNQ==": { "id": "rfyVleP0iFAaKAccoWyLNQ==", "updater": "rhel-vex", "name": "CVE-2026-3805", "description": "A flaw was found in curl. When handling a second Server Message Block (SMB) request to the same host, curl incorrectly accesses memory that has already been freed. This memory corruption vulnerability, known as a use-after-free, could allow a remote attacker to potentially execute arbitrary code or cause a denial of service.", "issued": "2026-03-11T10:09:37Z", "links": "https://access.redhat.com/security/cve/CVE-2026-3805 https://bugzilla.redhat.com/show_bug.cgi?id=2446451 https://www.cve.org/CVERecord?id=CVE-2026-3805 https://nvd.nist.gov/vuln/detail/CVE-2026-3805 http://www.openwall.com/lists/oss-security/2026/03/11/4 https://curl.se/docs/CVE-2026-3805.html https://curl.se/docs/CVE-2026-3805.json https://hackerone.com/reports/3591944 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3805.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "rqf46kw9jZLI5z1fh/xT8g==": { "id": "rqf46kw9jZLI5z1fh/xT8g==", "updater": "rhel-vex", "name": "CVE-2024-0397", "description": "A vulnerability was found in Python. A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “cert_store_stats()” and “get_ca_certs()”. The race condition can be triggered if the methods are called at the same time that certificates are loaded into the SSLContext, such as during the TLS handshake with a configured certificate directory.", "issued": "2024-06-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-0397 https://bugzilla.redhat.com/show_bug.cgi?id=2301891 https://www.cve.org/CVERecord?id=CVE-2024-0397 https://nvd.nist.gov/vuln/detail/CVE-2024-0397 https://mail.python.org/archives/list/security-announce@python.org/thread/BMAK5BCGKYWNJOACVUSLUF6SFGBIM4VP/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-0397.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "python-urllib3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "rsUrSOvGFqydtwDl/XfHQw==": { "id": "rsUrSOvGFqydtwDl/XfHQw==", "updater": "rhel-vex", "name": "CVE-2026-4519", "description": "A flaw was found in Python. The `webbrowser.open()` API, used to launch web browsers, does not properly sanitize input. This allows a remote attacker to craft a malicious URL containing leading dashes. When such a URL is opened, certain web browsers may interpret these dashes as command-line options, which could lead to unexpected behavior, information disclosure, or potentially arbitrary code execution, impacting the integrity of the system.", "issued": "2026-03-20T15:08:32Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4519 https://bugzilla.redhat.com/show_bug.cgi?id=2449649 https://www.cve.org/CVERecord?id=CVE-2026-4519 https://nvd.nist.gov/vuln/detail/CVE-2026-4519 https://github.com/python/cpython/issues/143930 https://github.com/python/cpython/pull/143931 https://mail.python.org/archives/list/security-announce@python.org/thread/AY5NDSS433JK56Q7Q5IS7B37QFZVVOUS/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4519.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L", "normalized_severity": "High", "package": { "id": "", "name": "python-pysocks", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ruDQdx7OmIsgMCpioWbqOQ==": { "id": "ruDQdx7OmIsgMCpioWbqOQ==", "updater": "rhel-vex", "name": "CVE-2025-5351", "description": "A flaw was found in the key export functionality of libssh. The issue occurs in the internal function responsible for converting cryptographic keys into serialized formats. During error handling, a memory structure is freed but not cleared, leading to a potential double free issue if an additional failure occurs later in the function. This condition may result in heap corruption or application instability in low-memory scenarios, posing a risk to system reliability where key export operations are performed.", "issued": "2025-06-24T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-5351 https://bugzilla.redhat.com/show_bug.cgi?id=2369367 https://www.cve.org/CVERecord?id=CVE-2025-5351 https://nvd.nist.gov/vuln/detail/CVE-2025-5351 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-5351.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libssh", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "s7NL2WGVLmkaKjdGB9zKcw==": { "id": "s7NL2WGVLmkaKjdGB9zKcw==", "updater": "rhel-vex", "name": "CVE-2026-0992", "description": "A flaw was found in the libxml2 library. This uncontrolled resource consumption vulnerability occurs when processing XML catalogs that contain repeated \u003cnextCatalog\u003e elements pointing to the same downstream catalog. A remote attacker can exploit this by supplying crafted catalogs, causing the parser to redundantly traverse catalog chains. This leads to excessive CPU consumption and degrades application availability, resulting in a denial-of-service condition.", "issued": "2026-01-15T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0992 https://bugzilla.redhat.com/show_bug.cgi?id=2429975 https://www.cve.org/CVERecord?id=CVE-2026-0992 https://nvd.nist.gov/vuln/detail/CVE-2026-0992 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0992.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "sBYvcFP4mXzEXdJ/rjm0Gg==": { "id": "sBYvcFP4mXzEXdJ/rjm0Gg==", "updater": "rhel-vex", "name": "CVE-2025-11840", "description": "A weakness has been identified in GNU Binutils 2.45. The affected element is the function vfinfo of the file ldmisc.c. Executing a manipulation can lead to out-of-bounds read. The attack can only be executed locally. The exploit has been made available to the public and could be used for attacks. This patch is called 16357. It is best practice to apply a patch to resolve this issue.", "issued": "2025-10-16T15:32:11Z", "links": "https://access.redhat.com/security/cve/CVE-2025-11840 https://bugzilla.redhat.com/show_bug.cgi?id=2404481 https://www.cve.org/CVERecord?id=CVE-2025-11840 https://nvd.nist.gov/vuln/detail/CVE-2025-11840 https://sourceware.org/bugzilla/attachment.cgi?id=16351 https://sourceware.org/bugzilla/attachment.cgi?id=16357 https://sourceware.org/bugzilla/show_bug.cgi?id=33455 https://vuldb.com/?ctiid.328775 https://vuldb.com/?id.328775 https://vuldb.com/?submit.661281 https://www.gnu.org/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-11840.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gdb", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "sGwL9v57mGx7f18qBkIacA==": { "id": "sGwL9v57mGx7f18qBkIacA==", "updater": "rhel-vex", "name": "CVE-2025-6075", "description": "A vulnerability in Python’s os.path.expandvars() function that can cause performance degradation. When processing specially crafted, user-controlled input with nested environment variable patterns, the function exhibits quadratic time complexity, potentially leading to excessive CPU usage and denial of service (DoS) conditions. No code execution or data exposure occurs, so the impact is limited to performance slowdown.", "issued": "2025-10-31T16:41:34Z", "links": "https://access.redhat.com/security/cve/CVE-2025-6075 https://bugzilla.redhat.com/show_bug.cgi?id=2408891 https://www.cve.org/CVERecord?id=CVE-2025-6075 https://nvd.nist.gov/vuln/detail/CVE-2025-6075 https://github.com/python/cpython/issues/136065 https://mail.python.org/archives/list/security-announce@python.org/thread/IUP5QJ6D4KK6ULHOMPC7DPNKRYQTQNLA/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-6075.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "python3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "sRVcQFAdq4Ll42smqacaCw==": { "id": "sRVcQFAdq4Ll42smqacaCw==", "updater": "rhel-vex", "name": "CVE-2022-27943", "description": "A flaw was found in binutils, where GNU GCC is vulnerable to a denial of service caused by a stack consumption in the demangle_const() function in libiberty/rust-demangle.c. The vulnerability exists due to the application not properly controlling the consumption of internal resources. By persuading a victim to open a specially-crafted file, an attacker could cause a denial of service.", "issued": "2022-03-26T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-27943 https://bugzilla.redhat.com/show_bug.cgi?id=2071728 https://www.cve.org/CVERecord?id=CVE-2022-27943 https://nvd.nist.gov/vuln/detail/CVE-2022-27943 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-27943.