{"advisories":[{"schema_version":"1.7.0","id":"RLSA-2026:8474","modified":"2026-04-20T00:09:51.762056Z","published":"2026-04-19T00:04:03.622890Z","upstream":["CVE-2026-26171","CVE-2026-32178","CVE-2026-32203","CVE-2026-33116"],"summary":"Important: .NET 9.0 security update","details":".NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.\n\nNew versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.116 and .NET Runtime 9.0.15.Security Fix(es):\n\n* dotnet: .NET: Security Bypass and Denial of Service Vulnerability (CVE-2026-26171)\n\n* dotnet: .NET: Denial of Service via stack overflow (CVE-2026-32203)\n\n* dotnet: .NET: Denial of Service via Infinite Recursion in XmlDecryptionTransform (CVE-2026-33116)\n\n* dotnet: Dotnet: SMTP Command Injection and Header Injection via MailAddress parsing flaw (CVE-2026-32178)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:9","name":"dotnet9.0","purl":"pkg:rpm/rocky-linux/dotnet9.0?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:9.0.116-1.el9_7"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:8474"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457739"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457740"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457741"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457781"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:8510","modified":"2026-04-20T00:09:51.814703Z","published":"2026-04-19T00:04:03.622890Z","upstream":["CVE-2026-4424","CVE-2026-5121"],"summary":"Important: libarchive security update","details":"The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers.\n\nSecurity Fix(es):\n\n* libarchive: libarchive: Information disclosure via heap out-of-bounds read in RAR archive processing (CVE-2026-4424)\n\n* libarchive: libarchive: Arbitrary code execution via integer overflow in ISO9660 image processing (CVE-2026-5121)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"affected":[{"package":{"ecosystem":"Rocky Linux:9","name":"libarchive","purl":"pkg:rpm/rocky-linux/libarchive?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.5.3-9.el9_7"}],"database_specific":{"yum_repository":"BaseOS"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:8510"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2449006"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2452945"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:8459","modified":"2026-04-20T00:09:51.554604Z","published":"2026-04-19T00:04:03.622890Z","upstream":["CVE-2026-33416","CVE-2026-33636","CVE-2026-5731","CVE-2026-5732","CVE-2026-5734"],"summary":"Important: thunderbird security update","details":"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nSecurity Fix(es):\n\n* libpng: libpng: Arbitrary code execution due to use-after-free vulnerability (CVE-2026-33416)\n\n* libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion (CVE-2026-33636)\n\n* thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2 (CVE-2026-5734)\n\n* thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 115.34.1, Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2 (CVE-2026-5731)\n\n* firefox: thunderbird: Incorrect boundary conditions, integer overflow in the Graphics: Text component (CVE-2026-5732)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:9","name":"thunderbird","purl":"pkg:rpm/rocky-linux/thunderbird?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:140.9.1-1.el9_7"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:8459"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451805"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451819"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455897"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455901"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455908"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:8457","modified":"2026-04-20T00:09:51.604362Z","published":"2026-04-19T00:04:03.622890Z","upstream":["CVE-2026-33983","CVE-2026-33984"],"summary":"Important: freerdp security update","details":"FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.\n\nSecurity Fix(es):\n\n* FreeRDP: FreeRDP: Heap buffer overflow allows arbitrary code execution via crafted pixel data (CVE-2026-33984)\n\n* FreeRDP: FreeRDP: Denial of Service via specially crafted Remote Desktop Protocol messages (CVE-2026-33983)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:9","name":"freerdp","purl":"pkg:rpm/rocky-linux/freerdp?distro=rocky-linux-9&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:2.11.7-1.el9_7.6"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:8457"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453219"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453220"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:8471","modified":"2026-04-20T00:09:51.709002Z","published":"2026-04-19T00:04:03.622890Z","upstream":["CVE-2026-26171","CVE-2026-32178","CVE-2026-32203","CVE-2026-33116"],"summary":"Important: .NET 10.0 security update","details":".NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.\n\nNew versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 10.0.106 and .NET Runtime 10.0.6.Security Fix(es):\n\n* dotnet: .NET: Security Bypass and Denial of Service Vulnerability (CVE-2026-26171)\n\n* dotnet: .NET: Denial of Service via stack overflow (CVE-2026-32203)\n\n* dotnet: .NET: Denial of Service via Infinite Recursion in XmlDecryptionTransform (CVE-2026-33116)\n\n* dotnet: Dotnet: SMTP Command Injection and Header Injection via MailAddress parsing flaw (CVE-2026-32178)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:9","name":"dotnet10.0","purl":"pkg:rpm/rocky-linux/dotnet10.0?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:10.0.106-1.el9_7"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:8471"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457739"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457740"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457741"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457781"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:8469","modified":"2026-04-20T00:09:51.653159Z","published":"2026-04-19T00:04:03.622890Z","upstream":["CVE-2026-26171","CVE-2026-32178","CVE-2026-32203","CVE-2026-33116"],"summary":"Important: .NET 8.0 security update","details":".NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.\n\nNew versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.126 and .NET Runtime 8.0.26.Security Fix(es):\n\n* dotnet: .NET: Security Bypass and Denial of Service Vulnerability (CVE-2026-26171)\n\n* dotnet: .NET: Denial of Service via stack overflow (CVE-2026-32203)\n\n* dotnet: .NET: Denial of Service via Infinite Recursion in XmlDecryptionTransform (CVE-2026-33116)\n\n* dotnet: Dotnet: SMTP Command Injection and Header Injection via MailAddress parsing flaw (CVE-2026-32178)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:9","name":"dotnet8.0","purl":"pkg:rpm/rocky-linux/dotnet8.0?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:8.0.126-1.el9_7"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:8469"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457739"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457740"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457741"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457781"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:8470","modified":"2026-04-20T00:09:53.459236Z","published":"2026-04-18T12:07:14.765683Z","upstream":["CVE-2026-26171","CVE-2026-32178","CVE-2026-32203","CVE-2026-33116"],"summary":"Important: .NET 8.0 security update","details":".NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.\n\nNew versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.126 and .NET Runtime 8.0.26.Security Fix(es):\n\n* dotnet: .NET: Security Bypass and Denial of Service Vulnerability (CVE-2026-26171)\n\n* dotnet: .NET: Denial of Service via stack overflow (CVE-2026-32203)\n\n* dotnet: .NET: Denial of Service via Infinite Recursion in XmlDecryptionTransform (CVE-2026-33116)\n\n* dotnet: Dotnet: SMTP Command Injection and Header Injection via MailAddress parsing flaw (CVE-2026-32178)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:10","name":"dotnet8.0","purl":"pkg:rpm/rocky-linux/dotnet8.0?distro=rocky-linux-10&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:8.0.126-1.el10_1"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:8470"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457741"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457740"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457781"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457739"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:8467","modified":"2026-04-20T00:09:53.583154Z","published":"2026-04-18T12:07:14.765683Z","upstream":["CVE-2026-26171","CVE-2026-32178","CVE-2026-32203","CVE-2026-33116"],"summary":"Important: .NET 10.0 security update","details":".NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.\n\nNew versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 10.0.106 and .NET Runtime 10.0.6.Security Fix(es):\n\n* dotnet: .NET: Security Bypass and Denial of Service Vulnerability (CVE-2026-26171)\n\n* dotnet: .NET: Denial of Service via stack overflow (CVE-2026-32203)\n\n* dotnet: .NET: Denial of Service via Infinite Recursion in XmlDecryptionTransform (CVE-2026-33116)\n\n* dotnet: Dotnet: SMTP Command Injection and Header Injection via MailAddress parsing flaw (CVE-2026-32178)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:10","name":"dotnet10.0","purl":"pkg:rpm/rocky-linux/dotnet10.0?distro=rocky-linux-10&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:10.0.106-1.el10_1"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:8467"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457741"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457740"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457781"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457739"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:8458","modified":"2026-04-20T00:09:53.399653Z","published":"2026-04-18T12:07:14.765683Z","upstream":["CVE-2026-33983","CVE-2026-33984"],"summary":"Important: freerdp security update","details":"FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.