Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-69534 (GCVE-0-2025-69534)
Vulnerability from cvelistv5 – Published: 2026-03-05 00:00 – Updated: 2026-03-12 16:18
VLAI
EPSS
Summary
Python-Markdown version 3.8 contain a vulnerability where malformed HTML-like sequences can cause html.parser.HTMLParser to raise an unhandled AssertionError during Markdown parsing. Because Python-Markdown does not catch this exception, any application that processes attacker-controlled Markdown may crash. This enables remote, unauthenticated Denial of Service in web applications, documentation systems, CI/CD pipelines, and any service that renders untrusted Markdown. The issue was acknowledged by the vendor and fixed in version 3.8.1. This issue causes a remote Denial of Service in any application parsing untrusted Markdown, and can lead to Information Disclosure through uncaught exceptions.
Severity
7.5 (High)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2026-03-06T21:07:42.074Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2026/03/06/4"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-69534",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-12T16:17:53.202491Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-12T16:18:40.395Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Python-Markdown version 3.8 contain a vulnerability where malformed HTML-like sequences can cause html.parser.HTMLParser to raise an unhandled AssertionError during Markdown parsing. Because Python-Markdown does not catch this exception, any application that processes attacker-controlled Markdown may crash. This enables remote, unauthenticated Denial of Service in web applications, documentation systems, CI/CD pipelines, and any service that renders untrusted Markdown. The issue was acknowledged by the vendor and fixed in version 3.8.1. This issue causes a remote Denial of Service in any application parsing untrusted Markdown, and can lead to Information Disclosure through uncaught exceptions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-05T14:54:49.592Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/Python-Markdown/markdown/issues/1534"
},
{
"url": "https://github.com/Python-Markdown/markdown"
},
{
"url": "https://github.com/Python-Markdown/markdown/actions/runs/15736122892"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-69534",
"datePublished": "2026-03-05T00:00:00.000Z",
"dateReserved": "2026-01-09T00:00:00.000Z",
"dateUpdated": "2026-03-12T16:18:40.395Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-69534",
"date": "2026-06-15",
"epss": "0.00465",
"percentile": "0.36497"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-69534\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2026-03-05T15:16:11.243\",\"lastModified\":\"2026-03-13T01:25:22.277\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Python-Markdown version 3.8 contain a vulnerability where malformed HTML-like sequences can cause html.parser.HTMLParser to raise an unhandled AssertionError during Markdown parsing. Because Python-Markdown does not catch this exception, any application that processes attacker-controlled Markdown may crash. This enables remote, unauthenticated Denial of Service in web applications, documentation systems, CI/CD pipelines, and any service that renders untrusted Markdown. The issue was acknowledged by the vendor and fixed in version 3.8.1. This issue causes a remote Denial of Service in any application parsing untrusted Markdown, and can lead to Information Disclosure through uncaught exceptions.\"},{\"lang\":\"es\",\"value\":\"Python-Markdown versi\u00f3n 3.8 contiene una vulnerabilidad donde secuencias malformadas similares a HTML pueden hacer que html.parser.HTMLParser genere un AssertionError no manejado durante el an\u00e1lisis de Markdown. Debido a que Python-Markdown no captura esta excepci\u00f3n, cualquier aplicaci\u00f3n que procese Markdown controlado por el atacante puede fallar. Esto permite una denegaci\u00f3n de servicio remota y no autenticada en aplicaciones web, sistemas de documentaci\u00f3n, pipelines de CI/CD y cualquier servicio que renderice Markdown no confiable. El problema fue reconocido por el proveedor y corregido en la versi\u00f3n 3.8.1. Este problema causa una denegaci\u00f3n de servicio remota en cualquier aplicaci\u00f3n que analice Markdown no confiable, y puede llevar a la revelaci\u00f3n de informaci\u00f3n a trav\u00e9s de excepciones no capturadas.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:python-markdown:markdown:3.8:*:*:*:*:python:*:*\",\"matchCriteriaId\":\"2F64C314-46AB-44B9-87F4-69C31A94FC8E\"}]}]}],\"references\":[{\"url\":\"https://github.com/Python-Markdown/markdown\",\"source\":\"cve@mitre.org\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/Python-Markdown/markdown/actions/runs/15736122892\",\"source\":\"cve@mitre.org\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/Python-Markdown/markdown/issues/1534\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Issue Tracking\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/03/06/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.openwall.com/lists/oss-security/2026/03/06/4\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2026-03-06T21:07:42.074Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-69534\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-03-12T16:17:53.202491Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-400\", \"description\": \"CWE-400 Uncontrolled Resource Consumption\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-03-12T16:18:33.576Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://github.com/Python-Markdown/markdown/issues/1534\"}, {\"url\": \"https://github.com/Python-Markdown/markdown\"}, {\"url\": \"https://github.com/Python-Markdown/markdown/actions/runs/15736122892\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Python-Markdown version 3.8 contain a vulnerability where malformed HTML-like sequences can cause html.parser.HTMLParser to raise an unhandled AssertionError during Markdown parsing. Because Python-Markdown does not catch this exception, any application that processes attacker-controlled Markdown may crash. This enables remote, unauthenticated Denial of Service in web applications, documentation systems, CI/CD pipelines, and any service that renders untrusted Markdown. The issue was acknowledged by the vendor and fixed in version 3.8.1. This issue causes a remote Denial of Service in any application parsing untrusted Markdown, and can lead to Information Disclosure through uncaught exceptions.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2026-03-05T14:54:49.592Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-69534\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-03-12T16:18:40.395Z\", \"dateReserved\": \"2026-01-09T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2026-03-05T00:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
RHSA-2026:13826
Vulnerability from csaf_redhat - Published: 2026-05-05 16:10 - Updated: 2026-06-16 03:06Summary
Red Hat Security Advisory: Red Hat Developer Hub 1.9.4 release.
Severity
Critical
Notes
Topic: Red Hat Developer Hub 1.9.4 has been released.
Details: Red Hat Developer Hub (RHDH) is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters (AKS, EKS, GKE). The core features of RHDH include a single pane of glass, a centralized software catalog, self-service via golden path templates, and Tech Docs. RHDH is extensible by plugins.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Axios, a promise-based HTTP client. This vulnerability occurs because Axios does not correctly handle hostname normalization when evaluating NO_PROXY rules. An attacker can exploit this by crafting requests to loopback addresses (e.g., localhost. or [::1]) which bypass the NO_PROXY configuration and are routed through the configured proxy. This can lead to Server-Side Request Forgery (SSRF) vulnerabilities, enabling attackers to access sensitive internal or loopback services that should otherwise be protected.
7.0 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Python-Markdown. Parsing crafted markdown content containing malformed HTML-like sequences causes html.parser.HTMLParser to raise an unhandled AssertionError. This unhandled exception allows an attacker to cause an application crash and potentially disclose sensitive information via its stack trace.
8.2 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in undici, a Node.js HTTP/1.1 client. A remote attacker could exploit this vulnerability by sending HTTP/1.1 requests that include duplicate Content-Length headers with different casing (e.g., "Content-Length" and "content-length"). This can lead to HTTP Request Smuggling, a technique where an attacker sends an ambiguous request that is interpreted differently by a proxy and a backend server. Successful exploitation could result in unauthorized access, cache poisoning, or credential hijacking. It may also cause a Denial of Service (DoS) if strict HTTP parsers reject the malformed requests.
7.3 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in undici. A remote attacker can exploit this vulnerability by sending a specially crafted compressed frame, known as a "decompression bomb," during permessage-deflate decompression. The undici WebSocket client does not properly limit the size of decompressed data, leading to unbounded memory consumption. This can cause the Node.js process to exhaust available memory, resulting in a denial of service (DoS) where the process crashes or becomes unresponsive.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in undici. A remote attacker could exploit this vulnerability by sending a specially crafted WebSocket frame with an extremely large 64-bit length. This causes undici's ByteParser to overflow its internal calculations, leading to an invalid state and a fatal TypeError. The primary consequence is a Denial of Service (DoS), which terminates the process.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the undici WebSocket client. A remote malicious server can exploit this vulnerability by sending a WebSocket frame with an invalid `server_max_window_bits` parameter within the permessage-deflate extension. This improper validation causes the client's Node.js process to terminate, leading to a denial-of-service (DoS) condition for the client.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64 | — |
Workaround
|
Threats
Impact
Important
A security flaw was identified in the Orchestrator Plugin of Red Hat Developer Hub (Backstage). The issue occurs due to insufficient input validation in GraphQL query handling. An authenticated user can inject specially crafted input into API requests, which disrupts backend query processing. This results in the entire Backstage application crashing and restarting, leading to a platform-wide Denial of Service (DoS). As a result, legitimate users temporarily lose access to the platform.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in lodash. The fix for CVE-2021-23337 added validation for the variable option in _.template but did not apply the same validation to options.imports key names. Both paths flow into the same Function() constructor sink. Additionally, _.template uses assignInWith to merge imports, which enumerates inherited properties via for..in. If Object.prototype has been polluted by any other vector, the polluted keys are copied into the imports object and passed to Function().
8.1 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in path-to-regexp. A remote attacker could exploit this vulnerability by providing specially crafted input that generates a regular expression with multiple sequential optional groups. This leads to an exponential growth in the generated regular expression, causing a Denial of Service (DoS) due to excessive resource consumption.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Underscore.js, a JavaScript utility library. This vulnerability allows a remote attacker to trigger a Denial of Service (DoS) attack by providing specially crafted recursive data structures. When these structures are processed by the _.flatten or _.isEqual functions, which lack a depth limit for recursion, a stack overflow occurs. This can make the application unavailable to legitimate users.
5.9 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in minimatch. A remote attacker could exploit this vulnerability by providing a specially crafted glob expression with nested unbounded quantifiers. This could lead to catastrophic backtracking in the V8 JavaScript engine, causing the application to become unresponsive and resulting in a Denial of Service (DoS).
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64 | — |
Vendor Fix
fix
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64 | — | ||
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64 | — |
Threats
Impact
Moderate
A flaw was found in Immutable.js, a library for persistent immutable data structures. This vulnerability, known as Prototype Pollution, allows an attacker with low privileges to inject unwanted properties into core JavaScript object prototypes without user interaction. By manipulating specific APIs such as mergeDeep(), mergeDeepWith(), merge(), Map.toJS(), and Map.toObject(), a remote attacker could potentially execute arbitrary code or cause a denial of service (DoS).
8.8 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64 | — |
Vendor Fix
fix
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64 | — | ||
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64 | — |
Threats
Impact
Important
A flaw was found in SVGO, an SVG (Scalable Vector Graphics) Optimizer. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by submitting a specially crafted XML file. The application's failure to properly guard against XML entity expansion or recursion can lead to the Node.js process consuming excessive memory and crashing.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Backstage. The backstage/plugin-techdocs-node package uses an allowlist to filter dangerous MkDocs configuration keys during the documentation build process. A gap in this allowlist allows attackers to craft an mkdocs.yml file that causes arbitrary Python code execution.
9.1 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64 | — |
Workaround
|
Threats
Impact
Important
A denial of service flaw has been discovered in the flatted npm library. flatted's parse() function uses a recursive revive() phase to resolve circular references in deserialized JSON. When given a crafted payload with deeply nested or self-referential $ indices, the recursion depth is unbounded, causing a stack overflow that crashes the Node.js process.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64 | — |
Vendor Fix
fix
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64 | — | ||
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64 | — |
Threats
Impact
Important
A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.
7.8 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in flatted, a JavaScript Object Notation (JSON) parser designed for handling circular data structures. A remote attacker can exploit this vulnerability by providing specially crafted JSON input. The parse() function in flatted fails to properly validate string values used as array index keys, allowing an attacker to manipulate internal JavaScript object prototypes. This prototype pollution can enable an attacker to execute arbitrary code or cause a denial of service, impacting the availability and integrity of affected systems.
9.8 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64 | — |
Vendor Fix
fix
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64 | — | ||
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64 | — |
Threats
Impact
Critical
A flaw was found in the node-forge library, a JavaScript implementation of Transport Layer Security. This vulnerability, inherited from the bundled jsbn library, allows a remote attacker to cause a Denial of Service (DoS). When the BigInteger.modInverse() function is called with a zero value, it enters an infinite loop, causing the process to hang indefinitely and consume 100% of the CPU resources.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Forge (also called `node-forge`), a JavaScript implementation of Transport Layer Security. A remote attacker could exploit weaknesses in the RSASSA PKCS#1 v1.5 signature verification process. By crafting malicious signatures that include extra data within the ASN structure and do not meet padding requirements, an attacker can bypass signature validation. This allows for the creation of forged signatures that appear legitimate, potentially compromising the integrity and authenticity of communications.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Forge (also called `node-forge`), a JavaScript library used for Transport Layer Security (TLS). The library's Ed25519 signature verification process does not correctly validate cryptographic signatures, allowing forged non-canonical signatures to be accepted. A remote attacker could exploit this signature malleability to bypass authentication and authorization logic. This vulnerability can also circumvent security checks in applications that rely on the uniqueness of cryptographic signatures for functions such as deduplication or preventing replay attacks.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Forge (also known as node-forge), a JavaScript implementation of Transport Layer Security (TLS). The `pki.verifyCertificateChain()` function does not properly enforce certificate validation rules. This oversight allows an intermediate certificate that lacks specific security extensions to enable any leaf certificate to function as a Certificate Authority (CA) and sign other certificates. Consequently, node-forge could accept these unauthorized certificates as valid, potentially leading to spoofing or the issuance of illegitimate certificates.
7.4 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in basic-ftp, an FTP client for Node.js. A remote attacker can exploit this vulnerability by injecting Carriage Return Line Feed (CRLF) sequences into file path parameters used by high-level APIs. This allows the attacker to split a single intended FTP command into multiple commands. Such command injection can lead to the execution of arbitrary commands, potentially compromising the integrity and availability of data or the system.
8.6 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Axios, a promise-based HTTP client. This vulnerability, known as Prototype Pollution, can be exploited through a specific "Gadget" attack chain. This allows an attacker to escalate a Prototype Pollution vulnerability in a third-party dependency, potentially leading to remote code execution or a full cloud compromise, such as bypassing AWS IMDSv2.
9.0 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64 | — |
Vendor Fix
fix
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64 | — | ||
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64 | — |
Threats
Impact
Important
A flaw was found in follow-redirects. When an HTTP request follows a cross-domain redirect (a redirection to a different domain), custom authentication headers, such as X-API-Key or X-Auth-Token, are not properly stripped. This allows these sensitive headers to be forwarded verbatim to the redirect target, potentially leading to the unintended disclosure of authentication information to an untrusted third party.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64 | — |
Vendor Fix
fix
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64 | — | ||
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64 | — |
Threats
Impact
Important
References
202 references
Acknowledgments
Thibault Guittet
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Developer Hub 1.9.4 has been released.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Developer Hub (RHDH) is Red Hat\u0027s enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters (AKS, EKS, GKE). The core features of RHDH include a single pane of glass, a centralized software catalog, self-service via golden path templates, and Tech Docs. RHDH is extensible by plugins.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:13826",
"url": "https://access.redhat.com/errata/RHSA-2026:13826"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62718",
"url": "https://access.redhat.com/security/cve/CVE-2025-62718"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-69534",
"url": "https://access.redhat.com/security/cve/CVE-2025-69534"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-1525",
"url": "https://access.redhat.com/security/cve/CVE-2026-1525"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-1526",
"url": "https://access.redhat.com/security/cve/CVE-2026-1526"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-1528",
"url": "https://access.redhat.com/security/cve/CVE-2026-1528"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-2229",
"url": "https://access.redhat.com/security/cve/CVE-2026-2229"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27601",
"url": "https://access.redhat.com/security/cve/CVE-2026-27601"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27904",
"url": "https://access.redhat.com/security/cve/CVE-2026-27904"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-29063",
"url": "https://access.redhat.com/security/cve/CVE-2026-29063"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-29074",
"url": "https://access.redhat.com/security/cve/CVE-2026-29074"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-29186",
"url": "https://access.redhat.com/security/cve/CVE-2026-29186"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-3118",
"url": "https://access.redhat.com/security/cve/CVE-2026-3118"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32141",
"url": "https://access.redhat.com/security/cve/CVE-2026-32141"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32280",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32282",
"url": "https://access.redhat.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33228",
"url": "https://access.redhat.com/security/cve/CVE-2026-33228"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33891",
"url": "https://access.redhat.com/security/cve/CVE-2026-33891"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33894",
"url": "https://access.redhat.com/security/cve/CVE-2026-33894"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33895",
"url": "https://access.redhat.com/security/cve/CVE-2026-33895"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33896",
"url": "https://access.redhat.com/security/cve/CVE-2026-33896"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39983",
"url": "https://access.redhat.com/security/cve/CVE-2026-39983"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-40175",
"url": "https://access.redhat.com/security/cve/CVE-2026-40175"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-40895",
"url": "https://access.redhat.com/security/cve/CVE-2026-40895"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-4800",
"url": "https://access.redhat.com/security/cve/CVE-2026-4800"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-4926",
"url": "https://access.redhat.com/security/cve/CVE-2026-4926"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://catalog.redhat.com/search?gs\u0026searchType=containers\u0026q=rhdh",
"url": "https://catalog.redhat.com/search?gs\u0026searchType=containers\u0026q=rhdh"
},
{
"category": "external",
"summary": "https://developers.redhat.com/rhdh/overview",
"url": "https://developers.redhat.com/rhdh/overview"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_developer_hub",
"url": "https://docs.redhat.com/en/documentation/red_hat_developer_hub"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHDHBUGS-2981",
"url": "https://issues.redhat.com/browse/RHDHBUGS-2981"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHDHBUGS-2970",
"url": "https://issues.redhat.com/browse/RHDHBUGS-2970"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHDHBUGS-2967",
"url": "https://issues.redhat.com/browse/RHDHBUGS-2967"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHDHBUGS-2935",
"url": "https://issues.redhat.com/browse/RHDHBUGS-2935"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHDHBUGS-2922",
"url": "https://issues.redhat.com/browse/RHDHBUGS-2922"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHDHBUGS-2920",
"url": "https://issues.redhat.com/browse/RHDHBUGS-2920"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_13826.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Developer Hub 1.9.4 release.",
"tracking": {
"current_release_date": "2026-06-16T03:06:20+00:00",
"generator": {
"date": "2026-06-16T03:06:20+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.0.0"
}
},
"id": "RHSA-2026:13826",
"initial_release_date": "2026-05-05T16:10:46+00:00",
"revision_history": [
{
"date": "2026-05-05T16:10:46+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-07T15:39:09+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-16T03:06:20+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Developer Hub 1.9",
"product": {
"name": "Red Hat Developer Hub 1.9",
"product_id": "Red Hat Developer Hub 1.9",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhdh:1.9::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Developer Hub"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"product": {
"name": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"product_id": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhdh-hub-rhel9@sha256%3A80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0?arch=amd64\u0026repository_url=registry.redhat.io/rhdh\u0026tag=1777903262"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64",
"product": {
"name": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64",
"product_id": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhdh-rhel9-operator@sha256%3A7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972?arch=amd64\u0026repository_url=registry.redhat.io/rhdh\u0026tag=1777902709"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"product": {
"name": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"product_id": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhdh-operator-bundle@sha256%3A47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff?arch=amd64\u0026repository_url=registry.redhat.io/rhdh\u0026tag=1777909942"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64 as a component of Red Hat Developer Hub 1.9",
"product_id": "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
},
"product_reference": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"relates_to_product_reference": "Red Hat Developer Hub 1.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64 as a component of Red Hat Developer Hub 1.9",
"product_id": "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64"
},
"product_reference": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"relates_to_product_reference": "Red Hat Developer Hub 1.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64 as a component of Red Hat Developer Hub 1.9",
"product_id": "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
},
"product_reference": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64",
"relates_to_product_reference": "Red Hat Developer Hub 1.9"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-62718",
"cwe": {
"id": "CWE-1289",
"name": "Improper Validation of Unsafe Equivalence in Input"
},
"discovery_date": "2026-04-09T15:01:48.111177+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456913"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability occurs because Axios does not correctly handle hostname normalization when evaluating NO_PROXY rules. An attacker can exploit this by crafting requests to loopback addresses (e.g., localhost. or [::1]) which bypass the NO_PROXY configuration and are routed through the configured proxy. This can lead to Server-Side Request Forgery (SSRF) vulnerabilities, enabling attackers to access sensitive internal or loopback services that should otherwise be protected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Server-Side Request Forgery and proxy bypass due to improper hostname normalization",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw has limited impact due to combination of non-default conditions to exploit: the attacker must be able to control or influence URLs passed to axios in a server-side context, the application must have both `HTTP_PROXY` and `NO_PROXY` configured, and the proxy itself must be positioned to act on the misdirected traffic or have been compromised by the attacker to intercept the rerouted traffic.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62718"
},
{
"category": "external",
"summary": "RHBZ#2456913",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456913"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62718"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62718",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62718"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc1034#section-3.1",
"url": "https://datatracker.ietf.org/doc/html/rfc1034#section-3.1"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.2",
"url": "https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.2"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/commit/fb3befb6daac6cad26b2e54094d0f2d9e47f24df",
"url": "https://github.com/axios/axios/commit/fb3befb6daac6cad26b2e54094d0f2d9e47f24df"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/pull/10661",
"url": "https://github.com/axios/axios/pull/10661"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases/tag/v1.15.0",
"url": "https://github.com/axios/axios/releases/tag/v1.15.0"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-3p68-rc4w-qgx5",
"url": "https://github.com/axios/axios/security/advisories/GHSA-3p68-rc4w-qgx5"
}
],
"release_date": "2026-04-09T14:31:46.067000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T16:10:46+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13826"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Server-Side Request Forgery and proxy bypass due to improper hostname normalization"
},
{
"cve": "CVE-2025-69534",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"discovery_date": "2026-03-05T16:01:10.432461+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2444839"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Python-Markdown. Parsing crafted markdown content containing malformed HTML-like sequences causes html.parser.HTMLParser to raise an unhandled AssertionError. This unhandled exception allows an attacker to cause an application crash and potentially disclose sensitive information via its stack trace.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-markdown: denial of service via malformed HTML-like sequences",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to supply a specially crafted payload to be processed by an application using Python-Markdown. Additionally, the security impact of this vulnerability is limited to an information disclosure via the unhandled exception stack trace and a denial of service. There is no memory corruption or arbitrary command execution. Due to these reasons, this issue has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69534"
},
{
"category": "external",
"summary": "RHBZ#2444839",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444839"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69534",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69534"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69534",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69534"
},
{
"category": "external",
"summary": "https://github.com/Python-Markdown/markdown",
"url": "https://github.com/Python-Markdown/markdown"
},
{
"category": "external",
"summary": "https://github.com/Python-Markdown/markdown/actions/runs/15736122892",
"url": "https://github.com/Python-Markdown/markdown/actions/runs/15736122892"
},
{
"category": "external",
"summary": "https://github.com/Python-Markdown/markdown/issues/1534",
"url": "https://github.com/Python-Markdown/markdown/issues/1534"
}
],
"release_date": "2026-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T16:10:46+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13826"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, wrap your markdown parsing function in a try/except block. This catches the unhandled exception, preventing both the application crash and the stack trace leak.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "python-markdown: denial of service via malformed HTML-like sequences"
},
{
"cve": "CVE-2026-1525",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2026-03-12T21:01:33.639277+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447144"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici, a Node.js HTTP/1.1 client. A remote attacker could exploit this vulnerability by sending HTTP/1.1 requests that include duplicate Content-Length headers with different casing (e.g., \"Content-Length\" and \"content-length\"). This can lead to HTTP Request Smuggling, a technique where an attacker sends an ambiguous request that is interpreted differently by a proxy and a backend server. Successful exploitation could result in unauthorized access, cache poisoning, or credential hijacking. It may also cause a Denial of Service (DoS) if strict HTTP parsers reject the malformed requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Moderate impact. A flaw in the undici Node.js HTTP/1.1 client allows for HTTP Request Smuggling or Denial of Service. This can occur in Red Hat products that use undici and process HTTP requests where user-controlled header names are not case-normalized, or headers are passed as flat arrays.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1525"
},
{
"category": "external",
"summary": "RHBZ#2447144",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447144"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1525",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1525"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1525",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1525"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://cwe.mitre.org/data/definitions/444.html",
"url": "https://cwe.mitre.org/data/definitions/444.html"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3556037",
"url": "https://hackerone.com/reports/3556037"
},
{
"category": "external",
"summary": "https://www.rfc-editor.org/rfc/rfc9110.html#section-8.6",
"url": "https://www.rfc-editor.org/rfc/rfc9110.html#section-8.6"
}
],
"release_date": "2026-03-12T19:56:55.092000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T16:10:46+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13826"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers"
},
{
"cve": "CVE-2026-1526",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-03-12T21:01:25.538271+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447142"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici. A remote attacker can exploit this vulnerability by sending a specially crafted compressed frame, known as a \"decompression bomb,\" during permessage-deflate decompression. The undici WebSocket client does not properly limit the size of decompressed data, leading to unbounded memory consumption. This can cause the Node.js process to exhaust available memory, resulting in a denial of service (DoS) where the process crashes or becomes unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1526"
},
{
"category": "external",
"summary": "RHBZ#2447142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447142"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1526",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1526"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1526",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1526"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc7692",
"url": "https://datatracker.ietf.org/doc/html/rfc7692"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3481206",
"url": "https://hackerone.com/reports/3481206"
}
],
"release_date": "2026-03-12T20:08:05.950000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T16:10:46+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13826"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression"
},
{
"cve": "CVE-2026-1528",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2026-03-12T21:01:36.954017+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447145"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici. A remote attacker could exploit this vulnerability by sending a specially crafted WebSocket frame with an extremely large 64-bit length. This causes undici\u0027s ByteParser to overflow its internal calculations, leading to an invalid state and a fatal TypeError. The primary consequence is a Denial of Service (DoS), which terminates the process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: undici: Denial of Service via crafted WebSocket frame with large length",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1528"
},
{
"category": "external",
"summary": "RHBZ#2447145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447145"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1528",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1528"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1528",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1528"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3537648",
"url": "https://hackerone.com/reports/3537648"
}
],
"release_date": "2026-03-12T20:21:57.775000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T16:10:46+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13826"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: undici: Denial of Service via crafted WebSocket frame with large length"
},
{
"cve": "CVE-2026-2229",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2026-03-12T21:01:29.187989+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447143"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the undici WebSocket client. A remote malicious server can exploit this vulnerability by sending a WebSocket frame with an invalid `server_max_window_bits` parameter within the permessage-deflate extension. This improper validation causes the client\u0027s Node.js process to terminate, leading to a denial-of-service (DoS) condition for the client.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-2229"
},
{
"category": "external",
"summary": "RHBZ#2447143",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447143"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-2229",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2229"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-2229",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2229"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc7692",
"url": "https://datatracker.ietf.org/doc/html/rfc7692"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3487486",
"url": "https://hackerone.com/reports/3487486"
},
{
"category": "external",
"summary": "https://nodejs.org/api/zlib.html#class-zlibinflateraw",
"url": "https://nodejs.org/api/zlib.html#class-zlibinflateraw"
}
],
"release_date": "2026-03-12T20:27:05.600000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T16:10:46+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13826"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter"
},
{
"acknowledgments": [
{
"names": [
"Thibault Guittet"
]
}
],
"cve": "CVE-2026-3118",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2026-02-24T12:08:42.955000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2442273"
}
],
"notes": [
{
"category": "description",
"text": "A security flaw was identified in the Orchestrator Plugin of Red Hat Developer Hub (Backstage). The issue occurs due to insufficient input validation in GraphQL query handling. An authenticated user can inject specially crafted input into API requests, which disrupts backend query processing. This results in the entire Backstage application crashing and restarting, leading to a platform-wide Denial of Service (DoS). As a result, legitimate users temporarily lose access to the platform.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rhdh: GraphQL Injection Leading to Platform-Wide Denial of Service (DoS) in RH Developer Hub Orchestrator Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This MODERATE impact vulnerability in the Orchestrator Plugin of Red Hat Developer Hub (Backstage) allows an authenticated attacker to cause a platform-wide Denial of Service. By injecting specially crafted input into GraphQL API requests, an attacker can disrupt backend query processing, leading to the application crashing and restarting. This issue temporarily prevents legitimate users from accessing the platform.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-3118"
},
{
"category": "external",
"summary": "RHBZ#2442273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442273"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-3118",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3118"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-3118",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-3118"
}
],
"release_date": "2026-02-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T16:10:46+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13826"
},
{
"category": "workaround",
"details": "To mitigate this issue, restrict network access to the Red Hat Developer Hub instance to trusted users and networks only. This limits the exposure of the vulnerable Orchestrator Plugin to unauthorized access.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rhdh: GraphQL Injection Leading to Platform-Wide Denial of Service (DoS) in RH Developer Hub Orchestrator Plugin"
},
{
"cve": "CVE-2026-4800",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2026-03-31T20:01:21.918257+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453496"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in lodash. The fix for CVE-2021-23337 added validation for the variable option in _.template but did not apply the same validation to options.imports key names. Both paths flow into the same Function() constructor sink. Additionally, _.template uses assignInWith to merge imports, which enumerates inherited properties via for..in. If Object.prototype has been polluted by any other vector, the polluted keys are copied into the imports object and passed to Function().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "lodash: lodash: Arbitrary code execution via untrusted input in template imports",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the context of Red Hat Enterprise Linux, the grafana and grafana-pcp packages execute the affected JavaScript entirely client-side within the user\u0027s browser. Consequently, the attack surface is strictly restricted to the local browser environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-4800"
},
{
"category": "external",
"summary": "RHBZ#2453496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453496"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-4800",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-4800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4800"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-35jh-r3h4-6jhm",
"url": "https://github.com/advisories/GHSA-35jh-r3h4-6jhm"
},
{
"category": "external",
"summary": "https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c",
"url": "https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c"
}
],
"release_date": "2026-03-31T19:25:55.987000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T16:10:46+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13826"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "lodash: lodash: Arbitrary code execution via untrusted input in template imports"
},
{
"cve": "CVE-2026-4926",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-03-26T20:03:28.427630+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451867"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in path-to-regexp. A remote attacker could exploit this vulnerability by providing specially crafted input that generates a regular expression with multiple sequential optional groups. This leads to an exponential growth in the generated regular expression, causing a Denial of Service (DoS) due to excessive resource consumption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "path-to-regexp: path-to-regexp: Denial of Service via crafted regular expressions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in `path-to-regexp` that can lead to a Denial of Service. The vulnerability occurs when specially crafted input containing multiple sequential optional groups is used to generate regular expressions, causing exponential resource consumption.\n\nThe Red Hat Advanced Cluster Security is not affected by this issue since it\u0027s shipping a `path-to-regexp` version which doesn\u0027t contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-4926"
},
{
"category": "external",
"summary": "RHBZ#2451867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451867"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-4926",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4926"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-4926",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4926"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
}
],
"release_date": "2026-03-26T18:59:38+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T16:10:46+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13826"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, limit the use of multiple sequential optional groups in route patterns within applications that use `path-to-regexp`. Additionally, avoid directly passing user-controlled input as route patterns to prevent the generation of maliciously crafted regular expressions.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "path-to-regexp: path-to-regexp: Denial of Service via crafted regular expressions"
},
{
"cve": "CVE-2026-27601",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2026-03-03T23:01:58.011378+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2444247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Underscore.js, a JavaScript utility library. This vulnerability allows a remote attacker to trigger a Denial of Service (DoS) attack by providing specially crafted recursive data structures. When these structures are processed by the _.flatten or _.isEqual functions, which lack a depth limit for recursion, a stack overflow occurs. This can make the application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Underscore.js: Underscore.js: Denial of Service via recursive data structures in flatten and isEqual functions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27601"
},
{
"category": "external",
"summary": "RHBZ#2444247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27601",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27601"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27601",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27601"
},
{
"category": "external",
"summary": "https://github.com/jashkenas/underscore/commit/411e222eb0ca5d570cc4f6315c02c05b830ed2b4",
"url": "https://github.com/jashkenas/underscore/commit/411e222eb0ca5d570cc4f6315c02c05b830ed2b4"
},
{
"category": "external",
"summary": "https://github.com/jashkenas/underscore/commit/a6e23ae9647461ec33ad9f92a2ecfc220eea0a84",
"url": "https://github.com/jashkenas/underscore/commit/a6e23ae9647461ec33ad9f92a2ecfc220eea0a84"
},
{
"category": "external",
"summary": "https://github.com/jashkenas/underscore/security/advisories/GHSA-qpx9-hpmf-5gmw",
"url": "https://github.com/jashkenas/underscore/security/advisories/GHSA-qpx9-hpmf-5gmw"
}
],
"release_date": "2026-03-03T22:38:38.955000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T16:10:46+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13826"
},
{
"category": "workaround",
"details": "To mitigate this issue, applications utilizing Underscore.js should ensure that any processing of untrusted, recursively structured data with `_.flatten` or `_.isEqual` explicitly enforces a finite depth limit. Review application code to identify and modify calls to these functions, adding appropriate depth parameters to prevent stack overflow conditions. Additionally, input validation should be implemented to sanitize untrusted data before it is processed by Underscore.js functions.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Underscore.js: Underscore.js: Denial of Service via recursive data structures in flatten and isEqual functions"
},
{
"cve": "CVE-2026-27904",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-02-26T02:01:23.004531+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2442922"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in minimatch. A remote attacker could exploit this vulnerability by providing a specially crafted glob expression with nested unbounded quantifiers. This could lead to catastrophic backtracking in the V8 JavaScript engine, causing the application to become unresponsive and resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this flaw requires that a user or service processes untrusted input.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27904"
},
{
"category": "external",
"summary": "RHBZ#2442922",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442922"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27904",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27904"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27904",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27904"
},
{
"category": "external",
"summary": "https://github.com/isaacs/minimatch/security/advisories/GHSA-23c5-xmqv-rm74",
"url": "https://github.com/isaacs/minimatch/security/advisories/GHSA-23c5-xmqv-rm74"
}
],
"release_date": "2026-02-26T01:07:42.693000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T16:10:46+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13826"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions"
},
{
"cve": "CVE-2026-29063",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-03-06T19:00:57.982727+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445291"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Immutable.js, a library for persistent immutable data structures. This vulnerability, known as Prototype Pollution, allows an attacker with low privileges to inject unwanted properties into core JavaScript object prototypes without user interaction. By manipulating specific APIs such as mergeDeep(), mergeDeepWith(), merge(), Map.toJS(), and Map.toObject(), a remote attacker could potentially execute arbitrary code or cause a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "immutable-js: Immutable.js: Arbitrary code execution via Prototype Pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this vulnerability requires that an attacker is able to provide arbitrary data to clients of this library in a way that calls the affected functions with data the attacker controls. In most deployments, the ability to provide data in this fashion requires that an attacker has some degree of privileges to access the affected applications.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-29063"
},
{
"category": "external",
"summary": "RHBZ#2445291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-29063",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29063"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-29063",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29063"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/releases/tag/v3.8.3",
"url": "https://github.com/immutable-js/immutable-js/releases/tag/v3.8.3"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/releases/tag/v4.3.8",
"url": "https://github.com/immutable-js/immutable-js/releases/tag/v4.3.8"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/releases/tag/v5.1.5",
"url": "https://github.com/immutable-js/immutable-js/releases/tag/v5.1.5"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/security/advisories/GHSA-wf6x-7x77-mvgw",
"url": "https://github.com/immutable-js/immutable-js/security/advisories/GHSA-wf6x-7x77-mvgw"
}
],
"release_date": "2026-03-06T18:25:22.438000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T16:10:46+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13826"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "immutable-js: Immutable.js: Arbitrary code execution via Prototype Pollution"
},
{
"cve": "CVE-2026-29074",
"cwe": {
"id": "CWE-776",
"name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
},
"discovery_date": "2026-03-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445132"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in SVGO, an SVG (Scalable Vector Graphics) Optimizer. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by submitting a specially crafted XML file. The application\u0027s failure to properly guard against XML entity expansion or recursion can lead to the Node.js process consuming excessive memory and crashing.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "svgo: SVGO: Denial of Service via XML entity expansion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-29074"
},
{
"category": "external",
"summary": "RHBZ#2445132",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445132"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-29074",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29074"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-29074",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29074"
},
{
"category": "external",
"summary": "https://github.com/svg/svgo/security/advisories/GHSA-xpqw-6gx7-v673",
"url": "https://github.com/svg/svgo/security/advisories/GHSA-xpqw-6gx7-v673"
}
],
"release_date": "2026-03-06T07:23:05.716000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T16:10:46+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13826"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "svgo: SVGO: Denial of Service via XML entity expansion"
},
{
"cve": "CVE-2026-29186",
"cwe": {
"id": "CWE-791",
"name": "Incomplete Filtering of Special Elements"
},
"discovery_date": "2026-03-07T16:01:40.949207+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445480"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Backstage. The backstage/plugin-techdocs-node package uses an allowlist to filter dangerous MkDocs configuration keys during the documentation build process. A gap in this allowlist allows attackers to craft an mkdocs.yml file that causes arbitrary Python code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "backstage/plugin-techdocs-node: TechDocs Mkdocs configuration key enables arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs commit access to a repository that Backstage is configured to track and build in order to introduce a malicious mkdocs.yml file into the TechDocs build pipeline. Additionally, an attacker can execute arbitrary Python code but the payload is confined by the permissions granted to the TechDocs build process which is typically a restricted service account, limiting the impact of this vulnerability. Due to these reasons, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-29186"
},
{
"category": "external",
"summary": "RHBZ#2445480",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445480"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-29186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29186"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-29186",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29186"
},
{
"category": "external",
"summary": "https://github.com/backstage/backstage/security/advisories/GHSA-928r-fm4v-mvrw",
"url": "https://github.com/backstage/backstage/security/advisories/GHSA-928r-fm4v-mvrw"
}
],
"release_date": "2026-03-07T15:03:51.422000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T16:10:46+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13826"
},
{
"category": "workaround",
"details": "To mitigate this issue, enable docker isolation by updating the Backstage configuration to use \u0027runIn: docker\u0027 instead of \u0027runIn: local\u0027, confining the arbitrary Python code execution to a containerized environment. Additionally, limit commit access to repositories tracked by Backstage to trusted contributors only, and enforce mandatory pull request (PR) reviews for any modifications made to the mkdocs.yml file.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "backstage/plugin-techdocs-node: TechDocs Mkdocs configuration key enables arbitrary code execution"
},
{
"cve": "CVE-2026-32141",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-03-12T19:01:30.987208+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447083"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service flaw has been discovered in the flatted npm library. flatted\u0027s parse() function uses a recursive revive() phase to resolve circular references in deserialized JSON. When given a crafted payload with deeply nested or self-referential $ indices, the recursion depth is unbounded, causing a stack overflow that crashes the Node.js process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flatted: flatted: Unbounded recursion DoS in parse() revive phase",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32141"
},
{
"category": "external",
"summary": "RHBZ#2447083",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447083"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32141",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32141"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32141",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32141"
},
{
"category": "external",
"summary": "https://github.com/WebReflection/flatted/commit/7eb65d857e1a40de11c47461cdbc8541449f0606",
"url": "https://github.com/WebReflection/flatted/commit/7eb65d857e1a40de11c47461cdbc8541449f0606"
},
{
"category": "external",
"summary": "https://github.com/WebReflection/flatted/pull/88",
"url": "https://github.com/WebReflection/flatted/pull/88"
},
{
"category": "external",
"summary": "https://github.com/WebReflection/flatted/security/advisories/GHSA-25h7-pfq9-p65f",
"url": "https://github.com/WebReflection/flatted/security/advisories/GHSA-25h7-pfq9-p65f"
}
],
"release_date": "2026-03-12T18:08:09.634000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T16:10:46+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13826"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "flatted: flatted: Unbounded recursion DoS in parse() revive phase"
},
{
"cve": "CVE-2026-32280",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-08T02:01:19.572351+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "RHBZ#2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://go.dev/cl/758320",
"url": "https://go.dev/cl/758320"
},
{
"category": "external",
"summary": "https://go.dev/issue/78282",
"url": "https://go.dev/issue/78282"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4947",
"url": "https://pkg.go.dev/vuln/GO-2026-4947"
}
],
"release_date": "2026-04-08T01:06:58.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T16:10:46+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13826"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
},
{
"cve": "CVE-2026-32282",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2026-04-08T02:01:12.683211+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456336"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs access to the system and the required permissions to create a symbolic link. Additionally, the attacker must swap the target file with a symbolic link in the exact window after the `Root.Chmod` function checks its target but before acting. Due to these conditions, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "RHBZ#2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32282",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32282"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"category": "external",
"summary": "https://go.dev/cl/763761",
"url": "https://go.dev/cl/763761"
},
{
"category": "external",
"summary": "https://go.dev/issue/78293",
"url": "https://go.dev/issue/78293"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4864",
"url": "https://pkg.go.dev/vuln/GO-2026-4864"
}
],
"release_date": "2026-04-08T01:06:55.953000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T16:10:46+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13826"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root"
},
{
"cve": "CVE-2026-33228",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-03-21T00:01:43.424803+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449872"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in flatted, a JavaScript Object Notation (JSON) parser designed for handling circular data structures. A remote attacker can exploit this vulnerability by providing specially crafted JSON input. The parse() function in flatted fails to properly validate string values used as array index keys, allowing an attacker to manipulate internal JavaScript object prototypes. This prototype pollution can enable an attacker to execute arbitrary code or cause a denial of service, impacting the availability and integrity of affected systems.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flatted: Flatted: Prototype pollution vulnerability allows arbitrary code execution via crafted JSON.",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A Critical vulnerability was discovered in \u0027flatted\u0027, a JavaScript JSON parser. It could enable a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service. Exploitation involves prototype pollution by providing a specially crafted JSON input. Red Hat products that process un-trusted JSON data and utilize the \u0027flatted\u0027 library are at risk if they do not properly sanitize input.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33228"
},
{
"category": "external",
"summary": "RHBZ#2449872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449872"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33228",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33228"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33228",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33228"
},
{
"category": "external",
"summary": "https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802",
"url": "https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802"
},
{
"category": "external",
"summary": "https://github.com/WebReflection/flatted/releases/tag/v3.4.2",
"url": "https://github.com/WebReflection/flatted/releases/tag/v3.4.2"
},
{
"category": "external",
"summary": "https://github.com/WebReflection/flatted/security/advisories/GHSA-rf6f-7fwh-wjgh",
"url": "https://github.com/WebReflection/flatted/security/advisories/GHSA-rf6f-7fwh-wjgh"
}
],
"release_date": "2026-03-20T23:06:48.485000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T16:10:46+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13826"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flatted: Flatted: Prototype pollution vulnerability allows arbitrary code execution via crafted JSON."