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "gcc", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "sThg2GGoKqa1RTJ5skEJTA==": { "id": "sThg2GGoKqa1RTJ5skEJTA==", "updater": "rhel-vex", "name": "CVE-2026-24883", "description": "A flaw was found in GnuPG. A remote attacker could provide a specially crafted long signature packet that, when processed, causes the application to crash. This vulnerability leads to a denial of service (DoS), making the GnuPG application unavailable to legitimate users.", "issued": "2026-01-27T18:43:18Z", "links": "https://access.redhat.com/security/cve/CVE-2026-24883 https://bugzilla.redhat.com/show_bug.cgi?id=2433463 https://www.cve.org/CVERecord?id=CVE-2026-24883 https://nvd.nist.gov/vuln/detail/CVE-2026-24883 https://dev.gnupg.org/T8049 https://www.openwall.com/lists/oss-security/2026/01/27/8 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-24883.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "sTuin1fHrs1c1UVtMJopog==": { "id": "sTuin1fHrs1c1UVtMJopog==", "updater": "rhel-vex", "name": "CVE-2025-69644", "description": "A flaw was found in binutils. A local attacker can exploit a logic flaw in the handling of DWARF (Debugging With Attributed Record Formats) location list headers within the objdump utility. By supplying a crafted binary with malformed debug information, the attacker can cause objdump to enter an unbounded loop, leading to excessive resource consumption and a Denial of Service (DoS).", "issued": "2026-03-06T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-69644 https://bugzilla.redhat.com/show_bug.cgi?id=2445263 https://www.cve.org/CVERecord?id=CVE-2025-69644 https://nvd.nist.gov/vuln/detail/CVE-2025-69644 https://sourceware.org/bugzilla/show_bug.cgi?id=33639 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=455446bbdc8675f34808187de2bbad4682016ff7 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69644.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gdb", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "sWRmdgywcsHIoX3oPAJtAg==": { "id": "sWRmdgywcsHIoX3oPAJtAg==", "updater": "rhel-vex", "name": "CVE-2025-69647", "description": "A flaw was found in binutils. Processing a specially crafted ELF binary file containing malformed DWARF loclists data with the readelf program can trigger an infinite loop and result in a denial of service.", "issued": "2026-03-09T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-69647 https://bugzilla.redhat.com/show_bug.cgi?id=2445773 https://www.cve.org/CVERecord?id=CVE-2025-69647 https://nvd.nist.gov/vuln/detail/CVE-2025-69647 https://sourceware.org/bugzilla/show_bug.cgi?id=33640 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=455446bbdc8675f34808187de2bbad4682016ff7 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69647.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gdb", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "t3XJyztcU9aOXTMLI8NRmA==": { "id": "t3XJyztcU9aOXTMLI8NRmA==", "updater": "rhel-vex", "name": "CVE-2026-29111", "description": "A flaw was found in systemd, a system and service manager. An unprivileged user can exploit this vulnerability by making an Inter-Process Communication (IPC) API call with spurious data. In older versions (v249 and earlier), this can lead to stack overwriting with attacker-controlled content, potentially enabling arbitrary code execution or privilege escalation. In newer versions (v250 and later), the flaw causes systemd to assert and freeze, resulting in a Denial of Service (DoS).", "issued": "2026-03-23T21:03:56Z", "links": "https://access.redhat.com/security/cve/CVE-2026-29111 https://bugzilla.redhat.com/show_bug.cgi?id=2450505 https://www.cve.org/CVERecord?id=CVE-2026-29111 https://nvd.nist.gov/vuln/detail/CVE-2026-29111 https://github.com/systemd/systemd/commit/1d22f706bd04f45f8422e17fbde3f56ece17758a https://github.com/systemd/systemd/commit/20021e7686426052e3a7505425d7e12085feb2a6 https://github.com/systemd/systemd/commit/21167006574d6b83813c7596759b474f56562412 https://github.com/systemd/systemd/commit/3cee294fe8cf4fa0eff933ab21416d099942cabd https://github.com/systemd/systemd/commit/42aee39107fbdd7db1ccd402a2151822b2805e9f https://github.com/systemd/systemd/commit/54588d2dedff54bfb6036670820650e4ea74628f https://github.com/systemd/systemd/commit/7ac3220213690e8a8d6d2a6e81e43bd1dce01d69 https://github.com/systemd/systemd/commit/80acea4ef80a4bb78560ed970c34952299b890d6 https://github.com/systemd/systemd/commit/b5fd14693057e5f2c9b4a49603be64ec3608ff6c https://github.com/systemd/systemd/commit/efa6ba2ab625aaa160ac435a09e6482fc63bdbe8 https://github.com/systemd/systemd/security/advisories/GHSA-gx6q-6f99-m764 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-29111.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "systemd", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "t4oe6DBPNf5Ikk93RfTdig==": { "id": "t4oe6DBPNf5Ikk93RfTdig==", "updater": "rhel-vex", "name": "CVE-2019-12904", "description": "[Disputed] A vulnerability has been identified in Libgcrypt due to a flaw in its C implementation of AES. This vulnerability enables a remote attacker to perform a flush-and-reload side-channel attack, potentially accessing sensitive information. The vulnerability arises from the availability of physical addresses to other processes, particularly on platforms lacking an assembly-language implementation.", "issued": "2019-07-16T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2019-12904 https://bugzilla.redhat.com/show_bug.cgi?id=1730320 https://www.cve.org/CVERecord?id=CVE-2019-12904 https://nvd.nist.gov/vuln/detail/CVE-2019-12904 https://dev.gnupg.org/T4541 https://lists.gnupg.org/pipermail/gcrypt-devel/2019-July/004760.html https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-12904.html https://security.access.redhat.com/data/csaf/v2/vex/2019/cve-2019-12904.json", "severity": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "libgcrypt", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "tKFk/n8cqeI/DEWGhNRBKg==": { "id": "tKFk/n8cqeI/DEWGhNRBKg==", "updater": "rhel-vex", "name": "CVE-2021-28861", "description": "A vulnerability was found in python. This security flaw causes an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of the URI path. This issue may lead to information disclosure.", "issued": "2022-08-22T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-28861 https://bugzilla.redhat.com/show_bug.cgi?id=2120642 https://www.cve.org/CVERecord?id=CVE-2021-28861 https://nvd.nist.gov/vuln/detail/CVE-2021-28861 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-28861.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-six", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "tLOw8PAN9mzYZxWt6mD1ow==": { "id": "tLOw8PAN9mzYZxWt6mD1ow==", "updater": "rhel-vex", "name": "CVE-2022-2284", "description": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.", "issued": "2022-07-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-2284 https://bugzilla.redhat.com/show_bug.cgi?id=2103872 https://www.cve.org/CVERecord?id=CVE-2022-2284 https://nvd.nist.gov/vuln/detail/CVE-2022-2284 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-2284.