\n\nSecurity Fix(es):\n\n* FreeRDP: FreeRDP: Heap buffer overflow allows arbitrary code execution via crafted pixel data (CVE-2026-33984)\n\n* FreeRDP: FreeRDP: Denial of Service via specially crafted Remote Desktop Protocol messages (CVE-2026-33983)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:10","name":"freerdp","purl":"pkg:rpm/rocky-linux/freerdp?distro=rocky-linux-10&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:3.10.3-5.el10_1.6"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:8458"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453220"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453219"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:8472","modified":"2026-04-20T00:09:53.520777Z","published":"2026-04-18T12:07:14.765683Z","upstream":["CVE-2026-26171","CVE-2026-32178","CVE-2026-32203","CVE-2026-33116"],"summary":"Important: .NET 9.0 security update","details":".NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.\n\nNew versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.116 and .NET Runtime 9.0.15.Security Fix(es):\n\n* dotnet: .NET: Security Bypass and Denial of Service Vulnerability (CVE-2026-26171)\n\n* dotnet: .NET: Denial of Service via stack overflow (CVE-2026-32203)\n\n* dotnet: .NET: Denial of Service via Infinite Recursion in XmlDecryptionTransform (CVE-2026-33116)\n\n* dotnet: Dotnet: SMTP Command Injection and Header Injection via MailAddress parsing flaw (CVE-2026-32178)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:10","name":"dotnet9.0","purl":"pkg:rpm/rocky-linux/dotnet9.0?distro=rocky-linux-10&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:9.0.116-1.el10_1"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:8472"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457741"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457740"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457781"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457739"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:8492","modified":"2026-04-20T00:09:53.649408Z","published":"2026-04-18T12:07:14.765683Z","upstream":["CVE-2026-4424"],"summary":"Important: libarchive security update","details":"The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers.\n\nSecurity Fix(es):\n\n* libarchive: libarchive: Information disclosure via heap out-of-bounds read in RAR archive processing (CVE-2026-4424)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"affected":[{"package":{"ecosystem":"Rocky Linux:10","name":"libarchive","purl":"pkg:rpm/rocky-linux/libarchive?distro=rocky-linux-10&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.7.7-8.el10_1"}],"database_specific":{"yum_repository":"BaseOS"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:8492"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2449006"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:8468","modified":"2026-04-20T00:09:49.325174Z","published":"2026-04-18T12:01:11.830950Z","upstream":["CVE-2026-26171","CVE-2026-32178","CVE-2026-32203","CVE-2026-33116"],"summary":"Important: .NET 8.0 security update","details":".NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.\n\nNew versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK SDK_VERSION and .NET Runtime RUNTIME_VERSION.Security Fix(es):\n\n* dotnet: .NET: Security Bypass and Denial of Service Vulnerability (CVE-2026-26171)\n\n* dotnet: .NET: Denial of Service via stack overflow (CVE-2026-32203)\n\n* dotnet: .NET: Denial of Service via Infinite Recursion in XmlDecryptionTransform (CVE-2026-33116)\n\n* dotnet: Dotnet: SMTP Command Injection and Header Injection via MailAddress parsing flaw (CVE-2026-32178)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:8","name":"dotnet8.0","purl":"pkg:rpm/rocky-linux/dotnet8.0?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:8.0.126-1.el8_10"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:8468"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457739"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457740"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457741"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457781"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:8473","modified":"2026-04-20T00:09:49.442753Z","published":"2026-04-18T12:01:11.830950Z","upstream":["CVE-2026-26171","CVE-2026-32178","CVE-2026-32203","CVE-2026-33116"],"summary":"Important: .NET 10.0 security update","details":".NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.\n\nNew versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 10.0.106 and .NET Runtime 10.0.6.Security Fix(es):\n\n* dotnet: .NET: Security Bypass and Denial of Service Vulnerability (CVE-2026-26171)\n\n* dotnet: .NET: Denial of Service via stack overflow (CVE-2026-32203)\n\n* dotnet: .NET: Denial of Service via Infinite Recursion in XmlDecryptionTransform (CVE-2026-33116)\n\n* dotnet: Dotnet: SMTP Command Injection and Header Injection via MailAddress parsing flaw (CVE-2026-32178)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:8","name":"dotnet10.0","purl":"pkg:rpm/rocky-linux/dotnet10.0?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:10.0.106-1.el8_10"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:8473"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457739"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457740"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457741"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457781"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:8475","modified":"2026-04-20T00:09:49.382072Z","published":"2026-04-18T12:01:11.830950Z","upstream":["CVE-2026-26171","CVE-2026-32178","CVE-2026-32203","CVE-2026-33116"],"summary":"Important: .NET 9.0 security update","details":".NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.\n\nNew versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.116 and .NET Runtime 9.0.15.Security Fix(es):\n\n* dotnet: .NET: Security Bypass and Denial of Service Vulnerability (CVE-2026-26171)\n\n* dotnet: .NET: Denial of Service via stack overflow (CVE-2026-32203)\n\n* dotnet: .NET: Denial of Service via Infinite Recursion in XmlDecryptionTransform (CVE-2026-33116)\n\n* dotnet: Dotnet: SMTP Command Injection and Header Injection via MailAddress parsing flaw (CVE-2026-32178)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:8","name":"dotnet9.0","purl":"pkg:rpm/rocky-linux/dotnet9.0?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:9.0.116-1.el8_10"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:8475"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457739"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457740"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457741"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457781"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:8534","modified":"2026-04-20T00:09:40.431520Z","published":"2026-04-18T12:00:50.829789Z","upstream":["CVE-2026-4424","CVE-2026-5121"],"summary":"Important: libarchive security update","details":"The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers.\n\nSecurity Fix(es):\n\n* libarchive: libarchive: Information disclosure via heap out-of-bounds read in RAR archive processing (CVE-2026-4424)\n\n* libarchive: libarchive: Arbitrary code execution via integer overflow in ISO9660 image processing (CVE-2026-5121)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"affected":[{"package":{"ecosystem":"Rocky Linux:8","name":"libarchive","purl":"pkg:rpm/rocky-linux/libarchive?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.3.3-7.el8_10"}],"database_specific":{"yum_repository":"BaseOS"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:8534"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2449006"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2452945"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:8352","modified":"2026-04-20T00:09:40.386680Z","published":"2026-04-18T12:00:50.829789Z","upstream":["CVE-2026-1519"],"summary":"Important: bind security update","details":"The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.\n\nSecurity Fix(es):\n\n* bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone (CVE-2026-1519)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:8","name":"bind","purl":"pkg:rpm/rocky-linux/bind?distro=rocky-linux-8&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:9.11.36-16.el8_10.7"}],"database_specific":{"yum_repository":"BaseOS"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:8352"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451305"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:8312","modified":"2026-04-20T00:09:53.330053Z","published":"2026-04-16T18:06:57.072014Z","upstream":["CVE-2026-1519"],"summary":"Important: bind security update","details":"The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.\n\nSecurity Fix(es):\n\n* bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone (CVE-2026-1519)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:10","name":"bind","purl":"pkg:rpm/rocky-linux/bind?distro=rocky-linux-10&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:9.18.33-10.el10_1.3"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:8312"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451305"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:7682","modified":"2026-04-20T00:09:53.087103Z","published":"2026-04-16T18:06:57.072014Z","upstream":["CVE-2026-27622"],"summary":"Important: openexr security update","details":"OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents a brief overview of OpenEXR and explains concepts that are specific to this format.  This package containes the binaries for OpenEXR.\n\nSecurity Fix(es):\n\n* openexr: OpenEXR: Arbitrary code execution via integer overflow in EXR file processing (CVE-2026-27622)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:10","name":"openexr","purl":"pkg:rpm/rocky-linux/openexr?distro=rocky-linux-10&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.1.10-8.el10_1.1"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:7682"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2444251"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:8259","modified":"2026-04-20T00:09:51.500884Z","published":"2026-04-16T12:01:52.426217Z","upstream":["CVE-2026-28417","CVE-2026-28421","CVE-2026-33412"],"summary":"Important: vim security update","details":"Vim (Vi IMproved) is an updated and improved version of the vi editor.\n\nSecurity Fix(es):\n\n* vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin (CVE-2026-28417)\n\n* vim: Vim: Denial of service and information disclosure via crafted swap file (CVE-2026-28421)\n\n* vim: Vim: Arbitrary code execution via command injection in glob() function (CVE-2026-33412)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:9","name":"vim","purl":"pkg:rpm/rocky-linux/vim?distro=rocky-linux-9&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:8.2.2637-23.el9_7.2"}],"database_specific":{"yum_repository":"BaseOS"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:8259"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2443455"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2443474"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450907"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:8093","modified":"2026-04-20T00:09:49.478838Z","published":"2026-04-16T12:00:37.623432Z","upstream":["CVE-2026-31958"],"summary":"Moderate: pcs security update","details":"The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.