},
{
"cve": "CVE-2026-33891",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2026-03-27T21:01:34.410210+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452450"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the node-forge library, a JavaScript implementation of Transport Layer Security. This vulnerability, inherited from the bundled jsbn library, allows a remote attacker to cause a Denial of Service (DoS). When the BigInteger.modInverse() function is called with a zero value, it enters an infinite loop, causing the process to hang indefinitely and consume 100% of the CPU resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge: Denial of Service via infinite loop in BigInteger.modInverse()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33891"
},
{
"category": "external",
"summary": "RHBZ#2452450",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452450"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33891",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33891"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33891",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33891"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/commit/9bb8d67b99d17e4ebb5fd7596cd699e11f25d023",
"url": "https://github.com/digitalbazaar/forge/commit/9bb8d67b99d17e4ebb5fd7596cd699e11f25d023"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5m6q-g25r-mvwx",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5m6q-g25r-mvwx"
}
],
"release_date": "2026-03-27T20:43:37.725000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T16:10:46+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13826"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: node-forge: Denial of Service via infinite loop in BigInteger.modInverse()"
},
{
"cve": "CVE-2026-33894",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2026-03-27T21:02:52.462999+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452464"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Forge (also called `node-forge`), a JavaScript implementation of Transport Layer Security. A remote attacker could exploit weaknesses in the RSASSA PKCS#1 v1.5 signature verification process. By crafting malicious signatures that include extra data within the ASN structure and do not meet padding requirements, an attacker can bypass signature validation. This allows for the creation of forged signatures that appear legitimate, potentially compromising the integrity and authenticity of communications.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: Forge: Signature Forgery via Weak RSASSA PKCS#1 v1.5 Verification",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33894"
},
{
"category": "external",
"summary": "RHBZ#2452464",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452464"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33894",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33894"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33894",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33894"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc2313#section-8",
"url": "https://datatracker.ietf.org/doc/html/rfc2313#section-8"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp"
},
{
"category": "external",
"summary": "https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE",
"url": "https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE"
},
{
"category": "external",
"summary": "https://www.rfc-editor.org/rfc/rfc8017.html",
"url": "https://www.rfc-editor.org/rfc/rfc8017.html"
}
],
"release_date": "2026-03-27T20:45:49.583000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T16:10:46+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13826"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: Forge: Signature Forgery via Weak RSASSA PKCS#1 v1.5 Verification"
},
{
"cve": "CVE-2026-33895",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2026-03-27T21:02:18.484291+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452457"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Forge (also called `node-forge`), a JavaScript library used for Transport Layer Security (TLS). The library\u0027s Ed25519 signature verification process does not correctly validate cryptographic signatures, allowing forged non-canonical signatures to be accepted. A remote attacker could exploit this signature malleability to bypass authentication and authorization logic. This vulnerability can also circumvent security checks in applications that rely on the uniqueness of cryptographic signatures for functions such as deduplication or preventing replay attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: Forge: Authentication bypass via forged Ed25519 cryptographic signatures",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33895"
},
{
"category": "external",
"summary": "RHBZ#2452457",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452457"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33895",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33895"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33895",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33895"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc8032#section-8.4",
"url": "https://datatracker.ietf.org/doc/html/rfc8032#section-8.4"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/commit/bdecf11571c9f1a487cc0fe72fe78ff6dfa96b85",
"url": "https://github.com/digitalbazaar/forge/commit/bdecf11571c9f1a487cc0fe72fe78ff6dfa96b85"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-q67f-28xg-22rw",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-q67f-28xg-22rw"
}
],
"release_date": "2026-03-27T20:47:54.492000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T16:10:46+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13826"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: Forge: Authentication bypass via forged Ed25519 cryptographic signatures"
},
{
"cve": "CVE-2026-33896",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2026-03-27T21:02:22.762233+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452458"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Forge (also known as node-forge), a JavaScript implementation of Transport Layer Security (TLS). The `pki.verifyCertificateChain()` function does not properly enforce certificate validation rules. This oversight allows an intermediate certificate that lacks specific security extensions to enable any leaf certificate to function as a Certificate Authority (CA) and sign other certificates. Consequently, node-forge could accept these unauthorized certificates as valid, potentially leading to spoofing or the issuance of illegitimate certificates.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: Forge (node-forge): Certificate validation bypass allows unauthorized certificate issuance",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33896"
},
{
"category": "external",
"summary": "RHBZ#2452458",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452458"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33896",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33896"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33896",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33896"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/commit/2e492832fb25227e6b647cbe1ac981c123171e90",
"url": "https://github.com/digitalbazaar/forge/commit/2e492832fb25227e6b647cbe1ac981c123171e90"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-2328-f5f3-gj25",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-2328-f5f3-gj25"
}
],
"release_date": "2026-03-27T20:50:03.418000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T16:10:46+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13826"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: Forge (node-forge): Certificate validation bypass allows unauthorized certificate issuance"
},
{
"cve": "CVE-2026-39983",
"cwe": {
"id": "CWE-93",
"name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
},
"discovery_date": "2026-04-09T18:02:16.209487+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456971"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in basic-ftp, an FTP client for Node.js. A remote attacker can exploit this vulnerability by injecting Carriage Return Line Feed (CRLF) sequences into file path parameters used by high-level APIs. This allows the attacker to split a single intended FTP command into multiple commands. Such command injection can lead to the execution of arbitrary commands, potentially compromising the integrity and availability of data or the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "basic-ftp: basic-ftp: Command injection via CRLF sequences in file path parameters",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39983"
},
{
"category": "external",
"summary": "RHBZ#2456971",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456971"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39983",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39983"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39983",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39983"
},
{
"category": "external",
"summary": "https://github.com/patrickjuchli/basic-ftp/commit/2ecc8e2c500c5234115f06fd1dbde1aa03d70f4b",
"url": "https://github.com/patrickjuchli/basic-ftp/commit/2ecc8e2c500c5234115f06fd1dbde1aa03d70f4b"
},
{
"category": "external",
"summary": "https://github.com/patrickjuchli/basic-ftp/releases/tag/v5.2.1",
"url": "https://github.com/patrickjuchli/basic-ftp/releases/tag/v5.2.1"
},
{
"category": "external",
"summary": "https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q",
"url": "https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q"
}
],
"release_date": "2026-04-09T17:05:46.228000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T16:10:46+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13826"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "basic-ftp: basic-ftp: Command injection via CRLF sequences in file path parameters"
},
{
"cve": "CVE-2026-40175",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-04-10T20:02:10.296601+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2457432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability, known as Prototype Pollution, can be exploited through a specific \"Gadget\" attack chain. This allows an attacker to escalate a Prototype Pollution vulnerability in a third-party dependency, potentially leading to remote code execution or a full cloud compromise, such as bypassing AWS IMDSv2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Remote Code Execution via Prototype Pollution escalation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Axios library, a promise-based HTTP client, is susceptible to an Important prototype pollution vulnerability. This flaw, when combined with specific \"Gadget\" attack chains in third-party dependencies, can lead to remote code execution or full cloud compromise, including bypassing AWS IMDSv2.\n \nWith pollution check patch available in Axios gives an advantage, it remains vulnerable due to HTTP Header Sanitation and Server-Side Request Forgery threat.\n\nRed Hat products that incorporate the vulnerable Axios library are affected.\n\nThe openshift4/ose-monitoring-plugin-rhel9 container image is not vulnerable to this flaw. The affected component is used as a build-time dependency but it\u0027s not shipped in the final product, meaning the flaw is not present thus cannot be exploited in the container deployments.\n\nRegarding openshift4/ose-console for Product stream 4.12 and 4.13, the vulnerable component is present (indirect dependency), but the vulnerability is not exploitable in our case due to the browser runtime, where the required Node.js-specific attack vectors are not available. With this, the impact becomes low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-40175"
},
{
"category": "external",
"summary": "RHBZ#2457432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-40175",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40175"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-40175",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40175"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/commit/363185461b90b1b78845dc8a99a1f103d9b122a1",
"url": "https://github.com/axios/axios/commit/363185461b90b1b78845dc8a99a1f103d9b122a1"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/pull/10660",
"url": "https://github.com/axios/axios/pull/10660"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases/tag/v1.15.0",
"url": "https://github.com/axios/axios/releases/tag/v1.15.0"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-fvcv-3m26-pcqx",
"url": "https://github.com/axios/axios/security/advisories/GHSA-fvcv-3m26-pcqx"
}
],
"release_date": "2026-04-10T19:23:52.285000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T16:10:46+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13826"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Remote Code Execution via Prototype Pollution escalation"
},
{
"cve": "CVE-2026-40895",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"discovery_date": "2026-04-21T21:02:33.280553+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2460297"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in follow-redirects. When an HTTP request follows a cross-domain redirect (a redirection to a different domain), custom authentication headers, such as X-API-Key or X-Auth-Token, are not properly stripped. This allows these sensitive headers to be forwarded verbatim to the redirect target, potentially leading to the unintended disclosure of authentication information to an untrusted third party.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "follow-redirects: follow-redirects: Information disclosure via cross-domain redirects",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-40895"
},
{
"category": "external",
"summary": "RHBZ#2460297",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460297"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-40895",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40895"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-40895",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40895"
},
{
"category": "external",
"summary": "https://github.com/follow-redirects/follow-redirects/security/advisories/GHSA-r4q5-vmmm-2653",
"url": "https://github.com/follow-redirects/follow-redirects/security/advisories/GHSA-r4q5-vmmm-2653"
}
],
"release_date": "2026-04-21T19:59:59.759000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T16:10:46+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13826"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:80453720616cee369e9f79863ef1815a2741afdeb25d3572085d11ad54afa9a0_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:47c3fc5bfb21e980f0fa6c510c48c97982649c7f27d9d486a19391c56c9531ff_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:7118207df52574eb4eb9a6b35aa23eef8029937c2ace807b5e132bcc5188a972_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "follow-redirects: follow-redirects: Information disclosure via cross-domain redirects"
}
]
}
RHSA-2026:14835
Vulnerability from csaf_redhat - Published: 2026-05-07 17:09 - Updated: 2026-06-15 20:46Summary
Red Hat Security Advisory: Satellite 6.18.5 Async Update
Severity
Important
Notes
Topic: A new release is now available for Red Hat Satellite 6.18 for RHEL 9.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Details: Red Hat Satellite is a system management solution that allows organizations
to configure and maintain their systems without the necessity to provide
public Internet access to their servers or other client systems. It
performs provisioning and configuration management of predefined standard
operating environments.
Security Fix(es):
* python3.12-django: Django: SQL Injection via crafted column aliases
(CVE-2026-1287)
* python3.12-django: Django: SQL Injection via RasterField band index
parameter (CVE-2026-1207)
* python3.12-django: Django: SQL injection via crafted column aliases in
QuerySet.order_by() (CVE-2026-1312)
* python3.12-django: Django: Denial of Service via crafted HTML inputs
(CVE-2026-1285)
* python3.12-django: Django: Denial of Service via crafted request with
duplicate headers (CVE-2025-14550)
* python3.12-markdown: markdown: Denial of Service via malformed
HTML-like sequences (CVE-2025-69534)
* python3.12-pyOpenSSL: pyOpenSSL: DTLS cookie callback buffer overflow
(CVE-2026-27459)
* rubygem-activesupport: Active Support: Denial of Service via large
scientific notation strings (CVE-2026-33176)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Django. A remote attacker can exploit this vulnerability by sending a crafted request containing multiple duplicate headers to the ASGIRequest component. This can lead to a potential Denial of Service (DoS), making the affected system unavailable to legitimate users.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.src | — |
Vendor Fix
fix
Workaround
|
Known not affected
122 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-cli-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-ec2-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-journald-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-openstack-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-redis-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-service-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-vmware-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-cli-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-common-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-debug-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-ec2-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-journald-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-openstack-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-pcp-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-redis-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-service-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-vmware-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-capsule-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-cli-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-common-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:candlepin-selinux-0:4.6.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-cli-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-debug-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-ec2-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-journald-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-openstack-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-pcp-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-redis-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-service-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-vmware-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-capsule-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-cli-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-common-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in Python-Markdown. Parsing crafted markdown content containing malformed HTML-like sequences causes html.parser.HTMLParser to raise an unhandled AssertionError. This unhandled exception allows an attacker to cause an application crash and potentially disclose sensitive information via its stack trace.
8.2 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.src | — |
Vendor Fix
fix
Workaround
|
Known not affected
122 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-cli-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-ec2-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-journald-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-openstack-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-redis-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-service-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-vmware-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-cli-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-common-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-debug-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-ec2-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-journald-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-openstack-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-pcp-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-redis-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-service-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-vmware-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-capsule-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-cli-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-common-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:candlepin-selinux-0:4.6.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-cli-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-debug-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-ec2-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-journald-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-openstack-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-pcp-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-redis-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-service-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-vmware-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-capsule-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-cli-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-common-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Django. A remote attacker could inject SQL commands by manipulating the band index parameter during raster lookups on `RasterField` (only implemented on PostGIS). This SQL injection vulnerability could lead to unauthorized information disclosure, data alteration, or denial of service.
8.3 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.src | — |
Vendor Fix
fix
Workaround
|
Known not affected
122 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-cli-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-ec2-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-journald-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-openstack-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-redis-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-service-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-vmware-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-cli-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-common-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-debug-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-ec2-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-journald-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-openstack-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-pcp-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-redis-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-service-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-vmware-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-capsule-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-cli-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-common-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:candlepin-selinux-0:4.6.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-cli-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-debug-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-ec2-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-journald-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-openstack-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-pcp-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-redis-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-service-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-vmware-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-capsule-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-cli-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-common-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Django. A remote attacker can exploit this vulnerability by providing crafted inputs containing a large number of unmatched HTML end tags to the `django.utils.text.Truncator.chars()` and `Truncator.words()` methods (when `html=True`), or through the `truncatechars_html` and `truncatewords_html` template filters. This can lead to a denial-of-service (DoS) condition, making the application unavailable to legitimate users.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.src | — |
Vendor Fix
fix
Workaround
|
Known not affected
122 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-cli-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-ec2-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-journald-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-openstack-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-redis-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-service-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-vmware-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-cli-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-common-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-debug-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-ec2-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-journald-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-openstack-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-pcp-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-redis-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-service-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-vmware-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-capsule-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-cli-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-common-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:candlepin-selinux-0:4.6.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-cli-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-debug-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-ec2-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-journald-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-openstack-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-pcp-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-redis-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-service-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-vmware-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-capsule-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-cli-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-common-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in Django. This vulnerability allows a remote attacker to perform SQL injection by using specially crafted control characters within column aliases. When these crafted aliases are passed through dictionary expansion to `QuerySet` methods like `annotate()` or `values()`, it can lead to the execution of arbitrary SQL commands. This could result in unauthorized access to sensitive data or modification of information within the database.
8.3 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.src | — |
Vendor Fix
fix
Workaround
|
Known not affected
122 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-cli-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-ec2-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-journald-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-openstack-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-redis-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-service-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-vmware-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-cli-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-common-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-debug-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-ec2-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-journald-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-openstack-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-pcp-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-redis-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-service-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-vmware-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-capsule-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-cli-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-common-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:candlepin-selinux-0:4.6.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-cli-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-debug-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-ec2-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-journald-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-openstack-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-pcp-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-redis-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-service-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-vmware-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-capsule-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-cli-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-common-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Django. A remote attacker could exploit a SQL injection vulnerability in the `.QuerySet.order_by()` method. This occurs when column aliases containing periods are used, and the same alias is also present in `FilteredRelation` via a specially crafted dictionary. Successful exploitation could lead to unauthorized information disclosure or arbitrary code execution within the database.
8.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.src | — |
Vendor Fix
fix
Workaround
|
Known not affected
122 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-cli-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-ec2-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-journald-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-openstack-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-redis-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-service-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-vmware-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-cli-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-common-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-debug-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-ec2-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-journald-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-openstack-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-pcp-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-redis-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-service-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-vmware-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-capsule-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-cli-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-common-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:candlepin-selinux-0:4.6.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-cli-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-debug-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-ec2-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-journald-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-openstack-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-pcp-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-redis-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-service-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-vmware-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-capsule-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-cli-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-common-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
Threats
Impact
Important
A flaw was found in pyOpenSSL. The set_cookie_generate_callback callback function can be used to generate DTLS cookies. When the callback returns a cookie string or byte sequence longer than 256 bytes, a buffer overflow can be triggered due to a missing bounds checking before copying the data to a fixed-size buffer provided by the underlying OpenSSL library.
8.1 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src | — |
Vendor Fix
fix
Workaround
|
Known not affected
122 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-cli-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-ec2-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-journald-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-openstack-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-redis-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-service-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-vmware-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-cli-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-common-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-debug-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-ec2-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-journald-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-openstack-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-pcp-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-redis-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-service-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-vmware-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-capsule-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-cli-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-common-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:candlepin-selinux-0:4.6.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-cli-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-debug-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-ec2-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-journald-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-openstack-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-pcp-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-redis-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-service-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-vmware-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-capsule-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-cli-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-common-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Active Support, a toolkit of support libraries for Ruby on Rails. A remote attacker can exploit this vulnerability by providing specially crafted strings containing scientific notation (e.g., "1e10000") to number helpers. This input causes the `BigDecimal` component to expand into extremely large decimal representations, consuming excessive memory and CPU resources. This can lead to a Denial of Service (DoS) vulnerability, making the affected system unavailable.