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "tYeLT/YUKIk7yaK07WvPeA==": { "id": "tYeLT/YUKIk7yaK07WvPeA==", "updater": "rhel-vex", "name": "CVE-2026-32776", "description": "A flaw was found in libexpat. A remote attacker could exploit this vulnerability by providing specially crafted XML content with empty external parameter entities. This could lead to a NULL pointer dereference, causing the application to crash and resulting in a Denial of Service (DoS).", "issued": "2026-03-16T06:54:20Z", "links": "https://access.redhat.com/security/cve/CVE-2026-32776 https://bugzilla.redhat.com/show_bug.cgi?id=2447888 https://www.cve.org/CVERecord?id=CVE-2026-32776 https://nvd.nist.gov/vuln/detail/CVE-2026-32776 https://github.com/libexpat/libexpat/pull/1158 https://github.com/libexpat/libexpat/pull/1159 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-32776.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "tZ+vYPiNA0aFBAjNAg2BBA==": { "id": "tZ+vYPiNA0aFBAjNAg2BBA==", "updater": "rhel-vex", "name": "CVE-2025-1795", "description": "A flaw was found in Python. When a separating comma ends up on a folded line during an address list folding of email headers, the comma is unintentionally unicode encoded. The expected behavior is that the separating comma remains unencoded. This can result in the address header being misinterpreted by some mail servers.", "issued": "2025-02-28T18:59:31Z", "links": "https://access.redhat.com/security/cve/CVE-2025-1795 https://bugzilla.redhat.com/show_bug.cgi?id=2349061 https://www.cve.org/CVERecord?id=CVE-2025-1795 https://nvd.nist.gov/vuln/detail/CVE-2025-1795 https://github.com/python/cpython/commit/09fab93c3d857496c0bd162797fab816c311ee48 https://github.com/python/cpython/commit/70754d21c288535e86070ca7a6e90dcb670b8593 https://github.com/python/cpython/commit/9148b77e0af91cdacaa7fe3dfac09635c3fe9a74 https://github.com/python/cpython/issues/100884 https://github.com/python/cpython/pull/100885 https://github.com/python/cpython/pull/119099 https://mail.python.org/archives/list/security-announce@python.org/thread/MB62IZMEC3UM6SGHP5LET5JX2Y7H4ZUR/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-1795.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "python-requests", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "tcbkGRTZhVmCmR0Fj2T46A==": { "id": "tcbkGRTZhVmCmR0Fj2T46A==", "updater": "rhel-vex", "name": "CVE-2022-1619", "description": "A flaw was found in vim, which is vulnerable to a heap-buffer-overflow in cmdline_erase_chars of the ex_getln.c function. This flaw allows a specially crafted file to crash software, modify memory or execute code when opened in vim.", "issued": "2022-05-08T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-1619 https://bugzilla.redhat.com/show_bug.cgi?id=2083026 https://www.cve.org/CVERecord?id=CVE-2022-1619 https://nvd.nist.gov/vuln/detail/CVE-2022-1619 https://huntr.dev/bounties/b3200483-624e-4c76-a070-e246f62a7450/ https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-1619.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "tlWVK61iOpKPkvmeShS9AQ==": { "id": "tlWVK61iOpKPkvmeShS9AQ==", "updater": "rhel-vex", "name": "CVE-2025-69421", "description": "A flaw was found in OpenSSL. This vulnerability allows a remote attacker to trigger a Denial of Service (DoS) by providing a specially crafted, malformed PKCS#12 file to an application that processes it. The flaw occurs due to a NULL pointer dereference in the PKCS12_item_decrypt_d2i_ex() function when handling the malformed file, leading to an application crash.", "issued": "2026-01-27T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-69421 https://bugzilla.redhat.com/show_bug.cgi?id=2430387 https://www.cve.org/CVERecord?id=CVE-2025-69421 https://nvd.nist.gov/vuln/detail/CVE-2025-69421 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69421.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "openssl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "tnBbKyfWYMq7GMqd8UCfIw==": { "id": "tnBbKyfWYMq7GMqd8UCfIw==", "updater": "rhel-vex", "name": "CVE-2025-70873", "description": "A flaw was found in SQLite. This information disclosure vulnerability exists within the zipfile extension, specifically in the zipfileInflate function. A remote attacker could exploit this by providing a specially crafted ZIP file. Successful exploitation could lead to the disclosure of sensitive heap memory information.", "issued": "2026-03-12T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-70873 https://bugzilla.redhat.com/show_bug.cgi?id=2447086 https://www.cve.org/CVERecord?id=CVE-2025-70873 https://nvd.nist.gov/vuln/detail/CVE-2025-70873 https://gist.github.com/cnwangjihe/f496393f30f5ecec5b18c8f5ab072054 https://sqlite.org/forum/forumpost/761eac3c82 https://sqlite.org/src/info/3d459f1fb1bd1b5e https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-70873.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "sqlite", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "u/X06CuToB1iN5N9GbzWVw==": { "id": "u/X06CuToB1iN5N9GbzWVw==", "updater": "rhel-vex", "name": "CVE-2025-1795", "description": "A flaw was found in Python. When a separating comma ends up on a folded line during an address list folding of email headers, the comma is unintentionally unicode encoded. The expected behavior is that the separating comma remains unencoded. This can result in the address header being misinterpreted by some mail servers.", "issued": "2025-02-28T18:59:31Z", "links": "https://access.redhat.com/security/cve/CVE-2025-1795 https://bugzilla.redhat.com/show_bug.cgi?id=2349061 https://www.cve.org/CVERecord?id=CVE-2025-1795 https://nvd.nist.gov/vuln/detail/CVE-2025-1795 https://github.com/python/cpython/commit/09fab93c3d857496c0bd162797fab816c311ee48 https://github.com/python/cpython/commit/70754d21c288535e86070ca7a6e90dcb670b8593 https://github.com/python/cpython/commit/9148b77e0af91cdacaa7fe3dfac09635c3fe9a74 https://github.com/python/cpython/issues/100884 https://github.com/python/cpython/pull/100885 https://github.com/python/cpython/pull/119099 https://mail.python.org/archives/list/security-announce@python.org/thread/MB62IZMEC3UM6SGHP5LET5JX2Y7H4ZUR/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-1795.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "python-pysocks", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "uAci/4Fs/JlJzVgJzxphrQ==": { "id": "uAci/4Fs/JlJzVgJzxphrQ==", "updater": "rhel-vex", "name": "CVE-2026-0672", "description": "An injection flaw has been discovered in Python. When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control characters within cookie names, values, and parameters.", "issued": "2026-01-20T21:52:33Z", "links": "https://access.redhat.com/security/cve/CVE-2026-0672 https://bugzilla.redhat.com/show_bug.cgi?id=2431374 https://www.cve.org/CVERecord?id=CVE-2026-0672 https://nvd.nist.gov/vuln/detail/CVE-2026-0672 https://github.com/python/cpython/issues/143919 https://github.com/python/cpython/pull/143920 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0672.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "python-pysocks", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "uEggs7thHCRp4eZu5EDH0A==": { "id": "uEggs7thHCRp4eZu5EDH0A==", "updater": "rhel-vex", "name": "CVE-2026-27171", "description": "A flaw was found in zlib. An attacker providing specially crafted input to the `crc32_combine64` or `crc32_combine_gen64` functions could trigger an infinite loop within the `x2nmodp` function. This leads to excessive CPU consumption, which can result in a Denial of Service (DoS) for the affected system.", "issued": "2026-02-18T02:36:19Z", "links": "https://access.redhat.com/security/cve/CVE-2026-27171 https://bugzilla.redhat.com/show_bug.cgi?id=2440530 https://www.cve.org/CVERecord?id=CVE-2026-27171 https://nvd.nist.gov/vuln/detail/CVE-2026-27171 https://7asecurity.com/blog/2026/02/zlib-7asecurity-audit/ https://7asecurity.com/reports/pentest-report-zlib-RC1.1.pdf https://github.com/madler/zlib/issues/904 https://github.com/madler/zlib/releases/tag/v1.3.2 https://ostif.org/zlib-audit-complete/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-27171.