\n\nSecurity Fix(es):\n\n* tornado-python: Tornado: Denial of Service via large multipart bodies (CVE-2026-31958)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"affected":[{"package":{"ecosystem":"Rocky Linux:8","name":"pcs","purl":"pkg:rpm/rocky-linux/pcs?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.10.18-2.el8_10.9"}],"database_specific":{"yum_repository":"HighAvailability"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:8093"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2446765"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:8052","modified":"2026-04-20T00:09:43.374181Z","published":"2026-04-16T12:00:34.288576Z","upstream":["CVE-2026-33416","CVE-2026-33636","CVE-2026-5731","CVE-2026-5732","CVE-2026-5734"],"summary":"Important: firefox security update","details":"Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nSecurity Fix(es):\n\n* libpng: libpng: Arbitrary code execution due to use-after-free vulnerability (CVE-2026-33416)\n\n* libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion (CVE-2026-33636)\n\n* thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2 (CVE-2026-5734)\n\n* thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 115.34.1, Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2 (CVE-2026-5731)\n\n* firefox: thunderbird: Incorrect boundary conditions, integer overflow in the Graphics: Text component (CVE-2026-5732)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:8","name":"firefox","purl":"pkg:rpm/rocky-linux/firefox?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:140.9.1-1.el8_10"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:8052"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451805"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451819"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455897"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455901"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455908"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:7667","modified":"2026-04-20T00:09:40.330654Z","published":"2026-04-16T12:00:20.090518Z","upstream":["CVE-2026-27135"],"summary":"Important: nghttp2 security update","details":"libnghttp2 is a library implementing the Hypertext Transfer Protocol version 2 (HTTP/2) protocol in C.\n\nSecurity Fix(es):\n\n* nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination (CVE-2026-27135)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:8","name":"nghttp2","purl":"pkg:rpm/rocky-linux/nghttp2?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.33.0-6.el8_10.2"}],"database_specific":{"yum_repository":"BaseOS"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:7667"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2448754"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:8339","modified":"2026-04-20T00:09:49.267308Z","published":"2026-04-16T00:01:17.370160Z","upstream":["CVE-2026-21710","CVE-2026-26996","CVE-2026-27135","CVE-2026-27904"],"summary":"Important: nodejs:20 security update","details":"Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nSecurity Fix(es):\n\n* minimatch: minimatch: Denial of Service via specially crafted glob patterns (CVE-2026-26996)\n\n* minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions (CVE-2026-27904)\n\n* nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination (CVE-2026-27135)\n\n* Node.js: Node.js: Denial of Service due to crafted HTTP `__proto__` header (CVE-2026-21710)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:8","name":"nodejs-nodemon","purl":"pkg:rpm/rocky-linux/nodejs-nodemon?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.0.1-1.module+el8.10.0+1924+614dc87f"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"nodejs-nodemon","purl":"pkg:rpm/rocky-linux/nodejs-nodemon?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.0.1-1.module+el8.10.0+1935+d3cbe60f"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"nodejs-nodemon","purl":"pkg:rpm/rocky-linux/nodejs-nodemon?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.0.1-1.module+el8.10.0+1666+930e28e8"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"nodejs-nodemon","purl":"pkg:rpm/rocky-linux/nodejs-nodemon?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.0.1-1.module+el8.10.0+1667+4a788d89"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"nodejs-nodemon","purl":"pkg:rpm/rocky-linux/nodejs-nodemon?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.0.1-1.module+el8.10.0+1989+e60144d9"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"nodejs-nodemon","purl":"pkg:rpm/rocky-linux/nodejs-nodemon?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.0.1-1.module+el8.10.0+1988+437f3d23"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"nodejs-nodemon","purl":"pkg:rpm/rocky-linux/nodejs-nodemon?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.0.1-1.module+el8.9.0+1760+903d54b9"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"nodejs-nodemon","purl":"pkg:rpm/rocky-linux/nodejs-nodemon?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.0.1-1.module+el8.10.0+1823+b5789597"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"nodejs-nodemon","purl":"pkg:rpm/rocky-linux/nodejs-nodemon?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.0.1-1.module+el8.10.0+1824+532140ee"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"nodejs-packaging","purl":"pkg:rpm/rocky-linux/nodejs-packaging?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2021.06-6.module+el8.10.0+40048+6d99f608"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"nodejs","purl":"pkg:rpm/rocky-linux/nodejs?distro=rocky-linux-8&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:20.20.2-1.module+el8.10.0+40157+368015a6"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:8339"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2441268"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442922"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2448754"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453151"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:8317","modified":"2026-04-20T00:09:48.943818Z","published":"2026-04-16T00:01:17.370160Z","upstream":["CVE-2026-32748","CVE-2026-33526"],"summary":"Important: squid:4 security update","details":"Squid is a high-performance proxy caching server for web clients, supporting FTP, and HTTP data objects.\n\nSecurity Fix(es):\n\n* squid: Squid: Denial of Service via heap Use-After-Free vulnerability in ICP handling (CVE-2026-33526)\n\n* Squid: Squid: Denial of Service via crafted ICP traffic (CVE-2026-32748)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:8","name":"libecap","purl":"pkg:rpm/rocky-linux/libecap?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.0.1-2.module+el8.9.0+1437+df5ea8f0"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"squid","purl":"pkg:rpm/rocky-linux/squid?distro=rocky-linux-8&epoch=7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7:4.15-10.module+el8.10.0+1928+e8441768.5"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"squid","purl":"pkg:rpm/rocky-linux/squid?distro=rocky-linux-8&epoch=7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7:4.15-10.module+el8.10.0+1985+eaf982f0.6"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"squid","purl":"pkg:rpm/rocky-linux/squid?distro=rocky-linux-8&epoch=7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7:4.15-10.module+el8.10.0+1885+e30b7122.3"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"squid","purl":"pkg:rpm/rocky-linux/squid?distro=rocky-linux-8&epoch=7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7:4.15-10.module+el8.10.0+2080+49064dbd.9"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"squid","purl":"pkg:rpm/rocky-linux/squid?distro=rocky-linux-8&epoch=7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7:4.15-10.module+el8.10.0+1758+80ba9f4b"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"squid","purl":"pkg:rpm/rocky-linux/squid?distro=rocky-linux-8&epoch=7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7:4.15-10.module+el8.10.0+1881+7e31fb44.1"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"squid","purl":"pkg:rpm/rocky-linux/squid?distro=rocky-linux-8&epoch=7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7:4.15-10.module+el8.10.0+40156+3f7c6af1.11"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:8317"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451574"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451577"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:7675","modified":"2026-04-20T00:09:53.039768Z","published":"2026-04-15T12:07:10.074197Z","upstream":["CVE-2026-1525","CVE-2026-1526","CVE-2026-1527","CVE-2026-1528","CVE-2026-21637","CVE-2026-21710","CVE-2026-21711","CVE-2026-21712","CVE-2026-21713","CVE-2026-21714","CVE-2026-21715","CVE-2026-21716","CVE-2026-21717","CVE-2026-2229","CVE-2026-25547","CVE-2026-2581","CVE-2026-26996","CVE-2026-27135"],"summary":"Important: nodejs24 security update","details":"Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices.\n\nSecurity Fix(es):\n\n* nodejs: Nodejs denial of service (CVE-2026-21637)\n\n* brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion (CVE-2026-25547)\n\n* minimatch: minimatch: Denial of Service via specially crafted glob patterns (CVE-2026-26996)\n\n* undici: Undici: Denial of Service due to uncontrolled resource consumption (CVE-2026-2581)\n\n* undici: Undici: HTTP header injection and request smuggling vulnerability (CVE-2026-1527)\n\n* undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression (CVE-2026-1526)\n\n* undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter (CVE-2026-2229)\n\n* undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers (CVE-2026-1525)\n\n* undici: undici: Denial of Service via crafted WebSocket frame with large length (CVE-2026-1528)\n\n* nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination (CVE-2026-27135)\n\n* Node.js: Node.js: Denial of Service via malformed Internationalized Domain Name processing (CVE-2026-21712)\n\n* Node.js: Node.js: Denial of Service due to crafted HTTP `__proto__` header (CVE-2026-21710)\n\n* Node.js: Node.js: Information disclosure due to `fs.realpathSync.native()` bypassing filesystem read restrictions (CVE-2026-21715)\n\n* nodejs: Node.js: Permission bypass allows unauthorized modification of file permissions and ownership via incomplete security fix. (CVE-2026-21716)\n\n* Node.js: Node.js: Unauthorized inter-process communication due to missing Unix Domain Socket permission checks (CVE-2026-21711)\n\n* Node.js: Node.js: Information disclosure via timing oracle in HMAC verification (CVE-2026-21713)\n\n* Node.js: Node.js: Memory leak and Denial of Service via crafted HTTP/2 WINDOW_UPDATE frames (CVE-2026-21714)\n\n* nodejs: v8: Node.js: Denial of Service via V8 string hashing mechanism due to predictable hash collisions (CVE-2026-21717)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:10","name":"nodejs24","purl":"pkg:rpm/rocky-linux/nodejs24?distro=rocky-linux-10&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:24.14.1-2.el10_1"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:7675"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453162"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2447142"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453160"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2447144"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2447140"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453161"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436942"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453151"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453037"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2447141"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453158"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453157"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453152"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2441268"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2448754"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2447143"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2431340"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2447145"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:7711","modified":"2026-04-20T00:09:53.152334Z","published":"2026-04-15T12:07:10.074197Z","upstream":["CVE-2026-28417","CVE-2026-28421","CVE-2026-33412"],"summary":"Important: vim security update","details":"Vim (Vi IMproved) is an updated and improved version of the vi editor.\n\nSecurity Fix(es):\n\n* vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin (CVE-2026-28417)\n\n* vim: Vim: Denial of service and information disclosure via crafted swap file (CVE-2026-28421)\n\n* vim: Vim: Arbitrary code execution via command injection in glob() function (CVE-2026-33412)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:10","name":"vim","purl":"pkg:rpm/rocky-linux/vim?distro=rocky-linux-10&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:9.1.083-6.el10_1.3"}],"database_specific":{"yum_repository":"BaseOS"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:7711"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450907"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2443474"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2443455"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:7992","modified":"2026-04-20T00:09:53.210706Z","published":"2026-04-15T12:07:10.074197Z","upstream":["CVE-2026-25679"],"summary":"Important: golang-github-openprinting-ipp-usb security update","details":"HTTP reverse proxy, backed by IPP-over-USB connection to device. It enables\n driverless support for USB devices capable of using IPP-over-USB protocol.\n\nSecurity Fix(es):\n\n* net/url: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:10","name":"golang-github-openprinting-ipp-usb","purl":"pkg:rpm/rocky-linux/golang-github-openprinting-ipp-usb?distro=rocky-linux-10&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.9.27-5.el10_1.1"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:7992"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2445356"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:7666","modified":"2026-04-20T00:09:52.884133Z","published":"2026-04-15T12:07:10.074197Z","upstream":["CVE-2026-27135"],"summary":"Important: nghttp2 security update","details":"libnghttp2 is a library implementing the Hypertext Transfer Protocol version 2 (HTTP/2) protocol in C.\n\nSecurity Fix(es):\n\n* nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination (CVE-2026-27135)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:10","name":"nghttp2","purl":"pkg:rpm/rocky-linux/nghttp2?distro=rocky-linux-10&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.64.0-2.el10_1.1"}],"database_specific":{"yum_repository":"BaseOS"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:7666"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2448754"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:7680","modified":"2026-04-20T00:09:52.977247Z","published":"2026-04-15T12:07:10.074197Z","upstream":["CVE-2006-10002","CVE-2006-10003"],"summary":"Important: perl-XML-Parser security update","details":"This module provides ways to parse XML documents. It is built on top of XML::Parser::Expat, which is a lower level interface to James Clark's expat library. Each call to one of the parsing methods creates a new instance of XML::Parser::Expat which is then used to parse the document. Expat options may be provided when the XML::Parser object is created. These options are then passed on to the Expat object on each parse call. They can also be given as extra arguments to the parse methods, in which case they override options given at XML::Parser creation time.\n\nSecurity Fix(es):\n\n* perl-xml-parser: XML::Parser: Memory corruption via deeply nested XML files (CVE-2006-10003)\n\n* perl-xml-parser: XML::Parser for Perl: Heap corruption and denial of service from crafted XML input (CVE-2006-10002)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:10","name":"perl-XML-Parser","purl":"pkg:rpm/rocky-linux/perl-XML-Parser?distro=rocky-linux-10&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.47-6.1.el10_1"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:7680"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2448999"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2449001"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:7672","modified":"2026-04-20T00:09:52.929368Z","published":"2026-04-15T12:07:10.074197Z","upstream":["CVE-2026-33416","CVE-2026-33636","CVE-2026-5731","CVE-2026-5732","CVE-2026-5734"],"summary":"Important: firefox security update","details":"Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nSecurity Fix(es):\n\n* libpng: libpng: Arbitrary code execution due to use-after-free vulnerability (CVE-2026-33416)\n\n* libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion (CVE-2026-33636)\n\n* thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2 (CVE-2026-5734)\n\n* thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 115.34.1, Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2 (CVE-2026-5731)\n\n* firefox: thunderbird: Incorrect boundary conditions, integer overflow in the Graphics: Text component (CVE-2026-5732)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:10","name":"firefox","purl":"pkg:rpm/rocky-linux/firefox?distro=rocky-linux-10&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:140.9.1-1.el10_1"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:7672"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451819"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455897"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451805"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455908"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455901"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:8119","modified":"2026-04-20T00:09:53.266858Z","published":"2026-04-15T12:07:10.074197Z","upstream":["CVE-2026-32748","CVE-2026-33526"],"summary":"Important: squid security update","details":"Squid is a high-performance proxy caching server for web clients, supporting FTP, and HTTP data objects.\n\nSecurity Fix(es):\n\n* squid: Squid: Denial of Service via heap Use-After-Free vulnerability in ICP handling (CVE-2026-33526)\n\n* Squid: Squid: Denial of Service via crafted ICP traffic (CVE-2026-32748)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:10","name":"squid","purl":"pkg:rpm/rocky-linux/squid?distro=rocky-linux-10&epoch=7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7:6.10-6.el10_1.3"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:8119"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451574"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451577"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:7668","modified":"2026-04-20T00:09:51.896737Z","published":"2026-04-15T12:04:13.822989Z","upstream":["CVE-2026-27135"],"summary":"Important: nghttp2 security update","details":"libnghttp2 is a library implementing the Hypertext Transfer Protocol version 2 (HTTP/2) protocol in C.\n\nSecurity Fix(es):\n\n* nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination (CVE-2026-27135)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:9","name":"nghttp2","purl":"pkg:rpm/rocky-linux/nghttp2?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.43.0-6.el9_7.1"}],"database_specific":{"yum_repository":"BaseOS"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:7668"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2448754"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:8075","modified":"2026-04-20T00:09:51.450534Z","published":"2026-04-15T12:03:53.750171Z","upstream":["CVE-2026-1519"],"summary":"Important: bind security update","details":"The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.\n\nSecurity Fix(es):\n\n* bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone (CVE-2026-1519)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:9","name":"bind","purl":"pkg:rpm/rocky-linux/bind?distro=rocky-linux-9&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:9.16.23-34.el9_7.2"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:8075"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451305"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:7671","modified":"2026-04-20T00:09:51.194161Z","published":"2026-04-15T12:03:53.750171Z","upstream":["CVE-2026-33416","CVE-2026-33636","CVE-2026-5731","CVE-2026-5732","CVE-2026-5734"],"summary":"Important: firefox security update","details":"Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nSecurity Fix(es):\n\n* libpng: libpng: Arbitrary code execution due to use-after-free vulnerability (CVE-2026-33416)\n\n* libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion (CVE-2026-33636)\n\n* thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2 (CVE-2026-5734)\n\n* thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 115.34.1, Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2 (CVE-2026-5731)\n\n* firefox: thunderbird: Incorrect boundary conditions, integer overflow in the Graphics: Text component (CVE-2026-5732)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:9","name":"firefox","purl":"pkg:rpm/rocky-linux/firefox?