6.5 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.src | — |
Vendor Fix
fix
Workaround
|
Known not affected
122 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-cli-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-ec2-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-journald-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-openstack-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-redis-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-service-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-vmware-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-cli-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-common-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-debug-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-ec2-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-journald-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-openstack-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-pcp-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-redis-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-service-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-vmware-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-capsule-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-cli-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-common-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:candlepin-selinux-0:4.6.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-cli-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-debug-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-ec2-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-journald-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-openstack-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-pcp-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-redis-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-service-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-vmware-0:3.16.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-capsule-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-cli-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-common-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch | — |
Workaround
|
Threats
Impact
Moderate
References
73 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A new release is now available for Red Hat Satellite 6.18 for RHEL 9.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Satellite is a system management solution that allows organizations\nto configure and maintain their systems without the necessity to provide\npublic Internet access to their servers or other client systems. It\nperforms provisioning and configuration management of predefined standard\noperating environments.\n\nSecurity Fix(es):\n\n* python3.12-django: Django: SQL Injection via crafted column aliases\n(CVE-2026-1287)\n* python3.12-django: Django: SQL Injection via RasterField band index\nparameter (CVE-2026-1207)\n* python3.12-django: Django: SQL injection via crafted column aliases in\nQuerySet.order_by() (CVE-2026-1312)\n* python3.12-django: Django: Denial of Service via crafted HTML inputs\n(CVE-2026-1285)\n* python3.12-django: Django: Denial of Service via crafted request with\nduplicate headers (CVE-2025-14550)\n* python3.12-markdown: markdown: Denial of Service via malformed\nHTML-like sequences (CVE-2025-69534)\n* python3.12-pyOpenSSL: pyOpenSSL: DTLS cookie callback buffer overflow\n(CVE-2026-27459)\n* rubygem-activesupport: Active Support: Denial of Service via large\nscientific notation strings (CVE-2026-33176)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:14835",
"url": "https://access.redhat.com/errata/RHSA-2026:14835"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.18/html/updating_red_hat_satellite/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.18/html/updating_red_hat_satellite/index"
},
{
"category": "external",
"summary": "SAT-37836",
"url": "https://issues.redhat.com/browse/SAT-37836"
},
{
"category": "external",
"summary": "SAT-43946",
"url": "https://issues.redhat.com/browse/SAT-43946"
},
{
"category": "external",
"summary": "SAT-43947",
"url": "https://issues.redhat.com/browse/SAT-43947"
},
{
"category": "external",
"summary": "SAT-43948",
"url": "https://issues.redhat.com/browse/SAT-43948"
},
{
"category": "external",
"summary": "SAT-43949",
"url": "https://issues.redhat.com/browse/SAT-43949"
},
{
"category": "external",
"summary": "SAT-43950",
"url": "https://issues.redhat.com/browse/SAT-43950"
},
{
"category": "external",
"summary": "SAT-43951",
"url": "https://issues.redhat.com/browse/SAT-43951"
},
{
"category": "external",
"summary": "SAT-43952",
"url": "https://issues.redhat.com/browse/SAT-43952"
},
{
"category": "external",
"summary": "SAT-43953",
"url": "https://issues.redhat.com/browse/SAT-43953"
},
{
"category": "external",
"summary": "SAT-43954",
"url": "https://issues.redhat.com/browse/SAT-43954"
},
{
"category": "external",
"summary": "SAT-43955",
"url": "https://issues.redhat.com/browse/SAT-43955"
},
{
"category": "external",
"summary": "SAT-43956",
"url": "https://issues.redhat.com/browse/SAT-43956"
},
{
"category": "external",
"summary": "SAT-43958",
"url": "https://issues.redhat.com/browse/SAT-43958"
},
{
"category": "external",
"summary": "SAT-43959",
"url": "https://issues.redhat.com/browse/SAT-43959"
},
{
"category": "external",
"summary": "SAT-43960",
"url": "https://issues.redhat.com/browse/SAT-43960"
},
{
"category": "external",
"summary": "SAT-43962",
"url": "https://issues.redhat.com/browse/SAT-43962"
},
{
"category": "external",
"summary": "SAT-43963",
"url": "https://issues.redhat.com/browse/SAT-43963"
},
{
"category": "external",
"summary": "SAT-44062",
"url": "https://issues.redhat.com/browse/SAT-44062"
},
{
"category": "external",
"summary": "SAT-44760",
"url": "https://issues.redhat.com/browse/SAT-44760"
},
{
"category": "external",
"summary": "SAT-44761",
"url": "https://issues.redhat.com/browse/SAT-44761"
},
{
"category": "external",
"summary": "SAT-44762",
"url": "https://issues.redhat.com/browse/SAT-44762"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_14835.json"
}
],
"title": "Red Hat Security Advisory: Satellite 6.18.5 Async Update",
"tracking": {
"current_release_date": "2026-06-15T20:46:49+00:00",
"generator": {
"date": "2026-06-15T20:46:49+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.0.0"
}
},
"id": "RHSA-2026:14835",
"initial_release_date": "2026-05-07T17:09:35+00:00",
"revision_history": [
{
"date": "2026-05-07T17:09:35+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-07T17:09:35+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-15T20:46:49+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Satellite 6.18 for RHEL 9",
"product": {
"name": "Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite:6.18::el9"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.18 for RHEL 9",
"product": {
"name": "Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_capsule:6.18::el9"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.18 for RHEL 9",
"product": {
"name": "Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-utils",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_utils:6.18::el9"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.18 for RHEL 9",
"product": {
"name": "Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-maintenance",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_maintenance:6.18::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Satellite 6"
},
{
"branches": [
{
"category": "product_version",
"name": "candlepin-0:4.6.5-1.el9sat.src",
"product": {
"name": "candlepin-0:4.6.5-1.el9sat.src",
"product_id": "candlepin-0:4.6.5-1.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/candlepin@4.6.5-1.el9sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "foreman-0:3.16.0.16-1.el9sat.src",
"product": {
"name": "foreman-0:3.16.0.16-1.el9sat.src",
"product_id": "foreman-0:3.16.0.16-1.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman@3.16.0.16-1.el9sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "foreman-installer-1:3.16.0.8-1.el9sat.src",
"product": {
"name": "foreman-installer-1:3.16.0.8-1.el9sat.src",
"product_id": "foreman-installer-1:3.16.0.8-1.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-installer@3.16.0.8-1.el9sat?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python3.12-cffi-0:2.0.0-1.el9pc.src",
"product": {
"name": "python3.12-cffi-0:2.0.0-1.el9pc.src",
"product_id": "python3.12-cffi-0:2.0.0-1.el9pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.12-cffi@2.0.0-1.el9pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "python3.12-cryptography-0:46.0.6-1.el9pc.src",
"product": {
"name": "python3.12-cryptography-0:46.0.6-1.el9pc.src",
"product_id": "python3.12-cryptography-0:46.0.6-1.el9pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.12-cryptography@46.0.6-1.el9pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "python3.12-django-0:4.2.30-1.el9pc.src",
"product": {
"name": "python3.12-django-0:4.2.30-1.el9pc.src",
"product_id": "python3.12-django-0:4.2.30-1.el9pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.12-django@4.2.30-1.el9pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "python3.12-markdown-0:3.8.2-1.el9pc.src",
"product": {
"name": "python3.12-markdown-0:3.8.2-1.el9pc.src",
"product_id": "python3.12-markdown-0:3.8.2-1.el9pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.12-markdown@3.8.2-1.el9pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"product": {
"name": "python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"product_id": "python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.12-pulpcore@3.73.30-1.el9pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"product": {
"name": "python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"product_id": "python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.12-pyOpenSSL@26.0.0-2.el9pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"product": {
"name": "rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"product_id": "rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activesupport@7.0.8.7-2.el9sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"product": {
"name": "rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"product_id": "rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_maintain@1.13.8-1.el9sat?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src",
"product": {
"name": "rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src",
"product_id": "rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_rh_cloud@12.2.18-1.el9sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src",
"product": {
"name": "rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src",
"product_id": "rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_virt_who_configure@0.5.29-1.el9sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-katello-0:4.18.0.12-1.el9sat.src",
"product": {
"name": "rubygem-katello-0:4.18.0.12-1.el9sat.src",
"product_id": "rubygem-katello-0:4.18.0.12-1.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-katello@4.18.0.12-1.el9sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.18.5-1.el9sat.src",
"product": {
"name": "satellite-0:6.18.5-1.el9sat.src",
"product_id": "satellite-0:6.18.5-1.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.18.5-1.el9sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"product": {
"name": "python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"product_id": "python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.12-pulp-container@2.24.5-2.el9pc?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "candlepin-0:4.6.5-1.el9sat.noarch",
"product": {
"name": "candlepin-0:4.6.5-1.el9sat.noarch",
"product_id": "candlepin-0:4.6.5-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/candlepin@4.6.5-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "candlepin-selinux-0:4.6.5-1.el9sat.noarch",
"product": {
"name": "candlepin-selinux-0:4.6.5-1.el9sat.noarch",
"product_id": "candlepin-selinux-0:4.6.5-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/candlepin-selinux@4.6.5-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"product": {
"name": "foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"product_id": "foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-debug@3.16.0.16-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"product": {
"name": "foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"product_id": "foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-pcp@3.16.0.16-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"product": {
"name": "foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"product_id": "foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-cli@3.16.0.16-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-0:3.16.0.16-1.el9sat.noarch",
"product": {
"name": "foreman-0:3.16.0.16-1.el9sat.noarch",
"product_id": "foreman-0:3.16.0.16-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman@3.16.0.16-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"product": {
"name": "foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"product_id": "foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-dynflow-sidekiq@3.16.0.16-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"product": {
"name": "foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"product_id": "foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-ec2@3.16.0.16-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"product": {
"name": "foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"product_id": "foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-journald@3.16.0.16-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"product": {
"name": "foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"product_id": "foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-libvirt@3.16.0.16-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"product": {
"name": "foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"product_id": "foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-openstack@3.16.0.16-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"product": {
"name": "foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"product_id": "foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-postgresql@3.16.0.16-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"product": {
"name": "foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"product_id": "foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-redis@3.16.0.16-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-service-0:3.16.0.16-1.el9sat.noarch",
"product": {
"name": "foreman-service-0:3.16.0.16-1.el9sat.noarch",
"product_id": "foreman-service-0:3.16.0.16-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-service@3.16.0.16-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"product": {
"name": "foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"product_id": "foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-telemetry@3.16.0.16-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"product": {
"name": "foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"product_id": "foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-vmware@3.16.0.16-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"product": {
"name": "foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"product_id": "foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-installer@3.16.0.8-1.el9sat?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"product": {
"name": "foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"product_id": "foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-installer-katello@3.16.0.8-1.el9sat?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python3.12-django-0:4.2.30-1.el9pc.noarch",
"product": {
"name": "python3.12-django-0:4.2.30-1.el9pc.noarch",
"product_id": "python3.12-django-0:4.2.30-1.el9pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.12-django@4.2.30-1.el9pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"product": {
"name": "python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"product_id": "python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.12-markdown@3.8.2-1.el9pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"product": {
"name": "python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"product_id": "python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.12-pulpcore@3.73.30-1.el9pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"product": {
"name": "python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"product_id": "python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.12-pyOpenSSL@26.0.0-2.el9pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"product": {
"name": "rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"product_id": "rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activesupport@7.0.8.7-2.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"product": {
"name": "rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"product_id": "rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_maintain@1.13.8-1.el9sat?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch",
"product": {
"name": "rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch",
"product_id": "rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_rh_cloud@12.2.18-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch",
"product": {
"name": "rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch",
"product_id": "rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_virt_who_configure@0.5.29-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-katello-0:4.18.0.12-1.el9sat.noarch",
"product": {
"name": "rubygem-katello-0:4.18.0.12-1.el9sat.noarch",
"product_id": "rubygem-katello-0:4.18.0.12-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-katello@4.18.0.12-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-capsule-0:6.18.5-1.el9sat.noarch",
"product": {
"name": "satellite-capsule-0:6.18.5-1.el9sat.noarch",
"product_id": "satellite-capsule-0:6.18.5-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-capsule@6.18.5-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-common-0:6.18.5-1.el9sat.noarch",
"product": {
"name": "satellite-common-0:6.18.5-1.el9sat.noarch",
"product_id": "satellite-common-0:6.18.5-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-common@6.18.5-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"product": {
"name": "satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"product_id": "satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-obsolete-packages@6.18.5-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-cli-0:6.18.5-1.el9sat.noarch",
"product": {
"name": "satellite-cli-0:6.18.5-1.el9sat.noarch",
"product_id": "satellite-cli-0:6.18.5-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-cli@6.18.5-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.18.5-1.el9sat.noarch",
"product": {
"name": "satellite-0:6.18.5-1.el9sat.noarch",
"product_id": "satellite-0:6.18.5-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.18.5-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"product": {
"name": "python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"product_id": "python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.12-pulp-container@2.24.5-2.el9pc?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"product": {
"name": "python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"product_id": "python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.12-cffi@2.0.0-1.el9pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"product": {
"name": "python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"product_id": "python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.12-cffi-debugsource@2.0.0-1.el9pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"product": {
"name": "python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"product_id": "python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.12-cffi-debuginfo@2.0.0-1.el9pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"product": {
"name": "python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"product_id": "python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.12-cryptography@46.0.6-1.el9pc?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.16.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-0:3.16.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.16.0.16-1.el9sat.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.src"
},
"product_reference": "foreman-0:3.16.0.16-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.16.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:foreman-cli-0:3.16.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.16.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.16.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:foreman-ec2-0:3.16.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.16.0.8-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.noarch"
},
"product_reference": "foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.16.0.8-1.el9sat.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.src"
},
"product_reference": "foreman-installer-1:3.16.0.8-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch"
},
"product_reference": "foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.16.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:foreman-journald-0:3.16.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.16.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.16.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:foreman-openstack-0:3.16.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-pcp-0:3.16.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.16.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.16.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:foreman-redis-0:3.16.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.16.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:foreman-service-0:3.16.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-service-0:3.16.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.16.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.16.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:foreman-vmware-0:3.16.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-cffi-0:2.0.0-1.el9pc.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.src"
},
"product_reference": "python3.12-cffi-0:2.0.0-1.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-cffi-0:2.0.0-1.el9pc.x86_64 as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.x86_64"
},
"product_reference": "python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64 as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64"
},
"product_reference": "python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64 as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64"
},
"product_reference": "python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-cryptography-0:46.0.6-1.el9pc.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.src"
},
"product_reference": "python3.12-cryptography-0:46.0.6-1.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-cryptography-0:46.0.6-1.el9pc.x86_64 as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64"
},
"product_reference": "python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-django-0:4.2.30-1.el9pc.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.noarch"
},
"product_reference": "python3.12-django-0:4.2.30-1.el9pc.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-django-0:4.2.30-1.el9pc.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.src"
},
"product_reference": "python3.12-django-0:4.2.30-1.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-markdown-0:3.8.2-1.el9pc.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.noarch"
},
"product_reference": "python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-markdown-0:3.8.2-1.el9pc.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.src"
},
"product_reference": "python3.12-markdown-0:3.8.2-1.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-pulp-container-0:2.24.5-2.el9pc.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch"
},
"product_reference": "python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-pulp-container-0:2.24.5-2.el9pc.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.src"
},
"product_reference": "python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-pulpcore-0:3.73.30-1.el9pc.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch"
},
"product_reference": "python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-pulpcore-0:3.73.30-1.el9pc.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.src"
},
"product_reference": "python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch"
},
"product_reference": "python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src"
},
"product_reference": "python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch"
},
"product_reference": "rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activesupport-0:7.0.8.7-2.el9sat.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src"
},
"product_reference": "rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch"
},
"product_reference": "rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_maintain-1:1.13.8-1.el9sat.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src"
},
"product_reference": "rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.18.5-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.noarch"
},
"product_reference": "satellite-0:6.18.5-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.18.5-1.el9sat.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.src"
},
"product_reference": "satellite-0:6.18.5-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.18.5-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.5-1.el9sat.noarch"
},
"product_reference": "satellite-capsule-0:6.18.5-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.18.5-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:satellite-cli-0:6.18.5-1.el9sat.noarch"
},
"product_reference": "satellite-cli-0:6.18.5-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.18.5-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:satellite-common-0:6.18.5-1.el9sat.noarch"
},
"product_reference": "satellite-common-0:6.18.5-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch"
},
"product_reference": "satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-cffi-0:2.0.0-1.el9pc.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.src"
},
"product_reference": "python3.12-cffi-0:2.0.0-1.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.18-maintenance"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-cffi-0:2.0.0-1.el9pc.x86_64 as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.x86_64"
},
"product_reference": "python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"relates_to_product_reference": "9Base-satellite-6.18-maintenance"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64 as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-maintenance:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64"
},
"product_reference": "python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"relates_to_product_reference": "9Base-satellite-6.18-maintenance"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64 as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-maintenance:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64"
},
"product_reference": "python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"relates_to_product_reference": "9Base-satellite-6.18-maintenance"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-cryptography-0:46.0.6-1.el9pc.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.src"
},
"product_reference": "python3.12-cryptography-0:46.0.6-1.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.18-maintenance"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-cryptography-0:46.0.6-1.el9pc.x86_64 as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64"
},
"product_reference": "python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"relates_to_product_reference": "9Base-satellite-6.18-maintenance"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch"
},
"product_reference": "rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-maintenance"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_maintain-1:1.13.8-1.el9sat.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src"
},
"product_reference": "rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.18-maintenance"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.16.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-0:3.16.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.16.0.16-1.el9sat.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.src"
},
"product_reference": "foreman-0:3.16.0.16-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.18-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.16.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.16.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-utils:foreman-debug-0:3.16.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-utils:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.16.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-utils:foreman-ec2-0:3.16.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.16.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-utils:foreman-journald-0:3.16.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.16.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-utils:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.16.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-utils:foreman-openstack-0:3.16.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-pcp-0:3.16.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-utils:foreman-pcp-0:3.16.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.16.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-utils:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.16.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-utils:foreman-redis-0:3.16.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.16.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-utils:foreman-service-0:3.16.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-service-0:3.16.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.16.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-utils:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.16.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-utils:foreman-vmware-0:3.16.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.18.5-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.noarch"
},
"product_reference": "satellite-0:6.18.5-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.18.5-1.el9sat.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.src"
},
"product_reference": "satellite-0:6.18.5-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.18-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.18.5-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-utils:satellite-capsule-0:6.18.5-1.el9sat.noarch"
},
"product_reference": "satellite-capsule-0:6.18.5-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.18.5-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-utils:satellite-cli-0:6.18.5-1.el9sat.noarch"
},
"product_reference": "satellite-cli-0:6.18.5-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.18.5-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-utils:satellite-common-0:6.18.5-1.el9sat.noarch"
},
"product_reference": "satellite-common-0:6.18.5-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-utils:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch"
},
"product_reference": "satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "candlepin-0:4.6.5-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.noarch"
},
"product_reference": "candlepin-0:4.6.5-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "candlepin-0:4.6.5-1.el9sat.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.src"
},
"product_reference": "candlepin-0:4.6.5-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "candlepin-selinux-0:4.6.5-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:candlepin-selinux-0:4.6.5-1.el9sat.noarch"
},
"product_reference": "candlepin-selinux-0:4.6.5-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.16.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-0:3.16.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.16.0.16-1.el9sat.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.src"
},
"product_reference": "foreman-0:3.16.0.16-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.16.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:foreman-cli-0:3.16.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.16.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:foreman-debug-0:3.16.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.16.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:foreman-ec2-0:3.16.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.16.0.8-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.noarch"
},
"product_reference": "foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.16.0.8-1.el9sat.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.src"
},
"product_reference": "foreman-installer-1:3.16.0.8-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch"
},
"product_reference": "foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.16.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:foreman-journald-0:3.16.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.16.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.16.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:foreman-openstack-0:3.16.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-pcp-0:3.16.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:foreman-pcp-0:3.16.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.16.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.16.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:foreman-redis-0:3.16.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.16.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:foreman-service-0:3.16.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-service-0:3.16.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.16.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.16.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:foreman-vmware-0:3.16.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-cffi-0:2.0.0-1.el9pc.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.src"
},
"product_reference": "python3.12-cffi-0:2.0.0-1.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-cffi-0:2.0.0-1.el9pc.x86_64 as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.x86_64"
},
"product_reference": "python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64 as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64"
},
"product_reference": "python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64 as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64"
},
"product_reference": "python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-cryptography-0:46.0.6-1.el9pc.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.src"
},
"product_reference": "python3.12-cryptography-0:46.0.6-1.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-cryptography-0:46.0.6-1.el9pc.x86_64 as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64"
},
"product_reference": "python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-django-0:4.2.30-1.el9pc.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.noarch"
},
"product_reference": "python3.12-django-0:4.2.30-1.el9pc.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-django-0:4.2.30-1.el9pc.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.src"
},
"product_reference": "python3.12-django-0:4.2.30-1.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-markdown-0:3.8.2-1.el9pc.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.noarch"
},
"product_reference": "python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-markdown-0:3.8.2-1.el9pc.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.src"
},
"product_reference": "python3.12-markdown-0:3.8.2-1.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-pulp-container-0:2.24.5-2.el9pc.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch"
},
"product_reference": "python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-pulp-container-0:2.24.5-2.el9pc.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.src"
},
"product_reference": "python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-pulpcore-0:3.73.30-1.el9pc.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch"
},
"product_reference": "python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-pulpcore-0:3.73.30-1.el9pc.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.src"
},
"product_reference": "python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch"
},
"product_reference": "python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src"
},
"product_reference": "python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch"
},
"product_reference": "rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activesupport-0:7.0.8.7-2.el9sat.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.src"
},
"product_reference": "rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch"
},
"product_reference": "rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_maintain-1:1.13.8-1.el9sat.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src"
},
"product_reference": "rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch"
},
"product_reference": "rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src"
},
"product_reference": "rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch"
},
"product_reference": "rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src"
},
"product_reference": "rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-katello-0:4.18.0.12-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.noarch"
},
"product_reference": "rubygem-katello-0:4.18.0.12-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-katello-0:4.18.0.12-1.el9sat.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.src"
},
"product_reference": "rubygem-katello-0:4.18.0.12-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.18.5-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.noarch"
},
"product_reference": "satellite-0:6.18.5-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.18.5-1.el9sat.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.src"
},
"product_reference": "satellite-0:6.18.5-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.18.5-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:satellite-capsule-0:6.18.5-1.el9sat.noarch"
},
"product_reference": "satellite-capsule-0:6.18.5-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.18.5-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:satellite-cli-0:6.18.5-1.el9sat.noarch"
},
"product_reference": "satellite-cli-0:6.18.5-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.18.5-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:satellite-common-0:6.18.5-1.el9sat.noarch"
},
"product_reference": "satellite-common-0:6.18.5-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch"
},
"product_reference": "satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-14550",
"cwe": {
"id": "CWE-167",
"name": "Improper Handling of Additional Special Element"
},
"discovery_date": "2026-02-03T15:01:12.970018+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-utils:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.src",
"9Base-satellite-6.18:candlepin-selinux-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2436341"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Django. A remote attacker can exploit this vulnerability by sending a crafted request containing multiple duplicate headers to the ASGIRequest component. This can lead to a potential Denial of Service (DoS), making the affected system unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Django: Django: Denial of Service via crafted request with duplicate headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This MODERATE impact denial-of-service flaw in Django affects Red Hat products utilizing the ASGIRequest component, such as Red Hat Ansible Automation Platform, Red Hat Discovery, and Red Hat Satellite. A remote attacker could send specially crafted requests containing duplicate headers, potentially rendering the affected system unavailable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.src"
],
"known_not_affected": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-utils:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.src",
"9Base-satellite-6.18:candlepin-selinux-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-14550"
},
{
"category": "external",
"summary": "RHBZ#2436341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436341"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-14550",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14550"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-14550",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-14550"
},
{
"category": "external",
"summary": "https://docs.djangoproject.com/en/dev/releases/security/",
"url": "https://docs.djangoproject.com/en/dev/releases/security/"
},
{
"category": "external",
"summary": "https://groups.google.com/g/django-announce",
"url": "https://groups.google.com/g/django-announce"
},
{
"category": "external",
"summary": "https://www.djangoproject.com/weblog/2026/feb/03/security-releases/",
"url": "https://www.djangoproject.com/weblog/2026/feb/03/security-releases/"
}
],
"release_date": "2026-02-03T14:38:15.875000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-07T17:09:35+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.18/html/updating_red_hat_satellite/index",
"product_ids": [
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14835"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-utils:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.src",
"9Base-satellite-6.18:candlepin-selinux-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-utils:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.src",
"9Base-satellite-6.18:candlepin-selinux-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Django: Django: Denial of Service via crafted request with duplicate headers"
},
{
"cve": "CVE-2025-69534",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"discovery_date": "2026-03-05T16:01:10.432461+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-utils:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.src",
"9Base-satellite-6.18:candlepin-selinux-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2444839"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Python-Markdown. Parsing crafted markdown content containing malformed HTML-like sequences causes html.parser.HTMLParser to raise an unhandled AssertionError. This unhandled exception allows an attacker to cause an application crash and potentially disclose sensitive information via its stack trace.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-markdown: denial of service via malformed HTML-like sequences",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to supply a specially crafted payload to be processed by an application using Python-Markdown. Additionally, the security impact of this vulnerability is limited to an information disclosure via the unhandled exception stack trace and a denial of service. There is no memory corruption or arbitrary command execution. Due to these reasons, this issue has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.src"
],
"known_not_affected": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-utils:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.src",
"9Base-satellite-6.18:candlepin-selinux-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69534"
},
{
"category": "external",
"summary": "RHBZ#2444839",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444839"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69534",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69534"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69534",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69534"
},
{
"category": "external",
"summary": "https://github.com/Python-Markdown/markdown",
"url": "https://github.com/Python-Markdown/markdown"
},
{
"category": "external",
"summary": "https://github.com/Python-Markdown/markdown/actions/runs/15736122892",
"url": "https://github.com/Python-Markdown/markdown/actions/runs/15736122892"
},
{
"category": "external",
"summary": "https://github.com/Python-Markdown/markdown/issues/1534",
"url": "https://github.com/Python-Markdown/markdown/issues/1534"
}
],
"release_date": "2026-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-07T17:09:35+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.18/html/updating_red_hat_satellite/index",
"product_ids": [
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14835"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, wrap your markdown parsing function in a try/except block. This catches the unhandled exception, preventing both the application crash and the stack trace leak.",
"product_ids": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-utils:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.src",
"9Base-satellite-6.18:candlepin-selinux-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-utils:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.src",
"9Base-satellite-6.18:candlepin-selinux-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "python-markdown: denial of service via malformed HTML-like sequences"
},
{
"cve": "CVE-2026-1207",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2026-02-03T15:00:58.388707+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-utils:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.src",
"9Base-satellite-6.18:candlepin-selinux-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2436338"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Django. A remote attacker could inject SQL commands by manipulating the band index parameter during raster lookups on `RasterField` (only implemented on PostGIS). This SQL injection vulnerability could lead to unauthorized information disclosure, data alteration, or denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Django: Django: SQL Injection via RasterField band index parameter",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This IMPORTANT flaw affects Django\u0027s `RasterField` when utilized with PostGIS, allowing remote SQL injection via the band index parameter. Red Hat Ansible Automation Platform, Red Hat Discovery, Red Hat Satellite, Insights, and Ansible Services are impacted if configured to use Django with PostGIS `RasterField` lookups. Successful exploitation could lead to unauthorized data access, modification, or denial of service.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.src"
],
"known_not_affected": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-utils:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.src",
"9Base-satellite-6.18:candlepin-selinux-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1207"
},
{
"category": "external",
"summary": "RHBZ#2436338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436338"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1207",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1207"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1207",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1207"
},
{
"category": "external",
"summary": "https://docs.djangoproject.com/en/dev/releases/security/",
"url": "https://docs.djangoproject.com/en/dev/releases/security/"
},
{
"category": "external",
"summary": "https://groups.google.com/g/django-announce",
"url": "https://groups.google.com/g/django-announce"
},
{
"category": "external",
"summary": "https://www.djangoproject.com/weblog/2026/feb/03/security-releases/",
"url": "https://www.djangoproject.com/weblog/2026/feb/03/security-releases/"
}
],
"release_date": "2026-02-03T14:35:33.721000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-07T17:09:35+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.18/html/updating_red_hat_satellite/index",
"product_ids": [
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14835"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-utils:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.src",
"9Base-satellite-6.18:candlepin-selinux-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-utils:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.src",
"9Base-satellite-6.18:candlepin-selinux-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Django: Django: SQL Injection via RasterField band index parameter"
},
{
"cve": "CVE-2026-1285",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-02-03T15:01:06.283620+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-utils:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.src",
"9Base-satellite-6.18:candlepin-selinux-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2436340"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Django. A remote attacker can exploit this vulnerability by providing crafted inputs containing a large number of unmatched HTML end tags to the `django.utils.text.Truncator.chars()` and `Truncator.words()` methods (when `html=True`), or through the `truncatechars_html` and `truncatewords_html` template filters. This can lead to a denial-of-service (DoS) condition, making the application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Django: Django: Denial of Service via crafted HTML inputs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a MODERATE impact denial-of-service flaw in Django. Applications utilizing Django that process untrusted HTML inputs with a large number of unmatched end tags through the `Truncator.chars()` or `Truncator.words()` methods (with `html=True`), or the `truncatechars_html` and `truncatewords_html` template filters, may experience resource exhaustion. This can lead to the application becoming unavailable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.src"
],
"known_not_affected": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-utils:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.src",
"9Base-satellite-6.18:candlepin-selinux-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1285"
},
{
"category": "external",
"summary": "RHBZ#2436340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436340"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1285",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1285"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1285",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1285"
},
{
"category": "external",
"summary": "https://docs.djangoproject.com/en/dev/releases/security/",
"url": "https://docs.djangoproject.com/en/dev/releases/security/"
},
{
"category": "external",
"summary": "https://groups.google.com/g/django-announce",
"url": "https://groups.google.com/g/django-announce"
},
{
"category": "external",
"summary": "https://www.djangoproject.com/weblog/2026/feb/03/security-releases/",
"url": "https://www.djangoproject.com/weblog/2026/feb/03/security-releases/"
}
],
"release_date": "2026-02-03T14:35:50.254000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-07T17:09:35+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.18/html/updating_red_hat_satellite/index",
"product_ids": [
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14835"
},
{
"category": "workaround",
"details": "To mitigate this issue, applications utilizing Django should avoid processing untrusted HTML content through the `django.utils.text.Truncator.chars()` and `Truncator.words()` methods with `html=True`, or the `truncatechars_html` and `truncatewords_html` template filters. Restrict the use of these functions to only trusted inputs where the HTML structure is controlled and validated.",
"product_ids": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-utils:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.src",
"9Base-satellite-6.18:candlepin-selinux-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-utils:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.src",
"9Base-satellite-6.18:candlepin-selinux-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Django: Django: Denial of Service via crafted HTML inputs"
},
{
"cve": "CVE-2026-1287",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2026-02-03T15:01:03.441713+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-utils:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.src",
"9Base-satellite-6.18:candlepin-selinux-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2436339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Django. This vulnerability allows a remote attacker to perform SQL injection by using specially crafted control characters within column aliases. When these crafted aliases are passed through dictionary expansion to `QuerySet` methods like `annotate()` or `values()`, it can lead to the execution of arbitrary SQL commands. This could result in unauthorized access to sensitive data or modification of information within the database.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Django: Django: SQL Injection via crafted column aliases",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This IMPORTANT SQL injection flaw in Django allows a remote attacker to execute arbitrary SQL commands by crafting column aliases. This vulnerability affects Red Hat products that incorporate Django, such as Red Hat Ansible Automation Platform, Red Hat Discovery, Red Hat Satellite, Insights, and Ansible Services, potentially leading to unauthorized data access or modification.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.src"
],
"known_not_affected": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-utils:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.src",
"9Base-satellite-6.18:candlepin-selinux-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1287"
},
{
"category": "external",
"summary": "RHBZ#2436339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1287",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1287"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1287",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1287"
},
{
"category": "external",
"summary": "https://docs.djangoproject.com/en/dev/releases/security/",
"url": "https://docs.djangoproject.com/en/dev/releases/security/"
},
{
"category": "external",
"summary": "https://groups.google.com/g/django-announce",
"url": "https://groups.google.com/g/django-announce"
},
{
"category": "external",
"summary": "https://www.djangoproject.com/weblog/2026/feb/03/security-releases/",
"url": "https://www.djangoproject.com/weblog/2026/feb/03/security-releases/"
}
],
"release_date": "2026-02-03T14:36:03.630000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-07T17:09:35+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.18/html/updating_red_hat_satellite/index",
"product_ids": [
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14835"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-utils:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.src",
"9Base-satellite-6.18:candlepin-selinux-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-utils:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.src",
"9Base-satellite-6.18:candlepin-selinux-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Django: Django: SQL Injection via crafted column aliases"
},
{
"cve": "CVE-2026-1312",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2026-02-03T15:01:18.274166+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-utils:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.src",
"9Base-satellite-6.18:candlepin-selinux-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2436342"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Django. A remote attacker could exploit a SQL injection vulnerability in the `.QuerySet.order_by()` method. This occurs when column aliases containing periods are used, and the same alias is also present in `FilteredRelation` via a specially crafted dictionary. Successful exploitation could lead to unauthorized information disclosure or arbitrary code execution within the database.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Django: Django: SQL injection via crafted column aliases in QuerySet.order_by()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This IMPORTANT vulnerability in Django allows for SQL injection within the `QuerySet.order_by()` method. A remote attacker could exploit this by providing crafted column aliases that include periods, specifically when used with `FilteredRelation`. Successful exploitation may result in unauthorized information disclosure or arbitrary code execution against the underlying database. This affects Red Hat products that integrate Django, such as Red Hat Ansible Automation Platform and Red Hat Satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.src"
],
"known_not_affected": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-utils:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.src",
"9Base-satellite-6.18:candlepin-selinux-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1312"
},
{
"category": "external",
"summary": "RHBZ#2436342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436342"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1312",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1312"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1312",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1312"
},
{
"category": "external",
"summary": "https://docs.djangoproject.com/en/dev/releases/security/",
"url": "https://docs.djangoproject.com/en/dev/releases/security/"
},
{
"category": "external",
"summary": "https://groups.google.com/g/django-announce",
"url": "https://groups.google.com/g/django-announce"
},
{
"category": "external",
"summary": "https://www.djangoproject.com/weblog/2026/feb/03/security-releases/",
"url": "https://www.djangoproject.com/weblog/2026/feb/03/security-releases/"
}
],
"release_date": "2026-02-03T14:36:23.257000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-07T17:09:35+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.18/html/updating_red_hat_satellite/index",
"product_ids": [
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14835"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-utils:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.src",
"9Base-satellite-6.18:candlepin-selinux-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-utils:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.src",
"9Base-satellite-6.18:candlepin-selinux-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Django: Django: SQL injection via crafted column aliases in QuerySet.order_by()"
},
{
"cve": "CVE-2026-27459",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2026-03-18T00:01:41.404915+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-utils:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.src",
"9Base-satellite-6.18:candlepin-selinux-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2448503"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in pyOpenSSL. The set_cookie_generate_callback callback function can be used to generate DTLS cookies. When the callback returns a cookie string or byte sequence longer than 256 bytes, a buffer overflow can be triggered due to a missing bounds checking before copying the data to a fixed-size buffer provided by the underlying OpenSSL library.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pyOpenSSL: DTLS cookie callback buffer overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is only exploitable when an application using the pyOpenSSL library provides a custom callback to the set_cookie_generate_callback function. For the buffer overflow to occur, the callback function must return a cookie string or byte sequence longer than 256 bytes, limiting the exposure of this issue. Due to these reasons, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src"
],
"known_not_affected": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-utils:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.src",
"9Base-satellite-6.18:candlepin-selinux-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27459"
},
{
"category": "external",
"summary": "RHBZ#2448503",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448503"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27459",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27459"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27459",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27459"
},
{
"category": "external",
"summary": "https://github.com/pyca/pyopenssl/blob/358cbf29c4e364c59930e53a270116249581eaa3/CHANGELOG.rst",
"url": "https://github.com/pyca/pyopenssl/blob/358cbf29c4e364c59930e53a270116249581eaa3/CHANGELOG.rst"
},
{
"category": "external",
"summary": "https://github.com/pyca/pyopenssl/commit/57f09bb4bb051d3bc2a1abd36e9525313d5cd408",
"url": "https://github.com/pyca/pyopenssl/commit/57f09bb4bb051d3bc2a1abd36e9525313d5cd408"
},
{
"category": "external",
"summary": "https://github.com/pyca/pyopenssl/security/advisories/GHSA-5pwr-322w-8jr4",
"url": "https://github.com/pyca/pyopenssl/security/advisories/GHSA-5pwr-322w-8jr4"
}
],
"release_date": "2026-03-17T23:34:28.483000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-07T17:09:35+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.18/html/updating_red_hat_satellite/index",
"product_ids": [
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14835"
},
{
"category": "workaround",
"details": "To mitigate this flaw, ensure the callback provided to the set_cookie_generate_callback function strictly limits the returned cookie string or byte sequence to under 256 bytes.",
"product_ids": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-utils:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.src",
"9Base-satellite-6.18:candlepin-selinux-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-utils:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.src",
"9Base-satellite-6.18:candlepin-selinux-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "pyOpenSSL: DTLS cookie callback buffer overflow"
},
{
"cve": "CVE-2026-33176",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-03-24T00:02:09.939647+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-utils:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.src",
"9Base-satellite-6.18:candlepin-selinux-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2450551"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Active Support, a toolkit of support libraries for Ruby on Rails. A remote attacker can exploit this vulnerability by providing specially crafted strings containing scientific notation (e.g., \"1e10000\") to number helpers. This input causes the `BigDecimal` component to expand into extremely large decimal representations, consuming excessive memory and CPU resources. This can lead to a Denial of Service (DoS) vulnerability, making the affected system unavailable.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Rails: Active Support: Active Support: Denial of Service via large scientific notation strings",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as Moderate by Red Hat. Successful exploitation of this vulnerability requires an attacker to reach the vulnerable code path within the Active Support library as used by the hosting application. Because this functionality is not typically exposed directly to unauthenticated users, an attacker would generally need at least low-privileged (authenticated) access to the application to trigger the issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.src"
],
"known_not_affected": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-utils:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.src",
"9Base-satellite-6.18:candlepin-selinux-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33176"
},
{
"category": "external",
"summary": "RHBZ#2450551",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450551"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33176",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33176"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33176",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33176"
},
{
"category": "external",
"summary": "https://github.com/rails/rails/commit/19dbab51ca086a657bb86458042bc44314916bcb",
"url": "https://github.com/rails/rails/commit/19dbab51ca086a657bb86458042bc44314916bcb"
},
{
"category": "external",
"summary": "https://github.com/rails/rails/commit/ebd6be18120d1136511eb516338e27af25ac0a1a",
"url": "https://github.com/rails/rails/commit/ebd6be18120d1136511eb516338e27af25ac0a1a"
},
{
"category": "external",
"summary": "https://github.com/rails/rails/commit/ee2c59e730e5b8faed502cd2c573109df093f856",
"url": "https://github.com/rails/rails/commit/ee2c59e730e5b8faed502cd2c573109df093f856"
},
{
"category": "external",
"summary": "https://github.com/rails/rails/releases/tag/v7.2.3.1",
"url": "https://github.com/rails/rails/releases/tag/v7.2.3.1"
},
{
"category": "external",
"summary": "https://github.com/rails/rails/releases/tag/v8.0.4.1",
"url": "https://github.com/rails/rails/releases/tag/v8.0.4.1"
},
{
"category": "external",
"summary": "https://github.com/rails/rails/releases/tag/v8.1.2.1",
"url": "https://github.com/rails/rails/releases/tag/v8.1.2.1"
},
{
"category": "external",
"summary": "https://github.com/rails/rails/security/advisories/GHSA-2j26-frm8-cmj9",
"url": "https://github.com/rails/rails/security/advisories/GHSA-2j26-frm8-cmj9"
}
],
"release_date": "2026-03-23T23:29:27.933000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-07T17:09:35+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.18/html/updating_red_hat_satellite/index",
"product_ids": [
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14835"
},
{
"category": "workaround",
"details": "To mitigate this issue, applications that use Active Support number helpers to process untrusted input should implement strict input validation. This involves sanitizing or restricting the format and length of numerical strings before they are passed to Active Support, thereby preventing the `BigDecimal` component from expanding into extremely large decimal representations and consuming excessive resources.",
"product_ids": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-utils:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.src",
"9Base-satellite-6.18:candlepin-selinux-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18-maintenance:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18-maintenance:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18-utils:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:candlepin-0:4.6.5-1.el9sat.src",
"9Base-satellite-6.18:candlepin-selinux-0:4.6.5-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.16-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.8-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.8-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.16-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cffi-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debuginfo-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cffi-debugsource-0:2.0.0-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.src",
"9Base-satellite-6.18:python3.12-cryptography-0:46.0.6-1.el9pc.x86_64",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-2.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.30-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pyOpenSSL-0:26.0.0-2.el9pc.src",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.18:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_maintain-1:1.13.8-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.18-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_virt_who_configure-0:0.5.29-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.12-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.5-1.el9sat.src",
"9Base-satellite-6.18:satellite-capsule-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-cli-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.5-1.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.5-1.el9sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Rails: Active Support: Active Support: Denial of Service via large scientific notation strings"
}
]
}
RHSA-2026:14873
Vulnerability from csaf_redhat - Published: 2026-05-07 17:29 - Updated: 2026-06-10 08:37Summary
Red Hat Security Advisory: Satellite 6.17.8 Async Update
Severity
Important
Notes
Topic: A new release is now available for Red Hat Satellite 6.17 for RHEL 9.
Details: Red Hat Satellite is a system management solution that allows organizations
to configure and maintain their systems without the necessity to provide
public Internet access to their servers or other client systems. It
performs provisioning and configuration management of predefined standard
operating environments.