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "zlib", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "uxd8tIEkk+r2hWTEgvyv8w==": { "id": "uxd8tIEkk+r2hWTEgvyv8w==", "updater": "rhel-vex", "name": "CVE-2019-9936", "description": "In SQLite 3.27.2, running fts5 prefix queries inside a transaction could trigger a heap-based buffer over-read in fts5HashEntrySort in sqlite3.c, which may lead to an information leak. This is related to ext/fts5/fts5_hash.c.", "issued": "2019-03-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2019-9936 https://bugzilla.redhat.com/show_bug.cgi?id=1692365 https://www.cve.org/CVERecord?id=CVE-2019-9936 https://nvd.nist.gov/vuln/detail/CVE-2019-9936 https://security.access.redhat.com/data/csaf/v2/vex/2019/cve-2019-9936.json", "severity": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "normalized_severity": "Low", "package": { "id": "", "name": "sqlite", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "v1exQXePimNPt3tveLBP9g==": { "id": "v1exQXePimNPt3tveLBP9g==", "updater": "rhel-vex", "name": "CVE-2026-1965", "description": "A flaw was found in curl. When an application uses libcurl to make multiple Negotiate-authenticated HTTP or HTTPS requests to the same server with different credentials, libcurl may incorrectly reuse an existing connection. This logical error can cause a subsequent request to be sent using the authentication of a previous user, leading to an authentication bypass.", "issued": "2026-03-11T10:08:52Z", "links": "https://access.redhat.com/security/cve/CVE-2026-1965 https://bugzilla.redhat.com/show_bug.cgi?id=2446448 https://www.cve.org/CVERecord?id=CVE-2026-1965 https://nvd.nist.gov/vuln/detail/CVE-2026-1965 https://curl.se/docs/CVE-2026-1965.html https://curl.se/docs/CVE-2026-1965.json https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1965.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "vKF+PqGSwcXxm6TEvKrmHQ==": { "id": "vKF+PqGSwcXxm6TEvKrmHQ==", "updater": "rhel-vex", "name": "CVE-2026-4519", "description": "A flaw was found in Python. The `webbrowser.open()` API, used to launch web browsers, does not properly sanitize input. This allows a remote attacker to craft a malicious URL containing leading dashes. When such a URL is opened, certain web browsers may interpret these dashes as command-line options, which could lead to unexpected behavior, information disclosure, or potentially arbitrary code execution, impacting the integrity of the system.", "issued": "2026-03-20T15:08:32Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4519 https://bugzilla.redhat.com/show_bug.cgi?id=2449649 https://www.cve.org/CVERecord?id=CVE-2026-4519 https://nvd.nist.gov/vuln/detail/CVE-2026-4519 https://github.com/python/cpython/issues/143930 https://github.com/python/cpython/pull/143931 https://mail.python.org/archives/list/security-announce@python.org/thread/AY5NDSS433JK56Q7Q5IS7B37QFZVVOUS/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4519.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L", "normalized_severity": "High", "package": { "id": "", "name": "python-urllib3", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "vODDkh0Xio9BdIUC//k+Tg==": { "id": "vODDkh0Xio9BdIUC//k+Tg==", "updater": "rhel-vex", "name": "CVE-2021-4166", "description": "A flaw was found in vim. A possible heap-based buffer overflow could allow an attacker to input a specially crafted file leading to a crash or code execution.", "issued": "2021-12-25T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-4166 https://bugzilla.redhat.com/show_bug.cgi?id=2035928 https://www.cve.org/CVERecord?id=CVE-2021-4166 https://nvd.nist.gov/vuln/detail/CVE-2021-4166 https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-4166.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "vZk6bNDV+PPvFMQ3TWO9Yw==": { "id": "vZk6bNDV+PPvFMQ3TWO9Yw==", "updater": "rhel-vex", "name": "CVE-2025-66866", "description": "A flaw was found in BinUtils. An attacker can exploit a vulnerability in the `d_abi_tags` function within the `cp-demangle.c` file by providing a specially crafted Portable Executable (PE) file. This can lead to a Denial of Service (DoS), making the affected application unavailable to legitimate users.", "issued": "2025-12-29T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-66866 https://bugzilla.redhat.com/show_bug.cgi?id=2425830 https://www.cve.org/CVERecord?id=CVE-2025-66866 https://nvd.nist.gov/vuln/detail/CVE-2025-66866 https://github.com/caozhzh/CRGF-Vul/blob/main/cxxfilt/crash6.md https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-66866.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gdb", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "vkkAe7ll5XpaHgUf9R8vHw==": { "id": "vkkAe7ll5XpaHgUf9R8vHw==", "updater": "rhel-vex", "name": "CVE-2024-0397", "description": "A vulnerability was found in Python. A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “cert_store_stats()” and “get_ca_certs()”. The race condition can be triggered if the methods are called at the same time that certificates are loaded into the SSLContext, such as during the TLS handshake with a configured certificate directory.", "issued": "2024-06-17T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2024-0397 https://bugzilla.redhat.com/show_bug.cgi?id=2301891 https://www.cve.org/CVERecord?id=CVE-2024-0397 https://nvd.nist.gov/vuln/detail/CVE-2024-0397 https://mail.python.org/archives/list/security-announce@python.org/thread/BMAK5BCGKYWNJOACVUSLUF6SFGBIM4VP/ https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-0397.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "python-idna", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "vxcSjXFOqf60y7YqP4UCDA==": { "id": "vxcSjXFOqf60y7YqP4UCDA==", "updater": "rhel-vex", "name": "CVE-2022-2206", "description": "Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.", "issued": "2022-06-26T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-2206 https://bugzilla.redhat.com/show_bug.cgi?id=2102188 https://www.cve.org/CVERecord?id=CVE-2022-2206 https://nvd.nist.gov/vuln/detail/CVE-2022-2206 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-2206.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "w6xdceA2aT6wh+ad3AaSOA==": { "id": "w6xdceA2aT6wh+ad3AaSOA==", "updater": "rhel-vex", "name": "CVE-2026-4224", "description": "A stack overflow flaw has been discovered in the python pyexpat module. When an Expat parser with a registered ElementDeclHandler parses an inline document type definition containing a deeply nested content model a C stack overflow occurs. This will result in a program crash.", "issued": "2026-03-16T17:52:26Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4224 https://bugzilla.redhat.com/show_bug.cgi?id=2448181 https://www.cve.org/CVERecord?id=CVE-2026-4224 https://nvd.nist.gov/vuln/detail/CVE-2026-4224 https://github.com/python/cpython/commit/196edfb06a7458377d4d0f4b3cd41724c1f3bd4a https://github.com/python/cpython/commit/e0a8a6da90597a924b300debe045cdb4628ee1f3 https://github.com/python/cpython/commit/eb0e8be3a7e11b87d198a2c3af1ed0eccf532768 https://github.com/python/cpython/issues/145986 https://github.com/python/cpython/pull/145987 https://mail.python.org/archives/list/security-announce@python.org/thread/5M7CGUW3XBRY7II4DK43KF7NQQ3TPZ6R/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4224.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "python-requests", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "wFLrNWluooIS2aG6G8OZbg==": { "id": "wFLrNWluooIS2aG6G8OZbg==", "updater": "rhel-vex", "name": "CVE-2026-4519", "description": "A flaw was found in Python. The `webbrowser.open()` API, used to launch web browsers, does not properly sanitize input. This allows a remote attacker to craft a malicious URL containing leading dashes. When such a URL is opened, certain web browsers may interpret these dashes as command-line options, which could lead to unexpected behavior, information disclosure, or potentially arbitrary code execution, impacting the integrity of the system.", "issued": "2026-03-20T15:08:32Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4519 https://bugzilla.redhat.com/show_bug.cgi?id=2449649 https://www.cve.org/CVERecord?id=CVE-2026-4519 https://nvd.nist.gov/vuln/detail/CVE-2026-4519 https://github.com/python/cpython/issues/143930 https://github.com/python/cpython/pull/143931 https://mail.python.org/archives/list/security-announce@python.org/thread/AY5NDSS433JK56Q7Q5IS7B37QFZVVOUS/ https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4519.