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:140.9.1-1.el9_7"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:7671"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451805"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451819"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455897"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455901"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455908"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:7679","modified":"2026-04-20T00:09:51.239339Z","published":"2026-04-15T12:03:53.750171Z","upstream":["CVE-2006-10002","CVE-2006-10003"],"summary":"Important: perl-XML-Parser security update","details":"This module provides ways to parse XML documents. It is built on top of XML::Parser::Expat, which is a lower level interface to James Clark's expat library. Each call to one of the parsing methods creates a new instance of XML::Parser::Expat which is then used to parse the document. Expat options may be provided when the XML::Parser object is created. These options are then passed on to the Expat object on each parse call. They can also be given as extra arguments to the parse methods, in which case they override options given at XML::Parser creation time.\n\nSecurity Fix(es):\n\n* perl-xml-parser: XML::Parser: Memory corruption via deeply nested XML files (CVE-2006-10003)\n\n* perl-xml-parser: XML::Parser for Perl: Heap corruption and denial of service from crafted XML input (CVE-2006-10002)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:9","name":"perl-XML-Parser","purl":"pkg:rpm/rocky-linux/perl-XML-Parser?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.46-9.1.el9_7"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:7679"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2448999"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2449001"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:7915","modified":"2026-04-20T00:09:51.400725Z","published":"2026-04-15T12:03:53.750171Z","upstream":["CVE-2026-1519"],"summary":"Important: bind9.18 security update","details":"BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly.\n\nSecurity Fix(es):\n\n* bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone (CVE-2026-1519)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:9","name":"bind9.18","purl":"pkg:rpm/rocky-linux/bind9.18?distro=rocky-linux-9&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:9.18.29-5.el9_7.4"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:7915"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451305"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:8155","modified":"2026-04-20T00:09:48.519097Z","published":"2026-04-15T12:01:11.496799Z","upstream":["CVE-2026-1519"],"summary":"Important: bind9.16 security update","details":"The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.\n\nSecurity Fix(es):\n\n* bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone (CVE-2026-1519)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:8","name":"bind9.16","purl":"pkg:rpm/rocky-linux/bind9.16?distro=rocky-linux-8&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:9.16.23-0.22.el8_10.5"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:8155"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451305"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2023:7025","modified":"2026-04-20T00:09:41.090579Z","published":"2026-04-14T18:01:10.838937Z","upstream":["CVE-2021-33621","CVE-2022-28739","CVE-2023-28755","CVE-2023-28756"],"summary":"Moderate: ruby:2.5 security update","details":"Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.\n\nSecurity Fix(es):\n\n* ruby/cgi-gem: HTTP response splitting in CGI (CVE-2021-33621)\n\n* ruby: Buffer overrun in String-to-Float conversion (CVE-2022-28739)\n\n* ruby: ReDoS vulnerability in URI (CVE-2023-28755)\n\n* ruby: ReDoS vulnerability in Time (CVE-2023-28756)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Rocky Linux 8.9 Release Notes linked from the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:8","name":"rubygem-mongo","purl":"pkg:rpm/rocky-linux/rubygem-mongo?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.5.1-2.module+el8.9.0+1536+5f79634e"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"rubygem-mysql2","purl":"pkg:rpm/rocky-linux/rubygem-mysql2?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.4.10-4.module+el8.9.0+1536+5f79634e"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"ruby","purl":"pkg:rpm/rocky-linux/ruby?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.5.9-111.module+el8.9.0+1536+5f79634e"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"rubygem-abrt","purl":"pkg:rpm/rocky-linux/rubygem-abrt?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.3.0-4.module+el8.9.0+1536+5f79634e"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"rubygem-abrt","purl":"pkg:rpm/rocky-linux/rubygem-abrt?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.3.0-4.module+el8.5.0+738+032c9c02"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"rubygem-bson","purl":"pkg:rpm/rocky-linux/rubygem-bson?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.0-2.module+el8.9.0+1536+5f79634e"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"rubygem-bundler","purl":"pkg:rpm/rocky-linux/rubygem-bundler?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.16.1-4.module+el8.9.0+1536+5f79634e"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"rubygem-pg","purl":"pkg:rpm/rocky-linux/rubygem-pg?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.0.0-3.module+el8.9.0+1536+5f79634e"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2023:7025"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2075687"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2149706"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2184059"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2184061"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:8096","modified":"2026-04-20T00:09:48.442562Z","published":"2026-04-14T18:01:10.838937Z","upstream":["CVE-2025-40909"],"summary":"Moderate: perl:5.32 security update","details":"Perl is a high-level programming language that is commonly used for system administration utilities and web programming.\n\nSecurity Fix(es):\n\n* perl: Perl threads have a working directory race condition where file operations may target unintended paths (CVE-2025-40909)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"affected":[{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Algorithm-Diff","purl":"pkg:rpm/rocky-linux/perl-Algorithm-Diff?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.1903-10.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Algorithm-Diff","purl":"pkg:rpm/rocky-linux/perl-Algorithm-Diff?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.1903-10.module+el8.6.0+882+2fa1e48f"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Algorithm-Diff","purl":"pkg:rpm/rocky-linux/perl-Algorithm-Diff?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.1903-10.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Archive-Tar","purl":"pkg:rpm/rocky-linux/perl-Archive-Tar?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.38-3.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Archive-Zip","purl":"pkg:rpm/rocky-linux/perl-Archive-Zip?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.68-3.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-autodie","purl":"pkg:rpm/rocky-linux/perl-autodie?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.34-1.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-bignum","purl":"pkg:rpm/rocky-linux/perl-bignum?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.51-439.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-bignum","purl":"pkg:rpm/rocky-linux/perl-bignum?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.51-439.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Carp","purl":"pkg:rpm/rocky-linux/perl-Carp?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.50-439.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Carp","purl":"pkg:rpm/rocky-linux/perl-Carp?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.50-439.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Compress-Bzip2","purl":"pkg:rpm/rocky-linux/perl-Compress-Bzip2?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.28-2.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Compress-Raw-Bzip2","purl":"pkg:rpm/rocky-linux/perl-Compress-Raw-Bzip2?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.096-1.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Compress-Raw-Lzma","purl":"pkg:rpm/rocky-linux/perl-Compress-Raw-Lzma?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.096-1.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Compress-Raw-Zlib","purl":"pkg:rpm/rocky-linux/perl-Compress-Raw-Zlib?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.096-2.module+el8.10.0+1753+8441f55f"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Config-Perl-V","purl":"pkg:rpm/rocky-linux/perl-Config-Perl-V?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.32-441.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Config-Perl-V","purl":"pkg:rpm/rocky-linux/perl-Config-Perl-V?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.32-441.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-constant","purl":"pkg:rpm/rocky-linux/perl-constant?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.33-1001.module+el8.6.0+882+2fa1e48f"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-constant","purl":"pkg:rpm/rocky-linux/perl-constant?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.33-1001.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-constant","purl":"pkg:rpm/rocky-linux/perl-constant?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.33-1001.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-CPAN","purl":"pkg:rpm/rocky-linux/perl-CPAN?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.28-5.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-CPAN-DistnameInfo","purl":"pkg:rpm/rocky-linux/perl-CPAN-DistnameInfo?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.12-13.module+el8.10.0+1890+281b551b"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-CPAN-DistnameInfo","purl":"pkg:rpm/rocky-linux/perl-CPAN-DistnameInfo?