Security Fix(es):
* python-pillow: Pillow: Out-of-bounds Write via Specially Crafted PSD Image (CVE-2026-25990)
* candlepin: mchange-commons-java: Arbitrary code execution via JNDI dereferencing of crafted objects (CVE-2026-27727)
* python-markdown: denial of service via malformed HTML-like sequences (CVE-2025-69534)
* python-pyOpenSSL: DTLS cookie callback buffer overflow (CVE-2026-27459)
* rubygem-activesupport: Active Support: Denial of Service via large scientific notation strings (CVE-2026-33176)
Bug Fix(es):
* Satellite manifest consumer profile cert and key found in satellite client rhsm cache (SAT-43920)
* All communication should happen only over https during global registration execution (SAT-43921)
* Impossible to generate registration command via REST API in isolated networks managed by external capsules (SAT-43922)
* Errata applicability and Refresh applicability tasks for RHEL 7 hosts runs dnf command. (SAT-43923)
* BIOS info is not populated in All hosts page and in Host Details tab (SAT-43925)
* Executing the 'katello::clean_backend_objects' rake task takes a long time to complete (SAT-43926)
* Puppet fact parser can't create OS entry blocking Satellite leapp upgrades (SAT-43928)
* No repositories available through subscriptions on a cloud-instance host after registering it to Red Hat Satellite using global registration method (SAT-43929)
* Proxy password shown in clear text in the Overview page of Virt-who Configuration (SAT-43931)
* Non-admin users on Satellite with viewer role, unable to see the hostgroup. (SAT-44039)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Python-Markdown. Parsing crafted markdown content containing malformed HTML-like sequences causes html.parser.HTMLParser to raise an unhandled AssertionError. This unhandled exception allows an attacker to cause an application crash and potentially disclose sensitive information via its stack trace.
8.2 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-satellite-6.17-capsule:python-markdown-0:3.8.2-1.el9pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python-markdown-0:3.8.2-1.el9pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python3.11-markdown-0:3.8.2-1.el9pc.noarch | — |
Vendor Fix
fix
Workaround
|
Known not affected
99 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-cli-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-debug-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-ec2-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-journald-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-openstack-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-pcp-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-redis-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-service-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-vmware-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python-pillow-0:12.1.1-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python-pulp-ansible-1:0.22.4-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-capsule-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-cli-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-common-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-cli-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-debug-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-ec2-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-journald-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-openstack-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-pcp-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-redis-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-service-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-vmware-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-capsule-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-cli-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-common-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:candlepin-selinux-0:4.4.25-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-cli-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-debug-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-ec2-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-journald-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-openstack-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-pcp-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-redis-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-service-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-vmware-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python-pillow-0:12.1.1-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python-pulp-ansible-1:0.22.4-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python3.11-pillow-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-capsule-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-cli-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-common-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
Threats
Impact
Important
A flaw was found the Pillow Python imaging library. Providing a specially crafted PSD image may lead to an out-of-bounds write. This could potentially allow for arbitrary code execution or information disclosure.
7.3 (High)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-satellite-6.17-capsule:python-pillow-0:12.1.1-1.el9pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python-pillow-0:12.1.1-1.el9pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python3.11-pillow-0:12.1.1-1.el9pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
95 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-cli-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-debug-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-ec2-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-journald-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-openstack-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-pcp-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-redis-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-service-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-vmware-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python-markdown-0:3.8.2-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python-pulp-ansible-1:0.22.4-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-capsule-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-cli-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-common-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-cli-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-debug-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-ec2-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-journald-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-openstack-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-pcp-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-redis-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-service-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-vmware-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-capsule-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-cli-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-common-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:candlepin-selinux-0:4.4.25-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-cli-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-debug-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-ec2-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-journald-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-openstack-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-pcp-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-redis-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-service-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-vmware-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python-markdown-0:3.8.2-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python-pulp-ansible-1:0.22.4-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python3.11-markdown-0:3.8.2-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-capsule-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-cli-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-common-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
Threats
Impact
Important
A flaw was found in pyOpenSSL. The set_cookie_generate_callback callback function can be used to generate DTLS cookies. When the callback returns a cookie string or byte sequence longer than 256 bytes, a buffer overflow can be triggered due to a missing bounds checking before copying the data to a fixed-size buffer provided by the underlying OpenSSL library.
8.1 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-satellite-6.17-capsule:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch | — |
Vendor Fix
fix
Workaround
|
Known not affected
99 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-cli-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-debug-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-ec2-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-journald-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-openstack-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-pcp-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-redis-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-service-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-vmware-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python-markdown-0:3.8.2-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python-pillow-0:12.1.1-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python-pulp-ansible-1:0.22.4-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-capsule-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-cli-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-common-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-cli-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-debug-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-ec2-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-journald-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-openstack-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-pcp-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-redis-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-service-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-vmware-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-capsule-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-cli-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-common-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:candlepin-selinux-0:4.4.25-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-cli-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-debug-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-ec2-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-journald-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-openstack-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-pcp-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-redis-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-service-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-vmware-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python-markdown-0:3.8.2-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python-pillow-0:12.1.1-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python-pulp-ansible-1:0.22.4-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python3.11-markdown-0:3.8.2-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python3.11-pillow-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-capsule-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-cli-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-common-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
Threats
Impact
Important
A flaw was found in mchange-commons-java, a Java utility library. An attacker can exploit this vulnerability by providing a maliciously crafted `javax.naming.Reference` or serialized object to an application using the library. This can provoke the application to download and execute arbitrary malicious code due to mchange-commons-java's independent implementation of Java Naming and Directory Interface (JNDI) dereferencing, which supports remote code loading. This could lead to arbitrary code execution within the affected application.
8.3 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:candlepin-selinux-0:4.4.25-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
Known not affected
100 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-cli-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-debug-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-ec2-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-journald-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-openstack-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-pcp-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-redis-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-service-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-vmware-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python-markdown-0:3.8.2-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python-pillow-0:12.1.1-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python-pulp-ansible-1:0.22.4-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-capsule-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-cli-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-common-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-cli-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-debug-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-ec2-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-journald-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-openstack-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-pcp-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-redis-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-service-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-vmware-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-capsule-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-cli-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-common-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-cli-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-debug-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-ec2-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-journald-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-openstack-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-pcp-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-redis-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-service-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-vmware-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python-markdown-0:3.8.2-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python-pillow-0:12.1.1-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python-pulp-ansible-1:0.22.4-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python3.11-markdown-0:3.8.2-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python3.11-pillow-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-capsule-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-cli-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-common-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Active Support, a toolkit of support libraries for Ruby on Rails. A remote attacker can exploit this vulnerability by providing specially crafted strings containing scientific notation (e.g., "1e10000") to number helpers. This input causes the `BigDecimal` component to expand into extremely large decimal representations, consuming excessive memory and CPU resources. This can lead to a Denial of Service (DoS) vulnerability, making the affected system unavailable.
6.5 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.src | — |
Vendor Fix
fix
Workaround
|
Known not affected
99 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-cli-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-debug-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-ec2-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-journald-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-openstack-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-pcp-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-redis-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-service-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-vmware-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python-markdown-0:3.8.2-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python-pillow-0:12.1.1-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python-pulp-ansible-1:0.22.4-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-capsule-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-cli-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-common-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-cli-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-debug-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-ec2-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-journald-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-openstack-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-pcp-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-redis-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-service-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-vmware-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-capsule-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-cli-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-common-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:candlepin-selinux-0:4.4.25-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-cli-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-debug-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-ec2-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-journald-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-openstack-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-pcp-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-redis-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-service-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-vmware-0:3.14.0.16-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python-markdown-0:3.8.2-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python-pillow-0:12.1.1-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python-pulp-ansible-1:0.22.4-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python3.11-markdown-0:3.8.2-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python3.11-pillow-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-capsule-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-cli-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-common-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch | — |
Workaround
|
Threats
Impact
Moderate
References
57 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A new release is now available for Red Hat Satellite 6.17 for RHEL 9.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Satellite is a system management solution that allows organizations\nto configure and maintain their systems without the necessity to provide\npublic Internet access to their servers or other client systems. It\nperforms provisioning and configuration management of predefined standard\noperating environments.\n\nSecurity Fix(es):\n\n* python-pillow: Pillow: Out-of-bounds Write via Specially Crafted PSD Image (CVE-2026-25990)\n\n* candlepin: mchange-commons-java: Arbitrary code execution via JNDI dereferencing of crafted objects (CVE-2026-27727)\n\n* python-markdown: denial of service via malformed HTML-like sequences (CVE-2025-69534)\n\n* python-pyOpenSSL: DTLS cookie callback buffer overflow (CVE-2026-27459)\n\n* rubygem-activesupport: Active Support: Denial of Service via large scientific notation strings (CVE-2026-33176)\n\nBug Fix(es):\n\n* Satellite manifest consumer profile cert and key found in satellite client rhsm cache (SAT-43920)\n\n* All communication should happen only over https during global registration execution (SAT-43921)\n\n* Impossible to generate registration command via REST API in isolated networks managed by external capsules (SAT-43922)\n\n* Errata applicability and Refresh applicability tasks for RHEL 7 hosts runs dnf command. (SAT-43923)\n\n* BIOS info is not populated in All hosts page and in Host Details tab (SAT-43925)\n\n* Executing the \u0027katello::clean_backend_objects\u0027 rake task takes a long time to complete (SAT-43926)\n\n* Puppet fact parser can\u0027t create OS entry blocking Satellite leapp upgrades (SAT-43928)\n\n* No repositories available through subscriptions on a cloud-instance host after registering it to Red Hat Satellite using global registration method (SAT-43929)\n\n* Proxy password shown in clear text in the Overview page of Virt-who Configuration (SAT-43931)\n\n* Non-admin users on Satellite with viewer role, unable to see the hostgroup. (SAT-44039)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:14873",
"url": "https://access.redhat.com/errata/RHSA-2026:14873"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2439170",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439170"
},
{
"category": "external",
"summary": "2442671",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442671"
},
{
"category": "external",
"summary": "2444839",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444839"
},
{
"category": "external",
"summary": "2448503",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448503"
},
{
"category": "external",
"summary": "2450551",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450551"
},
{
"category": "external",
"summary": "SAT-43920",
"url": "https://issues.redhat.com/browse/SAT-43920"
},
{
"category": "external",
"summary": "SAT-43921",
"url": "https://issues.redhat.com/browse/SAT-43921"
},
{
"category": "external",
"summary": "SAT-43922",
"url": "https://issues.redhat.com/browse/SAT-43922"
},
{
"category": "external",
"summary": "SAT-43923",
"url": "https://issues.redhat.com/browse/SAT-43923"
},
{
"category": "external",
"summary": "SAT-43925",
"url": "https://issues.redhat.com/browse/SAT-43925"
},
{
"category": "external",
"summary": "SAT-43926",
"url": "https://issues.redhat.com/browse/SAT-43926"
},
{
"category": "external",
"summary": "SAT-43928",
"url": "https://issues.redhat.com/browse/SAT-43928"
},
{
"category": "external",
"summary": "SAT-43929",
"url": "https://issues.redhat.com/browse/SAT-43929"
},
{
"category": "external",
"summary": "SAT-43931",
"url": "https://issues.redhat.com/browse/SAT-43931"
},
{
"category": "external",
"summary": "SAT-44039",
"url": "https://issues.redhat.com/browse/SAT-44039"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_14873.json"
}
],
"title": "Red Hat Security Advisory: Satellite 6.17.8 Async Update",
"tracking": {
"current_release_date": "2026-06-10T08:37:57+00:00",
"generator": {
"date": "2026-06-10T08:37:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.2"
}
},
"id": "RHSA-2026:14873",
"initial_release_date": "2026-05-07T17:29:15+00:00",
"revision_history": [
{
"date": "2026-05-07T17:29:15+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-07T17:29:15+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-10T08:37:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Satellite 6.17 for RHEL 9",
"product": {
"name": "Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite:6.17::el9"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.17 for RHEL 9",
"product": {
"name": "Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_capsule:6.17::el9"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.17 for RHEL 9",
"product": {
"name": "Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_utils:6.17::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Satellite 6"
},
{
"branches": [
{
"category": "product_version",
"name": "foreman-0:3.14.0.16-1.el9sat.src",
"product": {
"name": "foreman-0:3.14.0.16-1.el9sat.src",
"product_id": "foreman-0:3.14.0.16-1.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman@3.14.0.16-1.el9sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "foreman-installer-1:3.14.0.10-1.el9sat.src",
"product": {
"name": "foreman-installer-1:3.14.0.10-1.el9sat.src",
"product_id": "foreman-installer-1:3.14.0.10-1.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-installer@3.14.0.10-1.el9sat?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python-markdown-0:3.8.2-1.el9pc.src",
"product": {
"name": "python-markdown-0:3.8.2-1.el9pc.src",
"product_id": "python-markdown-0:3.8.2-1.el9pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-markdown@3.8.2-1.el9pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pillow-0:12.1.1-1.el9pc.src",
"product": {
"name": "python-pillow-0:12.1.1-1.el9pc.src",
"product_id": "python-pillow-0:12.1.1-1.el9pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pillow@12.1.1-1.el9pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pulp-ansible-1:0.22.4-2.el9pc.src",
"product": {
"name": "python-pulp-ansible-1:0.22.4-2.el9pc.src",
"product_id": "python-pulp-ansible-1:0.22.4-2.el9pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pulp-ansible@0.22.4-2.el9pc?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"product": {
"name": "python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"product_id": "python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pyOpenSSL@25.1.0-0.3.el9pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"product": {
"name": "rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"product_id": "rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activesupport@7.0.8.7-2.el9sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.src",
"product": {
"name": "rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.src",
"product_id": "rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_virt_who_configure@0.5.26-2.el9sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-katello-0:4.16.0.15-1.el9sat.src",
"product": {
"name": "rubygem-katello-0:4.16.0.15-1.el9sat.src",
"product_id": "rubygem-katello-0:4.16.0.15-1.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-katello@4.16.0.15-1.el9sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.17.8-1.el9sat.src",
"product": {
"name": "satellite-0:6.17.8-1.el9sat.src",
"product_id": "satellite-0:6.17.8-1.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.17.8-1.el9sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "candlepin-0:4.4.25-1.el9sat.src",
"product": {
"name": "candlepin-0:4.4.25-1.el9sat.src",
"product_id": "candlepin-0:4.4.25-1.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/candlepin@4.4.25-1.el9sat?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"product": {
"name": "foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"product_id": "foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-cli@3.14.0.16-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"product": {
"name": "foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"product_id": "foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-debug@3.14.0.16-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"product": {
"name": "foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"product_id": "foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-pcp@3.14.0.16-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-0:3.14.0.16-1.el9sat.noarch",
"product": {
"name": "foreman-0:3.14.0.16-1.el9sat.noarch",
"product_id": "foreman-0:3.14.0.16-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman@3.14.0.16-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"product": {
"name": "foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"product_id": "foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-dynflow-sidekiq@3.14.0.16-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"product": {
"name": "foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"product_id": "foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-ec2@3.14.0.16-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"product": {
"name": "foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"product_id": "foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-journald@3.14.0.16-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"product": {
"name": "foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"product_id": "foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-libvirt@3.14.0.16-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"product": {
"name": "foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"product_id": "foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-openstack@3.14.0.16-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"product": {
"name": "foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"product_id": "foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-ovirt@3.14.0.16-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"product": {
"name": "foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"product_id": "foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-postgresql@3.14.0.16-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"product": {
"name": "foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"product_id": "foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-redis@3.14.0.16-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-service-0:3.14.0.16-1.el9sat.noarch",
"product": {
"name": "foreman-service-0:3.14.0.16-1.el9sat.noarch",
"product_id": "foreman-service-0:3.14.0.16-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-service@3.14.0.16-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"product": {
"name": "foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"product_id": "foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-telemetry@3.14.0.16-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"product": {
"name": "foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"product_id": "foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-vmware@3.14.0.16-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"product": {
"name": "foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"product_id": "foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-installer@3.14.0.10-1.el9sat?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"product": {
"name": "foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"product_id": "foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-installer-katello@3.14.0.10-1.el9sat?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"product": {
"name": "python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"product_id": "python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-markdown@3.8.2-1.el9pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"product": {
"name": "python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"product_id": "python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-pulp-ansible@0.22.4-2.el9pc?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch",
"product": {
"name": "python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch",
"product_id": "python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-pyOpenSSL@25.1.0-0.3.el9pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"product": {
"name": "rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"product_id": "rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activesupport@7.0.8.7-2.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.noarch",
"product": {
"name": "rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.noarch",
"product_id": "rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_virt_who_configure@0.5.26-2.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-katello-0:4.16.0.15-1.el9sat.noarch",
"product": {
"name": "rubygem-katello-0:4.16.0.15-1.el9sat.noarch",
"product_id": "rubygem-katello-0:4.16.0.15-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-katello@4.16.0.15-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-cli-0:6.17.8-1.el9sat.noarch",
"product": {
"name": "satellite-cli-0:6.17.8-1.el9sat.noarch",
"product_id": "satellite-cli-0:6.17.8-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-cli@6.17.8-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-capsule-0:6.17.8-1.el9sat.noarch",
"product": {
"name": "satellite-capsule-0:6.17.8-1.el9sat.noarch",
"product_id": "satellite-capsule-0:6.17.8-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-capsule@6.17.8-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-common-0:6.17.8-1.el9sat.noarch",
"product": {
"name": "satellite-common-0:6.17.8-1.el9sat.noarch",
"product_id": "satellite-common-0:6.17.8-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-common@6.17.8-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"product": {
"name": "satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"product_id": "satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-obsolete-packages@6.17.8-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.17.8-1.el9sat.noarch",
"product": {
"name": "satellite-0:6.17.8-1.el9sat.noarch",
"product_id": "satellite-0:6.17.8-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.17.8-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "candlepin-0:4.4.25-1.el9sat.noarch",
"product": {
"name": "candlepin-0:4.4.25-1.el9sat.noarch",
"product_id": "candlepin-0:4.4.25-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/candlepin@4.4.25-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"product": {
"name": "candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"product_id": "candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/candlepin-selinux@4.4.25-1.el9sat?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"product": {
"name": "python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"product_id": "python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-pillow@12.1.1-1.el9pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"product": {
"name": "python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"product_id": "python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pillow-debugsource@12.1.1-1.el9pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"product": {
"name": "python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"product_id": "python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-pillow-debuginfo@12.1.1-1.el9pc?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.14.0.16-1.el9sat.src as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.src"
},
"product_reference": "foreman-0:3.14.0.16-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:foreman-cli-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:foreman-debug-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:foreman-ec2-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.14.0.10-1.el9sat.src as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.src"
},
"product_reference": "foreman-installer-1:3.14.0.10-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:foreman-journald-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:foreman-openstack-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-pcp-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:foreman-pcp-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:foreman-redis-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:foreman-service-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-service-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:foreman-vmware-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-markdown-0:3.8.2-1.el9pc.src as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:python-markdown-0:3.8.2-1.el9pc.src"
},
"product_reference": "python-markdown-0:3.8.2-1.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-0:12.1.1-1.el9pc.src as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:python-pillow-0:12.1.1-1.el9pc.src"
},
"product_reference": "python-pillow-0:12.1.1-1.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64 as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64"
},
"product_reference": "python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-ansible-1:0.22.4-2.el9pc.src as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:python-pulp-ansible-1:0.22.4-2.el9pc.src"
},
"product_reference": "python-pulp-ansible-1:0.22.4-2.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pyOpenSSL-0:25.1.0-0.3.el9pc.src as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src"
},
"product_reference": "python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-markdown-0:3.8.2-1.el9pc.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch"
},
"product_reference": "python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pillow-0:12.1.1-1.el9pc.x86_64 as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64"
},
"product_reference": "python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64 as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64"
},
"product_reference": "python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch"
},
"product_reference": "python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch"
},
"product_reference": "python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch"
},
"product_reference": "rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activesupport-0:7.0.8.7-2.el9sat.src as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src"
},
"product_reference": "rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.17.8-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.noarch"
},
"product_reference": "satellite-0:6.17.8-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.17.8-1.el9sat.src as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.src"
},
"product_reference": "satellite-0:6.17.8-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.17.8-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:satellite-capsule-0:6.17.8-1.el9sat.noarch"
},
"product_reference": "satellite-capsule-0:6.17.8-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.17.8-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:satellite-cli-0:6.17.8-1.el9sat.noarch"
},
"product_reference": "satellite-cli-0:6.17.8-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.17.8-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:satellite-common-0:6.17.8-1.el9sat.noarch"
},
"product_reference": "satellite-common-0:6.17.8-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch"
},
"product_reference": "satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.14.0.16-1.el9sat.src as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.src"
},
"product_reference": "foreman-0:3.14.0.16-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:foreman-cli-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:foreman-debug-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:foreman-ec2-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:foreman-journald-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:foreman-openstack-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-pcp-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:foreman-pcp-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:foreman-redis-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:foreman-service-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-service-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:foreman-vmware-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.17.8-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.noarch"
},
"product_reference": "satellite-0:6.17.8-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.17.8-1.el9sat.src as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.src"
},
"product_reference": "satellite-0:6.17.8-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.17.8-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:satellite-capsule-0:6.17.8-1.el9sat.noarch"
},
"product_reference": "satellite-capsule-0:6.17.8-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.17.8-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:satellite-cli-0:6.17.8-1.el9sat.noarch"
},
"product_reference": "satellite-cli-0:6.17.8-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.17.8-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:satellite-common-0:6.17.8-1.el9sat.noarch"
},
"product_reference": "satellite-common-0:6.17.8-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch"
},
"product_reference": "satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "candlepin-0:4.4.25-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.noarch"
},
"product_reference": "candlepin-0:4.4.25-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "candlepin-0:4.4.25-1.el9sat.src as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.src"
},
"product_reference": "candlepin-0:4.4.25-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "candlepin-selinux-0:4.4.25-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:candlepin-selinux-0:4.4.25-1.el9sat.noarch"
},
"product_reference": "candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.14.0.16-1.el9sat.src as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.src"
},
"product_reference": "foreman-0:3.14.0.16-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:foreman-cli-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:foreman-debug-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:foreman-ec2-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.14.0.10-1.el9sat.src as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.src"
},
"product_reference": "foreman-installer-1:3.14.0.10-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:foreman-journald-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:foreman-openstack-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-pcp-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:foreman-pcp-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:foreman-redis-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:foreman-service-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-service-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.14.0.16-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:foreman-vmware-0:3.14.0.16-1.el9sat.noarch"
},
"product_reference": "foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-markdown-0:3.8.2-1.el9pc.src as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:python-markdown-0:3.8.2-1.el9pc.src"
},
"product_reference": "python-markdown-0:3.8.2-1.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-0:12.1.1-1.el9pc.src as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:python-pillow-0:12.1.1-1.el9pc.src"
},
"product_reference": "python-pillow-0:12.1.1-1.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64 as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64"
},
"product_reference": "python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-ansible-1:0.22.4-2.el9pc.src as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:python-pulp-ansible-1:0.22.4-2.el9pc.src"
},
"product_reference": "python-pulp-ansible-1:0.22.4-2.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pyOpenSSL-0:25.1.0-0.3.el9pc.src as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src"
},
"product_reference": "python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-markdown-0:3.8.2-1.el9pc.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:python3.11-markdown-0:3.8.2-1.el9pc.noarch"
},
"product_reference": "python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pillow-0:12.1.1-1.el9pc.x86_64 as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:python3.11-pillow-0:12.1.1-1.el9pc.x86_64"
},
"product_reference": "python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64 as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64"
},
"product_reference": "python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch"
},
"product_reference": "python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch"
},
"product_reference": "python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch"
},
"product_reference": "rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activesupport-0:7.0.8.7-2.el9sat.src as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.src"
},
"product_reference": "rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.noarch"
},
"product_reference": "rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.src as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.src"
},
"product_reference": "rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-katello-0:4.16.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.noarch"
},
"product_reference": "rubygem-katello-0:4.16.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-katello-0:4.16.0.15-1.el9sat.src as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.src"
},
"product_reference": "rubygem-katello-0:4.16.0.15-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.17.8-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.noarch"
},
"product_reference": "satellite-0:6.17.8-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.17.8-1.el9sat.src as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.src"
},
"product_reference": "satellite-0:6.17.8-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.17.8-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:satellite-capsule-0:6.17.8-1.el9sat.noarch"
},
"product_reference": "satellite-capsule-0:6.17.8-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.17.8-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:satellite-cli-0:6.17.8-1.el9sat.noarch"
},
"product_reference": "satellite-cli-0:6.17.8-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.17.8-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:satellite-common-0:6.17.8-1.el9sat.noarch"
},
"product_reference": "satellite-common-0:6.17.8-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch"
},
"product_reference": "satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-69534",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"discovery_date": "2026-03-05T16:01:10.432461+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.17-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python-pulp-ansible-1:0.22.4-2.el9pc.src",
"9Base-satellite-6.17-capsule:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"9Base-satellite-6.17-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"9Base-satellite-6.17-capsule:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch",
"9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17-utils:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17-utils:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.src",
"9Base-satellite-6.17:candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.17:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python-pulp-ansible-1:0.22.4-2.el9pc.src",
"9Base-satellite-6.17:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"9Base-satellite-6.17:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"9Base-satellite-6.17:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch",
"9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.src",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.src",
"9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2444839"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Python-Markdown. Parsing crafted markdown content containing malformed HTML-like sequences causes html.parser.HTMLParser to raise an unhandled AssertionError. This unhandled exception allows an attacker to cause an application crash and potentially disclose sensitive information via its stack trace.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-markdown: denial of service via malformed HTML-like sequences",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to supply a specially crafted payload to be processed by an application using Python-Markdown. Additionally, the security impact of this vulnerability is limited to an information disclosure via the unhandled exception stack trace and a denial of service. There is no memory corruption or arbitrary command execution. Due to these reasons, this issue has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-satellite-6.17-capsule:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.17-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.17:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.17:python3.11-markdown-0:3.8.2-1.el9pc.noarch"
],
"known_not_affected": [
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.17-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python-pulp-ansible-1:0.22.4-2.el9pc.src",
"9Base-satellite-6.17-capsule:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"9Base-satellite-6.17-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"9Base-satellite-6.17-capsule:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch",
"9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17-utils:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17-utils:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.src",
"9Base-satellite-6.17:candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.17:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python-pulp-ansible-1:0.22.4-2.el9pc.src",
"9Base-satellite-6.17:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"9Base-satellite-6.17:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"9Base-satellite-6.17:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch",
"9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.src",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.src",
"9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69534"
},
{
"category": "external",
"summary": "RHBZ#2444839",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444839"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69534",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69534"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69534",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69534"
},
{
"category": "external",
"summary": "https://github.com/Python-Markdown/markdown",
"url": "https://github.com/Python-Markdown/markdown"
},
{
"category": "external",
"summary": "https://github.com/Python-Markdown/markdown/actions/runs/15736122892",
"url": "https://github.com/Python-Markdown/markdown/actions/runs/15736122892"
},
{
"category": "external",
"summary": "https://github.com/Python-Markdown/markdown/issues/1534",
"url": "https://github.com/Python-Markdown/markdown/issues/1534"
}
],
"release_date": "2026-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-07T17:29:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://docs.redhat.com/en/documentation/red_hat_satellite/6.17/html/updating_red_hat_satellite/index",
"product_ids": [
"9Base-satellite-6.17-capsule:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.17-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.17:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.17:python3.11-markdown-0:3.8.2-1.el9pc.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14873"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, wrap your markdown parsing function in a try/except block. This catches the unhandled exception, preventing both the application crash and the stack trace leak.",
"product_ids": [
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.17-capsule:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.17-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python-pulp-ansible-1:0.22.4-2.el9pc.src",
"9Base-satellite-6.17-capsule:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"9Base-satellite-6.17-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.17-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"9Base-satellite-6.17-capsule:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch",
"9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17-utils:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17-utils:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.src",
"9Base-satellite-6.17:candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.17:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.17:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python-pulp-ansible-1:0.22.4-2.el9pc.src",
"9Base-satellite-6.17:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"9Base-satellite-6.17:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.17:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"9Base-satellite-6.17:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch",
"9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.src",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.src",
"9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.17-capsule:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.17-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python-pulp-ansible-1:0.22.4-2.el9pc.src",
"9Base-satellite-6.17-capsule:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"9Base-satellite-6.17-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.17-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"9Base-satellite-6.17-capsule:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch",
"9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17-utils:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17-utils:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.src",
"9Base-satellite-6.17:candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.17:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.17:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python-pulp-ansible-1:0.22.4-2.el9pc.src",
"9Base-satellite-6.17:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"9Base-satellite-6.17:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.17:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"9Base-satellite-6.17:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch",
"9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.src",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.src",
"9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "python-markdown: denial of service via malformed HTML-like sequences"
},
{
"cve": "CVE-2026-25990",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2026-02-11T21:05:39.535631+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.17-capsule:python-pulp-ansible-1:0.22.4-2.el9pc.src",
"9Base-satellite-6.17-capsule:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"9Base-satellite-6.17-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.17-capsule:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"9Base-satellite-6.17-capsule:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch",
"9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17-utils:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17-utils:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.src",
"9Base-satellite-6.17:candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.17:python-pulp-ansible-1:0.22.4-2.el9pc.src",
"9Base-satellite-6.17:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"9Base-satellite-6.17:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.17:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"9Base-satellite-6.17:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch",
"9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.src",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.src",
"9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2439170"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found the Pillow Python imaging library. Providing a specially crafted PSD image may lead to an out-of-bounds write. This could potentially allow for arbitrary code execution or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pillow: Pillow: Out-of-bounds Write via Specially Crafted PSD Image",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-satellite-6.17-capsule:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.17-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.17:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64"
],
"known_not_affected": [
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.17-capsule:python-pulp-ansible-1:0.22.4-2.el9pc.src",
"9Base-satellite-6.17-capsule:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"9Base-satellite-6.17-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.17-capsule:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"9Base-satellite-6.17-capsule:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch",
"9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17-utils:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17-utils:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.src",
"9Base-satellite-6.17:candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.17:python-pulp-ansible-1:0.22.4-2.el9pc.src",
"9Base-satellite-6.17:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"9Base-satellite-6.17:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.17:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"9Base-satellite-6.17:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch",
"9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.src",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.src",
"9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25990"
},
{
"category": "external",
"summary": "RHBZ#2439170",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439170"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25990",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25990"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25990",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25990"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/commit/9000313cc5d4a31bdcdd6d7f0781101abab553aa",
"url": "https://github.com/python-pillow/Pillow/commit/9000313cc5d4a31bdcdd6d7f0781101abab553aa"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-cfh3-3jmp-rvhc",
"url": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-cfh3-3jmp-rvhc"
}
],
"release_date": "2026-02-11T20:53:52.524000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-07T17:29:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://docs.redhat.com/en/documentation/red_hat_satellite/6.17/html/updating_red_hat_satellite/index",
"product_ids": [
"9Base-satellite-6.17-capsule:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.17-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.17:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14873"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.17-capsule:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.17-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python-pulp-ansible-1:0.22.4-2.el9pc.src",
"9Base-satellite-6.17-capsule:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"9Base-satellite-6.17-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.17-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"9Base-satellite-6.17-capsule:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch",
"9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17-utils:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17-utils:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.src",
"9Base-satellite-6.17:candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.17:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.17:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python-pulp-ansible-1:0.22.4-2.el9pc.src",
"9Base-satellite-6.17:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"9Base-satellite-6.17:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.17:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"9Base-satellite-6.17:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch",
"9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.src",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.src",
"9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.17-capsule:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.17-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python-pulp-ansible-1:0.22.4-2.el9pc.src",
"9Base-satellite-6.17-capsule:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"9Base-satellite-6.17-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.17-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"9Base-satellite-6.17-capsule:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch",
"9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17-utils:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17-utils:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.src",
"9Base-satellite-6.17:candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.17:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.17:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python-pulp-ansible-1:0.22.4-2.el9pc.src",
"9Base-satellite-6.17:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"9Base-satellite-6.17:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.17:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"9Base-satellite-6.17:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch",
"9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.src",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.src",
"9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "pillow: Pillow: Out-of-bounds Write via Specially Crafted PSD Image"
},
{
"cve": "CVE-2026-27459",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2026-03-18T00:01:41.404915+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.17-capsule:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.17-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python-pulp-ansible-1:0.22.4-2.el9pc.src",
"9Base-satellite-6.17-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.17-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17-utils:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17-utils:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.src",
"9Base-satellite-6.17:candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.17:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.17:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python-pulp-ansible-1:0.22.4-2.el9pc.src",