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L", "normalized_severity": "High", "package": { "id": "", "name": "python-idna", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "wbBiCPikq6Iz02EPsysTgA==": { "id": "wbBiCPikq6Iz02EPsysTgA==", "updater": "rhel-vex", "name": "CVE-2025-14017", "description": "A flaw was found in curl. When performing multi-threaded LDAPS (Lightweight Directory Access Protocol Secure) transfers, changes to Transport Layer Security (TLS) options in one thread could inadvertently apply globally, affecting other concurrent transfers. This could lead to unintended security posture changes, such as disabling certificate verification for other threads. This vulnerability can result in a security bypass, where expected security checks are not performed.", "issued": "2026-01-08T10:07:05Z", "links": "https://access.redhat.com/security/cve/CVE-2025-14017 https://bugzilla.redhat.com/show_bug.cgi?id=2427870 https://www.cve.org/CVERecord?id=CVE-2025-14017 https://nvd.nist.gov/vuln/detail/CVE-2025-14017 https://curl.se/docs/CVE-2025-14017.html https://curl.se/docs/CVE-2025-14017.json https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14017.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "normalized_severity": "Medium", "package": { "id": "", "name": "curl", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "wxS+u/uf8o4sT9iSccXQwA==": { "id": "wxS+u/uf8o4sT9iSccXQwA==", "updater": "rhel-vex", "name": "CVE-2026-4426", "description": "A flaw was found in libarchive. An Undefined Behavior vulnerability exists in the zisofs decompression logic, caused by improper validation of a field (`pz_log2_bs`) read from ISO9660 Rock Ridge extensions. A remote attacker can exploit this by supplying a specially crafted ISO file. This can lead to incorrect memory allocation and potential application crashes, resulting in a denial-of-service (DoS) condition.", "issued": "2026-03-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2026-4426 https://bugzilla.redhat.com/show_bug.cgi?id=2449010 https://www.cve.org/CVERecord?id=CVE-2026-4426 https://nvd.nist.gov/vuln/detail/CVE-2026-4426 https://github.com/libarchive/libarchive/pull/2897 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4426.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libarchive", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "wzO6X60AD1qA1z8OFms8gw==": { "id": "wzO6X60AD1qA1z8OFms8gw==", "updater": "rhel-vex", "name": "CVE-2022-2946", "description": "A flaw was found in vim, where it is vulnerable to a use-after-free in the vim_vsnprintf_typval function. This flaw allows a specially crafted file to crash a program, use unexpected values, or execute code.", "issued": "2022-08-23T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-2946 https://bugzilla.redhat.com/show_bug.cgi?id=2120993 https://www.cve.org/CVERecord?id=CVE-2022-2946 https://nvd.nist.gov/vuln/detail/CVE-2022-2946 https://huntr.dev/bounties/5d389a18-5026-47df-a5d0-1548a9b555d5 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-2946.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "x5WWACM5RnrcZWvM+VyVxQ==": { "id": "x5WWACM5RnrcZWvM+VyVxQ==", "updater": "rhel-vex", "name": "CVE-2025-11413", "description": "A flaw was found in binutils. Processing a specially crafted object file with the ld linker can trigger an out-of-bounds write in the bfd_putl64 function in the bfd/libbfd.c file due to an improper check, causing a crash and resulting in a denial of service.", "issued": "2025-10-07T22:02:12Z", "links": "https://access.redhat.com/security/cve/CVE-2025-11413 https://bugzilla.redhat.com/show_bug.cgi?id=2402423 https://www.cve.org/CVERecord?id=CVE-2025-11413 https://nvd.nist.gov/vuln/detail/CVE-2025-11413 https://sourceware.org/bugzilla/show_bug.cgi?id=33456 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=72efdf166aa0ed72ecc69fc2349af6591a7a19c0 https://vuldb.com/?id.327349 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-11413.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gdb", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "xC6goBMNaiJLse0Qcl+aEQ==": { "id": "xC6goBMNaiJLse0Qcl+aEQ==", "updater": "rhel-vex", "name": "CVE-2022-3235", "description": "Use After Free in GitHub repository vim/vim prior to 9.0.0490.", "issued": "2022-09-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-3235 https://bugzilla.redhat.com/show_bug.cgi?id=2129371 https://www.cve.org/CVERecord?id=CVE-2022-3235 https://nvd.nist.gov/vuln/detail/CVE-2022-3235 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-3235.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "xCUiEQAH1lfhrKtUxQDIYA==": { "id": "xCUiEQAH1lfhrKtUxQDIYA==", "updater": "rhel-vex", "name": "CVE-2021-39537", "description": "A heap overflow vulnerability has been identified in the ncurses package, particularly in the \"tic\". This flaw results from a lack of proper bounds checking during input processing. By exploiting this boundary error, an attacker can create a malicious file, deceive the victim into opening it using the affected software, and initiate an out-of-bounds write, potentially impacting system availability.", "issued": "2020-08-04T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2021-39537 https://bugzilla.redhat.com/show_bug.cgi?id=2006978 https://www.cve.org/CVERecord?id=CVE-2021-39537 https://nvd.nist.gov/vuln/detail/CVE-2021-39537 https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-39537.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "ncurses", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "xLIujTim86EomaRofe4tDg==": { "id": "xLIujTim86EomaRofe4tDg==", "updater": "rhel-vex", "name": "CVE-2023-32611", "description": "A flaw was found in GLib. GVariant deserialization is vulnerable to a slowdown issue where a crafted GVariant can cause excessive processing, leading to denial of service.", "issued": "2022-12-14T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-32611 https://bugzilla.redhat.com/show_bug.cgi?id=2211829 https://www.cve.org/CVERecord?id=CVE-2023-32611 https://nvd.nist.gov/vuln/detail/CVE-2023-32611 https://gitlab.gnome.org/GNOME/glib/-/issues/2797 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-32611.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "glib2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "xY6tJdfHJN8cCUZ2bChEGA==": { "id": "xY6tJdfHJN8cCUZ2bChEGA==", "updater": "rhel-vex", "name": "CVE-2023-48233", "description": "A flaw was found in Vim, an open source command line text editor. If the count after the :s command is larger than what fits into a signed long variable, abort with e_value_too_large. The impact is low because user interaction is required and a crash may not happen in all situations.", "issued": "2023-11-16T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-48233 https://bugzilla.redhat.com/show_bug.cgi?id=2250270 https://www.cve.org/CVERecord?id=CVE-2023-48233 https://nvd.nist.gov/vuln/detail/CVE-2023-48233 http://www.openwall.com/lists/oss-security/2023/11/16/1 https://github.com/vim/vim/commit/ac63787734fda2e294e477af52b3bd601517fa78 https://github.com/vim/vim/security/advisories/GHSA-3xx4-hcq6-r2vj https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-48233.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "xYjfT47p5BaLoMKfWyn2HQ==": { "id": "xYjfT47p5BaLoMKfWyn2HQ==", "updater": "rhel-vex", "name": "CVE-2026-24515", "description": "In libexpat before 2.7.4, XML_ExternalEntityParserCreate does not copy unknown encoding handler user data.", "issued": "2026-01-23T07:46:36Z", "links": "https://access.redhat.com/security/cve/CVE-2026-24515 https://bugzilla.redhat.com/show_bug.cgi?id=2432312 https://www.cve.org/CVERecord?id=CVE-2026-24515 https://nvd.nist.gov/vuln/detail/CVE-2026-24515 https://github.com/libexpat/libexpat/pull/1131 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-24515.