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.12-13.module+el8.10.0+1890+318cbfb5"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-CPAN-DistnameInfo","purl":"pkg:rpm/rocky-linux/perl-CPAN-DistnameInfo?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.12-13.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-CPAN-DistnameInfo","purl":"pkg:rpm/rocky-linux/perl-CPAN-DistnameInfo?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.12-13.module+el8.9.0+1491+219f8fe7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-CPAN-DistnameInfo","purl":"pkg:rpm/rocky-linux/perl-CPAN-DistnameInfo?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.12-13.module+el8.9.0+1491+a1bcd037"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-CPAN-DistnameInfo","purl":"pkg:rpm/rocky-linux/perl-CPAN-DistnameInfo?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.12-13.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-CPAN-DistnameInfo","purl":"pkg:rpm/rocky-linux/perl-CPAN-DistnameInfo?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.12-13.module+el8.9.0+1491+3507a112"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-CPAN-DistnameInfo","purl":"pkg:rpm/rocky-linux/perl-CPAN-DistnameInfo?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.12-13.module+el8.10.0+1890+1072d5cf"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-CPAN-Meta","purl":"pkg:rpm/rocky-linux/perl-CPAN-Meta?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.150010-397.module+el8.6.0+882+2fa1e48f"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-CPAN-Meta","purl":"pkg:rpm/rocky-linux/perl-CPAN-Meta?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.150010-397.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-CPAN-Meta","purl":"pkg:rpm/rocky-linux/perl-CPAN-Meta?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.150010-397.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-CPAN-Meta-Requirements","purl":"pkg:rpm/rocky-linux/perl-CPAN-Meta-Requirements?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.140-397.module+el8.6.0+882+2fa1e48f"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-CPAN-Meta-Requirements","purl":"pkg:rpm/rocky-linux/perl-CPAN-Meta-Requirements?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.140-397.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-CPAN-Meta-Requirements","purl":"pkg:rpm/rocky-linux/perl-CPAN-Meta-Requirements?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.140-397.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-CPAN-Meta-YAML","purl":"pkg:rpm/rocky-linux/perl-CPAN-Meta-YAML?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.018-1001.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-CPAN-Meta-YAML","purl":"pkg:rpm/rocky-linux/perl-CPAN-Meta-YAML?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.018-1001.module+el8.6.0+882+2fa1e48f"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-CPAN-Meta-YAML","purl":"pkg:rpm/rocky-linux/perl-CPAN-Meta-YAML?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.018-1001.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Data-Dumper","purl":"pkg:rpm/rocky-linux/perl-Data-Dumper?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.174-440.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Data-Dumper","purl":"pkg:rpm/rocky-linux/perl-Data-Dumper?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.174-440.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Data-OptList","purl":"pkg:rpm/rocky-linux/perl-Data-OptList?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.110-7.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Data-OptList","purl":"pkg:rpm/rocky-linux/perl-Data-OptList?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.110-7.module+el8.6.0+882+2fa1e48f"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Data-OptList","purl":"pkg:rpm/rocky-linux/perl-Data-OptList?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.110-7.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Data-Section","purl":"pkg:rpm/rocky-linux/perl-Data-Section?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.200007-8.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Data-Section","purl":"pkg:rpm/rocky-linux/perl-Data-Section?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.200007-8.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-DB_File","purl":"pkg:rpm/rocky-linux/perl-DB_File?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.855-1.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Devel-PPPort","purl":"pkg:rpm/rocky-linux/perl-Devel-PPPort?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.62-1.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Devel-Size","purl":"pkg:rpm/rocky-linux/perl-Devel-Size?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.83-3.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Devel-Size","purl":"pkg:rpm/rocky-linux/perl-Devel-Size?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.83-3.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Digest","purl":"pkg:rpm/rocky-linux/perl-Digest?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.20-1.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Digest-MD5","purl":"pkg:rpm/rocky-linux/perl-Digest-MD5?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.58-1.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Digest-SHA","purl":"pkg:rpm/rocky-linux/perl-Digest-SHA?distro=rocky-linux-8&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:6.02-2.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Digest-SHA","purl":"pkg:rpm/rocky-linux/perl-Digest-SHA?distro=rocky-linux-8&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:6.02-2.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Digest-SHA","purl":"pkg:rpm/rocky-linux/perl-Digest-SHA?distro=rocky-linux-8&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:6.02-2.module+el8.6.0+882+2fa1e48f"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Encode","purl":"pkg:rpm/rocky-linux/perl-Encode?distro=rocky-linux-8&epoch=4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4:3.08-461.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Encode-Locale","purl":"pkg:rpm/rocky-linux/perl-Encode-Locale?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.05-10.module+el8.9.0+1521+faf8d1d6"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Encode-Locale","purl":"pkg:rpm/rocky-linux/perl-Encode-Locale?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.05-10.module+el8.9.0+1521+b0a37ee7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Encode-Locale","purl":"pkg:rpm/rocky-linux/perl-Encode-Locale?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.05-10.module+el8.9.0+1521+ec157587"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Encode-Locale","purl":"pkg:rpm/rocky-linux/perl-Encode-Locale?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.05-10.module+el8.9.0+1521+0101edce"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Encode-Locale","purl":"pkg:rpm/rocky-linux/perl-Encode-Locale?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.05-10.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Env","purl":"pkg:rpm/rocky-linux/perl-Env?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.04-396.module+el8.6.0+882+2fa1e48f"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Env","purl":"pkg:rpm/rocky-linux/perl-Env?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.04-396.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Env","purl":"pkg:rpm/rocky-linux/perl-Env?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.04-396.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-experimental","purl":"pkg:rpm/rocky-linux/perl-experimental?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.025-1.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Exporter","purl":"pkg:rpm/rocky-linux/perl-Exporter?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:5.74-458.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-ExtUtils-CBuilder","purl":"pkg:rpm/rocky-linux/perl-ExtUtils-CBuilder?distro=rocky-linux-8&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:0.280236-1.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-ExtUtils-Install","purl":"pkg:rpm/rocky-linux/perl-ExtUtils-Install?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.20-1.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-ExtUtils-MakeMaker","purl":"pkg:rpm/rocky-linux/perl-ExtUtils-MakeMaker?distro=rocky-linux-8&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:7.46-3.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-ExtUtils-Manifest","purl":"pkg:rpm/rocky-linux/perl-ExtUtils-Manifest?distro=rocky-linux-8&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.73-1.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-ExtUtils-ParseXS","purl":"pkg:rpm/rocky-linux/perl-ExtUtils-ParseXS?distro=rocky-linux-8&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:3.40-439.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-ExtUtils-ParseXS","purl":"pkg:rpm/rocky-linux/perl-ExtUtils-ParseXS?distro=rocky-linux-8&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:3.40-439.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Fedora-VSP","purl":"pkg:rpm/rocky-linux/perl-Fedora-VSP?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.001-10.module+el8.6.0+882+2fa1e48f"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Fedora-VSP","purl":"pkg:rpm/rocky-linux/perl-Fedora-VSP?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.001-10.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Fedora-VSP","purl":"pkg:rpm/rocky-linux/perl-Fedora-VSP?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.001-10.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-File-Fetch","purl":"pkg:rpm/rocky-linux/perl-File-Fetch?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.00-1.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-File-HomeDir","purl":"pkg:rpm/rocky-linux/perl-File-HomeDir?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.004-6.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-File-HomeDir","purl":"pkg:rpm/rocky-linux/perl-File-HomeDir?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.004-6.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-File-Path","purl":"pkg:rpm/rocky-linux/perl-File-Path?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.16-439.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-File-Path","purl":"pkg:rpm/rocky-linux/perl-File-Path?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.16-439.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-File-Temp","purl":"pkg:rpm/rocky-linux/perl-File-Temp?distro=rocky-linux-8&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:0.231.100-1.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-File-Which","purl":"pkg:rpm/rocky-linux/perl-File-Which?