"9Base-satellite-6.17:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.17:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.src",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.src",
"9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2448503"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in pyOpenSSL. The set_cookie_generate_callback callback function can be used to generate DTLS cookies. When the callback returns a cookie string or byte sequence longer than 256 bytes, a buffer overflow can be triggered due to a missing bounds checking before copying the data to a fixed-size buffer provided by the underlying OpenSSL library.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pyOpenSSL: DTLS cookie callback buffer overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is only exploitable when an application using the pyOpenSSL library provides a custom callback to the set_cookie_generate_callback function. For the buffer overflow to occur, the callback function must return a cookie string or byte sequence longer than 256 bytes, limiting the exposure of this issue. Due to these reasons, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-satellite-6.17-capsule:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"9Base-satellite-6.17-capsule:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch",
"9Base-satellite-6.17:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"9Base-satellite-6.17:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch"
],
"known_not_affected": [
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.17-capsule:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.17-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python-pulp-ansible-1:0.22.4-2.el9pc.src",
"9Base-satellite-6.17-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.17-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17-utils:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17-utils:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.src",
"9Base-satellite-6.17:candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.17:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.17:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python-pulp-ansible-1:0.22.4-2.el9pc.src",
"9Base-satellite-6.17:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.17:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.src",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.src",
"9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27459"
},
{
"category": "external",
"summary": "RHBZ#2448503",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448503"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27459",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27459"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27459",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27459"
},
{
"category": "external",
"summary": "https://github.com/pyca/pyopenssl/blob/358cbf29c4e364c59930e53a270116249581eaa3/CHANGELOG.rst",
"url": "https://github.com/pyca/pyopenssl/blob/358cbf29c4e364c59930e53a270116249581eaa3/CHANGELOG.rst"
},
{
"category": "external",
"summary": "https://github.com/pyca/pyopenssl/commit/57f09bb4bb051d3bc2a1abd36e9525313d5cd408",
"url": "https://github.com/pyca/pyopenssl/commit/57f09bb4bb051d3bc2a1abd36e9525313d5cd408"
},
{
"category": "external",
"summary": "https://github.com/pyca/pyopenssl/security/advisories/GHSA-5pwr-322w-8jr4",
"url": "https://github.com/pyca/pyopenssl/security/advisories/GHSA-5pwr-322w-8jr4"
}
],
"release_date": "2026-03-17T23:34:28.483000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-07T17:29:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://docs.redhat.com/en/documentation/red_hat_satellite/6.17/html/updating_red_hat_satellite/index",
"product_ids": [
"9Base-satellite-6.17-capsule:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"9Base-satellite-6.17-capsule:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch",
"9Base-satellite-6.17:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"9Base-satellite-6.17:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14873"
},
{
"category": "workaround",
"details": "To mitigate this flaw, ensure the callback provided to the set_cookie_generate_callback function strictly limits the returned cookie string or byte sequence to under 256 bytes.",
"product_ids": [
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.17-capsule:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.17-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python-pulp-ansible-1:0.22.4-2.el9pc.src",
"9Base-satellite-6.17-capsule:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"9Base-satellite-6.17-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.17-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"9Base-satellite-6.17-capsule:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch",
"9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17-utils:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17-utils:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.src",
"9Base-satellite-6.17:candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.17:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.17:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python-pulp-ansible-1:0.22.4-2.el9pc.src",
"9Base-satellite-6.17:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"9Base-satellite-6.17:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.17:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"9Base-satellite-6.17:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch",
"9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.src",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.src",
"9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.17-capsule:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.17-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python-pulp-ansible-1:0.22.4-2.el9pc.src",
"9Base-satellite-6.17-capsule:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"9Base-satellite-6.17-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.17-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"9Base-satellite-6.17-capsule:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch",
"9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17-utils:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17-utils:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.src",
"9Base-satellite-6.17:candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.17:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.17:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python-pulp-ansible-1:0.22.4-2.el9pc.src",
"9Base-satellite-6.17:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"9Base-satellite-6.17:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.17:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"9Base-satellite-6.17:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch",
"9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.src",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.src",
"9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "pyOpenSSL: DTLS cookie callback buffer overflow"
},
{
"cve": "CVE-2026-27727",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2026-02-25T17:04:31.254239+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.17-capsule:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.17-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python-pulp-ansible-1:0.22.4-2.el9pc.src",
"9Base-satellite-6.17-capsule:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"9Base-satellite-6.17-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.17-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"9Base-satellite-6.17-capsule:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch",
"9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17-utils:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17-utils:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.17:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.17:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python-pulp-ansible-1:0.22.4-2.el9pc.src",
"9Base-satellite-6.17:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"9Base-satellite-6.17:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.17:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"9Base-satellite-6.17:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch",
"9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.src",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.src",
"9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2442671"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in mchange-commons-java, a Java utility library. An attacker can exploit this vulnerability by providing a maliciously crafted `javax.naming.Reference` or serialized object to an application using the library. This can provoke the application to download and execute arbitrary malicious code due to mchange-commons-java\u0027s independent implementation of Java Naming and Directory Interface (JNDI) dereferencing, which supports remote code loading. This could lead to arbitrary code execution within the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "com.mchange/mchange-commons-java: mchange-commons-java: Arbitrary code execution via JNDI dereferencing of crafted objects",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.src",
"9Base-satellite-6.17:candlepin-selinux-0:4.4.25-1.el9sat.noarch"
],
"known_not_affected": [
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.17-capsule:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.17-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python-pulp-ansible-1:0.22.4-2.el9pc.src",
"9Base-satellite-6.17-capsule:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"9Base-satellite-6.17-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.17-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"9Base-satellite-6.17-capsule:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch",
"9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17-utils:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17-utils:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.17:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.17:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python-pulp-ansible-1:0.22.4-2.el9pc.src",
"9Base-satellite-6.17:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"9Base-satellite-6.17:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.17:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"9Base-satellite-6.17:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch",
"9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.src",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.src",
"9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27727"
},
{
"category": "external",
"summary": "RHBZ#2442671",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442671"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27727",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27727"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27727",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27727"
},
{
"category": "external",
"summary": "https://github.com/swaldman/mchange-commons-java/security/advisories/GHSA-m2cm-222f-qw44",
"url": "https://github.com/swaldman/mchange-commons-java/security/advisories/GHSA-m2cm-222f-qw44"
},
{
"category": "external",
"summary": "https://mogwailabs.de/en/blog/2025/02/c3p0-you-little-rascal",
"url": "https://mogwailabs.de/en/blog/2025/02/c3p0-you-little-rascal"
},
{
"category": "external",
"summary": "https://www.mchange.com/projects/c3p0/#configuring_security",
"url": "https://www.mchange.com/projects/c3p0/#configuring_security"
},
{
"category": "external",
"summary": "https://www.mchange.com/projects/c3p0/#security-note",
"url": "https://www.mchange.com/projects/c3p0/#security-note"
}
],
"release_date": "2026-02-25T16:01:04.187000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-07T17:29:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://docs.redhat.com/en/documentation/red_hat_satellite/6.17/html/updating_red_hat_satellite/index",
"product_ids": [
"9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.src",
"9Base-satellite-6.17:candlepin-selinux-0:4.4.25-1.el9sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14873"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.17-capsule:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.17-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python-pulp-ansible-1:0.22.4-2.el9pc.src",
"9Base-satellite-6.17-capsule:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"9Base-satellite-6.17-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.17-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"9Base-satellite-6.17-capsule:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch",
"9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17-utils:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17-utils:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.src",
"9Base-satellite-6.17:candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.17:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.17:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python-pulp-ansible-1:0.22.4-2.el9pc.src",
"9Base-satellite-6.17:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"9Base-satellite-6.17:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.17:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"9Base-satellite-6.17:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch",
"9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.src",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.src",
"9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.17-capsule:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.17-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python-pulp-ansible-1:0.22.4-2.el9pc.src",
"9Base-satellite-6.17-capsule:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"9Base-satellite-6.17-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.17-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"9Base-satellite-6.17-capsule:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch",
"9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17-utils:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17-utils:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.src",
"9Base-satellite-6.17:candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.17:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.17:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python-pulp-ansible-1:0.22.4-2.el9pc.src",
"9Base-satellite-6.17:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"9Base-satellite-6.17:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.17:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"9Base-satellite-6.17:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch",
"9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.src",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.src",
"9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "com.mchange/mchange-commons-java: mchange-commons-java: Arbitrary code execution via JNDI dereferencing of crafted objects"
},
{
"cve": "CVE-2026-33176",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-03-24T00:02:09.939647+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.17-capsule:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.17-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python-pulp-ansible-1:0.22.4-2.el9pc.src",
"9Base-satellite-6.17-capsule:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"9Base-satellite-6.17-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.17-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"9Base-satellite-6.17-capsule:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch",
"9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17-utils:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17-utils:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.src",
"9Base-satellite-6.17:candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.17:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.17:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python-pulp-ansible-1:0.22.4-2.el9pc.src",
"9Base-satellite-6.17:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"9Base-satellite-6.17:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.17:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"9Base-satellite-6.17:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch",
"9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.src",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.src",
"9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2450551"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Active Support, a toolkit of support libraries for Ruby on Rails. A remote attacker can exploit this vulnerability by providing specially crafted strings containing scientific notation (e.g., \"1e10000\") to number helpers. This input causes the `BigDecimal` component to expand into extremely large decimal representations, consuming excessive memory and CPU resources. This can lead to a Denial of Service (DoS) vulnerability, making the affected system unavailable.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Rails: Active Support: Active Support: Denial of Service via large scientific notation strings",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as Moderate by Red Hat. Successful exploitation of this vulnerability requires an attacker to reach the vulnerable code path within the Active Support library as used by the hosting application. Because this functionality is not typically exposed directly to unauthenticated users, an attacker would generally need at least low-privileged (authenticated) access to the application to trigger the issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.src"
],
"known_not_affected": [
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.17-capsule:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.17-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python-pulp-ansible-1:0.22.4-2.el9pc.src",
"9Base-satellite-6.17-capsule:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"9Base-satellite-6.17-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.17-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"9Base-satellite-6.17-capsule:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch",
"9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17-utils:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17-utils:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.src",
"9Base-satellite-6.17:candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.17:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.17:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python-pulp-ansible-1:0.22.4-2.el9pc.src",
"9Base-satellite-6.17:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"9Base-satellite-6.17:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.17:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"9Base-satellite-6.17:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch",
"9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.src",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.src",
"9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33176"
},
{
"category": "external",
"summary": "RHBZ#2450551",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450551"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33176",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33176"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33176",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33176"
},
{
"category": "external",
"summary": "https://github.com/rails/rails/commit/19dbab51ca086a657bb86458042bc44314916bcb",
"url": "https://github.com/rails/rails/commit/19dbab51ca086a657bb86458042bc44314916bcb"
},
{
"category": "external",
"summary": "https://github.com/rails/rails/commit/ebd6be18120d1136511eb516338e27af25ac0a1a",
"url": "https://github.com/rails/rails/commit/ebd6be18120d1136511eb516338e27af25ac0a1a"
},
{
"category": "external",
"summary": "https://github.com/rails/rails/commit/ee2c59e730e5b8faed502cd2c573109df093f856",
"url": "https://github.com/rails/rails/commit/ee2c59e730e5b8faed502cd2c573109df093f856"
},
{
"category": "external",
"summary": "https://github.com/rails/rails/releases/tag/v7.2.3.1",
"url": "https://github.com/rails/rails/releases/tag/v7.2.3.1"
},
{
"category": "external",
"summary": "https://github.com/rails/rails/releases/tag/v8.0.4.1",
"url": "https://github.com/rails/rails/releases/tag/v8.0.4.1"
},
{
"category": "external",
"summary": "https://github.com/rails/rails/releases/tag/v8.1.2.1",
"url": "https://github.com/rails/rails/releases/tag/v8.1.2.1"
},
{
"category": "external",
"summary": "https://github.com/rails/rails/security/advisories/GHSA-2j26-frm8-cmj9",
"url": "https://github.com/rails/rails/security/advisories/GHSA-2j26-frm8-cmj9"
}
],
"release_date": "2026-03-23T23:29:27.933000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-07T17:29:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://docs.redhat.com/en/documentation/red_hat_satellite/6.17/html/updating_red_hat_satellite/index",
"product_ids": [
"9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14873"
},
{
"category": "workaround",
"details": "To mitigate this issue, applications that use Active Support number helpers to process untrusted input should implement strict input validation. This involves sanitizing or restricting the format and length of numerical strings before they are passed to Active Support, thereby preventing the `BigDecimal` component from expanding into extremely large decimal representations and consuming excessive resources.",
"product_ids": [
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.17-capsule:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.17-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python-pulp-ansible-1:0.22.4-2.el9pc.src",
"9Base-satellite-6.17-capsule:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"9Base-satellite-6.17-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.17-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"9Base-satellite-6.17-capsule:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch",
"9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17-utils:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17-utils:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.src",
"9Base-satellite-6.17:candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.17:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.17:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python-pulp-ansible-1:0.22.4-2.el9pc.src",
"9Base-satellite-6.17:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"9Base-satellite-6.17:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.17:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"9Base-satellite-6.17:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch",
"9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.src",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.src",
"9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-installer-1:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.17-capsule:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.17-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python-pulp-ansible-1:0.22.4-2.el9pc.src",
"9Base-satellite-6.17-capsule:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"9Base-satellite-6.17-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.17-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17-capsule:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"9Base-satellite-6.17-capsule:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch",
"9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17-utils:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17-utils:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.25-1.el9sat.src",
"9Base-satellite-6.17:candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.16-1.el9sat.src",
"9Base-satellite-6.17:foreman-cli-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-debug-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-dynflow-sidekiq-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ec2-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-installer-1:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17:foreman-installer-katello-1:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-journald-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-libvirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-openstack-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ovirt-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-pcp-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-postgresql-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-redis-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-service-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-telemetry-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-vmware-0:3.14.0.16-1.el9sat.noarch",
"9Base-satellite-6.17:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.17:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.17:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python-pulp-ansible-1:0.22.4-2.el9pc.src",
"9Base-satellite-6.17:python-pyOpenSSL-0:25.1.0-0.3.el9pc.src",
"9Base-satellite-6.17:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.17:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.17:python3.11-pulp-ansible-1:0.22.4-2.el9pc.noarch",
"9Base-satellite-6.17:python3.11-pyOpenSSL-0:25.1.0-0.3.el9pc.noarch",
"9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.noarch",
"9Base-satellite-6.17:rubygem-activesupport-0:7.0.8.7-2.el9sat.src",
"9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_virt_who_configure-0:0.5.26-2.el9sat.src",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.15-1.el9sat.src",
"9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-0:6.17.8-1.el9sat.src",
"9Base-satellite-6.17:satellite-capsule-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-cli-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-common-0:6.17.8-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-obsolete-packages-0:6.17.8-1.el9sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Rails: Active Support: Active Support: Denial of Service via large scientific notation strings"
}
]
}
RHSA-2026:14874
Vulnerability from csaf_redhat - Published: 2026-05-07 18:00 - Updated: 2026-06-10 08:37Summary
Red Hat Security Advisory: Satellite 6.16.8 Async Update
Severity
Important
Notes
Topic: An update is now available for Red Hat Satellite 6.16 for RHEL 8 and RHEL 9.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Details: Red Hat Satellite is a system management solution that allows organizations
to configure and maintain their systems without the necessity to provide
public Internet access to their servers or other client systems. It
performs provisioning and configuration management of predefined standard
operating environments.
Security Fix(es):
* python-pillow: Pillow: Out-of-bounds Write via Specially Crafted PSD Image (CVE-2026-25990)
* candlepin: mchange-commons-java: Arbitrary code execution via JNDI dereferencing of crafted objects (CVE-2026-27727)
* python-markdown: denial of service via malformed HTML-like sequences (CVE-2025-69534)
* python-pyOpenSSL: DTLS cookie callback buffer overflow (CVE-2026-27459)
* rubygem-activesupport: Active Support: Denial of Service via large scientific notation strings (CVE-2026-33176)
Bug Fix(es):
* Satellite manifest consumer profile cert and key found in satellite client rhsm cache (SAT-43030)
* All communication should happen only over https during global registration execution (SAT-44031)
* Impossible to generate registration command via REST API in isolated networks managed by external capsules (SAT-44032)
* Executing the 'katello::clean_backend_objects' rake task takes a long time to complete (SAT-44033)
* Puppet fact parser can't create OS entry blocking Satellite leapp upgrades (SAT-44035)
* No repositories available through subscriptions on a cloud-instance host after registering it to Red Hat Satellite using global registration method (SAT-44036)
* Proxy password shown in clear text in the Overview page of Virt-who Configuration (SAT-43834)
* Non-admin users on Satellite with viewer role, unable to see the hostgroup. (SAT-44034)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Python-Markdown. Parsing crafted markdown content containing malformed HTML-like sequences causes html.parser.HTMLParser to raise an unhandled AssertionError. This unhandled exception allows an attacker to cause an application crash and potentially disclose sensitive information via its stack trace.
8.2 (High)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el8pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-markdown-0:3.8.2-1.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el8pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el9pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-markdown-0:3.8.2-1.el9pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el9pc.noarch | — |
Vendor Fix
fix
Workaround
|
Known not affected
192 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-pillow-0:12.1.1-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-cli-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-common-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-pillow-0:12.1.1-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-cli-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-common-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
Threats
Impact
Important
A flaw was found the Pillow Python imaging library. Providing a specially crafted PSD image may lead to an out-of-bounds write. This could potentially allow for arbitrary code execution or information disclosure.
7.3 (High)
Affected products
Fixed
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-pillow-0:12.1.1-1.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el9pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-pillow-0:12.1.1-1.el9pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el9pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
184 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-markdown-0:3.8.2-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-cli-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-common-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-markdown-0:3.8.2-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-cli-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-common-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
Threats
Impact
Important
A flaw was found in pyOpenSSL. The set_cookie_generate_callback callback function can be used to generate DTLS cookies. When the callback returns a cookie string or byte sequence longer than 256 bytes, a buffer overflow can be triggered due to a missing bounds checking before copying the data to a fixed-size buffer provided by the underlying OpenSSL library.
8.1 (High)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el9pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el9pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch | — |
Vendor Fix
fix
Workaround
|
Known not affected
192 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-markdown-0:3.8.2-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-pillow-0:12.1.1-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-cli-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-common-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-markdown-0:3.8.2-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-pillow-0:12.1.1-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-cli-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-common-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
Threats
Impact
Important
A flaw was found in mchange-commons-java, a Java utility library. An attacker can exploit this vulnerability by providing a maliciously crafted `javax.naming.Reference` or serialized object to an application using the library. This can provoke the application to download and execute arbitrary malicious code due to mchange-commons-java's independent implementation of Java Naming and Directory Interface (JNDI) dereferencing, which supports remote code loading. This could lead to arbitrary code execution within the affected application.
8.3 (High)
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
Known not affected
194 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-markdown-0:3.8.2-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-pillow-0:12.1.1-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-cli-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-common-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-markdown-0:3.8.2-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-pillow-0:12.1.1-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-cli-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-common-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Active Support, a toolkit of support libraries for Ruby on Rails. A remote attacker can exploit this vulnerability by providing specially crafted strings containing scientific notation (e.g., "1e10000") to number helpers. This input causes the `BigDecimal` component to expand into extremely large decimal representations, consuming excessive memory and CPU resources. This can lead to a Denial of Service (DoS) vulnerability, making the affected system unavailable.
6.5 (Medium)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.src | — |
Vendor Fix
fix
Workaround
|
Known not affected
192 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-markdown-0:3.8.2-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-pillow-0:12.1.1-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-cli-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-common-0:6.16.8-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-markdown-0:3.8.2-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-pillow-0:12.1.1-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-cli-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-common-0:6.16.8-1.el9sat.noarch | — |
Workaround
|
Threats
Impact
Moderate
References
55 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat Satellite 6.16 for RHEL 8 and RHEL 9.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Satellite is a system management solution that allows organizations\nto configure and maintain their systems without the necessity to provide\npublic Internet access to their servers or other client systems. It\nperforms provisioning and configuration management of predefined standard\noperating environments.\n\nSecurity Fix(es):\n\n* python-pillow: Pillow: Out-of-bounds Write via Specially Crafted PSD Image (CVE-2026-25990)\n\n* candlepin: mchange-commons-java: Arbitrary code execution via JNDI dereferencing of crafted objects (CVE-2026-27727)\n\n* python-markdown: denial of service via malformed HTML-like sequences (CVE-2025-69534)\n\n* python-pyOpenSSL: DTLS cookie callback buffer overflow (CVE-2026-27459)\n\n* rubygem-activesupport: Active Support: Denial of Service via large scientific notation strings (CVE-2026-33176)\n\nBug Fix(es):\n\n* Satellite manifest consumer profile cert and key found in satellite client rhsm cache (SAT-43030)\n\n* All communication should happen only over https during global registration execution (SAT-44031)\n\n* Impossible to generate registration command via REST API in isolated networks managed by external capsules (SAT-44032)\n\n* Executing the \u0027katello::clean_backend_objects\u0027 rake task takes a long time to complete (SAT-44033)\n\n* Puppet fact parser can\u0027t create OS entry blocking Satellite leapp upgrades (SAT-44035)\n\n* No repositories available through subscriptions on a cloud-instance host after registering it to Red Hat Satellite using global registration method (SAT-44036)\n\n* Proxy password shown in clear text in the Overview page of Virt-who Configuration (SAT-43834)\n\n* Non-admin users on Satellite with viewer role, unable to see the hostgroup. (SAT-44034)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:14874",
"url": "https://access.redhat.com/errata/RHSA-2026:14874"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2439170",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439170"
},
{
"category": "external",
"summary": "2442671",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442671"
},
{
"category": "external",
"summary": "2444839",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444839"
},
{
"category": "external",
"summary": "2448503",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448503"
},
{
"category": "external",
"summary": "2450551",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450551"
},
{
"category": "external",
"summary": "SAT-43834",
"url": "https://issues.redhat.com/browse/SAT-43834"
},
{
"category": "external",
"summary": "SAT-44030",
"url": "https://issues.redhat.com/browse/SAT-44030"
},
{
"category": "external",
"summary": "SAT-44031",
"url": "https://issues.redhat.com/browse/SAT-44031"
},
{
"category": "external",
"summary": "SAT-44032",
"url": "https://issues.redhat.com/browse/SAT-44032"
},
{
"category": "external",
"summary": "SAT-44033",
"url": "https://issues.redhat.com/browse/SAT-44033"
},
{
"category": "external",
"summary": "SAT-44034",
"url": "https://issues.redhat.com/browse/SAT-44034"
},
{
"category": "external",
"summary": "SAT-44035",
"url": "https://issues.redhat.com/browse/SAT-44035"
},
{
"category": "external",
"summary": "SAT-44036",
"url": "https://issues.redhat.com/browse/SAT-44036"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_14874.json"
}
],
"title": "Red Hat Security Advisory: Satellite 6.16.8 Async Update",
"tracking": {
"current_release_date": "2026-06-10T08:37:58+00:00",
"generator": {
"date": "2026-06-10T08:37:58+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.2"
}
},
"id": "RHSA-2026:14874",
"initial_release_date": "2026-05-07T18:00:30+00:00",
"revision_history": [
{
"date": "2026-05-07T18:00:30+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-07T18:00:30+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-10T08:37:58+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Satellite 6.16 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite:6.16::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.16 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_capsule:6.16::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.16 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_utils:6.16::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.16 for RHEL 9",
"product": {
"name": "Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite:6.16::el9"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.16 for RHEL 9",
"product": {
"name": "Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_capsule:6.16::el9"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.16 for RHEL 9",
"product": {
"name": "Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_utils:6.16::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Satellite 6"
},
{
"branches": [
{
"category": "product_version",
"name": "candlepin-0:4.4.25-1.el8sat.src",
"product": {
"name": "candlepin-0:4.4.25-1.el8sat.src",
"product_id": "candlepin-0:4.4.25-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/candlepin@4.4.25-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "foreman-0:3.12.0.15-1.el8sat.src",
"product": {
"name": "foreman-0:3.12.0.15-1.el8sat.src",
"product_id": "foreman-0:3.12.0.15-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman@3.12.0.15-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "foreman-installer-1:3.12.0.7-1.el8sat.src",
"product": {
"name": "foreman-installer-1:3.12.0.7-1.el8sat.src",
"product_id": "foreman-installer-1:3.12.0.7-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-installer@3.12.0.7-1.el8sat?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python-markdown-0:3.8.2-1.el8pc.src",
"product": {
"name": "python-markdown-0:3.8.2-1.el8pc.src",
"product_id": "python-markdown-0:3.8.2-1.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-markdown@3.8.2-1.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pillow-0:12.1.1-1.el8pc.src",
"product": {
"name": "python-pillow-0:12.1.1-1.el8pc.src",
"product_id": "python-pillow-0:12.1.1-1.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pillow@12.1.1-1.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pulp-ansible-1:0.21.10-3.el8pc.src",
"product": {
"name": "python-pulp-ansible-1:0.21.10-3.el8pc.src",
"product_id": "python-pulp-ansible-1:0.21.10-3.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pulp-ansible@0.21.10-3.el8pc?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"product": {
"name": "python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"product_id": "python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pyOpenSSL@24.1.0-2.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"product": {
"name": "rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"product_id": "rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activesupport@6.1.7.8-2.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.src",
"product": {
"name": "rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.src",
"product_id": "rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_virt_who_configure@0.5.23-3.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-katello-0:4.14.0.18-1.el8sat.src",
"product": {
"name": "rubygem-katello-0:4.14.0.18-1.el8sat.src",
"product_id": "rubygem-katello-0:4.14.0.18-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-katello@4.14.0.18-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.16.8-1.el8sat.src",
"product": {
"name": "satellite-0:6.16.8-1.el8sat.src",
"product_id": "satellite-0:6.16.8-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.16.8-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "candlepin-0:4.4.25-1.el9sat.src",
"product": {
"name": "candlepin-0:4.4.25-1.el9sat.src",
"product_id": "candlepin-0:4.4.25-1.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/candlepin@4.4.25-1.el9sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "foreman-0:3.12.0.15-1.el9sat.src",
"product": {
"name": "foreman-0:3.12.0.15-1.el9sat.src",
"product_id": "foreman-0:3.12.0.15-1.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman@3.12.0.15-1.el9sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "foreman-installer-1:3.12.0.7-1.el9sat.src",
"product": {
"name": "foreman-installer-1:3.12.0.7-1.el9sat.src",
"product_id": "foreman-installer-1:3.12.0.7-1.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-installer@3.12.0.7-1.el9sat?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python-markdown-0:3.8.2-1.el9pc.src",
"product": {
"name": "python-markdown-0:3.8.2-1.el9pc.src",
"product_id": "python-markdown-0:3.8.2-1.el9pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-markdown@3.8.2-1.el9pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pillow-0:12.1.1-1.el9pc.src",
"product": {
"name": "python-pillow-0:12.1.1-1.el9pc.src",
"product_id": "python-pillow-0:12.1.1-1.el9pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pillow@12.1.1-1.el9pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pulp-ansible-1:0.21.10-3.el9pc.src",
"product": {
"name": "python-pulp-ansible-1:0.21.10-3.el9pc.src",
"product_id": "python-pulp-ansible-1:0.21.10-3.el9pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pulp-ansible@0.21.10-3.el9pc?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"product": {
"name": "python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"product_id": "python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pyOpenSSL@24.1.0-2.el9pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-activesupport-0:6.1.7.8-2.el9sat.src",
"product": {
"name": "rubygem-activesupport-0:6.1.7.8-2.el9sat.src",
"product_id": "rubygem-activesupport-0:6.1.7.8-2.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activesupport@6.1.7.8-2.el9sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.src",
"product": {
"name": "rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.src",
"product_id": "rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_virt_who_configure@0.5.23-3.el9sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-katello-0:4.14.0.18-1.el9sat.src",
"product": {
"name": "rubygem-katello-0:4.14.0.18-1.el9sat.src",
"product_id": "rubygem-katello-0:4.14.0.18-1.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-katello@4.14.0.18-1.el9sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.16.8-1.el9sat.src",
"product": {
"name": "satellite-0:6.16.8-1.el9sat.src",
"product_id": "satellite-0:6.16.8-1.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.16.8-1.el9sat?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "candlepin-0:4.4.25-1.el8sat.noarch",
"product": {
"name": "candlepin-0:4.4.25-1.el8sat.noarch",
"product_id": "candlepin-0:4.4.25-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/candlepin@4.4.25-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "candlepin-selinux-0:4.4.25-1.el8sat.noarch",
"product": {
"name": "candlepin-selinux-0:4.4.25-1.el8sat.noarch",
"product_id": "candlepin-selinux-0:4.4.25-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/candlepin-selinux@4.4.25-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-0:3.12.0.15-1.el8sat.noarch",
"product": {
"name": "foreman-0:3.12.0.15-1.el8sat.noarch",
"product_id": "foreman-0:3.12.0.15-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman@3.12.0.15-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"product": {
"name": "foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"product_id": "foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-cli@3.12.0.15-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"product": {
"name": "foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"product_id": "foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-debug@3.12.0.15-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"product": {
"name": "foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"product_id": "foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-dynflow-sidekiq@3.12.0.15-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"product": {
"name": "foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"product_id": "foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-ec2@3.12.0.15-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"product": {
"name": "foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"product_id": "foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-journald@3.12.0.15-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"product": {
"name": "foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"product_id": "foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-libvirt@3.12.0.15-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"product": {
"name": "foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"product_id": "foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-openstack@3.12.0.15-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"product": {
"name": "foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"product_id": "foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-ovirt@3.12.0.15-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"product": {
"name": "foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"product_id": "foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-pcp@3.12.0.15-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"product": {
"name": "foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"product_id": "foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-postgresql@3.12.0.15-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"product": {
"name": "foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"product_id": "foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-redis@3.12.0.15-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-service-0:3.12.0.15-1.el8sat.noarch",
"product": {
"name": "foreman-service-0:3.12.0.15-1.el8sat.noarch",
"product_id": "foreman-service-0:3.12.0.15-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-service@3.12.0.15-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"product": {
"name": "foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"product_id": "foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-telemetry@3.12.0.15-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"product": {
"name": "foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"product_id": "foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-vmware@3.12.0.15-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"product": {
"name": "foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"product_id": "foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-installer@3.12.0.7-1.el8sat?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"product": {
"name": "foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"product_id": "foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-installer-katello@3.12.0.7-1.el8sat?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"product": {
"name": "python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"product_id": "python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-markdown@3.8.2-1.el8pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"product": {
"name": "python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"product_id": "python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-pulp-ansible@0.21.10-3.el8pc?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"product": {
"name": "python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"product_id": "python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-pyOpenSSL@24.1.0-2.el8pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"product": {
"name": "rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"product_id": "rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activesupport@6.1.7.8-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.noarch",
"product": {
"name": "rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.noarch",
"product_id": "rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_virt_who_configure@0.5.23-3.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-katello-0:4.14.0.18-1.el8sat.noarch",
"product": {
"name": "rubygem-katello-0:4.14.0.18-1.el8sat.noarch",
"product_id": "rubygem-katello-0:4.14.0.18-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-katello@4.14.0.18-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.16.8-1.el8sat.noarch",
"product": {
"name": "satellite-0:6.16.8-1.el8sat.noarch",
"product_id": "satellite-0:6.16.8-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.16.8-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-cli-0:6.16.8-1.el8sat.noarch",
"product": {
"name": "satellite-cli-0:6.16.8-1.el8sat.noarch",
"product_id": "satellite-cli-0:6.16.8-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-cli@6.16.8-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-common-0:6.16.8-1.el8sat.noarch",
"product": {
"name": "satellite-common-0:6.16.8-1.el8sat.noarch",
"product_id": "satellite-common-0:6.16.8-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-common@6.16.8-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-capsule-0:6.16.8-1.el8sat.noarch",
"product": {
"name": "satellite-capsule-0:6.16.8-1.el8sat.noarch",
"product_id": "satellite-capsule-0:6.16.8-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-capsule@6.16.8-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "candlepin-0:4.4.25-1.el9sat.noarch",
"product": {
"name": "candlepin-0:4.4.25-1.el9sat.noarch",
"product_id": "candlepin-0:4.4.25-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/candlepin@4.4.25-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"product": {
"name": "candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"product_id": "candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/candlepin-selinux@4.4.25-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-0:3.12.0.15-1.el9sat.noarch",
"product": {
"name": "foreman-0:3.12.0.15-1.el9sat.noarch",
"product_id": "foreman-0:3.12.0.15-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman@3.12.0.15-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"product": {
"name": "foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"product_id": "foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-cli@3.12.0.15-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"product": {
"name": "foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"product_id": "foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-debug@3.12.0.15-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"product": {
"name": "foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"product_id": "foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-dynflow-sidekiq@3.12.0.15-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"product": {
"name": "foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"product_id": "foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-ec2@3.12.0.15-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"product": {
"name": "foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"product_id": "foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-journald@3.12.0.15-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"product": {
"name": "foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"product_id": "foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-libvirt@3.12.0.15-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"product": {
"name": "foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"product_id": "foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-openstack@3.12.0.15-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"product": {
"name": "foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"product_id": "foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-ovirt@3.12.0.15-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"product": {
"name": "foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"product_id": "foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-pcp@3.12.0.15-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"product": {
"name": "foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"product_id": "foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-postgresql@3.12.0.15-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"product": {
"name": "foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"product_id": "foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-redis@3.12.0.15-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-service-0:3.12.0.15-1.el9sat.noarch",
"product": {
"name": "foreman-service-0:3.12.0.15-1.el9sat.noarch",
"product_id": "foreman-service-0:3.12.0.15-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-service@3.12.0.15-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"product": {
"name": "foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"product_id": "foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-telemetry@3.12.0.15-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"product": {
"name": "foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"product_id": "foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-vmware@3.12.0.15-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"product": {
"name": "foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"product_id": "foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-installer@3.12.0.7-1.el9sat?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"product": {
"name": "foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"product_id": "foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-installer-katello@3.12.0.7-1.el9sat?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"product": {
"name": "python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"product_id": "python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-markdown@3.8.2-1.el9pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"product": {
"name": "python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"product_id": "python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-pulp-ansible@0.21.10-3.el9pc?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch",
"product": {
"name": "python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch",
"product_id": "python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-pyOpenSSL@24.1.0-2.el9pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"product": {
"name": "rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"product_id": "rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activesupport@6.1.7.8-2.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.noarch",
"product": {
"name": "rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.noarch",
"product_id": "rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_virt_who_configure@0.5.23-3.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-katello-0:4.14.0.18-1.el9sat.noarch",
"product": {
"name": "rubygem-katello-0:4.14.0.18-1.el9sat.noarch",
"product_id": "rubygem-katello-0:4.14.0.18-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-katello@4.14.0.18-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.16.8-1.el9sat.noarch",
"product": {
"name": "satellite-0:6.16.8-1.el9sat.noarch",
"product_id": "satellite-0:6.16.8-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.16.8-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-cli-0:6.16.8-1.el9sat.noarch",
"product": {
"name": "satellite-cli-0:6.16.8-1.el9sat.noarch",
"product_id": "satellite-cli-0:6.16.8-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-cli@6.16.8-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-common-0:6.16.8-1.el9sat.noarch",
"product": {
"name": "satellite-common-0:6.16.8-1.el9sat.noarch",
"product_id": "satellite-common-0:6.16.8-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-common@6.16.8-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-capsule-0:6.16.8-1.el9sat.noarch",
"product": {
"name": "satellite-capsule-0:6.16.8-1.el9sat.noarch",
"product_id": "satellite-capsule-0:6.16.8-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-capsule@6.16.8-1.el9sat?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"product": {
"name": "python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"product_id": "python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-pillow@12.1.1-1.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"product": {
"name": "python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"product_id": "python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pillow-debugsource@12.1.1-1.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"product": {
"name": "python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"product_id": "python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-pillow-debuginfo@12.1.1-1.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"product": {
"name": "python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"product_id": "python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-pillow@12.1.1-1.el9pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"product": {
"name": "python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"product_id": "python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pillow-debugsource@12.1.1-1.el9pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"product": {
"name": "python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"product_id": "python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-pillow-debuginfo@12.1.1-1.el9pc?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.12.0.15-1.el8sat.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.src"
},
"product_reference": "foreman-0:3.12.0.15-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.12.0.7-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.noarch"
},
"product_reference": "foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.12.0.7-1.el8sat.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.src"
},
"product_reference": "foreman-installer-1:3.12.0.7-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch"
},
"product_reference": "foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-pcp-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-service-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-markdown-0:3.8.2-1.el8pc.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el8pc.src"
},
"product_reference": "python-markdown-0:3.8.2-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-0:12.1.1-1.el8pc.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el8pc.src"
},
"product_reference": "python-pillow-0:12.1.1-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64 as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64"
},
"product_reference": "python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-ansible-1:0.21.10-3.el8pc.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el8pc.src"
},
"product_reference": "python-pulp-ansible-1:0.21.10-3.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pyOpenSSL-0:24.1.0-2.el8pc.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el8pc.src"
},
"product_reference": "python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-markdown-0:3.8.2-1.el8pc.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el8pc.noarch"
},
"product_reference": "python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pillow-0:12.1.1-1.el8pc.x86_64 as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el8pc.x86_64"
},
"product_reference": "python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64 as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64"
},
"product_reference": "python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch"
},