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "expat", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "xmch3KVKWJNcxox8azJmYg==": { "id": "xmch3KVKWJNcxox8azJmYg==", "updater": "rhel-vex", "name": "CVE-2022-3037", "description": "A flaw was found in vim, where it is vulnerable to a use-after-free in the qf_buf_add_line() function. This flaw allows a specially crafted file to crash a program, use unexpected values, or execute code.", "issued": "2022-08-30T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-3037 https://bugzilla.redhat.com/show_bug.cgi?id=2122907 https://www.cve.org/CVERecord?id=CVE-2022-3037 https://nvd.nist.gov/vuln/detail/CVE-2022-3037 https://huntr.dev/bounties/af4c2f2d-d754-4607-b565-9e92f3f717b5 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-3037.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "y/gOsNTweKmuBD/EDkCNjA==": { "id": "y/gOsNTweKmuBD/EDkCNjA==", "updater": "rhel-vex", "name": "CVE-2025-1153", "description": "A flaw was found in GNU Binutils. A specially-crafted payload may be able to trigger a memory leak, which can lead to an application crash or other undefined behavior.", "issued": "2025-02-10T19:00:13Z", "links": "https://access.redhat.com/security/cve/CVE-2025-1153 https://bugzilla.redhat.com/show_bug.cgi?id=2344743 https://www.cve.org/CVERecord?id=CVE-2025-1153 https://nvd.nist.gov/vuln/detail/CVE-2025-1153 https://sourceware.org/bugzilla/show_bug.cgi?id=32603 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8d97c1a53f3dc9fd8e1ccdb039b8a33d50133150 https://vuldb.com/?ctiid.295057 https://vuldb.com/?id.295057 https://vuldb.com/?submit.489991 https://www.gnu.org/ https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-1153.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gdb", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "yePhQ2wYSrZV2+z+gEbpRg==": { "id": "yePhQ2wYSrZV2+z+gEbpRg==", "updater": "rhel-vex", "name": "CVE-2025-9714", "description": "A flaw was found in libxstl/libxml2. The 'exsltDynMapFunction' function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling 'dyn:map()', leading to stack exhaustion and a local denial of service.", "issued": "2025-09-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-9714 https://bugzilla.redhat.com/show_bug.cgi?id=2392605 https://www.cve.org/CVERecord?id=CVE-2025-9714 https://nvd.nist.gov/vuln/detail/CVE-2025-9714 https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21 https://gitlab.gnome.org/GNOME/libxslt/-/issues/148 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-9714.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "libxml2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "yuFlxOGqQlDuMCywIIELNw==": { "id": "yuFlxOGqQlDuMCywIIELNw==", "updater": "rhel-vex", "name": "CVE-2025-30258", "description": "A flaw was found in GnuPG. In affected versions, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that has incorrect usage flags, the user loses the ability to verify signatures made from certain other signing keys, leading to a verification denial of service.", "issued": "2025-03-19T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-30258 https://bugzilla.redhat.com/show_bug.cgi?id=2353427 https://www.cve.org/CVERecord?id=CVE-2025-30258 https://nvd.nist.gov/vuln/detail/CVE-2025-30258 https://dev.gnupg.org/T7527 https://dev.gnupg.org/rG48978ccb4e20866472ef18436a32744350a65158 https://lists.gnupg.org/pipermail/gnupg-announce/2025q1/000491.html https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-30258.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "gnupg2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "z+FsnGB0uKbB+9sxtoReSw==": { "id": "z+FsnGB0uKbB+9sxtoReSw==", "updater": "rhel-vex", "name": "CVE-2025-13837", "description": "A flaw was found in the plistlib module in the Python standard library. The amount of data to read from a Plist file is specified in the file itself. This issue allows a specially crafted Plist file to cause an application to allocate a large amount of memory, potentially resulting in allocations errors, swapping, out-of-memory conditions or even system freezes.", "issued": "2025-12-01T18:13:32Z", "links": "https://access.redhat.com/security/cve/CVE-2025-13837 https://bugzilla.redhat.com/show_bug.cgi?id=2418084 https://www.cve.org/CVERecord?id=CVE-2025-13837 https://nvd.nist.gov/vuln/detail/CVE-2025-13837 https://github.com/python/cpython/issues/119342 https://github.com/python/cpython/pull/119343 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-13837.json", "severity": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H", "normalized_severity": "Medium", "package": { "id": "", "name": "python-idna", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "z0BRxIHjzG4ZtIbBx13LOw==": { "id": "z0BRxIHjzG4ZtIbBx13LOw==", "updater": "rhel-vex", "name": "CVE-2022-47010", "description": "A memory leak flaw was found in binutils in the pr_function_type function. This flaw allows an attacker to use a set of steps to trigger a memory leak and perform a denial of service, resulting in a loss of the system's availability.", "issued": "2022-06-18T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-47010 https://bugzilla.redhat.com/show_bug.cgi?id=2233988 https://www.cve.org/CVERecord?id=CVE-2022-47010 https://nvd.nist.gov/vuln/detail/CVE-2022-47010 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-47010.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "gdb", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "zMNYUY09QO2aCVD23XG4dw==": { "id": "zMNYUY09QO2aCVD23XG4dw==", "updater": "rhel-vex", "name": "CVE-2025-8277", "description": "A flaw was found in libssh's handling of key exchange (KEX) processes when a client repeatedly sends incorrect KEX guesses. The library fails to free memory during these rekey operations, which can gradually exhaust system memory. This issue can lead to crashes on the client side, particularly when using libgcrypt, which impacts application stability and availability.", "issued": "2025-09-09T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2025-8277 https://bugzilla.redhat.com/show_bug.cgi?id=2383888 https://www.cve.org/CVERecord?id=CVE-2025-8277 https://nvd.nist.gov/vuln/detail/CVE-2025-8277 https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-8277.json", "severity": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "libssh", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "zhFiK2cqYSKQuyxSR+s+sQ==": { "id": "zhFiK2cqYSKQuyxSR+s+sQ==", "updater": "rhel-vex", "name": "CVE-2022-2285", "description": "Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.", "issued": "2022-07-02T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2022-2285 https://bugzilla.redhat.com/show_bug.cgi?id=2103874 https://www.cve.org/CVERecord?id=CVE-2022-2285 https://nvd.nist.gov/vuln/detail/CVE-2022-2285 https://security.access.redhat.com/data/csaf/v2/vex/2022/cve-2022-2285.