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.23-4.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-File-Which","purl":"pkg:rpm/rocky-linux/perl-File-Which?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.23-4.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Filter","purl":"pkg:rpm/rocky-linux/perl-Filter?distro=rocky-linux-8&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:1.60-1.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Filter-Simple","purl":"pkg:rpm/rocky-linux/perl-Filter-Simple?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.96-457.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-generators","purl":"pkg:rpm/rocky-linux/perl-generators?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.13-1.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Getopt-Long","purl":"pkg:rpm/rocky-linux/perl-Getopt-Long?distro=rocky-linux-8&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:2.52-1.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-HTTP-Tiny","purl":"pkg:rpm/rocky-linux/perl-HTTP-Tiny?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.078-1.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Importer","purl":"pkg:rpm/rocky-linux/perl-Importer?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.025-6.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Importer","purl":"pkg:rpm/rocky-linux/perl-Importer?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.025-6.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-inc-latest","purl":"pkg:rpm/rocky-linux/perl-inc-latest?distro=rocky-linux-8&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:0.500-10.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-inc-latest","purl":"pkg:rpm/rocky-linux/perl-inc-latest?distro=rocky-linux-8&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:0.500-10.module+el8.6.0+882+2fa1e48f"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-inc-latest","purl":"pkg:rpm/rocky-linux/perl-inc-latest?distro=rocky-linux-8&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:0.500-10.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-IO-Compress","purl":"pkg:rpm/rocky-linux/perl-IO-Compress?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.096-1.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-IO-Compress-Lzma","purl":"pkg:rpm/rocky-linux/perl-IO-Compress-Lzma?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.096-1.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-IO-Socket-IP","purl":"pkg:rpm/rocky-linux/perl-IO-Socket-IP?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.41-2.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-IPC-Cmd","purl":"pkg:rpm/rocky-linux/perl-IPC-Cmd?distro=rocky-linux-8&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:1.04-2.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-IPC-Cmd","purl":"pkg:rpm/rocky-linux/perl-IPC-Cmd?distro=rocky-linux-8&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:1.04-2.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-IPC-System-Simple","purl":"pkg:rpm/rocky-linux/perl-IPC-System-Simple?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.30-3.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-IPC-SysV","purl":"pkg:rpm/rocky-linux/perl-IPC-SysV?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.09-1.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-JSON-PP","purl":"pkg:rpm/rocky-linux/perl-JSON-PP?distro=rocky-linux-8&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:4.04-2.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-JSON-PP","purl":"pkg:rpm/rocky-linux/perl-JSON-PP?distro=rocky-linux-8&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:4.04-2.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-libnet","purl":"pkg:rpm/rocky-linux/perl-libnet?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.13-1.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Locale-Maketext","purl":"pkg:rpm/rocky-linux/perl-Locale-Maketext?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.29-440.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Locale-Maketext","purl":"pkg:rpm/rocky-linux/perl-Locale-Maketext?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.29-440.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-local-lib","purl":"pkg:rpm/rocky-linux/perl-local-lib?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.000024-7.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-local-lib","purl":"pkg:rpm/rocky-linux/perl-local-lib?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.000024-7.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Math-BigInt","purl":"pkg:rpm/rocky-linux/perl-Math-BigInt?distro=rocky-linux-8&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.9998.18-1.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Math-BigInt","purl":"pkg:rpm/rocky-linux/perl-Math-BigInt?distro=rocky-linux-8&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.9998.18-1.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Math-BigInt-FastCalc","purl":"pkg:rpm/rocky-linux/perl-Math-BigInt-FastCalc?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.500.900-1.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Math-BigInt-FastCalc","purl":"pkg:rpm/rocky-linux/perl-Math-BigInt-FastCalc?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.500.900-1.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Math-BigRat","purl":"pkg:rpm/rocky-linux/perl-Math-BigRat?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.2614-2.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Math-BigRat","purl":"pkg:rpm/rocky-linux/perl-Math-BigRat?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.2614-2.module+el8.6.0+882+2fa1e48f"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Math-BigRat","purl":"pkg:rpm/rocky-linux/perl-Math-BigRat?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.2614-2.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-MIME-Base64","purl":"pkg:rpm/rocky-linux/perl-MIME-Base64?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.15-1001.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-MIME-Base64","purl":"pkg:rpm/rocky-linux/perl-MIME-Base64?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.15-1001.module+el8.6.0+882+2fa1e48f"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-MIME-Base64","purl":"pkg:rpm/rocky-linux/perl-MIME-Base64?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.15-1001.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Module-Build","purl":"pkg:rpm/rocky-linux/perl-Module-Build?distro=rocky-linux-8&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:0.42.31-5.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Module-CoreList","purl":"pkg:rpm/rocky-linux/perl-Module-CoreList?distro=rocky-linux-8&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:5.20211020-1.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Module-Load","purl":"pkg:rpm/rocky-linux/perl-Module-Load?distro=rocky-linux-8&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:0.36-1.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Module-Load-Conditional","purl":"pkg:rpm/rocky-linux/perl-Module-Load-Conditional?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.74-1.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Module-Metadata","purl":"pkg:rpm/rocky-linux/perl-Module-Metadata?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.000037-1.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Module-Metadata","purl":"pkg:rpm/rocky-linux/perl-Module-Metadata?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.000037-1.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-MRO-Compat","purl":"pkg:rpm/rocky-linux/perl-MRO-Compat?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.13-5.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-MRO-Compat","purl":"pkg:rpm/rocky-linux/perl-MRO-Compat?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.13-5.module+el8.6.0+882+2fa1e48f"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-MRO-Compat","purl":"pkg:rpm/rocky-linux/perl-MRO-Compat?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.13-5.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Object-HashBase","purl":"pkg:rpm/rocky-linux/perl-Object-HashBase?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.009-4.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Package-Generator","purl":"pkg:rpm/rocky-linux/perl-Package-Generator?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.106-12.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Package-Generator","purl":"pkg:rpm/rocky-linux/perl-Package-Generator?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.106-12.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Package-Generator","purl":"pkg:rpm/rocky-linux/perl-Package-Generator?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.106-12.module+el8.6.0+882+2fa1e48f"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Params-Check","purl":"pkg:rpm/rocky-linux/perl-Params-Check?distro=rocky-linux-8&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:0.38-396.module+el8.6.0+882+2fa1e48f"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Params-Check","purl":"pkg:rpm/rocky-linux/perl-Params-Check?distro=rocky-linux-8&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:0.38-396.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Params-Check","purl":"pkg:rpm/rocky-linux/perl-Params-Check?distro=rocky-linux-8&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:0.38-396.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Params-Util","purl":"pkg:rpm/rocky-linux/perl-Params-Util?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.102-2.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-parent","purl":"pkg:rpm/rocky-linux/perl-parent?distro=rocky-linux-8&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:0.238-457.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-PathTools","purl":"pkg:rpm/rocky-linux/perl-PathTools?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.78-439.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-PathTools","purl":"pkg:rpm/rocky-linux/perl-PathTools?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.78-439.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-perlfaq","purl":"pkg:rpm/rocky-linux/perl-perlfaq?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:5.20210520-1.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-PerlIO-via-QuotedPrint","purl":"pkg:rpm/rocky-linux/perl-PerlIO-via-QuotedPrint?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.09-1.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Perl-OSType","purl":"pkg:rpm/rocky-linux/perl-Perl-OSType?