"product_reference": "python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch"
},
"product_reference": "python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch"
},
"product_reference": "rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activesupport-0:6.1.7.8-2.el8sat.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.src"
},
"product_reference": "rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.16.8-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.noarch"
},
"product_reference": "satellite-0:6.16.8-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.16.8-1.el8sat.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.src"
},
"product_reference": "satellite-0:6.16.8-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.16.8-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el8sat.noarch"
},
"product_reference": "satellite-capsule-0:6.16.8-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.16.8-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.16.8-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.16.8-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.16.8-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.12.0.15-1.el8sat.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.src"
},
"product_reference": "foreman-0:3.12.0.15-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-pcp-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-service-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.16.8-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.noarch"
},
"product_reference": "satellite-0:6.16.8-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.16.8-1.el8sat.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.src"
},
"product_reference": "satellite-0:6.16.8-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.16.8-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el8sat.noarch"
},
"product_reference": "satellite-capsule-0:6.16.8-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.16.8-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.16.8-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.16.8-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.16.8-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "candlepin-0:4.4.25-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.noarch"
},
"product_reference": "candlepin-0:4.4.25-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "candlepin-0:4.4.25-1.el8sat.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.src"
},
"product_reference": "candlepin-0:4.4.25-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "candlepin-selinux-0:4.4.25-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el8sat.noarch"
},
"product_reference": "candlepin-selinux-0:4.4.25-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.12.0.15-1.el8sat.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.src"
},
"product_reference": "foreman-0:3.12.0.15-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.12.0.7-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.noarch"
},
"product_reference": "foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.12.0.7-1.el8sat.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.src"
},
"product_reference": "foreman-installer-1:3.12.0.7-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch"
},
"product_reference": "foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-pcp-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-service-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.12.0.15-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el8sat.noarch"
},
"product_reference": "foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-markdown-0:3.8.2-1.el8pc.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:python-markdown-0:3.8.2-1.el8pc.src"
},
"product_reference": "python-markdown-0:3.8.2-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-0:12.1.1-1.el8pc.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:python-pillow-0:12.1.1-1.el8pc.src"
},
"product_reference": "python-pillow-0:12.1.1-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64 as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64"
},
"product_reference": "python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-ansible-1:0.21.10-3.el8pc.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el8pc.src"
},
"product_reference": "python-pulp-ansible-1:0.21.10-3.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pyOpenSSL-0:24.1.0-2.el8pc.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el8pc.src"
},
"product_reference": "python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-markdown-0:3.8.2-1.el8pc.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el8pc.noarch"
},
"product_reference": "python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pillow-0:12.1.1-1.el8pc.x86_64 as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el8pc.x86_64"
},
"product_reference": "python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64 as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64"
},
"product_reference": "python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch"
},
"product_reference": "python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch"
},
"product_reference": "python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch"
},
"product_reference": "rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activesupport-0:6.1.7.8-2.el8sat.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.src"
},
"product_reference": "rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.noarch"
},
"product_reference": "rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.src"
},
"product_reference": "rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-katello-0:4.14.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.noarch"
},
"product_reference": "rubygem-katello-0:4.14.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-katello-0:4.14.0.18-1.el8sat.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.src"
},
"product_reference": "rubygem-katello-0:4.14.0.18-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.16.8-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.noarch"
},
"product_reference": "satellite-0:6.16.8-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.16.8-1.el8sat.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.src"
},
"product_reference": "satellite-0:6.16.8-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.16.8-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el8sat.noarch"
},
"product_reference": "satellite-capsule-0:6.16.8-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.16.8-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:satellite-cli-0:6.16.8-1.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.16.8-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.16.8-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:satellite-common-0:6.16.8-1.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.16.8-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.12.0.15-1.el9sat.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.src"
},
"product_reference": "foreman-0:3.12.0.15-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.12.0.7-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.noarch"
},
"product_reference": "foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.12.0.7-1.el9sat.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.src"
},
"product_reference": "foreman-installer-1:3.12.0.7-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch"
},
"product_reference": "foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-pcp-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-service-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-markdown-0:3.8.2-1.el9pc.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el9pc.src"
},
"product_reference": "python-markdown-0:3.8.2-1.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-0:12.1.1-1.el9pc.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el9pc.src"
},
"product_reference": "python-pillow-0:12.1.1-1.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64 as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64"
},
"product_reference": "python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-ansible-1:0.21.10-3.el9pc.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el9pc.src"
},
"product_reference": "python-pulp-ansible-1:0.21.10-3.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pyOpenSSL-0:24.1.0-2.el9pc.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el9pc.src"
},
"product_reference": "python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-markdown-0:3.8.2-1.el9pc.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch"
},
"product_reference": "python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pillow-0:12.1.1-1.el9pc.x86_64 as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64"
},
"product_reference": "python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64 as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64"
},
"product_reference": "python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch"
},
"product_reference": "python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch"
},
"product_reference": "python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch"
},
"product_reference": "rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activesupport-0:6.1.7.8-2.el9sat.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.src"
},
"product_reference": "rubygem-activesupport-0:6.1.7.8-2.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.16.8-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.noarch"
},
"product_reference": "satellite-0:6.16.8-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.16.8-1.el9sat.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.src"
},
"product_reference": "satellite-0:6.16.8-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.16.8-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el9sat.noarch"
},
"product_reference": "satellite-capsule-0:6.16.8-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.16.8-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el9sat.noarch"
},
"product_reference": "satellite-cli-0:6.16.8-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.16.8-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el9sat.noarch"
},
"product_reference": "satellite-common-0:6.16.8-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.12.0.15-1.el9sat.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.src"
},
"product_reference": "foreman-0:3.12.0.15-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-pcp-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-service-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.16.8-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.noarch"
},
"product_reference": "satellite-0:6.16.8-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.16.8-1.el9sat.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.src"
},
"product_reference": "satellite-0:6.16.8-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.16.8-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el9sat.noarch"
},
"product_reference": "satellite-capsule-0:6.16.8-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.16.8-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el9sat.noarch"
},
"product_reference": "satellite-cli-0:6.16.8-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.16.8-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el9sat.noarch"
},
"product_reference": "satellite-common-0:6.16.8-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "candlepin-0:4.4.25-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.noarch"
},
"product_reference": "candlepin-0:4.4.25-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "candlepin-0:4.4.25-1.el9sat.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.src"
},
"product_reference": "candlepin-0:4.4.25-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "candlepin-selinux-0:4.4.25-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el9sat.noarch"
},
"product_reference": "candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.12.0.15-1.el9sat.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.src"
},
"product_reference": "foreman-0:3.12.0.15-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.12.0.7-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.noarch"
},
"product_reference": "foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.12.0.7-1.el9sat.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.src"
},
"product_reference": "foreman-installer-1:3.12.0.7-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch"
},
"product_reference": "foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-pcp-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-service-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.12.0.15-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el9sat.noarch"
},
"product_reference": "foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-markdown-0:3.8.2-1.el9pc.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:python-markdown-0:3.8.2-1.el9pc.src"
},
"product_reference": "python-markdown-0:3.8.2-1.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-0:12.1.1-1.el9pc.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:python-pillow-0:12.1.1-1.el9pc.src"
},
"product_reference": "python-pillow-0:12.1.1-1.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64 as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64"
},
"product_reference": "python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-ansible-1:0.21.10-3.el9pc.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el9pc.src"
},
"product_reference": "python-pulp-ansible-1:0.21.10-3.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pyOpenSSL-0:24.1.0-2.el9pc.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el9pc.src"
},
"product_reference": "python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-markdown-0:3.8.2-1.el9pc.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el9pc.noarch"
},
"product_reference": "python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pillow-0:12.1.1-1.el9pc.x86_64 as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el9pc.x86_64"
},
"product_reference": "python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64 as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64"
},
"product_reference": "python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch"
},
"product_reference": "python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch"
},
"product_reference": "python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch"
},
"product_reference": "rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activesupport-0:6.1.7.8-2.el9sat.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.src"
},
"product_reference": "rubygem-activesupport-0:6.1.7.8-2.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.noarch"
},
"product_reference": "rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.src"
},
"product_reference": "rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-katello-0:4.14.0.18-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.noarch"
},
"product_reference": "rubygem-katello-0:4.14.0.18-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-katello-0:4.14.0.18-1.el9sat.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.src"
},
"product_reference": "rubygem-katello-0:4.14.0.18-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.16.8-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.noarch"
},
"product_reference": "satellite-0:6.16.8-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.16.8-1.el9sat.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.src"
},
"product_reference": "satellite-0:6.16.8-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.16.8-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el9sat.noarch"
},
"product_reference": "satellite-capsule-0:6.16.8-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.16.8-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:satellite-cli-0:6.16.8-1.el9sat.noarch"
},
"product_reference": "satellite-cli-0:6.16.8-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.16.8-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:satellite-common-0:6.16.8-1.el9sat.noarch"
},
"product_reference": "satellite-common-0:6.16.8-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-69534",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"discovery_date": "2026-03-05T16:01:10.432461+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el8pc.src",
"8Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.noarch",
"8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.src",
"8Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.src",
"8Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:python-pillow-0:12.1.1-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el8pc.src",
"8Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"8Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.8-1.el8sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el9pc.src",
"9Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.src",
"9Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.src",
"9Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el9pc.src",
"9Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"9Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch",
"9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.src",
"9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.8-1.el9sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2444839"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Python-Markdown. Parsing crafted markdown content containing malformed HTML-like sequences causes html.parser.HTMLParser to raise an unhandled AssertionError. This unhandled exception allows an attacker to cause an application crash and potentially disclose sensitive information via its stack trace.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-markdown: denial of service via malformed HTML-like sequences",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to supply a specially crafted payload to be processed by an application using Python-Markdown. Additionally, the security impact of this vulnerability is limited to an information disclosure via the unhandled exception stack trace and a denial of service. There is no memory corruption or arbitrary command execution. Due to these reasons, this issue has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"8Base-satellite-6.16:python-markdown-0:3.8.2-1.el8pc.src",
"8Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"9Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.16:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el9pc.noarch"
],
"known_not_affected": [
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el8pc.src",
"8Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.noarch",
"8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.src",
"8Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.src",
"8Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:python-pillow-0:12.1.1-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el8pc.src",
"8Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"8Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.8-1.el8sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el9pc.src",
"9Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.src",
"9Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.src",
"9Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el9pc.src",
"9Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"9Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch",
"9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.src",
"9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.8-1.el9sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69534"
},
{
"category": "external",
"summary": "RHBZ#2444839",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444839"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69534",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69534"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69534",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69534"
},
{
"category": "external",
"summary": "https://github.com/Python-Markdown/markdown",
"url": "https://github.com/Python-Markdown/markdown"
},
{
"category": "external",
"summary": "https://github.com/Python-Markdown/markdown/actions/runs/15736122892",
"url": "https://github.com/Python-Markdown/markdown/actions/runs/15736122892"
},
{
"category": "external",
"summary": "https://github.com/Python-Markdown/markdown/issues/1534",
"url": "https://github.com/Python-Markdown/markdown/issues/1534"
}
],
"release_date": "2026-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-07T18:00:30+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://docs.redhat.com/en/documentation/red_hat_satellite/6.16/html/updating_red_hat_satellite/index",
"product_ids": [
"8Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"8Base-satellite-6.16:python-markdown-0:3.8.2-1.el8pc.src",
"8Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"9Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.16:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el9pc.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14874"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, wrap your markdown parsing function in a try/except block. This catches the unhandled exception, preventing both the application crash and the stack trace leak.",
"product_ids": [
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el8pc.src",
"8Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.noarch",
"8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.src",
"8Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.src",
"8Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:python-markdown-0:3.8.2-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-0:12.1.1-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el8pc.src",
"8Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"8Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.8-1.el8sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el9pc.src",
"9Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.src",
"9Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.src",
"9Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el9pc.src",
"9Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"9Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch",
"9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.src",
"9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.8-1.el9sat.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el8pc.src",
"8Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.noarch",
"8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.src",
"8Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.src",
"8Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:python-markdown-0:3.8.2-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-0:12.1.1-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el8pc.src",
"8Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"8Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.8-1.el8sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el9pc.src",
"9Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.src",
"9Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.src",
"9Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el9pc.src",
"9Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"9Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch",
"9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.src",
"9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.8-1.el9sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "python-markdown: denial of service via malformed HTML-like sequences"
},
{
"cve": "CVE-2026-25990",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2026-02-11T21:05:39.535631+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el8pc.src",
"8Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.noarch",
"8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.src",
"8Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.src",
"8Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:python-markdown-0:3.8.2-1.el8pc.src",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el8pc.src",
"8Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"8Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.8-1.el8sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el9pc.src",
"9Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.src",
"9Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.src",
"9Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el9pc.src",
"9Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"9Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch",
"9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.src",
"9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.8-1.el9sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2439170"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found the Pillow Python imaging library. Providing a specially crafted PSD image may lead to an out-of-bounds write. This could potentially allow for arbitrary code execution or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pillow: Pillow: Out-of-bounds Write via Specially Crafted PSD Image",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pillow-0:12.1.1-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"9Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64"
],
"known_not_affected": [
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el8pc.src",
"8Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.noarch",
"8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.src",
"8Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.src",
"8Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:python-markdown-0:3.8.2-1.el8pc.src",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el8pc.src",
"8Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"8Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.8-1.el8sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el9pc.src",
"9Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.src",
"9Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.src",
"9Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el9pc.src",
"9Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"9Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch",
"9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.src",
"9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.8-1.el9sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25990"
},
{
"category": "external",
"summary": "RHBZ#2439170",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439170"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25990",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25990"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25990",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25990"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/commit/9000313cc5d4a31bdcdd6d7f0781101abab553aa",
"url": "https://github.com/python-pillow/Pillow/commit/9000313cc5d4a31bdcdd6d7f0781101abab553aa"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-cfh3-3jmp-rvhc",
"url": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-cfh3-3jmp-rvhc"
}
],
"release_date": "2026-02-11T20:53:52.524000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-07T18:00:30+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://docs.redhat.com/en/documentation/red_hat_satellite/6.16/html/updating_red_hat_satellite/index",
"product_ids": [
"8Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pillow-0:12.1.1-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"9Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14874"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el8pc.src",
"8Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.noarch",
"8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.src",
"8Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.src",
"8Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:python-markdown-0:3.8.2-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-0:12.1.1-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el8pc.src",
"8Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"8Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.8-1.el8sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el9pc.src",
"9Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.src",
"9Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.src",
"9Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el9pc.src",
"9Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"9Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch",
"9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.src",
"9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.8-1.el9sat.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el8pc.src",
"8Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.noarch",
"8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.src",
"8Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.src",
"8Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:python-markdown-0:3.8.2-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-0:12.1.1-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el8pc.src",
"8Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"8Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.8-1.el8sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el9pc.src",
"9Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.src",
"9Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.src",
"9Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el9pc.src",
"9Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"9Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch",
"9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.src",
"9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.8-1.el9sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "pillow: Pillow: Out-of-bounds Write via Specially Crafted PSD Image"
},
{
"cve": "CVE-2026-27459",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2026-03-18T00:01:41.404915+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.noarch",
"8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.src",
"8Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.src",
"8Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:python-markdown-0:3.8.2-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-0:12.1.1-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el8pc.src",
"8Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.8-1.el8sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.src",
"9Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.src",
"9Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el9pc.src",
"9Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.src",
"9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.8-1.el9sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2448503"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in pyOpenSSL. The set_cookie_generate_callback callback function can be used to generate DTLS cookies. When the callback returns a cookie string or byte sequence longer than 256 bytes, a buffer overflow can be triggered due to a missing bounds checking before copying the data to a fixed-size buffer provided by the underlying OpenSSL library.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pyOpenSSL: DTLS cookie callback buffer overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is only exploitable when an application using the pyOpenSSL library provides a custom callback to the set_cookie_generate_callback function. For the buffer overflow to occur, the callback function must return a cookie string or byte sequence longer than 256 bytes, limiting the exposure of this issue. Due to these reasons, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"8Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"8Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"9Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch",
"9Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"9Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch"
],
"known_not_affected": [
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.noarch",
"8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.src",
"8Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.src",
"8Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:python-markdown-0:3.8.2-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-0:12.1.1-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el8pc.src",
"8Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.8-1.el8sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.src",
"9Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.src",
"9Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el9pc.src",
"9Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.src",
"9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.8-1.el9sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27459"
},
{
"category": "external",
"summary": "RHBZ#2448503",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448503"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27459",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27459"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27459",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27459"
},
{
"category": "external",
"summary": "https://github.com/pyca/pyopenssl/blob/358cbf29c4e364c59930e53a270116249581eaa3/CHANGELOG.rst",
"url": "https://github.com/pyca/pyopenssl/blob/358cbf29c4e364c59930e53a270116249581eaa3/CHANGELOG.rst"
},
{
"category": "external",
"summary": "https://github.com/pyca/pyopenssl/commit/57f09bb4bb051d3bc2a1abd36e9525313d5cd408",
"url": "https://github.com/pyca/pyopenssl/commit/57f09bb4bb051d3bc2a1abd36e9525313d5cd408"
},
{
"category": "external",
"summary": "https://github.com/pyca/pyopenssl/security/advisories/GHSA-5pwr-322w-8jr4",
"url": "https://github.com/pyca/pyopenssl/security/advisories/GHSA-5pwr-322w-8jr4"
}
],
"release_date": "2026-03-17T23:34:28.483000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-07T18:00:30+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://docs.redhat.com/en/documentation/red_hat_satellite/6.16/html/updating_red_hat_satellite/index",
"product_ids": [
"8Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"8Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"8Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"9Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch",
"9Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"9Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14874"
},
{
"category": "workaround",
"details": "To mitigate this flaw, ensure the callback provided to the set_cookie_generate_callback function strictly limits the returned cookie string or byte sequence to under 256 bytes.",
"product_ids": [
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el8pc.src",
"8Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.noarch",
"8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.src",
"8Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.src",
"8Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:python-markdown-0:3.8.2-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-0:12.1.1-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el8pc.src",
"8Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"8Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.8-1.el8sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el9pc.src",
"9Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.src",
"9Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.src",
"9Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el9pc.src",
"9Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"9Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch",
"9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.src",
"9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.8-1.el9sat.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el8pc.src",
"8Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.noarch",
"8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.src",
"8Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.src",
"8Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:python-markdown-0:3.8.2-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-0:12.1.1-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el8pc.src",
"8Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"8Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.8-1.el8sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el9pc.src",
"9Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.src",
"9Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.src",
"9Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el9pc.src",
"9Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"9Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch",
"9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.src",
"9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.8-1.el9sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "pyOpenSSL: DTLS cookie callback buffer overflow"
},
{
"cve": "CVE-2026-27727",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2026-02-25T17:04:31.254239+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el8pc.src",
"8Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.src",
"8Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:python-markdown-0:3.8.2-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-0:12.1.1-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el8pc.src",
"8Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"8Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.8-1.el8sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el9pc.src",
"9Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.src",
"9Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el9pc.src",
"9Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"9Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch",
"9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.src",
"9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.8-1.el9sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2442671"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in mchange-commons-java, a Java utility library. An attacker can exploit this vulnerability by providing a maliciously crafted `javax.naming.Reference` or serialized object to an application using the library. This can provoke the application to download and execute arbitrary malicious code due to mchange-commons-java\u0027s independent implementation of Java Naming and Directory Interface (JNDI) dereferencing, which supports remote code loading. This could lead to arbitrary code execution within the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "com.mchange/mchange-commons-java: mchange-commons-java: Arbitrary code execution via JNDI dereferencing of crafted objects",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.noarch",
"8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.src",
"8Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el8sat.noarch",
"9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.src",
"9Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el9sat.noarch"
],
"known_not_affected": [
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el8pc.src",
"8Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.src",
"8Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:python-markdown-0:3.8.2-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-0:12.1.1-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el8pc.src",
"8Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"8Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.8-1.el8sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el9pc.src",
"9Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.src",
"9Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el9pc.src",
"9Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"9Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch",
"9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.src",
"9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.8-1.el9sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27727"
},
{
"category": "external",
"summary": "RHBZ#2442671",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442671"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27727",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27727"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27727",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27727"
},
{
"category": "external",
"summary": "https://github.com/swaldman/mchange-commons-java/security/advisories/GHSA-m2cm-222f-qw44",
"url": "https://github.com/swaldman/mchange-commons-java/security/advisories/GHSA-m2cm-222f-qw44"
},
{
"category": "external",
"summary": "https://mogwailabs.de/en/blog/2025/02/c3p0-you-little-rascal",
"url": "https://mogwailabs.de/en/blog/2025/02/c3p0-you-little-rascal"
},
{
"category": "external",
"summary": "https://www.mchange.com/projects/c3p0/#configuring_security",
"url": "https://www.mchange.com/projects/c3p0/#configuring_security"
},
{
"category": "external",
"summary": "https://www.mchange.com/projects/c3p0/#security-note",
"url": "https://www.mchange.com/projects/c3p0/#security-note"
}
],
"release_date": "2026-02-25T16:01:04.187000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-07T18:00:30+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://docs.redhat.com/en/documentation/red_hat_satellite/6.16/html/updating_red_hat_satellite/index",
"product_ids": [
"8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.noarch",
"8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.src",
"8Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el8sat.noarch",
"9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.src",
"9Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el9sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14874"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el8pc.src",
"8Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.noarch",
"8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.src",
"8Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.src",
"8Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:python-markdown-0:3.8.2-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-0:12.1.1-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el8pc.src",
"8Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"8Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.8-1.el8sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el9pc.src",
"9Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.src",
"9Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.src",
"9Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el9pc.src",
"9Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"9Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch",
"9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.src",
"9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.8-1.el9sat.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el8pc.src",
"8Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.noarch",
"8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.src",
"8Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.src",
"8Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:python-markdown-0:3.8.2-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-0:12.1.1-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el8pc.src",
"8Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"8Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.8-1.el8sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el9pc.src",
"9Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.src",
"9Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.src",
"9Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el9pc.src",
"9Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"9Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch",
"9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.src",
"9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.8-1.el9sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "com.mchange/mchange-commons-java: mchange-commons-java: Arbitrary code execution via JNDI dereferencing of crafted objects"
},
{
"cve": "CVE-2026-33176",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-03-24T00:02:09.939647+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el8pc.src",
"8Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.noarch",
"8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.src",
"8Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.src",
"8Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:python-markdown-0:3.8.2-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-0:12.1.1-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el8pc.src",
"8Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"8Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.8-1.el8sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el9pc.src",
"9Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch",
"9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.src",
"9Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.src",
"9Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el9pc.src",
"9Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"9Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch",
"9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.8-1.el9sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2450551"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Active Support, a toolkit of support libraries for Ruby on Rails. A remote attacker can exploit this vulnerability by providing specially crafted strings containing scientific notation (e.g., \"1e10000\") to number helpers. This input causes the `BigDecimal` component to expand into extremely large decimal representations, consuming excessive memory and CPU resources. This can lead to a Denial of Service (DoS) vulnerability, making the affected system unavailable.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Rails: Active Support: Active Support: Denial of Service via large scientific notation strings",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as Moderate by Red Hat. Successful exploitation of this vulnerability requires an attacker to reach the vulnerable code path within the Active Support library as used by the hosting application. Because this functionality is not typically exposed directly to unauthenticated users, an attacker would generally need at least low-privileged (authenticated) access to the application to trigger the issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.src",
"9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.src"
],
"known_not_affected": [
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el8pc.src",
"8Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.noarch",
"8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.src",
"8Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.src",
"8Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:python-markdown-0:3.8.2-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-0:12.1.1-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el8pc.src",
"8Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"8Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.8-1.el8sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el9pc.src",
"9Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch",
"9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.src",
"9Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.src",
"9Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el9pc.src",
"9Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"9Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch",
"9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.8-1.el9sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33176"
},
{
"category": "external",
"summary": "RHBZ#2450551",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450551"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33176",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33176"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33176",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33176"
},
{
"category": "external",
"summary": "https://github.com/rails/rails/commit/19dbab51ca086a657bb86458042bc44314916bcb",
"url": "https://github.com/rails/rails/commit/19dbab51ca086a657bb86458042bc44314916bcb"
},
{
"category": "external",
"summary": "https://github.com/rails/rails/commit/ebd6be18120d1136511eb516338e27af25ac0a1a",
"url": "https://github.com/rails/rails/commit/ebd6be18120d1136511eb516338e27af25ac0a1a"
},
{
"category": "external",
"summary": "https://github.com/rails/rails/commit/ee2c59e730e5b8faed502cd2c573109df093f856",
"url": "https://github.com/rails/rails/commit/ee2c59e730e5b8faed502cd2c573109df093f856"
},
{
"category": "external",
"summary": "https://github.com/rails/rails/releases/tag/v7.2.3.1",
"url": "https://github.com/rails/rails/releases/tag/v7.2.3.1"
},
{
"category": "external",
"summary": "https://github.com/rails/rails/releases/tag/v8.0.4.1",
"url": "https://github.com/rails/rails/releases/tag/v8.0.4.1"
},
{
"category": "external",
"summary": "https://github.com/rails/rails/releases/tag/v8.1.2.1",
"url": "https://github.com/rails/rails/releases/tag/v8.1.2.1"
},
{
"category": "external",
"summary": "https://github.com/rails/rails/security/advisories/GHSA-2j26-frm8-cmj9",
"url": "https://github.com/rails/rails/security/advisories/GHSA-2j26-frm8-cmj9"
}
],
"release_date": "2026-03-23T23:29:27.933000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-07T18:00:30+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://docs.redhat.com/en/documentation/red_hat_satellite/6.16/html/updating_red_hat_satellite/index",
"product_ids": [
"8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.src",
"9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14874"
},
{
"category": "workaround",
"details": "To mitigate this issue, applications that use Active Support number helpers to process untrusted input should implement strict input validation. This involves sanitizing or restricting the format and length of numerical strings before they are passed to Active Support, thereby preventing the `BigDecimal` component from expanding into extremely large decimal representations and consuming excessive resources.",
"product_ids": [
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el8pc.src",
"8Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.noarch",
"8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.src",
"8Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.src",
"8Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:python-markdown-0:3.8.2-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-0:12.1.1-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el8pc.src",
"8Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"8Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.8-1.el8sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el9pc.src",
"9Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.src",
"9Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.src",
"9Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el9pc.src",
"9Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"9Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch",
"9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.src",
"9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.8-1.el9sat.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el8pc.src",
"8Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.noarch",
"8Base-satellite-6.16:candlepin-0:4.4.25-1.el8sat.src",
"8Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.15-1.el8sat.src",
"8Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el8sat.src",
"8Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el8sat.noarch",
"8Base-satellite-6.16:python-markdown-0:3.8.2-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-0:12.1.1-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el8pc.src",
"8Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el8pc.src",
"8Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el8pc.noarch",
"8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.noarch",
"8Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el8sat.src",
"8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.8-1.el8sat.src",
"8Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-cli-0:6.16.8-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.8-1.el8sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-installer-1:3.12.0.7-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-3.el9pc.src",
"9Base-satellite-6.16-capsule:python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-activesupport-0:6.1.7.8-2.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16-utils:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-common-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.16:candlepin-0:4.4.25-1.el9sat.src",
"9Base-satellite-6.16:candlepin-selinux-0:4.4.25-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.15-1.el9sat.src",
"9Base-satellite-6.16:foreman-cli-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-debug-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ec2-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-installer-1:3.12.0.7-1.el9sat.src",
"9Base-satellite-6.16:foreman-installer-katello-1:3.12.0.7-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-journald-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-libvirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-openstack-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ovirt-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-pcp-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-postgresql-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-redis-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-service-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-telemetry-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-vmware-0:3.12.0.15-1.el9sat.noarch",
"9Base-satellite-6.16:python-markdown-0:3.8.2-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-0:12.1.1-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-3.el9pc.src",
"9Base-satellite-6.16:python-pyOpenSSL-0:24.1.0-2.el9pc.src",
"9Base-satellite-6.16:python3.11-markdown-0:3.8.2-1.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pillow-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.1.1-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-3.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pyOpenSSL-0:24.1.0-2.el9pc.noarch",
"9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.noarch",
"9Base-satellite-6.16:rubygem-activesupport-0:6.1.7.8-2.el9sat.src",
"9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_virt_who_configure-0:0.5.23-3.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.18-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.8-1.el9sat.src",
"9Base-satellite-6.16:satellite-capsule-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-cli-0:6.16.8-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.8-1.el9sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Rails: Active Support: Active Support: Denial of Service via large scientific notation strings"
}
]
}
RHSA-2026:19155
Vulnerability from csaf_redhat - Published: 2026-05-19 16:30 - Updated: 2026-05-26 08:58Summary
Red Hat Security Advisory: python-markdown security update
Severity
Important
Notes
Topic: An update for python-markdown is now available for Red Hat Enterprise Linux 10.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.
Security Fix(es):
* python-markdown: denial of service via malformed HTML-like sequences (CVE-2025-69534)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Python-Markdown. Parsing crafted markdown content containing malformed HTML-like sequences causes html.parser.HTMLParser to raise an unhandled AssertionError. This unhandled exception allows an attacker to cause an application crash and potentially disclose sensitive information via its stack trace.
8.2 (High)
Affected products
Threats
Impact
Important
References
11 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for python-markdown is now available for Red Hat Enterprise Linux 10.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.\n\nSecurity Fix(es):\n\n* python-markdown: denial of service via malformed HTML-like sequences (CVE-2025-69534)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:19155",
"url": "https://access.redhat.com/errata/RHSA-2026:19155"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2444839",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444839"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_19155.json"
}
],
"title": "Red Hat Security Advisory: python-markdown security update",
"tracking": {
"current_release_date": "2026-05-26T08:58:53+00:00",
"generator": {
"date": "2026-05-26T08:58:53+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2026:19155",
"initial_release_date": "2026-05-19T16:30:36+00:00",
"revision_history": [
{
"date": "2026-05-19T16:30:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-19T16:30:36+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-26T08:58:53+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS (v. 10)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.2.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:10.2"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "python-markdown-0:3.5.1-6.el10_2.1.src",
"product": {
"name": "python-markdown-0:3.5.1-6.el10_2.1.src",
"product_id": "python-markdown-0:3.5.1-6.el10_2.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-markdown@3.5.1-6.el10_2.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-markdown-0:3.5.1-6.el10_2.1.noarch",
"product": {
"name": "python3-markdown-0:3.5.1-6.el10_2.1.noarch",
"product_id": "python3-markdown-0:3.5.1-6.el10_2.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-markdown@3.5.1-6.el10_2.1?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python-markdown-0:3.5.1-6.el10_2.1.src as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.2.Z:python-markdown-0:3.5.1-6.el10_2.1.src"
},
"product_reference": "python-markdown-0:3.5.1-6.el10_2.1.src",
"relates_to_product_reference": "BaseOS-10.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-markdown-0:3.5.1-6.el10_2.1.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.2.Z:python3-markdown-0:3.5.1-6.el10_2.1.noarch"
},
"product_reference": "python3-markdown-0:3.5.1-6.el10_2.1.noarch",
"relates_to_product_reference": "BaseOS-10.2.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-69534",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"discovery_date": "2026-03-05T16:01:10.432461+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2444839"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Python-Markdown. Parsing crafted markdown content containing malformed HTML-like sequences causes html.parser.HTMLParser to raise an unhandled AssertionError. This unhandled exception allows an attacker to cause an application crash and potentially disclose sensitive information via its stack trace.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-markdown: denial of service via malformed HTML-like sequences",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to supply a specially crafted payload to be processed by an application using Python-Markdown. Additionally, the security impact of this vulnerability is limited to an information disclosure via the unhandled exception stack trace and a denial of service. There is no memory corruption or arbitrary command execution. Due to these reasons, this issue has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-10.2.Z:python-markdown-0:3.5.1-6.el10_2.1.src",
"BaseOS-10.2.Z:python3-markdown-0:3.5.1-6.el10_2.1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69534"
},
{
"category": "external",
"summary": "RHBZ#2444839",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444839"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69534",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69534"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69534",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69534"
},
{
"category": "external",
"summary": "https://github.com/Python-Markdown/markdown",
"url": "https://github.com/Python-Markdown/markdown"
},
{
"category": "external",
"summary": "https://github.com/Python-Markdown/markdown/actions/runs/15736122892",
"url": "https://github.com/Python-Markdown/markdown/actions/runs/15736122892"
},
{
"category": "external",
"summary": "https://github.com/Python-Markdown/markdown/issues/1534",
"url": "https://github.com/Python-Markdown/markdown/issues/1534"
}
],
"release_date": "2026-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-19T16:30:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-10.2.Z:python-markdown-0:3.5.1-6.el10_2.1.src",
"BaseOS-10.2.Z:python3-markdown-0:3.5.1-6.el10_2.1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:19155"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, wrap your markdown parsing function in a try/except block. This catches the unhandled exception, preventing both the application crash and the stack trace leak.",
"product_ids": [
"BaseOS-10.2.Z:python-markdown-0:3.5.1-6.el10_2.1.src",
"BaseOS-10.2.Z:python3-markdown-0:3.5.1-6.el10_2.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"BaseOS-10.2.Z:python-markdown-0:3.5.1-6.el10_2.1.src",
"BaseOS-10.2.Z:python3-markdown-0:3.5.1-6.el10_2.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "python-markdown: denial of service via malformed HTML-like sequences"
}
]
}
RHSA-2026:19366
Vulnerability from csaf_redhat - Published: 2026-05-19 22:12 - Updated: 2026-05-26 08:58Summary
Red Hat Security Advisory: python-markdown security update
Severity
Important
Notes
Topic: An update for python-markdown is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.