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "zqw44qfJYIQT11KUcodbJg==": { "id": "zqw44qfJYIQT11KUcodbJg==", "updater": "rhel-vex", "name": "CVE-2026-27135", "description": "A flaw was found in nghttp2. Due to missing internal state validation, the library continues to process incoming data even after a session has been terminated. A remote attacker could exploit this by sending a specially crafted HTTP/2 frame, leading to an assertion failure and a denial of service (DoS).", "issued": "2026-03-18T17:59:02Z", "links": "https://access.redhat.com/security/cve/CVE-2026-27135 https://bugzilla.redhat.com/show_bug.cgi?id=2448754 https://www.cve.org/CVERecord?id=CVE-2026-27135 https://nvd.nist.gov/vuln/detail/CVE-2026-27135 https://github.com/nghttp2/nghttp2/commit/5c7df8fa815ac1004d9ecb9d1f7595c4d37f46e1 https://github.com/nghttp2/nghttp2/security/advisories/GHSA-6933-cjhr-5qg6 https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-27135.json", "severity": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "normalized_severity": "High", "package": { "id": "", "name": "nghttp2", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" }, "ztGH6UfHscT6diuCU15FsQ==": { "id": "ztGH6UfHscT6diuCU15FsQ==", "updater": "rhel-vex", "name": "CVE-2023-5535", "description": "A heap-based buffer overflow vulnerability was found in some affected packages of Vim. This flaw allows an attacker to send a specially crafted file that could lead to a complete system compromise when opened by a victim.", "issued": "2023-10-10T00:00:00Z", "links": "https://access.redhat.com/security/cve/CVE-2023-5535 https://bugzilla.redhat.com/show_bug.cgi?id=2244101 https://www.cve.org/CVERecord?id=CVE-2023-5535 https://nvd.nist.gov/vuln/detail/CVE-2023-5535 https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-5535.json", "severity": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "normalized_severity": "Low", "package": { "id": "", "name": "vim", "version": "", "kind": "source", "normalized_version": "", "cpe": "" }, "distribution": { "id": "", "did": "", "name": "", "version": "", "version_code_name": "", "version_id": "", "arch": "", "cpe": "", "pretty_name": "" }, "repository": { "name": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "key": "rhel-cpe-repository", "cpe": "cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*" }, "fixed_in_version": "" } }, "package_vulnerabilities": { "+hvIC0Et/RtHi7EAFCmfEw==": [ "O6eQrDqYe8zCvECWFMIzFQ==", "MRnBR1NwPejsF0F/Po53Ew==" ], "+qrxjVH7Im8eBfrz4h4P/w==": [ "Zp9+pixFuNBueE2yO610gQ==" ], "/7wUJedL2cOIe8/qxGJPRw==": [ "Iqou63Nn3CjFju1fFGg5Gw==", "lFkdER2UVItP2QL8wxaMgQ==", "qzacS0b7CmuysOF4NB9bew==", "fAdvMXEMEzhZECRlwcsBQw==", "/FdrObPxFunwRXcZAEO5Tw==", "nPacRRVDC7G1d2+ku8zXJQ==", "PeyY3NcZskFbdv80IsU0GA==", "oyxA82zmAaBe+3q0DsXvlg==", "RX9KYQqzC2oXPBjwPgDRKw==", "+VF5B9kk+xL3yRO7HdjhGw==", "UOAlOehogrqcbNaDKr0doQ==", "HvAQAThranK/gZBKAMXIlQ==", "vxcSjXFOqf60y7YqP4UCDA==", "V/VaeR+VQP9ghCWJlyIJiw==", "kHYhz+Ju6zcIuR1FCDCg4w==", "KNzZYG1QHglBEh6yFYGXlA==", "V2CgExfOPEvJaof825pkpg==", "3NmGx++6ijeveccqIYQboA==", "YMiTPWo8SG0+9AgJSFVFYQ==", "CmyRue/WkBX1Qz85wfQgsw==", "iZHLZ+g3o9R/vUGfKUsh6A==", "1gGu9bktrmHmqgKrd3EMkA==", "3CQJ3hzzdmd6QtmVFqakNg==", "AVN8GsOv8a1FshuHMOCEFQ==", "V6WiZIJiGpkWp76w/xMpMg==", "44HMdOXTmvlsYKs02fsoWg==", "b5Q5nzPs6XcIUCSUIh/M/Q==", "mI9JKeeVkntTLnpx+TF0Zw==", "l9THlKxyUvM7UOUHCvs1ow==", "tLOw8PAN9mzYZxWt6mD1ow==", "+KpTJUEQJKwTpx7pAkIuPQ==", "YQrL91DJL9zY732ctog9Ng==", "j3ZqykJHcZEFQ6dcMT9aVw==", "ezoawVDPz3HO9IXGPtjgpA==", "RTeFy2wjnmJGIbne+RTWzg==", "xmch3KVKWJNcxox8azJmYg==", "UOrqZdPsDAE7TMBGzRjRYw==", "lfVbpkMq8YOg/b4JSebHaw==", "VxFvUIFW/ggjbRiLIr95eA==", "L/NPj/F6GL+hQBcinpdSCw==", "fif9qI07GkSMgPXlinbuQA==", "V0dW0FHIKMPfoxwf/zxegA==", "hZdERz1EWLQGkk6fSyBCpA==", "9eDj3xAYS0YvRWNm2Itp6g==", "WrpEmXG3UQVXDtuJyW9Xqw==", "pHGzp9VrblcbScC5+Smlsw==", "XPOG4An8TvwJ6LYP+35lBg==", "elSFHo+R9v0XUiVY7GGVmw==", "TIUHqaUKKu0zuzq4PMzGjQ==", "itYEG55IaGIvoAtHTB2zJg==", "QA/RR9QV3AWWQrJtEcrL9g==", "bF9V8Q+jW+PBeQBCR7S6iA==", "qLKE5FPE1uFy2EI3DXoXng==", "6uWKAOOhnCzOP66XzRNHpQ==", "0Lbh90QY/bvfRRYGD8DIKA==", "U1be97VjLR6yfSi22DmTAQ==", "zhFiK2cqYSKQuyxSR+s+sQ==", "ztGH6UfHscT6diuCU15FsQ==", "jTwm60AD+XTA3yIHi3iqEQ==", "vODDkh0Xio9BdIUC//k+Tg==", "XSE0A5He8iDNjDGX19fZ+Q==", "SlXya5x7Y15uc1rOkyoBzw==", "pmCB2EtMSe61wNVwqFFrnA==", "51AFG0DZsinnAeQMziiY/g==", "/y0IFFUo3qK45BLP6MlrAw==", "arAeA+ef8B8ruucb/xLoSw==", "7ofrmUWHF/JaWIAozzwOXg==", "fo9ZV8ogW4pH1m9Ok9+sfA==", "8NzOQ06ZOWB4dGF1caLaqw==", "7Kh5ggV/z2iWKQY4y4UFqA==", "QFNrGxfixF7srX8h0Bv09A==", "0fyRWwwgh1nEGEYJnFa1YQ==", "xC6goBMNaiJLse0Qcl+aEQ==", "DPVx3CfY6Y1/Hy5jae1w0Q==", "dG2ixdfwYydJuQ4jnTFFmQ==", "IeBTzkrNIMGYDHelqBwwcw==", "/qUHokmxOLHqD3aLG8T5Qg==", "+xBrs/DTyBbtVj1W1dAcrw==", "wzO6X60AD1qA1z8OFms8gw==", "OImuQ4u5D1zXYGJgGxZUqA==", "xY6tJdfHJN8cCUZ2bChEGA==", "a07qb78c11TyWWWHsH4psQ==", "CvjRL5Vt6iKO3rAxTsWlRA==", "EsiiaRDqHnT4qMA0SyLf7g==", "e6RLffn4P5I017uugB6Njg==", "c3QkP/yJeF7ab7E44UCX+g==", "HGLU1ajDNBbTQE08Dx2bTA==", "tcbkGRTZhVmCmR0Fj2T46A==", "n15W0TwZ9VZhVkvCzUirNQ==", "3XGT/WUu2ksTinzHtRqtAQ==", "XBPbp8y7tQfOXxugP7H2xg==", "Z8ui/8R+NfFb7zLfc+Vxgw==", "FcCCWzjx2/VQlGmMszSY2A==", "ceTKXu0VXNJravgPXNfQWg==" ], "1+yTM1fAMLq+dz3TFkyS0A==": [ "zqw44qfJYIQT11KUcodbJg==" ], "2Z+8iz8G1tgy6T+X63lxog==": [ "1xumzhZiYuIb5kWEpv/z2Q==" ], "4flTdmUV4iK1Ax+LXJm8qQ==": [ "fvGjL9hw9hDQockMTb7lrA==" ], "7eg89eCgA75bJ7WhhN/T4Q==": [ "eqoqeJN8gMUINJLH2PXP7g==" ], "9uhqFNTCJ7/bpzSlc7qCaQ==": [ "t4oe6DBPNf5Ikk93RfTdig==", "fXpWtuXNPi3tb2edhk37bw==" ], "AIs6pmCup5N9+6Ag6e2/og==": [ "rVgBV65FWtFg3jitEqotFA==", "OpUahpCA4oBceG962KxTMA==", "tlWVK61iOpKPkvmeShS9AQ==", "OLKvdPVgT9/lPcflJTxE3Q==", "6FQUI3OxX4C5skWXKgq80Q==", "VLzwKVDYC7fQrtcpCzjXjA==", "Fp999hDC/lucBsNHwOlp/A==", "QcOTYeOedG0AUhPSakMpIA==", "WcChSpNAL6V9Xfxc9AqW7g==", "97PwDrD8knMveLXwKCvQjA==", "8D3i4K1ylUr5dGk9imV9zA==", "PcNbuWOo0ahqjfbOQhXvvQ==", "+59hq9HnSU0DESYniRPk/A==", "ZkEez7f24VNVhTaTCDhuEg==", "86unVXyTxdffdcXWZTYw5g==", "UPzTyNn8ZLXlb+bwRFPPTA==", "rCI1GSL47zJlliQotxXM4Q==", "QUtTYJuHdkAOgtveagWUfA==", "gagftKXuSuh9pi4dRu9yPQ==" ], "AJqIL483xCdRd0LDpKujFw==": [ "tKFk/n8cqeI/DEWGhNRBKg==" ], "AuC6XQzcU/5tB4luIfjLFg==": [ "HTk+AAyRWNCrZTtBLx34Aw==" ], "AziZ1oGI+oDXVPzldKNj+w==": [ "3O4IzHXnRQMZXCe1gYATvw==" ], "BPsD0kkdIoK3KQUZ5DpJjw==": [ "ZvX4VR3jvMBd1Wq+RxNTgg==" ], "CSkO43yn0N0oFVClXWpT+Q==": [ "HTk+AAyRWNCrZTtBLx34Aw==" ], "DV119Dw0W4RdsbJkdoHU9w==": [ "TuBnhFrkwMqIcYtYYgNGNQ==", "Znm2hdK/FULQhTTGTVX59Q==", "wbBiCPikq6Iz02EPsysTgA==", "rfyVleP0iFAaKAccoWyLNQ==", "qXNASosSuCsudML1MqXPjw==", "v1exQXePimNPt3tveLBP9g==", "fayrPya6DVXP9weWvA6obQ==", "pjb5LKdJAfqIzj4N6YBwUQ==" ], "DgyhtZBcSIlVmY6xC8s1mA==": [ "j1KIfSLRyAo+5FqbDzJbtg==" ], "EiNiLT8ulizCzEWcybhizQ==": [ "8eAn4NQQeDd2Rw8yk+dKxQ==" ], "J34PJ2GThOWZuKVgFIoieA==": [ "uEggs7thHCRp4eZu5EDH0A==" ], "J71ZeZ+7Xn9GFRPBxHj29A==": [ "1xumzhZiYuIb5kWEpv/z2Q==" ], "LkoLKEri5dIAb0vFMkSOag==": [ "cqYWiTibDLM7aibErMKang==", "6Cqvzp5JbuVfHsuYnIJNFw==" ], "N1RbIRo2SyHosQefv+skDw==": [ "UbmdE2pHXRFccv8l1e02Jw==" ], "N3ZaMrNJKoumMpaY0smlMQ==": [ "8ZxbhBIT+9Mj99/XbMpLSQ==", "tnBbKyfWYMq7GMqd8UCfIw==", "uxd8tIEkk+r2hWTEgvyv8w==", "9zRC9UwUH2bQs1UcHQ5UTQ==", "5B1tQ2BK8z/YjRkYcvwqag==" ], "NguWV8S6YQYvQsGQDJm2Rg==": [ "673FKazcUiydbfN5c6amaw==", "S7qx7a03HASsJhyQafvXjg==", "VsocCwaFpF6PzdX5PxR+sQ==", "ZTGiJlkqcqrCLJSY/Sq8lA==", "SHxE0qXbBmDEp/LL1ieJeA==", "rEg00U8+//igCt+0+QBUhA==", "HuOxI+pWjgGV0XsBvltzlg==", "jw1ZiDut5Ot+DyVFjCrixg==", "xCUiEQAH1lfhrKtUxQDIYA==" ], "ORsDK2A5479NPB0r01PoXQ==": [ "TuBnhFrkwMqIcYtYYgNGNQ==", "Znm2hdK/FULQhTTGTVX59Q==", "wbBiCPikq6Iz02EPsysTgA==", "rfyVleP0iFAaKAccoWyLNQ==", "qXNASosSuCsudML1MqXPjw==", "v1exQXePimNPt3tveLBP9g==", "fayrPya6DVXP9weWvA6obQ==", "pjb5LKdJAfqIzj4N6YBwUQ==" ], "QC6e3OaV78mjs678tGU2KQ==": [ "T8K0wLud5USYruAj/m0TEQ==", "+lfnnYuPvMH1ORZwIFi4Rw==", "CcA4hbnNxCLZFO+JaXimTA==", "Q97JvkIPdBB9Bs7AhtfZcw==", "RHl01lzywe1fy6zlGFllvA==", "XbpXfbeApuDuIKvY0/qWiA==", "eohUFw28jV3sGLZE2CBPXA==", "ruDQdx7OmIsgMCpioWbqOQ==", "npQpPXYG8xMJ1LRSVSnKGA==", "zMNYUY09QO2aCVD23XG4dw==" ], "S0BPcGMogA9sLLDMZAt2lw==": [ "1xumzhZiYuIb5kWEpv/z2Q==" ], "S1zou3bxOOiyOoUMO/eJQQ==": [ "ZvX4VR3jvMBd1Wq+RxNTgg==" ], "TXR7KJtZBKtyqyx2xMKwaw==": [ "h+JQERWc6sTv0UlbUL2zUw==", "/LWI0YXkUZMlVPxSYP3hGg==", "oTcCYgyQzzwP5CSMcm0fgw==", "vkkAe7ll5XpaHgUf9R8vHw==", "i+eVvPBLSkybYsX5Z1vMLg==", "PzCq95UXnHxg/MGN+3UsFg==", "iAxBL6sAuYYG5ESjHYw+4g==", "z+FsnGB0uKbB+9sxtoReSw==", "UfDqdDXC4UjrcGdw3H8XUw==", "W/luN+8ATXgpDXBwGSF/pg==", "Zx0z+bRcZxzR1A+jusBsAA==", "iJziBNBVqQTVHt6lbLLDSg==", "wFLrNWluooIS2aG6G8OZbg==", "M2K8uKmhLKONQLUJ7T8K4A==", "5AbLv21i0RwmCpiIbrPVrQ==", "KI3wu46QST5Yt6mx2sKmLg==", "1czwTF6go1aSr24FSoii2A==", "ehSWTDUoG+BH+LHLsiC70g==" ], "U3ZkYu9FoEzQITrVBlQtLA==": [ "cqYWiTibDLM7aibErMKang==", "6Cqvzp5JbuVfHsuYnIJNFw==" ], "UUZyda9G/ffvF6rJ5W1UnQ==": [ "sRVcQFAdq4Ll42smqacaCw==", "ieASPdYzGxWke8nZZhE02Q==", "Lr7APYpoHx1Gcopp0lkBGQ==" ], "VJuF8wQUU1SUCj2y3YozIA==": [ "ZvX4VR3jvMBd1Wq+RxNTgg==" ], "VM/912pnziMGSviQmT3pUg==": [ "ZvX4VR3jvMBd1Wq+RxNTgg==" ], "Vax934M9zGbzjdT3Y/XU9w==": [ "cqYWiTibDLM7aibErMKang==", "6Cqvzp5JbuVfHsuYnIJNFw==" ], "Wq1n4jzKBPdL9z5l5HD99w==": [ "EQ4eP3gKo3y8JsWUiWr6+g==", "O8fIVXqcGshIonMWsEH9gA==", "YiJlkUTKf0/7+ORZMmQ2cw==", "OPNDKUsVLJt2v1gO1zvkBA==", "LUv9IT9UKLOPh/lo0L/z2A==", "AE8Cp1u8I9t52OYW7oGU4w==", "8Sec+JvKiQWGqYCOBdZhjg==", "4/mftydHpy90Umw3G0mTuQ==", "HNpGGr9eP5twQKC3yCh1mA==", "XygysGe2kdlyCRQHM1fu3w==", "wxS+u/uf8o4sT9iSccXQwA==", "DDWmqlxBSfXi2KJJ5mwTNg==", "7BqZ85Y0HqXnSt1eckMoLw==" ], "YjDcGmvP0/z8VqRiUvkhOQ==": [ "yuFlxOGqQlDuMCywIIELNw==", "sThg2GGoKqa1RTJ5skEJTA==", "0nQ3GJDLY22M176Z5ESg6A==", "W/d4trZ7jb2yxjrq4cNOWA==" ], "auI8KtI6OozP7EAIr9UlQQ==": [ "icj6a8bc4dYK/DJNvkU0+A==" ], "b3IQYKOhbHF7Yu0UNJdQZA==": [ "H2CablNBrQ/I5AsUjk5xyw==", "t3XJyztcU9aOXTMLI8NRmA==", "a067YUjLHWzR99JNl/RtGQ==", "1lUHOMB3ANHGWpqCBv9Ynw==", "BooDzA4nzaDI1l3E5zAHgg==" ], "d6uHzFpzOxlRgzhjC7LVhw==": [ "1xumzhZiYuIb5kWEpv/z2Q==" ], "dHcEYdxiRvfyl/7qt7q4gA==": [ "RRG09C5MDFvOwPKAQ4ueAQ==" ], "f/Al/eNlUhjEgKSV0J2z7w==": [ "gaFOKxy9D9KR/Iyd+kDZoA==", "QSNBg/XspHcBwSxBTMU4rg==", "HuLJLN6ajygY/CpLyzV5lw==", "8I2jFG8JRR+6+eqqYlXhAg==" ], "hOkTqAx8HYiWm8D3WyWplQ==": [ "IKGCixrMtEsf6YEORF/lZQ==", "oK9oPvrpHd64fnZC33FqWQ==", "g2An50OQKC789kuHGVj0QQ==", "TBSsZAwwnPH/fFHOEaS+9A==", "Q0R0snWmmMqzIGenxa3xgA==", "Xef33helMNY0m81xUaoICA==", "X7m1cNxZLfIu0QhEhZjOnw==", "Qsq6pjHJA+B7ogwJGi6kYg==", "mzSj3AoO3VuIyyY8gHHX/g==", "NSfENcXaS5J2JOnnjb5pHQ==", "Tv6N0BCims5fmH43fbNOmg==", "okc7CXh1NpRPB/Al5CqVEQ==", "tZ+vYPiNA0aFBAjNAg2BBA==", "fDX8Rmzn/DJugoRo6x4meQ==", "UgwdZtkosQeghW09BsfJjA==", "5kVYfr7KmavVo0SEj/y25A==", "w6xdceA2aT6wh+ad3AaSOA==", "Uixi3NpD7bsj8347JEnfwg==", "HKC5OmG9MqL8R48yLMM6fA==" ], "hSTTMcRX1DBcXc+8jKeg3Q==": [ "sRVcQFAdq4Ll42smqacaCw==", "ieASPdYzGxWke8nZZhE02Q==", "Lr7APYpoHx1Gcopp0lkBGQ==" ], "jhG97BZK7587/TvtqUPTgw==": [ "jgVhVeO9/YbK6QImKhbvLQ==", "r9BDsmDLqKI78VyZcCu5BQ==", "DW/4SK9Xjx4oTESW12y3sw==", "hwqsvhHibzRJMdcO0Y7E0g==", "F3w1LQu9kIztJMqZd4X5wA==", "03rxP00Njciq6m1NhQ60nw==", "BDHNuXowfbvClBvOFyafuw==", "g2DaM6gaWaxAPXuqyAlaNQ==", "pzg14a+qOI6g7i9Au06u2g==", "T26f6qNU6mdwz9bi2U/ZDw==", "7LR3Wvveuky1RC7umH2lpA==", "qQlDfDcxbClFscvUpgpkzw==", "l9DAmrINa0dPyz6ozpbqKQ==", "BaCEAnApXB2nG8bNgZYh8A==", "RpD+LASWgToMtGHvWZS8Fw==", "ob+uYMwmWV+c5hgfuQcS4g==", "NDM7PAlxc6PY84xuHZUHaw==" ], "k/BpvWmZ5EVfmiPqpZ3pGw==": [ "Lt2Hg7sVYgz0GD7ldFmjjA==", "tYeLT/YUKIk7yaK07WvPeA==", "RYqFgDYIttLgJc8B82sK/w==", "qC/lM94bJkHuTCcx6Z47mQ==", "xYjfT47p5BaLoMKfWyn2HQ==" ], "k4gCNgIfg7MM/e42ThRx2w==": [ "n83jaRl/T6kiaoMyWtX8xw==", "AZQ9MHTiNLYiRU7sYZlVGw==" ], "kwc9NYOQig+qWs5qmBRL/w==": [ "673FKazcUiydbfN5c6amaw==", "S7qx7a03HASsJhyQafvXjg==", "VsocCwaFpF6PzdX5PxR+sQ==", "ZTGiJlkqcqrCLJSY/Sq8lA==", "SHxE0qXbBmDEp/LL1ieJeA==", "rEg00U8+//igCt+0+QBUhA==", "HuOxI+pWjgGV0XsBvltzlg==", "jw1ZiDut5Ot+DyVFjCrixg==", "xCUiEQAH1lfhrKtUxQDIYA==" ], "mtrWxjnWyzrIFOuHVeUG6g==": [ "9uK7ZDYgFtqP786n0QunAg==", "8rxYDEPu2XxazQ3cBUhX0Q==", "UMD4nV1Ky5C5eKUMgtnKzw==", "XBiy/XVR6SoThCkYUmkD1g==", "UoEFDYM+Gqf2mdRJh5HUFw==", "W/DMqBRMDYVkVH3D67luGg==" ], "oSDtB9GflLljTYeOAikyIQ==": [ "0fCtWwB6iclgRvIA+IqiJQ==", "OWS4rb8siWCzvYT9F1I76A==", "p2qAiuM4AsdQ5J4fBWvbBA==", "EiL50P2QSOoRA18XAAH6Pg==", "ngbKDtxhn33NKWC2lhOQNQ==", "jguV9kU5iHC5V/cF3+b/tg==", "npBrFSWnZYxq9cizdfDfCQ==", "EKs36DFwHVCzU/cF0Be9pQ==", "ElIjMFAz33tt/XVMysRkdA==", "Oi3Y6I7JDcoQrQyH+jMXWw==", "KaROgE0QmtiOixMG9Wi1RA==", "xLIujTim86EomaRofe4tDg==" ], "oW0mvXn9ytTAYEd7IyuyDg==": [ "SRWVKBpKSVVu6JElqG0j6Q==", "edEnut7DPh4a05O2pRFGjQ==", "Cggnnfz5Wzg9ATdQxbGmzA==", "SCyWi9GWaGqLJ1zck/DqFg==", "y/gOsNTweKmuBD/EDkCNjA==", "RX1HGLUK7YuvgmHUK1EmJA==", "2YRc0WjeEyZBoYiaOnJbeg==", "2xtDbYqjkcEeQ4nILuPI0w==", "Sh5iugkp1bJb68yP8NCHYw==", "JPMWR4OeAHyWFf3Dg2jJaA==", "1y7lpBoDolQF4MOVVHZy0Q==", "7aapmz15/k/YqkvmoJ7SCQ==", "sWRmdgywcsHIoX3oPAJtAg==", "l5AEESyfpNpnPm34u+0bTg==", "pNvSycGn7gLye4CiTp9Jfg==", "vZk6bNDV+PPvFMQ3TWO9Yw==", "rT/p3P1cyaL5OCy5Hg0CnA==", "JkfL4zTu19bPyxWl/9w1/g==", "lZiFMI351XcLDHAbozFiVA==", "x5WWACM5RnrcZWvM+VyVxQ==", "2HeAQXhPVJdqlzjgrvqpHA==", "sTuin1fHrs1c1UVtMJopog==", "JOmMpFFsgsXa+1a+3dXgUw==", "XP670IqcB/aFplD9WLyt7w==", "8ZyKfU1iRX/ALcBXZw5gzg==", "RHeiKN7ijeFN3v3rvcCNeg==", "AhAaKQm9f+CHHYES49vDJA==", "rGA6qmM/6m0TL55H2C5Ipw==", "sBYvcFP4mXzEXdJ/rjm0Gg==", "lTxqrYXeYbLpr+nsN3WwrQ==", "z0BRxIHjzG4ZtIbBx13LOw==", "O3w5rL20hshUUEC8mHo7ww==", "L+OsSQwlzLxq3WjvQ9tY6g==", "DCJWTSOK+NcIJh77NAV0Tg==", "gOoanwheVEMPIj3ay9q0Rw==" ], "peUaHHW4E9Y6Nd8+gJR5cQ==": [ "T8K0wLud5USYruAj/m0TEQ==", "+lfnnYuPvMH1ORZwIFi4Rw==", "CcA4hbnNxCLZFO+JaXimTA==", "Q97JvkIPdBB9Bs7AhtfZcw==", "RHl01lzywe1fy6zlGFllvA==", "XbpXfbeApuDuIKvY0/qWiA==", "eohUFw28jV3sGLZE2CBPXA==", "ruDQdx7OmIsgMCpioWbqOQ==", "npQpPXYG8xMJ1LRSVSnKGA==", "zMNYUY09QO2aCVD23XG4dw==" ], "ps1lqMDaJbud3dqz5x5CfA==": [ "HTk+AAyRWNCrZTtBLx34Aw==" ], "qvQuZ5JqRsZ6gzHsz1Le5A==": [ "H2CablNBrQ/I5AsUjk5xyw==", "t3XJyztcU9aOXTMLI8NRmA==", "a067YUjLHWzR99JNl/RtGQ==", "1lUHOMB3ANHGWpqCBv9Ynw==", "BooDzA4nzaDI1l3E5zAHgg==" ], "rwDlHVUTrp+LF00MbLn0mA==": [ "hKXUjhCdirXJFb4AYrM/cA==", "0WWCTKTWgZAx5gQFX5xocQ==", "iIJ3iFT8vGB4mCBd76OYIQ==", "rqf46kw9jZLI5z1fh/xT8g==", "UHPuLzqXgEeZNwKL4JNwbA==", "lRaCpcZFF+BKGc3aURxKOQ==", "UEG6aNWvy75Yh0kBuIwVEQ==", "ASsR3uc++wGMpVPI6Ty/CQ==", "gweJFzg3Re8BHu4K4SVk7Q==", "bHe+8ia3YyV1Th/BtOcchg==", "6srDgOZ+YIS0FRZgw8H3dQ==", "2I1s1wzUEtlMdLaYOJnDdQ==", "vKF+PqGSwcXxm6TEvKrmHQ==", "gvJyRhPprr0T5NUOZbL8vw==", "I5AcHDwdqjNXYrX5U6Xd+Q==", "akH2im5I6UO0h5CQuDQHFA==", "ewwoJlh1bCncbMqa2UMArQ==" ], "rzLpEiogBq9549TzY8PP6w==": [ "2U8ppg+02PjFDuM5YqFstQ==", "8rvqTFlh9aOz4UvxQN0SBQ==", "8qOJVWAut1+UqTXPOWH12g==", "h6rS2s3xilGaG0a+pIjl8A==", "cCowLuOsLfTMmPFOoqUVww==", "L3k0cIIlkMGQFiWnZm8Mlg==", "HB9r/GLycEmk6aXttwtBlw==", "nYtstWEUOCTbjAlmYOKURA==", "IItHEdPWz5fl9O7ZhzjDAA==", "0QzoXQSqkKieJ7Oc+px0JA==", "HKrLnQyTw1292mNt3MQ0aQ==", "mRazAXjBcgFrTolNDZHDsA==", "5ZHvcDYhgzWjwNpRgF2u1w==", "X76rv8qz0AOeJGI5l/lqrQ==", "OFdQC3/0S5rItoyqpACTFw==", "RVCidRUm4D1IKoPhoUi2AA==", "ZlxfTVb/4bi6yWQ+JLaOnw==", "sGwL9v57mGx7f18qBkIacA==" ], "sEWAakrAuXFBdkDn2+trFA==": [ "2U8ppg+02PjFDuM5YqFstQ==", "8rvqTFlh9aOz4UvxQN0SBQ==", "8qOJVWAut1+UqTXPOWH12g==", "h6rS2s3xilGaG0a+pIjl8A==", "cCowLuOsLfTMmPFOoqUVww==", "L3k0cIIlkMGQFiWnZm8Mlg==", "HB9r/GLycEmk6aXttwtBlw==", "nYtstWEUOCTbjAlmYOKURA==", "IItHEdPWz5fl9O7ZhzjDAA==", "0QzoXQSqkKieJ7Oc+px0JA==", "HKrLnQyTw1292mNt3MQ0aQ==", "mRazAXjBcgFrTolNDZHDsA==", "5ZHvcDYhgzWjwNpRgF2u1w==", "X76rv8qz0AOeJGI5l/lqrQ==", "OFdQC3/0S5rItoyqpACTFw==", "RVCidRUm4D1IKoPhoUi2AA==", "ZlxfTVb/4bi6yWQ+JLaOnw==", "sGwL9v57mGx7f18qBkIacA==" ], "w9oQLpJ33Ay0NolWWBXWNg==": [ "1xumzhZiYuIb5kWEpv/z2Q==" ], "y1KXv1Wa0o6q+5/jJ4FmmA==": [ "7s5ZfLjeeO29XXGVHOgzCw==", "G7IyfoPhe9f8QzIGbOfn7Q==", "s7NL2WGVLmkaKjdGB9zKcw==", "92KuvWwbPhsQNPu0knrHAQ==", "yePhQ2wYSrZV2+z+gEbpRg==", "gmqGkQm3k8TsG16sKIYfSA==", "7Puka2o1jq4jSr2Hekrfhg==", "EiJx6rOT8KoLX+Wu7/N6HQ==", "TLOrmSYL76Du+GI4WD9gMQ==" ], "yX08xXm2MSxk7s6Ui2Z6BQ==": [ "H2CablNBrQ/I5AsUjk5xyw==", "t3XJyztcU9aOXTMLI8NRmA==", "a067YUjLHWzR99JNl/RtGQ==", "1lUHOMB3ANHGWpqCBv9Ynw==", "BooDzA4nzaDI1l3E5zAHgg==" ], "ydZ9Nt38kjIKKqCmYtaufg==": [ "QjeO2zYbebGNLlXq8Nnt1A==", "ffh1gI30nIybKK6dKOCoRQ==", "6No5yfLpdjKQAqBbObX62w==", "RaV+zUwgwOTaTguKt0FeTA==", "0SKU6CiKSF47hfRbDYMu5w==", "LOJuHEJYOJa8Zdw16qUEbQ==", "uAci/4Fs/JlJzVgJzxphrQ==", "MEg0AwIv/OJJHh+ITUIgUA==", "egxL7gQ8gjdaORJVFgFReg==", "0Q3x7RbstwOfH9ELTB6XXg==", "jfp+c+PKanOnw+Lw57qE5g==", "u/X06CuToB1iN5N9GbzWVw==", "rsUrSOvGFqydtwDl/XfHQw==", "VW1GAyIwhh7S5uYWVWHndg==", "3iyn4/i+eXclk6mSljsR3A==", "lXiQSfkAH0A3O7OqeMnGEQ==", "+ycsm1BnUPWoLs1UF1UcEg==" ], "zSt5QJXLkBthUtuJMs0KRA==": [ "ZvX4VR3jvMBd1Wq+RxNTgg==" ] }, "enrichments": {} }