Security Fix(es):
* python-markdown: denial of service via malformed HTML-like sequences (CVE-2025-69534)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Python-Markdown. Parsing crafted markdown content containing malformed HTML-like sequences causes html.parser.HTMLParser to raise an unhandled AssertionError. This unhandled exception allows an attacker to cause an application crash and potentially disclose sensitive information via its stack trace.
8.2 (High)
Affected products
Threats
Impact
Important
References
11 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for python-markdown is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.\n\nSecurity Fix(es):\n\n* python-markdown: denial of service via malformed HTML-like sequences (CVE-2025-69534)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:19366",
"url": "https://access.redhat.com/errata/RHSA-2026:19366"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2444839",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444839"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_19366.json"
}
],
"title": "Red Hat Security Advisory: python-markdown security update",
"tracking": {
"current_release_date": "2026-05-26T08:58:52+00:00",
"generator": {
"date": "2026-05-26T08:58:52+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2026:19366",
"initial_release_date": "2026-05-19T22:12:27+00:00",
"revision_history": [
{
"date": "2026-05-19T22:12:27+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-19T22:12:27+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-26T08:58:52+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.8.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:9::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "python-markdown-0:3.3.4-4.el9_8.2.src",
"product": {
"name": "python-markdown-0:3.3.4-4.el9_8.2.src",
"product_id": "python-markdown-0:3.3.4-4.el9_8.2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-markdown@3.3.4-4.el9_8.2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-markdown-0:3.3.4-4.el9_8.2.noarch",
"product": {
"name": "python3-markdown-0:3.3.4-4.el9_8.2.noarch",
"product_id": "python3-markdown-0:3.3.4-4.el9_8.2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-markdown@3.3.4-4.el9_8.2?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python-markdown-0:3.3.4-4.el9_8.2.src as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.8.0.Z.MAIN.EUS:python-markdown-0:3.3.4-4.el9_8.2.src"
},
"product_reference": "python-markdown-0:3.3.4-4.el9_8.2.src",
"relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-markdown-0:3.3.4-4.el9_8.2.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.8.0.Z.MAIN.EUS:python3-markdown-0:3.3.4-4.el9_8.2.noarch"
},
"product_reference": "python3-markdown-0:3.3.4-4.el9_8.2.noarch",
"relates_to_product_reference": "BaseOS-9.8.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-69534",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"discovery_date": "2026-03-05T16:01:10.432461+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2444839"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Python-Markdown. Parsing crafted markdown content containing malformed HTML-like sequences causes html.parser.HTMLParser to raise an unhandled AssertionError. This unhandled exception allows an attacker to cause an application crash and potentially disclose sensitive information via its stack trace.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-markdown: denial of service via malformed HTML-like sequences",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to supply a specially crafted payload to be processed by an application using Python-Markdown. Additionally, the security impact of this vulnerability is limited to an information disclosure via the unhandled exception stack trace and a denial of service. There is no memory corruption or arbitrary command execution. Due to these reasons, this issue has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-9.8.0.Z.MAIN.EUS:python-markdown-0:3.3.4-4.el9_8.2.src",
"BaseOS-9.8.0.Z.MAIN.EUS:python3-markdown-0:3.3.4-4.el9_8.2.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69534"
},
{
"category": "external",
"summary": "RHBZ#2444839",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444839"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69534",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69534"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69534",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69534"
},
{
"category": "external",
"summary": "https://github.com/Python-Markdown/markdown",
"url": "https://github.com/Python-Markdown/markdown"
},
{
"category": "external",
"summary": "https://github.com/Python-Markdown/markdown/actions/runs/15736122892",
"url": "https://github.com/Python-Markdown/markdown/actions/runs/15736122892"
},
{
"category": "external",
"summary": "https://github.com/Python-Markdown/markdown/issues/1534",
"url": "https://github.com/Python-Markdown/markdown/issues/1534"
}
],
"release_date": "2026-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-19T22:12:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-9.8.0.Z.MAIN.EUS:python-markdown-0:3.3.4-4.el9_8.2.src",
"BaseOS-9.8.0.Z.MAIN.EUS:python3-markdown-0:3.3.4-4.el9_8.2.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:19366"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, wrap your markdown parsing function in a try/except block. This catches the unhandled exception, preventing both the application crash and the stack trace leak.",
"product_ids": [
"BaseOS-9.8.0.Z.MAIN.EUS:python-markdown-0:3.3.4-4.el9_8.2.src",
"BaseOS-9.8.0.Z.MAIN.EUS:python3-markdown-0:3.3.4-4.el9_8.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"BaseOS-9.8.0.Z.MAIN.EUS:python-markdown-0:3.3.4-4.el9_8.2.src",
"BaseOS-9.8.0.Z.MAIN.EUS:python3-markdown-0:3.3.4-4.el9_8.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "python-markdown: denial of service via malformed HTML-like sequences"
}
]
}
RHSA-2026:20674
Vulnerability from csaf_redhat - Published: 2026-05-26 07:30 - Updated: 2026-05-26 09:00Summary
Red Hat Security Advisory: python-markdown security update
Severity
Important
Notes
Topic: An update for python-markdown is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.
Security Fix(es):
* python-markdown: denial of service via malformed HTML-like sequences (CVE-2025-69534)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Python-Markdown. Parsing crafted markdown content containing malformed HTML-like sequences causes html.parser.HTMLParser to raise an unhandled AssertionError. This unhandled exception allows an attacker to cause an application crash and potentially disclose sensitive information via its stack trace.
8.2 (High)
Affected products
Threats
Impact
Important
References
11 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for python-markdown is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.\n\nSecurity Fix(es):\n\n* python-markdown: denial of service via malformed HTML-like sequences (CVE-2025-69534)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:20674",
"url": "https://access.redhat.com/errata/RHSA-2026:20674"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2444839",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444839"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_20674.json"
}
],
"title": "Red Hat Security Advisory: python-markdown security update",
"tracking": {
"current_release_date": "2026-05-26T09:00:19+00:00",
"generator": {
"date": "2026-05-26T09:00:19+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2026:20674",
"initial_release_date": "2026-05-26T07:30:56+00:00",
"revision_history": [
{
"date": "2026-05-26T07:30:56+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-26T07:30:56+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-26T09:00:19+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:9.4::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "python-markdown-0:3.3.4-4.el9_4.2.src",
"product": {
"name": "python-markdown-0:3.3.4-4.el9_4.2.src",
"product_id": "python-markdown-0:3.3.4-4.el9_4.2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-markdown@3.3.4-4.el9_4.2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-markdown-0:3.3.4-4.el9_4.2.noarch",
"product": {
"name": "python3-markdown-0:3.3.4-4.el9_4.2.noarch",
"product_id": "python3-markdown-0:3.3.4-4.el9_4.2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-markdown@3.3.4-4.el9_4.2?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python-markdown-0:3.3.4-4.el9_4.2.src as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:python-markdown-0:3.3.4-4.el9_4.2.src"
},
"product_reference": "python-markdown-0:3.3.4-4.el9_4.2.src",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-markdown-0:3.3.4-4.el9_4.2.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:python3-markdown-0:3.3.4-4.el9_4.2.noarch"
},
"product_reference": "python3-markdown-0:3.3.4-4.el9_4.2.noarch",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-69534",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"discovery_date": "2026-03-05T16:01:10.432461+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2444839"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Python-Markdown. Parsing crafted markdown content containing malformed HTML-like sequences causes html.parser.HTMLParser to raise an unhandled AssertionError. This unhandled exception allows an attacker to cause an application crash and potentially disclose sensitive information via its stack trace.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-markdown: denial of service via malformed HTML-like sequences",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to supply a specially crafted payload to be processed by an application using Python-Markdown. Additionally, the security impact of this vulnerability is limited to an information disclosure via the unhandled exception stack trace and a denial of service. There is no memory corruption or arbitrary command execution. Due to these reasons, this issue has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-9.4.0.Z.EUS:python-markdown-0:3.3.4-4.el9_4.2.src",
"BaseOS-9.4.0.Z.EUS:python3-markdown-0:3.3.4-4.el9_4.2.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69534"
},
{
"category": "external",
"summary": "RHBZ#2444839",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444839"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69534",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69534"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69534",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69534"
},
{
"category": "external",
"summary": "https://github.com/Python-Markdown/markdown",
"url": "https://github.com/Python-Markdown/markdown"
},
{
"category": "external",
"summary": "https://github.com/Python-Markdown/markdown/actions/runs/15736122892",
"url": "https://github.com/Python-Markdown/markdown/actions/runs/15736122892"
},
{
"category": "external",
"summary": "https://github.com/Python-Markdown/markdown/issues/1534",
"url": "https://github.com/Python-Markdown/markdown/issues/1534"
}
],
"release_date": "2026-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T07:30:56+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-9.4.0.Z.EUS:python-markdown-0:3.3.4-4.el9_4.2.src",
"BaseOS-9.4.0.Z.EUS:python3-markdown-0:3.3.4-4.el9_4.2.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20674"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, wrap your markdown parsing function in a try/except block. This catches the unhandled exception, preventing both the application crash and the stack trace leak.",
"product_ids": [
"BaseOS-9.4.0.Z.EUS:python-markdown-0:3.3.4-4.el9_4.2.src",
"BaseOS-9.4.0.Z.EUS:python3-markdown-0:3.3.4-4.el9_4.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"BaseOS-9.4.0.Z.EUS:python-markdown-0:3.3.4-4.el9_4.2.src",
"BaseOS-9.4.0.Z.EUS:python3-markdown-0:3.3.4-4.el9_4.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "python-markdown: denial of service via malformed HTML-like sequences"
}
]
}
RHSA-2026:20676
Vulnerability from csaf_redhat - Published: 2026-05-26 07:36 - Updated: 2026-05-26 09:00Summary
Red Hat Security Advisory: python-markdown security update
Severity
Important
Notes
Topic: An update for python-markdown is now available for Red Hat Enterprise Linux 9.6 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.
Security Fix(es):
* python-markdown: denial of service via malformed HTML-like sequences (CVE-2025-69534)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Python-Markdown. Parsing crafted markdown content containing malformed HTML-like sequences causes html.parser.HTMLParser to raise an unhandled AssertionError. This unhandled exception allows an attacker to cause an application crash and potentially disclose sensitive information via its stack trace.
8.2 (High)
Affected products
Threats
Impact
Important
References
11 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for python-markdown is now available for Red Hat Enterprise Linux 9.6 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.\n\nSecurity Fix(es):\n\n* python-markdown: denial of service via malformed HTML-like sequences (CVE-2025-69534)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:20676",
"url": "https://access.redhat.com/errata/RHSA-2026:20676"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2444839",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444839"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_20676.json"
}
],
"title": "Red Hat Security Advisory: python-markdown security update",
"tracking": {
"current_release_date": "2026-05-26T09:00:24+00:00",
"generator": {
"date": "2026-05-26T09:00:24+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2026:20676",
"initial_release_date": "2026-05-26T07:36:21+00:00",
"revision_history": [
{
"date": "2026-05-26T07:36:21+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-26T07:36:21+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-26T09:00:24+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:9.6::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "python-markdown-0:3.3.4-4.el9_6.2.src",
"product": {
"name": "python-markdown-0:3.3.4-4.el9_6.2.src",
"product_id": "python-markdown-0:3.3.4-4.el9_6.2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-markdown@3.3.4-4.el9_6.2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-markdown-0:3.3.4-4.el9_6.2.noarch",
"product": {
"name": "python3-markdown-0:3.3.4-4.el9_6.2.noarch",
"product_id": "python3-markdown-0:3.3.4-4.el9_6.2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-markdown@3.3.4-4.el9_6.2?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python-markdown-0:3.3.4-4.el9_6.2.src as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:python-markdown-0:3.3.4-4.el9_6.2.src"
},
"product_reference": "python-markdown-0:3.3.4-4.el9_6.2.src",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-markdown-0:3.3.4-4.el9_6.2.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:python3-markdown-0:3.3.4-4.el9_6.2.noarch"
},
"product_reference": "python3-markdown-0:3.3.4-4.el9_6.2.noarch",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-69534",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"discovery_date": "2026-03-05T16:01:10.432461+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2444839"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Python-Markdown. Parsing crafted markdown content containing malformed HTML-like sequences causes html.parser.HTMLParser to raise an unhandled AssertionError. This unhandled exception allows an attacker to cause an application crash and potentially disclose sensitive information via its stack trace.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-markdown: denial of service via malformed HTML-like sequences",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to supply a specially crafted payload to be processed by an application using Python-Markdown. Additionally, the security impact of this vulnerability is limited to an information disclosure via the unhandled exception stack trace and a denial of service. There is no memory corruption or arbitrary command execution. Due to these reasons, this issue has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-9.6.0.Z.EUS:python-markdown-0:3.3.4-4.el9_6.2.src",
"BaseOS-9.6.0.Z.EUS:python3-markdown-0:3.3.4-4.el9_6.2.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69534"
},
{
"category": "external",
"summary": "RHBZ#2444839",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444839"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69534",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69534"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69534",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69534"
},
{
"category": "external",
"summary": "https://github.com/Python-Markdown/markdown",
"url": "https://github.com/Python-Markdown/markdown"
},
{
"category": "external",
"summary": "https://github.com/Python-Markdown/markdown/actions/runs/15736122892",
"url": "https://github.com/Python-Markdown/markdown/actions/runs/15736122892"
},
{
"category": "external",
"summary": "https://github.com/Python-Markdown/markdown/issues/1534",
"url": "https://github.com/Python-Markdown/markdown/issues/1534"
}
],
"release_date": "2026-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T07:36:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-9.6.0.Z.EUS:python-markdown-0:3.3.4-4.el9_6.2.src",
"BaseOS-9.6.0.Z.EUS:python3-markdown-0:3.3.4-4.el9_6.2.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20676"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, wrap your markdown parsing function in a try/except block. This catches the unhandled exception, preventing both the application crash and the stack trace leak.",
"product_ids": [
"BaseOS-9.6.0.Z.EUS:python-markdown-0:3.3.4-4.el9_6.2.src",
"BaseOS-9.6.0.Z.EUS:python3-markdown-0:3.3.4-4.el9_6.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"BaseOS-9.6.0.Z.EUS:python-markdown-0:3.3.4-4.el9_6.2.src",
"BaseOS-9.6.0.Z.EUS:python3-markdown-0:3.3.4-4.el9_6.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "python-markdown: denial of service via malformed HTML-like sequences"
}
]
}
RHSA-2026:20677
Vulnerability from csaf_redhat - Published: 2026-05-26 07:07 - Updated: 2026-05-26 09:00Summary
Red Hat Security Advisory: python-markdown security update
Severity
Important
Notes
Topic: An update for python-markdown is now available for Red Hat Enterprise Linux 10.0 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.
Security Fix(es):
* python-markdown: denial of service via malformed HTML-like sequences (CVE-2025-69534)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Python-Markdown. Parsing crafted markdown content containing malformed HTML-like sequences causes html.parser.HTMLParser to raise an unhandled AssertionError. This unhandled exception allows an attacker to cause an application crash and potentially disclose sensitive information via its stack trace.
8.2 (High)
Affected products
Threats
Impact
Important
References
11 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for python-markdown is now available for Red Hat Enterprise Linux 10.0 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.\n\nSecurity Fix(es):\n\n* python-markdown: denial of service via malformed HTML-like sequences (CVE-2025-69534)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:20677",
"url": "https://access.redhat.com/errata/RHSA-2026:20677"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2444839",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444839"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_20677.json"
}
],
"title": "Red Hat Security Advisory: python-markdown security update",
"tracking": {
"current_release_date": "2026-05-26T09:00:28+00:00",
"generator": {
"date": "2026-05-26T09:00:28+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2026:20677",
"initial_release_date": "2026-05-26T07:07:26+00:00",
"revision_history": [
{
"date": "2026-05-26T07:07:26+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-26T07:07:26+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-26T09:00:28+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux_eus:10.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "python-markdown-0:3.5.1-6.el10_0.1.src",
"product": {
"name": "python-markdown-0:3.5.1-6.el10_0.1.src",
"product_id": "python-markdown-0:3.5.1-6.el10_0.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-markdown@3.5.1-6.el10_0.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-markdown-0:3.5.1-6.el10_0.1.noarch",
"product": {
"name": "python3-markdown-0:3.5.1-6.el10_0.1.noarch",
"product_id": "python3-markdown-0:3.5.1-6.el10_0.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-markdown@3.5.1-6.el10_0.1?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python-markdown-0:3.5.1-6.el10_0.1.src as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:python-markdown-0:3.5.1-6.el10_0.1.src"
},
"product_reference": "python-markdown-0:3.5.1-6.el10_0.1.src",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-markdown-0:3.5.1-6.el10_0.1.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:python3-markdown-0:3.5.1-6.el10_0.1.noarch"
},
"product_reference": "python3-markdown-0:3.5.1-6.el10_0.1.noarch",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-69534",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"discovery_date": "2026-03-05T16:01:10.432461+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2444839"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Python-Markdown. Parsing crafted markdown content containing malformed HTML-like sequences causes html.parser.HTMLParser to raise an unhandled AssertionError. This unhandled exception allows an attacker to cause an application crash and potentially disclose sensitive information via its stack trace.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-markdown: denial of service via malformed HTML-like sequences",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to supply a specially crafted payload to be processed by an application using Python-Markdown. Additionally, the security impact of this vulnerability is limited to an information disclosure via the unhandled exception stack trace and a denial of service. There is no memory corruption or arbitrary command execution. Due to these reasons, this issue has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-10.0.Z.E2S:python-markdown-0:3.5.1-6.el10_0.1.src",
"BaseOS-10.0.Z.E2S:python3-markdown-0:3.5.1-6.el10_0.1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69534"
},
{
"category": "external",
"summary": "RHBZ#2444839",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444839"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69534",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69534"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69534",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69534"
},
{
"category": "external",
"summary": "https://github.com/Python-Markdown/markdown",
"url": "https://github.com/Python-Markdown/markdown"
},
{
"category": "external",
"summary": "https://github.com/Python-Markdown/markdown/actions/runs/15736122892",
"url": "https://github.com/Python-Markdown/markdown/actions/runs/15736122892"
},
{
"category": "external",
"summary": "https://github.com/Python-Markdown/markdown/issues/1534",
"url": "https://github.com/Python-Markdown/markdown/issues/1534"
}
],
"release_date": "2026-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T07:07:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-10.0.Z.E2S:python-markdown-0:3.5.1-6.el10_0.1.src",
"BaseOS-10.0.Z.E2S:python3-markdown-0:3.5.1-6.el10_0.1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20677"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, wrap your markdown parsing function in a try/except block. This catches the unhandled exception, preventing both the application crash and the stack trace leak.",
"product_ids": [
"BaseOS-10.0.Z.E2S:python-markdown-0:3.5.1-6.el10_0.1.src",
"BaseOS-10.0.Z.E2S:python3-markdown-0:3.5.1-6.el10_0.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"BaseOS-10.0.Z.E2S:python-markdown-0:3.5.1-6.el10_0.1.src",
"BaseOS-10.0.Z.E2S:python3-markdown-0:3.5.1-6.el10_0.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "python-markdown: denial of service via malformed HTML-like sequences"
}
]
}
RHSA-2026:9742
Vulnerability from csaf_redhat - Published: 2026-04-22 14:56 - Updated: 2026-06-16 03:09Summary
Red Hat Security Advisory: Red Hat Developer Hub 1.8.6 release.
Severity
Critical
Notes
Topic: Red Hat Developer Hub 1.8.6 has been released.
Details: Red Hat Developer Hub (RHDH) is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters (AKS, EKS, GKE). The core features of RHDH include a single pane of glass, a centralized software catalog, self-service via golden path templates, and Tech Docs. RHDH is extensible by plugins.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Axios, a promise-based HTTP client. This vulnerability occurs because Axios does not correctly handle hostname normalization when evaluating NO_PROXY rules. An attacker can exploit this by crafting requests to loopback addresses (e.g., localhost. or [::1]) which bypass the NO_PROXY configuration and are routed through the configured proxy. This can lead to Server-Side Request Forgery (SSRF) vulnerabilities, enabling attackers to access sensitive internal or loopback services that should otherwise be protected.
7.0 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Python-Markdown. Parsing crafted markdown content containing malformed HTML-like sequences causes html.parser.HTMLParser to raise an unhandled AssertionError. This unhandled exception allows an attacker to cause an application crash and potentially disclose sensitive information via its stack trace.
8.2 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in ajv. When the $data option is enabled, the value of the pattern keyword is passed directly to the JavaScript RegExp() constructor without sufficient validation. An attacker able to supply a malicious regular expression pattern can trigger a ReDoS (Regular Expression Denial of Service), causing the application to become unresponsive and resulting in a denial of service.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in undici, a Node.js HTTP/1.1 client. A remote attacker could exploit this vulnerability by sending HTTP/1.1 requests that include duplicate Content-Length headers with different casing (e.g., "Content-Length" and "content-length"). This can lead to HTTP Request Smuggling, a technique where an attacker sends an ambiguous request that is interpreted differently by a proxy and a backend server. Successful exploitation could result in unauthorized access, cache poisoning, or credential hijacking. It may also cause a Denial of Service (DoS) if strict HTTP parsers reject the malformed requests.
7.3 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in undici. A remote attacker can exploit this vulnerability by sending a specially crafted compressed frame, known as a "decompression bomb," during permessage-deflate decompression. The undici WebSocket client does not properly limit the size of decompressed data, leading to unbounded memory consumption. This can cause the Node.js process to exhaust available memory, resulting in a denial of service (DoS) where the process crashes or becomes unresponsive.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in undici. A remote attacker could exploit this vulnerability by sending a specially crafted WebSocket frame with an extremely large 64-bit length. This causes undici's ByteParser to overflow its internal calculations, leading to an invalid state and a fatal TypeError. The primary consequence is a Denial of Service (DoS), which terminates the process.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the undici WebSocket client. A remote malicious server can exploit this vulnerability by sending a WebSocket frame with an invalid `server_max_window_bits` parameter within the permessage-deflate extension. This improper validation causes the client's Node.js process to terminate, leading to a denial-of-service (DoS) condition for the client.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Workaround
|
Threats
Impact
Important
A security flaw was identified in the Orchestrator Plugin of Red Hat Developer Hub (Backstage). The issue occurs due to insufficient input validation in GraphQL query handling. An authenticated user can inject specially crafted input into API requests, which disrupts backend query processing. This results in the entire Backstage application crashing and restarting, leading to a platform-wide Denial of Service (DoS). As a result, legitimate users temporarily lose access to the platform.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in lodash. The fix for CVE-2021-23337 added validation for the variable option in _.template but did not apply the same validation to options.imports key names. Both paths flow into the same Function() constructor sink. Additionally, _.template uses assignInWith to merge imports, which enumerates inherited properties via for..in. If Object.prototype has been polluted by any other vector, the polluted keys are copied into the imports object and passed to Function().
8.1 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in path-to-regexp. A remote attacker could exploit this vulnerability by providing specially crafted input that generates a regular expression with multiple sequential optional groups. This leads to an exponential growth in the generated regular expression, causing a Denial of Service (DoS) due to excessive resource consumption.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Workaround
|
Threats
Impact
Important
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in minimatch. A remote attacker could exploit this Regular Expression Denial of Service (ReDoS) vulnerability by providing a specially crafted glob pattern. This pattern, containing numerous consecutive wildcard characters, causes excessive processing and exponential backtracking in the regular expression engine. Successful exploitation leads to a Denial of Service (DoS), making the application unresponsive.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — | ||
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Threats
Impact
Moderate
A flaw was found in Underscore.js, a JavaScript utility library. This vulnerability allows a remote attacker to trigger a Denial of Service (DoS) attack by providing specially crafted recursive data structures. When these structures are processed by the _.flatten or _.isEqual functions, which lack a depth limit for recursion, a stack overflow occurs. This can make the application unavailable to legitimate users.
5.9 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in minimatch. A remote attacker could exploit this vulnerability by providing a specially crafted glob expression with nested unbounded quantifiers. This could lead to catastrophic backtracking in the V8 JavaScript engine, causing the application to become unresponsive and resulting in a Denial of Service (DoS).
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — | ||
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Threats
Impact
Moderate
A flaw was found in Immutable.js, a library for persistent immutable data structures. This vulnerability, known as Prototype Pollution, allows an attacker with low privileges to inject unwanted properties into core JavaScript object prototypes without user interaction. By manipulating specific APIs such as mergeDeep(), mergeDeepWith(), merge(), Map.toJS(), and Map.toObject(), a remote attacker could potentially execute arbitrary code or cause a denial of service (DoS).
8.8 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — | ||
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Threats
Impact
Important
A flaw was found in SVGO, an SVG (Scalable Vector Graphics) Optimizer. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by submitting a specially crafted XML file. The application's failure to properly guard against XML entity expansion or recursion can lead to the Node.js process consuming excessive memory and crashing.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Backstage. The backstage/plugin-techdocs-node package uses an allowlist to filter dangerous MkDocs configuration keys during the documentation build process. A gap in this allowlist allows attackers to craft an mkdocs.yml file that causes arbitrary Python code execution.
9.1 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Workaround
|
Threats
Impact
Important
A denial of service flaw has been discovered in the flatted npm library. flatted's parse() function uses a recursive revive() phase to resolve circular references in deserialized JSON. When given a crafted payload with deeply nested or self-referential $ indices, the recursion depth is unbounded, causing a stack overflow that crashes the Node.js process.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in fast-xml-parser. A remote attacker can exploit this vulnerability by supplying specially crafted XML input containing numeric character references or standard XML entities. This input can bypass configured entity expansion limits, leading to excessive memory allocation and high CPU usage. The primary consequence is a Denial of Service (DoS), which can crash the affected process.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in flatted, a JavaScript Object Notation (JSON) parser designed for handling circular data structures. A remote attacker can exploit this vulnerability by providing specially crafted JSON input. The parse() function in flatted fails to properly validate string values used as array index keys, allowing an attacker to manipulate internal JavaScript object prototypes. This prototype pollution can enable an attacker to execute arbitrary code or cause a denial of service, impacting the availability and integrity of affected systems.
9.8 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — | ||
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Threats
Impact
Critical
A flaw was found in the node-forge library, a JavaScript implementation of Transport Layer Security. This vulnerability, inherited from the bundled jsbn library, allows a remote attacker to cause a Denial of Service (DoS). When the BigInteger.modInverse() function is called with a zero value, it enters an infinite loop, causing the process to hang indefinitely and consume 100% of the CPU resources.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Forge (also called `node-forge`), a JavaScript implementation of Transport Layer Security. A remote attacker could exploit weaknesses in the RSASSA PKCS#1 v1.5 signature verification process. By crafting malicious signatures that include extra data within the ASN structure and do not meet padding requirements, an attacker can bypass signature validation. This allows for the creation of forged signatures that appear legitimate, potentially compromising the integrity and authenticity of communications.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Forge (also called `node-forge`), a JavaScript library used for Transport Layer Security (TLS). The library's Ed25519 signature verification process does not correctly validate cryptographic signatures, allowing forged non-canonical signatures to be accepted. A remote attacker could exploit this signature malleability to bypass authentication and authorization logic. This vulnerability can also circumvent security checks in applications that rely on the uniqueness of cryptographic signatures for functions such as deduplication or preventing replay attacks.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Forge (also known as node-forge), a JavaScript implementation of Transport Layer Security (TLS). The `pki.verifyCertificateChain()` function does not properly enforce certificate validation rules. This oversight allows an intermediate certificate that lacks specific security extensions to enable any leaf certificate to function as a Certificate Authority (CA) and sign other certificates. Consequently, node-forge could accept these unauthorized certificates as valid, potentially leading to spoofing or the issuance of illegitimate certificates.
7.4 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in basic-ftp, an FTP client for Node.js. A remote attacker can exploit this vulnerability by injecting Carriage Return Line Feed (CRLF) sequences into file path parameters used by high-level APIs. This allows the attacker to split a single intended FTP command into multiple commands. Such command injection can lead to the execution of arbitrary commands, potentially compromising the integrity and availability of data or the system.
8.6 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Axios, a promise-based HTTP client. This vulnerability, known as Prototype Pollution, can be exploited through a specific "Gadget" attack chain. This allows an attacker to escalate a Prototype Pollution vulnerability in a third-party dependency, potentially leading to remote code execution or a full cloud compromise, such as bypassing AWS IMDSv2.
9.0 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — | ||
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Threats
Impact
Important
References
228 references
Acknowledgments
Thibault Guittet
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Developer Hub 1.8.6 has been released.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Developer Hub (RHDH) is Red Hat\u0027s enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters (AKS, EKS, GKE). The core features of RHDH include a single pane of glass, a centralized software catalog, self-service via golden path templates, and Tech Docs. RHDH is extensible by plugins.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:9742",
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62718",
"url": "https://access.redhat.com/security/cve/CVE-2025-62718"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-69534",
"url": "https://access.redhat.com/security/cve/CVE-2025-69534"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-69873",
"url": "https://access.redhat.com/security/cve/CVE-2025-69873"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-1525",
"url": "https://access.redhat.com/security/cve/CVE-2026-1525"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-1526",
"url": "https://access.redhat.com/security/cve/CVE-2026-1526"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-1528",
"url": "https://access.redhat.com/security/cve/CVE-2026-1528"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-2229",
"url": "https://access.redhat.com/security/cve/CVE-2026-2229"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25679",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-26996",
"url": "https://access.redhat.com/security/cve/CVE-2026-26996"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27601",
"url": "https://access.redhat.com/security/cve/CVE-2026-27601"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27904",
"url": "https://access.redhat.com/security/cve/CVE-2026-27904"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-29063",
"url": "https://access.redhat.com/security/cve/CVE-2026-29063"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-29074",
"url": "https://access.redhat.com/security/cve/CVE-2026-29074"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-29186",
"url": "https://access.redhat.com/security/cve/CVE-2026-29186"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-3118",
"url": "https://access.redhat.com/security/cve/CVE-2026-3118"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32141",
"url": "https://access.redhat.com/security/cve/CVE-2026-32141"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33036",
"url": "https://access.redhat.com/security/cve/CVE-2026-33036"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33228",
"url": "https://access.redhat.com/security/cve/CVE-2026-33228"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33891",
"url": "https://access.redhat.com/security/cve/CVE-2026-33891"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33894",
"url": "https://access.redhat.com/security/cve/CVE-2026-33894"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33895",
"url": "https://access.redhat.com/security/cve/CVE-2026-33895"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33896",
"url": "https://access.redhat.com/security/cve/CVE-2026-33896"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39983",
"url": "https://access.redhat.com/security/cve/CVE-2026-39983"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-40175",
"url": "https://access.redhat.com/security/cve/CVE-2026-40175"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-4800",
"url": "https://access.redhat.com/security/cve/CVE-2026-4800"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-4926",
"url": "https://access.redhat.com/security/cve/CVE-2026-4926"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://catalog.redhat.com/search?gs\u0026searchType=containers\u0026q=rhdh",
"url": "https://catalog.redhat.com/search?gs\u0026searchType=containers\u0026q=rhdh"
},
{
"category": "external",
"summary": "https://developers.redhat.com/rhdh/overview",
"url": "https://developers.redhat.com/rhdh/overview"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_developer_hub",
"url": "https://docs.redhat.com/en/documentation/red_hat_developer_hub"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHDHBUGS-2288",
"url": "https://issues.redhat.com/browse/RHDHBUGS-2288"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHDHBUGS-2947",
"url": "https://issues.redhat.com/browse/RHDHBUGS-2947"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHDHBUGS-2972",
"url": "https://issues.redhat.com/browse/RHDHBUGS-2972"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12327",
"url": "https://issues.redhat.com/browse/RHIDP-12327"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12388",
"url": "https://issues.redhat.com/browse/RHIDP-12388"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12419",
"url": "https://issues.redhat.com/browse/RHIDP-12419"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12511",
"url": "https://issues.redhat.com/browse/RHIDP-12511"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12568",
"url": "https://issues.redhat.com/browse/RHIDP-12568"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12647",
"url": "https://issues.redhat.com/browse/RHIDP-12647"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12650",
"url": "https://issues.redhat.com/browse/RHIDP-12650"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12655",
"url": "https://issues.redhat.com/browse/RHIDP-12655"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12666",
"url": "https://issues.redhat.com/browse/RHIDP-12666"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12686",
"url": "https://issues.redhat.com/browse/RHIDP-12686"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12784",
"url": "https://issues.redhat.com/browse/RHIDP-12784"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12880",
"url": "https://issues.redhat.com/browse/RHIDP-12880"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12887",
"url": "https://issues.redhat.com/browse/RHIDP-12887"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12921",
"url": "https://issues.redhat.com/browse/RHIDP-12921"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12930",
"url": "https://issues.redhat.com/browse/RHIDP-12930"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12996",
"url": "https://issues.redhat.com/browse/RHIDP-12996"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-13105",
"url": "https://issues.redhat.com/browse/RHIDP-13105"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-13107",
"url": "https://issues.redhat.com/browse/RHIDP-13107"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-13130",
"url": "https://issues.redhat.com/browse/RHIDP-13130"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-13180",
"url": "https://issues.redhat.com/browse/RHIDP-13180"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-13182",
"url": "https://issues.redhat.com/browse/RHIDP-13182"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-13185",
"url": "https://issues.redhat.com/browse/RHIDP-13185"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_9742.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Developer Hub 1.8.6 release.",
"tracking": {
"current_release_date": "2026-06-16T03:09:55+00:00",
"generator": {
"date": "2026-06-16T03:09:55+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.0.0"
}
},
"id": "RHSA-2026:9742",
"initial_release_date": "2026-04-22T14:56:38+00:00",
"revision_history": [
{
"date": "2026-04-22T14:56:38+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-22T14:56:41+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-16T03:09:55+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Developer Hub 1.8",
"product": {
"name": "Red Hat Developer Hub 1.8",
"product_id": "Red Hat Developer Hub 1.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhdh:1.8::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Developer Hub"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"product": {
"name": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"product_id": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhdh-hub-rhel9@sha256%3Abb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9?arch=amd64\u0026repository_url=registry.redhat.io/rhdh\u0026tag=1776784286"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64",
"product": {
"name": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64",
"product_id": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhdh-rhel9-operator@sha256%3Af09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c?arch=amd64\u0026repository_url=registry.redhat.io/rhdh\u0026tag=1776783947"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"product": {
"name": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"product_id": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhdh-operator-bundle@sha256%3Ab40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331?arch=amd64\u0026repository_url=registry.redhat.io/rhdh\u0026tag=1776787729"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 as a component of Red Hat Developer Hub 1.8",
"product_id": "Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
},
"product_reference": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"relates_to_product_reference": "Red Hat Developer Hub 1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 as a component of Red Hat Developer Hub 1.8",
"product_id": "Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64"
},
"product_reference": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"relates_to_product_reference": "Red Hat Developer Hub 1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 as a component of Red Hat Developer Hub 1.8",
"product_id": "Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
},
"product_reference": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64",
"relates_to_product_reference": "Red Hat Developer Hub 1.8"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-62718",
"cwe": {
"id": "CWE-1289",
"name": "Improper Validation of Unsafe Equivalence in Input"
},
"discovery_date": "2026-04-09T15:01:48.111177+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456913"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability occurs because Axios does not correctly handle hostname normalization when evaluating NO_PROXY rules. An attacker can exploit this by crafting requests to loopback addresses (e.g., localhost. or [::1]) which bypass the NO_PROXY configuration and are routed through the configured proxy. This can lead to Server-Side Request Forgery (SSRF) vulnerabilities, enabling attackers to access sensitive internal or loopback services that should otherwise be protected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Server-Side Request Forgery and proxy bypass due to improper hostname normalization",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw has limited impact due to combination of non-default conditions to exploit: the attacker must be able to control or influence URLs passed to axios in a server-side context, the application must have both `HTTP_PROXY` and `NO_PROXY` configured, and the proxy itself must be positioned to act on the misdirected traffic or have been compromised by the attacker to intercept the rerouted traffic.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62718"
},
{
"category": "external",
"summary": "RHBZ#2456913",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456913"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62718"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62718",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62718"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc1034#section-3.1",
"url": "https://datatracker.ietf.org/doc/html/rfc1034#section-3.1"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.2",
"url": "https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.2"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/commit/fb3befb6daac6cad26b2e54094d0f2d9e47f24df",
"url": "https://github.com/axios/axios/commit/fb3befb6daac6cad26b2e54094d0f2d9e47f24df"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/pull/10661",
"url": "https://github.com/axios/axios/pull/10661"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases/tag/v1.15.0",
"url": "https://github.com/axios/axios/releases/tag/v1.15.0"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-3p68-rc4w-qgx5",
"url": "https://github.com/axios/axios/security/advisories/GHSA-3p68-rc4w-qgx5"
}
],
"release_date": "2026-04-09T14:31:46.067000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Server-Side Request Forgery and proxy bypass due to improper hostname normalization"
},
{
"cve": "CVE-2025-69534",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"discovery_date": "2026-03-05T16:01:10.432461+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2444839"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Python-Markdown. Parsing crafted markdown content containing malformed HTML-like sequences causes html.parser.HTMLParser to raise an unhandled AssertionError. This unhandled exception allows an attacker to cause an application crash and potentially disclose sensitive information via its stack trace.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-markdown: denial of service via malformed HTML-like sequences",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to supply a specially crafted payload to be processed by an application using Python-Markdown. Additionally, the security impact of this vulnerability is limited to an information disclosure via the unhandled exception stack trace and a denial of service. There is no memory corruption or arbitrary command execution. Due to these reasons, this issue has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69534"
},
{
"category": "external",
"summary": "RHBZ#2444839",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444839"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69534",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69534"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69534",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69534"
},
{
"category": "external",
"summary": "https://github.com/Python-Markdown/markdown",
"url": "https://github.com/Python-Markdown/markdown"
},
{
"category": "external",
"summary": "https://github.com/Python-Markdown/markdown/actions/runs/15736122892",
"url": "https://github.com/Python-Markdown/markdown/actions/runs/15736122892"
},
{
"category": "external",
"summary": "https://github.com/Python-Markdown/markdown/issues/1534",
"url": "https://github.com/Python-Markdown/markdown/issues/1534"
}
],
"release_date": "2026-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, wrap your markdown parsing function in a try/except block. This catches the unhandled exception, preventing both the application crash and the stack trace leak.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "python-markdown: denial of service via malformed HTML-like sequences"
},
{
"cve": "CVE-2025-69873",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-02-11T19:01:32.953264+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2439070"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in ajv. When the $data option is enabled, the value of the pattern keyword is passed directly to the JavaScript RegExp() constructor without sufficient validation. An attacker able to supply a malicious regular expression pattern can trigger a ReDoS (Regular Expression Denial of Service), causing the application to become unresponsive and resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ajv: ReDoS via $data reference",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, the $data option must be enabled and the attacker needs to be able to send a payload with a specially crafted regular expression to the application processing the input. A 31-character payload causes approximately 44 seconds of execution, with each additional character doubling the execution time. Therefore, even a small payload can cause an application to become unresponsive and eventually result in a denial of service. Due to this reason, this flaw has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69873"
},
{
"category": "external",
"summary": "RHBZ#2439070",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439070"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69873",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69873"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69873",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69873"
},
{
"category": "external",
"summary": "https://github.com/EthanKim88/ethan-cve-disclosures/blob/main/CVE-2025-69873-ajv-ReDoS.md",
"url": "https://github.com/EthanKim88/ethan-cve-disclosures/blob/main/CVE-2025-69873-ajv-ReDoS.md"
}
],
"release_date": "2026-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "To mitigate this issue, disable the $data feature if your application does not require it. If $data must be used, implement strict validation of the input fields that are referenced by the pattern keyword to ensure they contain only expected and safe characters.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ajv: ReDoS via $data reference"
},
{
"cve": "CVE-2026-1525",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2026-03-12T21:01:33.639277+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447144"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici, a Node.js HTTP/1.1 client. A remote attacker could exploit this vulnerability by sending HTTP/1.1 requests that include duplicate Content-Length headers with different casing (e.g., \"Content-Length\" and \"content-length\"). This can lead to HTTP Request Smuggling, a technique where an attacker sends an ambiguous request that is interpreted differently by a proxy and a backend server. Successful exploitation could result in unauthorized access, cache poisoning, or credential hijacking. It may also cause a Denial of Service (DoS) if strict HTTP parsers reject the malformed requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Moderate impact. A flaw in the undici Node.js HTTP/1.1 client allows for HTTP Request Smuggling or Denial of Service. This can occur in Red Hat products that use undici and process HTTP requests where user-controlled header names are not case-normalized, or headers are passed as flat arrays.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1525"
},
{
"category": "external",
"summary": "RHBZ#2447144",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447144"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1525",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1525"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1525",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1525"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://cwe.mitre.org/data/definitions/444.html",
"url": "https://cwe.mitre.org/data/definitions/444.html"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3556037",
"url": "https://hackerone.com/reports/3556037"
},
{
"category": "external",
"summary": "https://www.rfc-editor.org/rfc/rfc9110.html#section-8.6",
"url": "https://www.rfc-editor.org/rfc/rfc9110.html#section-8.6"
}
],
"release_date": "2026-03-12T19:56:55.092000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers"
},
{
"cve": "CVE-2026-1526",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-03-12T21:01:25.538271+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447142"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici. A remote attacker can exploit this vulnerability by sending a specially crafted compressed frame, known as a \"decompression bomb,\" during permessage-deflate decompression. The undici WebSocket client does not properly limit the size of decompressed data, leading to unbounded memory consumption. This can cause the Node.js process to exhaust available memory, resulting in a denial of service (DoS) where the process crashes or becomes unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1526"
},
{
"category": "external",
"summary": "RHBZ#2447142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447142"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1526",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1526"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1526",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1526"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc7692",
"url": "https://datatracker.ietf.org/doc/html/rfc7692"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3481206",
"url": "https://hackerone.com/reports/3481206"
}
],
"release_date": "2026-03-12T20:08:05.950000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression"
},
{
"cve": "CVE-2026-1528",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2026-03-12T21:01:36.954017+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447145"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici. A remote attacker could exploit this vulnerability by sending a specially crafted WebSocket frame with an extremely large 64-bit length. This causes undici\u0027s ByteParser to overflow its internal calculations, leading to an invalid state and a fatal TypeError. The primary consequence is a Denial of Service (DoS), which terminates the process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: undici: Denial of Service via crafted WebSocket frame with large length",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1528"
},
{
"category": "external",
"summary": "RHBZ#2447145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447145"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1528",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1528"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1528",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1528"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3537648",
"url": "https://hackerone.com/reports/3537648"
}
],
"release_date": "2026-03-12T20:21:57.775000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: undici: Denial of Service via crafted WebSocket frame with large length"
},
{
"cve": "CVE-2026-2229",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2026-03-12T21:01:29.187989+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447143"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the undici WebSocket client. A remote malicious server can exploit this vulnerability by sending a WebSocket frame with an invalid `server_max_window_bits` parameter within the permessage-deflate extension. This improper validation causes the client\u0027s Node.js process to terminate, leading to a denial-of-service (DoS) condition for the client.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-2229"
},
{
"category": "external",
"summary": "RHBZ#2447143",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447143"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-2229",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2229"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-2229",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2229"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc7692",
"url": "https://datatracker.ietf.org/doc/html/rfc7692"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3487486",
"url": "https://hackerone.com/reports/3487486"
},
{
"category": "external",
"summary": "https://nodejs.org/api/zlib.html#class-zlibinflateraw",
"url": "https://nodejs.org/api/zlib.html#class-zlibinflateraw"
}
],
"release_date": "2026-03-12T20:27:05.600000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter"
},
{
"acknowledgments": [
{
"names": [
"Thibault Guittet"
]
}
],
"cve": "CVE-2026-3118",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2026-02-24T12:08:42.955000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2442273"
}
],
"notes": [
{
"category": "description",
"text": "A security flaw was identified in the Orchestrator Plugin of Red Hat Developer Hub (Backstage). The issue occurs due to insufficient input validation in GraphQL query handling. An authenticated user can inject specially crafted input into API requests, which disrupts backend query processing. This results in the entire Backstage application crashing and restarting, leading to a platform-wide Denial of Service (DoS). As a result, legitimate users temporarily lose access to the platform.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rhdh: GraphQL Injection Leading to Platform-Wide Denial of Service (DoS) in RH Developer Hub Orchestrator Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This MODERATE impact vulnerability in the Orchestrator Plugin of Red Hat Developer Hub (Backstage) allows an authenticated attacker to cause a platform-wide Denial of Service. By injecting specially crafted input into GraphQL API requests, an attacker can disrupt backend query processing, leading to the application crashing and restarting. This issue temporarily prevents legitimate users from accessing the platform.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-3118"
},
{
"category": "external",
"summary": "RHBZ#2442273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442273"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-3118",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3118"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-3118",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-3118"
}
],
"release_date": "2026-02-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "To mitigate this issue, restrict network access to the Red Hat Developer Hub instance to trusted users and networks only. This limits the exposure of the vulnerable Orchestrator Plugin to unauthorized access.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rhdh: GraphQL Injection Leading to Platform-Wide Denial of Service (DoS) in RH Developer Hub Orchestrator Plugin"
},
{
"cve": "CVE-2026-4800",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2026-03-31T20:01:21.918257+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453496"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in lodash. The fix for CVE-2021-23337 added validation for the variable option in _.template but did not apply the same validation to options.imports key names. Both paths flow into the same Function() constructor sink. Additionally, _.template uses assignInWith to merge imports, which enumerates inherited properties via for..in. If Object.prototype has been polluted by any other vector, the polluted keys are copied into the imports object and passed to Function().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "lodash: lodash: Arbitrary code execution via untrusted input in template imports",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the context of Red Hat Enterprise Linux, the grafana and grafana-pcp packages execute the affected JavaScript entirely client-side within the user\u0027s browser. Consequently, the attack surface is strictly restricted to the local browser environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-4800"
},
{
"category": "external",
"summary": "RHBZ#2453496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453496"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-4800",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-4800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4800"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-35jh-r3h4-6jhm",
"url": "https://github.com/advisories/GHSA-35jh-r3h4-6jhm"
},
{
"category": "external",
"summary": "https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c",
"url": "https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c"
}
],
"release_date": "2026-03-31T19:25:55.987000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "lodash: lodash: Arbitrary code execution via untrusted input in template imports"
},
{
"cve": "CVE-2026-4926",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-03-26T20:03:28.427630+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451867"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in path-to-regexp. A remote attacker could exploit this vulnerability by providing specially crafted input that generates a regular expression with multiple sequential optional groups. This leads to an exponential growth in the generated regular expression, causing a Denial of Service (DoS) due to excessive resource consumption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "path-to-regexp: path-to-regexp: Denial of Service via crafted regular expressions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in `path-to-regexp` that can lead to a Denial of Service. The vulnerability occurs when specially crafted input containing multiple sequential optional groups is used to generate regular expressions, causing exponential resource consumption.\n\nThe Red Hat Advanced Cluster Security is not affected by this issue since it\u0027s shipping a `path-to-regexp` version which doesn\u0027t contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-4926"
},
{
"category": "external",
"summary": "RHBZ#2451867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451867"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-4926",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4926"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-4926",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4926"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
}
],
"release_date": "2026-03-26T18:59:38+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, limit the use of multiple sequential optional groups in route patterns within applications that use `path-to-regexp`. Additionally, avoid directly passing user-controlled input as route patterns to prevent the generation of maliciously crafted regular expressions.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "path-to-regexp: path-to-regexp: Denial of Service via crafted regular expressions"
},
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
},
{
"cve": "CVE-2026-26996",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-02-20T04:01:11.896063+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2441268"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in minimatch. A remote attacker could exploit this Regular Expression Denial of Service (ReDoS) vulnerability by providing a specially crafted glob pattern. This pattern, containing numerous consecutive wildcard characters, causes excessive processing and exponential backtracking in the regular expression engine. Successful exploitation leads to a Denial of Service (DoS), making the application unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "minimatch: minimatch: Denial of Service via specially crafted glob patterns",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this flaw requires that a user or service processes untrusted input.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-26996"
},
{
"category": "external",
"summary": "RHBZ#2441268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2441268"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-26996",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26996"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-26996",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26996"
},
{
"category": "external",
"summary": "https://github.com/isaacs/minimatch/commit/2e111f3a79abc00fa73110195de2c0f2351904f5",
"url": "https://github.com/isaacs/minimatch/commit/2e111f3a79abc00fa73110195de2c0f2351904f5"
},
{
"category": "external",
"summary": "https://github.com/isaacs/minimatch/security/advisories/GHSA-3ppc-4f35-3m26",
"url": "https://github.com/isaacs/minimatch/security/advisories/GHSA-3ppc-4f35-3m26"
}
],
"release_date": "2026-02-20T03:05:21.105000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "minimatch: minimatch: Denial of Service via specially crafted glob patterns"
},
{
"cve": "CVE-2026-27601",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2026-03-03T23:01:58.011378+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2444247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Underscore.js, a JavaScript utility library. This vulnerability allows a remote attacker to trigger a Denial of Service (DoS) attack by providing specially crafted recursive data structures. When these structures are processed by the _.flatten or _.isEqual functions, which lack a depth limit for recursion, a stack overflow occurs. This can make the application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Underscore.js: Underscore.js: Denial of Service via recursive data structures in flatten and isEqual functions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27601"
},
{
"category": "external",
"summary": "RHBZ#2444247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27601",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27601"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27601",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27601"
},
{
"category": "external",
"summary": "https://github.com/jashkenas/underscore/commit/411e222eb0ca5d570cc4f6315c02c05b830ed2b4",
"url": "https://github.com/jashkenas/underscore/commit/411e222eb0ca5d570cc4f6315c02c05b830ed2b4"
},
{
"category": "external",
"summary": "https://github.com/jashkenas/underscore/commit/a6e23ae9647461ec33ad9f92a2ecfc220eea0a84",
"url": "https://github.com/jashkenas/underscore/commit/a6e23ae9647461ec33ad9f92a2ecfc220eea0a84"
},
{
"category": "external",
"summary": "https://github.com/jashkenas/underscore/security/advisories/GHSA-qpx9-hpmf-5gmw",
"url": "https://github.com/jashkenas/underscore/security/advisories/GHSA-qpx9-hpmf-5gmw"
}
],
"release_date": "2026-03-03T22:38:38.955000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "To mitigate this issue, applications utilizing Underscore.js should ensure that any processing of untrusted, recursively structured data with `_.flatten` or `_.isEqual` explicitly enforces a finite depth limit. Review application code to identify and modify calls to these functions, adding appropriate depth parameters to prevent stack overflow conditions. Additionally, input validation should be implemented to sanitize untrusted data before it is processed by Underscore.js functions.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Underscore.js: Underscore.js: Denial of Service via recursive data structures in flatten and isEqual functions"
},
{
"cve": "CVE-2026-27904",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-02-26T02:01:23.004531+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2442922"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in minimatch. A remote attacker could exploit this vulnerability by providing a specially crafted glob expression with nested unbounded quantifiers. This could lead to catastrophic backtracking in the V8 JavaScript engine, causing the application to become unresponsive and resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this flaw requires that a user or service processes untrusted input.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27904"
},
{
"category": "external",
"summary": "RHBZ#2442922",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442922"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27904",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27904"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27904",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27904"
},
{
"category": "external",
"summary": "https://github.com/isaacs/minimatch/security/advisories/GHSA-23c5-xmqv-rm74",
"url": "https://github.com/isaacs/minimatch/security/advisories/GHSA-23c5-xmqv-rm74"
}
],
"release_date": "2026-02-26T01:07:42.693000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions"
},
{
"cve": "CVE-2026-29063",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-03-06T19:00:57.982727+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445291"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Immutable.js, a library for persistent immutable data structures. This vulnerability, known as Prototype Pollution, allows an attacker with low privileges to inject unwanted properties into core JavaScript object prototypes without user interaction. By manipulating specific APIs such as mergeDeep(), mergeDeepWith(), merge(), Map.toJS(), and Map.toObject(), a remote attacker could potentially execute arbitrary code or cause a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "immutable-js: Immutable.js: Arbitrary code execution via Prototype Pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this vulnerability requires that an attacker is able to provide arbitrary data to clients of this library in a way that calls the affected functions with data the attacker controls. In most deployments, the ability to provide data in this fashion requires that an attacker has some degree of privileges to access the affected applications.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-29063"
},
{
"category": "external",
"summary": "RHBZ#2445291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-29063",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29063"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-29063",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29063"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/releases/tag/v3.8.3",
"url": "https://github.com/immutable-js/immutable-js/releases/tag/v3.8.3"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/releases/tag/v4.3.8",
"url": "https://github.com/immutable-js/immutable-js/releases/tag/v4.3.8"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/releases/tag/v5.1.5",
"url": "https://github.com/immutable-js/immutable-js/releases/tag/v5.1.5"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/security/advisories/GHSA-wf6x-7x77-mvgw",
"url": "https://github.com/immutable-js/immutable-js/security/advisories/GHSA-wf6x-7x77-mvgw"
}
],
"release_date": "2026-03-06T18:25:22.438000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "immutable-js: Immutable.js: Arbitrary code execution via Prototype Pollution"
},
{
"cve": "CVE-2026-29074",
"cwe": {
"id": "CWE-776",
"name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
},
"discovery_date": "2026-03-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445132"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in SVGO, an SVG (Scalable Vector Graphics) Optimizer. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by submitting a specially crafted XML file. The application\u0027s failure to properly guard against XML entity expansion or recursion can lead to the Node.js process consuming excessive memory and crashing.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "svgo: SVGO: Denial of Service via XML entity expansion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-29074"
},
{
"category": "external",
"summary": "RHBZ#2445132",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445132"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-29074",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29074"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-29074",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29074"
},
{
"category": "external",
"summary": "https://github.com/svg/svgo/security/advisories/GHSA-xpqw-6gx7-v673",
"url": "https://github.com/svg/svgo/security/advisories/GHSA-xpqw-6gx7-v673"
}
],
"release_date": "2026-03-06T07:23:05.716000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "svgo: SVGO: Denial of Service via XML entity expansion"
},
{
"cve": "CVE-2026-29186",
"cwe": {
"id": "CWE-791",
"name": "Incomplete Filtering of Special Elements"
},
"discovery_date": "2026-03-07T16:01:40.949207+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445480"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Backstage. The backstage/plugin-techdocs-node package uses an allowlist to filter dangerous MkDocs configuration keys during the documentation build process. A gap in this allowlist allows attackers to craft an mkdocs.yml file that causes arbitrary Python code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "backstage/plugin-techdocs-node: TechDocs Mkdocs configuration key enables arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs commit access to a repository that Backstage is configured to track and build in order to introduce a malicious mkdocs.yml file into the TechDocs build pipeline. Additionally, an attacker can execute arbitrary Python code but the payload is confined by the permissions granted to the TechDocs build process which is typically a restricted service account, limiting the impact of this vulnerability. Due to these reasons, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-29186"
},
{
"category": "external",
"summary": "RHBZ#2445480",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445480"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-29186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29186"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-29186",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29186"
},
{
"category": "external",
"summary": "https://github.com/backstage/backstage/security/advisories/GHSA-928r-fm4v-mvrw",
"url": "https://github.com/backstage/backstage/security/advisories/GHSA-928r-fm4v-mvrw"
}
],
"release_date": "2026-03-07T15:03:51.422000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "To mitigate this issue, enable docker isolation by updating the Backstage configuration to use \u0027runIn: docker\u0027 instead of \u0027runIn: local\u0027, confining the arbitrary Python code execution to a containerized environment. Additionally, limit commit access to repositories tracked by Backstage to trusted contributors only, and enforce mandatory pull request (PR) reviews for any modifications made to the mkdocs.yml file.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "backstage/plugin-techdocs-node: TechDocs Mkdocs configuration key enables arbitrary code execution"
},
{
"cve": "CVE-2026-32141",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-03-12T19:01:30.987208+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447083"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service flaw has been discovered in the flatted npm library. flatted\u0027s parse() function uses a recursive revive() phase to resolve circular references in deserialized JSON. When given a crafted payload with deeply nested or self-referential $ indices, the recursion depth is unbounded, causing a stack overflow that crashes the Node.js process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flatted: flatted: Unbounded recursion DoS in parse() revive phase",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32141"
},
{
"category": "external",
"summary": "RHBZ#2447083",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447083"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32141",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32141"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32141",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32141"
},
{
"category": "external",
"summary": "https://github.com/WebReflection/flatted/commit/7eb65d857e1a40de11c47461cdbc8541449f0606",
"url": "https://github.com/WebReflection/flatted/commit/7eb65d857e1a40de11c47461cdbc8541449f0606"
},
{
"category": "external",
"summary": "https://github.com/WebReflection/flatted/pull/88",
"url": "https://github.com/WebReflection/flatted/pull/88"
},
{
"category": "external",
"summary": "https://github.com/WebReflection/flatted/security/advisories/GHSA-25h7-pfq9-p65f",
"url": "https://github.com/WebReflection/flatted/security/advisories/GHSA-25h7-pfq9-p65f"
}
],
"release_date": "2026-03-12T18:08:09.634000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "flatted: flatted: Unbounded recursion DoS in parse() revive phase"
},
{
"cve": "CVE-2026-33036",
"cwe": {
"id": "CWE-776",
"name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
},
"discovery_date": "2026-03-20T06:02:18.306021+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449458"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in fast-xml-parser. A remote attacker can exploit this vulnerability by supplying specially crafted XML input containing numeric character references or standard XML entities. This input can bypass configured entity expansion limits, leading to excessive memory allocation and high CPU usage. The primary consequence is a Denial of Service (DoS), which can crash the affected process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "fast-xml-parser: fast-xml-parser: Denial of Service via XML entity expansion bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33036"
},
{
"category": "external",
"summary": "RHBZ#2449458",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449458"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33036",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33036"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33036",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33036"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/bd26122c838e6a55e7d7ac49b4ccc01a49999a01",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/bd26122c838e6a55e7d7ac49b4ccc01a49999a01"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.5.6",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.5.6"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-8gc5-j5rx-235r",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-8gc5-j5rx-235r"
}
],
"release_date": "2026-03-20T05:17:03.290000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "fast-xml-parser: fast-xml-parser: Denial of Service via XML entity expansion bypass"
},
{
"cve": "CVE-2026-33228",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-03-21T00:01:43.424803+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449872"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in flatted, a JavaScript Object Notation (JSON) parser designed for handling circular data structures. A remote attacker can exploit this vulnerability by providing specially crafted JSON input. The parse() function in flatted fails to properly validate string values used as array index keys, allowing an attacker to manipulate internal JavaScript object prototypes. This prototype pollution can enable an attacker to execute arbitrary code or cause a denial of service, impacting the availability and integrity of affected systems.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flatted: Flatted: Prototype pollution vulnerability allows arbitrary code execution via crafted JSON.",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A Critical vulnerability was discovered in \u0027flatted\u0027, a JavaScript JSON parser. It could enable a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service. Exploitation involves prototype pollution by providing a specially crafted JSON input. Red Hat products that process un-trusted JSON data and utilize the \u0027flatted\u0027 library are at risk if they do not properly sanitize input.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33228"
},
{
"category": "external",
"summary": "RHBZ#2449872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449872"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33228",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33228"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33228",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33228"
},
{
"category": "external",
"summary": "https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802",
"url": "https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802"
},
{
"category": "external",
"summary": "https://github.com/WebReflection/flatted/releases/tag/v3.4.2",
"url": "https://github.com/WebReflection/flatted/releases/tag/v3.4.2"
},
{
"category": "external",
"summary": "https://github.com/WebReflection/flatted/security/advisories/GHSA-rf6f-7fwh-wjgh",
"url": "https://github.com/WebReflection/flatted/security/advisories/GHSA-rf6f-7fwh-wjgh"
}
],
"release_date": "2026-03-20T23:06:48.485000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flatted: Flatted: Prototype pollution vulnerability allows arbitrary code execution via crafted JSON."
},
{
"cve": "CVE-2026-33891",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2026-03-27T21:01:34.410210+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452450"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the node-forge library, a JavaScript implementation of Transport Layer Security. This vulnerability, inherited from the bundled jsbn library, allows a remote attacker to cause a Denial of Service (DoS). When the BigInteger.modInverse() function is called with a zero value, it enters an infinite loop, causing the process to hang indefinitely and consume 100% of the CPU resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge: Denial of Service via infinite loop in BigInteger.modInverse()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33891"
},
{
"category": "external",
"summary": "RHBZ#2452450",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452450"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33891",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33891"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33891",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33891"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/commit/9bb8d67b99d17e4ebb5fd7596cd699e11f25d023",
"url": "https://github.com/digitalbazaar/forge/commit/9bb8d67b99d17e4ebb5fd7596cd699e11f25d023"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5m6q-g25r-mvwx",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5m6q-g25r-mvwx"
}
],
"release_date": "2026-03-27T20:43:37.725000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: node-forge: Denial of Service via infinite loop in BigInteger.modInverse()"
},
{
"cve": "CVE-2026-33894",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2026-03-27T21:02:52.462999+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452464"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Forge (also called `node-forge`), a JavaScript implementation of Transport Layer Security. A remote attacker could exploit weaknesses in the RSASSA PKCS#1 v1.5 signature verification process. By crafting malicious signatures that include extra data within the ASN structure and do not meet padding requirements, an attacker can bypass signature validation. This allows for the creation of forged signatures that appear legitimate, potentially compromising the integrity and authenticity of communications.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: Forge: Signature Forgery via Weak RSASSA PKCS#1 v1.5 Verification",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33894"
},
{
"category": "external",
"summary": "RHBZ#2452464",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452464"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33894",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33894"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33894",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33894"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc2313#section-8",
"url": "https://datatracker.ietf.org/doc/html/rfc2313#section-8"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp"
},
{
"category": "external",
"summary": "https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE",
"url": "https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE"
},
{
"category": "external",
"summary": "https://www.rfc-editor.org/rfc/rfc8017.html",
"url": "https://www.rfc-editor.org/rfc/rfc8017.html"
}
],
"release_date": "2026-03-27T20:45:49.583000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: Forge: Signature Forgery via Weak RSASSA PKCS#1 v1.5 Verification"
},
{
"cve": "CVE-2026-33895",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2026-03-27T21:02:18.484291+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452457"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Forge (also called `node-forge`), a JavaScript library used for Transport Layer Security (TLS). The library\u0027s Ed25519 signature verification process does not correctly validate cryptographic signatures, allowing forged non-canonical signatures to be accepted. A remote attacker could exploit this signature malleability to bypass authentication and authorization logic. This vulnerability can also circumvent security checks in applications that rely on the uniqueness of cryptographic signatures for functions such as deduplication or preventing replay attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: Forge: Authentication bypass via forged Ed25519 cryptographic signatures",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33895"
},
{
"category": "external",
"summary": "RHBZ#2452457",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452457"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33895",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33895"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33895",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33895"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc8032#section-8.4",
"url": "https://datatracker.ietf.org/doc/html/rfc8032#section-8.4"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/commit/bdecf11571c9f1a487cc0fe72fe78ff6dfa96b85",
"url": "https://github.com/digitalbazaar/forge/commit/bdecf11571c9f1a487cc0fe72fe78ff6dfa96b85"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-q67f-28xg-22rw",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-q67f-28xg-22rw"
}
],
"release_date": "2026-03-27T20:47:54.492000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: Forge: Authentication bypass via forged Ed25519 cryptographic signatures"
},
{
"cve": "CVE-2026-33896",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2026-03-27T21:02:22.762233+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452458"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Forge (also known as node-forge), a JavaScript implementation of Transport Layer Security (TLS). The `pki.verifyCertificateChain()` function does not properly enforce certificate validation rules. This oversight allows an intermediate certificate that lacks specific security extensions to enable any leaf certificate to function as a Certificate Authority (CA) and sign other certificates. Consequently, node-forge could accept these unauthorized certificates as valid, potentially leading to spoofing or the issuance of illegitimate certificates.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: Forge (node-forge): Certificate validation bypass allows unauthorized certificate issuance",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33896"
},
{
"category": "external",
"summary": "RHBZ#2452458",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452458"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33896",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33896"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33896",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33896"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/commit/2e492832fb25227e6b647cbe1ac981c123171e90",
"url": "https://github.com/digitalbazaar/forge/commit/2e492832fb25227e6b647cbe1ac981c123171e90"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-2328-f5f3-gj25",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-2328-f5f3-gj25"
}
],
"release_date": "2026-03-27T20:50:03.418000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: Forge (node-forge): Certificate validation bypass allows unauthorized certificate issuance"
},
{
"cve": "CVE-2026-39983",
"cwe": {
"id": "CWE-93",
"name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
},
"discovery_date": "2026-04-09T18:02:16.209487+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456971"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in basic-ftp, an FTP client for Node.js. A remote attacker can exploit this vulnerability by injecting Carriage Return Line Feed (CRLF) sequences into file path parameters used by high-level APIs. This allows the attacker to split a single intended FTP command into multiple commands. Such command injection can lead to the execution of arbitrary commands, potentially compromising the integrity and availability of data or the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "basic-ftp: basic-ftp: Command injection via CRLF sequences in file path parameters",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39983"
},
{
"category": "external",
"summary": "RHBZ#2456971",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456971"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39983",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39983"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39983",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39983"
},
{
"category": "external",
"summary": "https://github.com/patrickjuchli/basic-ftp/commit/2ecc8e2c500c5234115f06fd1dbde1aa03d70f4b",
"url": "https://github.com/patrickjuchli/basic-ftp/commit/2ecc8e2c500c5234115f06fd1dbde1aa03d70f4b"
},
{
"category": "external",
"summary": "https://github.com/patrickjuchli/basic-ftp/releases/tag/v5.2.1",
"url": "https://github.com/patrickjuchli/basic-ftp/releases/tag/v5.2.1"
},
{
"category": "external",
"summary": "https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q",
"url": "https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q"
}
],
"release_date": "2026-04-09T17:05:46.228000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "basic-ftp: basic-ftp: Command injection via CRLF sequences in file path parameters"
},
{
"cve": "CVE-2026-40175",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-04-10T20:02:10.296601+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2457432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability, known as Prototype Pollution, can be exploited through a specific \"Gadget\" attack chain. This allows an attacker to escalate a Prototype Pollution vulnerability in a third-party dependency, potentially leading to remote code execution or a full cloud compromise, such as bypassing AWS IMDSv2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Remote Code Execution via Prototype Pollution escalation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Axios library, a promise-based HTTP client, is susceptible to an Important prototype pollution vulnerability. This flaw, when combined with specific \"Gadget\" attack chains in third-party dependencies, can lead to remote code execution or full cloud compromise, including bypassing AWS IMDSv2.\n \nWith pollution check patch available in Axios gives an advantage, it remains vulnerable due to HTTP Header Sanitation and Server-Side Request Forgery threat.\n\nRed Hat products that incorporate the vulnerable Axios library are affected.\n\nThe openshift4/ose-monitoring-plugin-rhel9 container image is not vulnerable to this flaw. The affected component is used as a build-time dependency but it\u0027s not shipped in the final product, meaning the flaw is not present thus cannot be exploited in the container deployments.\n\nRegarding openshift4/ose-console for Product stream 4.12 and 4.13, the vulnerable component is present (indirect dependency), but the vulnerability is not exploitable in our case due to the browser runtime, where the required Node.js-specific attack vectors are not available. With this, the impact becomes low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-40175"
},
{
"category": "external",
"summary": "RHBZ#2457432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-40175",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40175"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-40175",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40175"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/commit/363185461b90b1b78845dc8a99a1f103d9b122a1",
"url": "https://github.com/axios/axios/commit/363185461b90b1b78845dc8a99a1f103d9b122a1"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/pull/10660",
"url": "https://github.com/axios/axios/pull/10660"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases/tag/v1.15.0",
"url": "https://github.com/axios/axios/releases/tag/v1.15.0"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-fvcv-3m26-pcqx",
"url": "https://github.com/axios/axios/security/advisories/GHSA-fvcv-3m26-pcqx"
}
],
"release_date": "2026-04-10T19:23:52.285000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Remote Code Execution via Prototype Pollution escalation"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…