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.010-397.module+el8.6.0+882+2fa1e48f"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Perl-OSType","purl":"pkg:rpm/rocky-linux/perl-Perl-OSType?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.010-397.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Perl-OSType","purl":"pkg:rpm/rocky-linux/perl-Perl-OSType?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.010-397.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Pod-Checker","purl":"pkg:rpm/rocky-linux/perl-Pod-Checker?distro=rocky-linux-8&epoch=4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4:1.74-1.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Pod-Escapes","purl":"pkg:rpm/rocky-linux/perl-Pod-Escapes?distro=rocky-linux-8&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.07-396.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Pod-Escapes","purl":"pkg:rpm/rocky-linux/perl-Pod-Escapes?distro=rocky-linux-8&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.07-396.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Pod-Escapes","purl":"pkg:rpm/rocky-linux/perl-Pod-Escapes?distro=rocky-linux-8&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.07-396.module+el8.6.0+882+2fa1e48f"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-podlators","purl":"pkg:rpm/rocky-linux/perl-podlators?distro=rocky-linux-8&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:4.14-457.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Pod-Parser","purl":"pkg:rpm/rocky-linux/perl-Pod-Parser?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.63-1001.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Pod-Parser","purl":"pkg:rpm/rocky-linux/perl-Pod-Parser?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.63-1001.module+el8.6.0+882+2fa1e48f"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Pod-Parser","purl":"pkg:rpm/rocky-linux/perl-Pod-Parser?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.63-1001.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Pod-Perldoc","purl":"pkg:rpm/rocky-linux/perl-Pod-Perldoc?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.28.01-443.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Pod-Simple","purl":"pkg:rpm/rocky-linux/perl-Pod-Simple?distro=rocky-linux-8&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:3.42-1.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Pod-Usage","purl":"pkg:rpm/rocky-linux/perl-Pod-Usage?distro=rocky-linux-8&epoch=4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4:2.01-1.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Scalar-List-Utils","purl":"pkg:rpm/rocky-linux/perl-Scalar-List-Utils?distro=rocky-linux-8&epoch=4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4:1.55-457.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Socket","purl":"pkg:rpm/rocky-linux/perl-Socket?distro=rocky-linux-8&epoch=4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4:2.031-1.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Software-License","purl":"pkg:rpm/rocky-linux/perl-Software-License?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.103014-5.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Software-License","purl":"pkg:rpm/rocky-linux/perl-Software-License?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.103014-5.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Storable","purl":"pkg:rpm/rocky-linux/perl-Storable?distro=rocky-linux-8&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:3.21-457.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Sub-Exporter","purl":"pkg:rpm/rocky-linux/perl-Sub-Exporter?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.987-17.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Sub-Install","purl":"pkg:rpm/rocky-linux/perl-Sub-Install?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.928-15.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Sub-Install","purl":"pkg:rpm/rocky-linux/perl-Sub-Install?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.928-15.module+el8.6.0+882+2fa1e48f"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Sub-Install","purl":"pkg:rpm/rocky-linux/perl-Sub-Install?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.928-15.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Sys-Syslog","purl":"pkg:rpm/rocky-linux/perl-Sys-Syslog?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.36-1.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Sys-Syslog","purl":"pkg:rpm/rocky-linux/perl-Sys-Syslog?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.36-1.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Term-ANSIColor","purl":"pkg:rpm/rocky-linux/perl-Term-ANSIColor?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:5.01-458.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Term-Cap","purl":"pkg:rpm/rocky-linux/perl-Term-Cap?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.17-396.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Term-Cap","purl":"pkg:rpm/rocky-linux/perl-Term-Cap?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.17-396.module+el8.6.0+882+2fa1e48f"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Term-Cap","purl":"pkg:rpm/rocky-linux/perl-Term-Cap?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.17-396.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Term-Table","purl":"pkg:rpm/rocky-linux/perl-Term-Table?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.015-2.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Term-Table","purl":"pkg:rpm/rocky-linux/perl-Term-Table?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.015-2.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Test-Harness","purl":"pkg:rpm/rocky-linux/perl-Test-Harness?distro=rocky-linux-8&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:3.42-2.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Test-Harness","purl":"pkg:rpm/rocky-linux/perl-Test-Harness?distro=rocky-linux-8&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:3.42-2.module+el8.6.0+882+2fa1e48f"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Test-Harness","purl":"pkg:rpm/rocky-linux/perl-Test-Harness?distro=rocky-linux-8&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:3.42-2.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Test-Simple","purl":"pkg:rpm/rocky-linux/perl-Test-Simple?distro=rocky-linux-8&epoch=3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3:1.302181-2.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Text-Balanced","purl":"pkg:rpm/rocky-linux/perl-Text-Balanced?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.04-1.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Text-Diff","purl":"pkg:rpm/rocky-linux/perl-Text-Diff?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.45-7.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Text-Diff","purl":"pkg:rpm/rocky-linux/perl-Text-Diff?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.45-7.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Text-Glob","purl":"pkg:rpm/rocky-linux/perl-Text-Glob?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.11-5.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Text-Glob","purl":"pkg:rpm/rocky-linux/perl-Text-Glob?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.11-5.module+el8.6.0+882+2fa1e48f"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Text-Glob","purl":"pkg:rpm/rocky-linux/perl-Text-Glob?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.11-5.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Text-ParseWords","purl":"pkg:rpm/rocky-linux/perl-Text-ParseWords?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.30-396.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Text-ParseWords","purl":"pkg:rpm/rocky-linux/perl-Text-ParseWords?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.30-396.module+el8.6.0+882+2fa1e48f"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Text-ParseWords","purl":"pkg:rpm/rocky-linux/perl-Text-ParseWords?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.30-396.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Text-Tabs+Wrap","purl":"pkg:rpm/rocky-linux/perl-Text-Tabs+Wrap?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2013.0523-396.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Text-Tabs+Wrap","purl":"pkg:rpm/rocky-linux/perl-Text-Tabs+Wrap?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2013.0523-396.module+el8.6.0+882+2fa1e48f"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Text-Tabs+Wrap","purl":"pkg:rpm/rocky-linux/perl-Text-Tabs+Wrap?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2013.0523-396.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Text-Template","purl":"pkg:rpm/rocky-linux/perl-Text-Template?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.58-1.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Text-Template","purl":"pkg:rpm/rocky-linux/perl-Text-Template?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.58-1.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Thread-Queue","purl":"pkg:rpm/rocky-linux/perl-Thread-Queue?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.14-457.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-threads","purl":"pkg:rpm/rocky-linux/perl-threads?distro=rocky-linux-8&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:2.25-457.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-threads-shared","purl":"pkg:rpm/rocky-linux/perl-threads-shared?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.61-457.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Time-HiRes","purl":"pkg:rpm/rocky-linux/perl-Time-HiRes?distro=rocky-linux-8&epoch=4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4:1.9764-459.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Time-Local","purl":"pkg:rpm/rocky-linux/perl-Time-Local?distro=rocky-linux-8&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:1.300-4.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Unicode-Collate","purl":"pkg:rpm/rocky-linux/perl-Unicode-Collate?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.29-1.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-Unicode-Normalize","purl":"pkg:rpm/rocky-linux/perl-Unicode-Normalize?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.27-458.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-URI","purl":"pkg:rpm/rocky-linux/perl-URI?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.76-5.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-URI","purl":"pkg:rpm/rocky-linux/perl-URI?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.76-5.module+el8.6.0+878+f93dfff7"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"perl-version","purl":"pkg:rpm/rocky-linux/perl-version?distro=rocky-linux-8&epoch=7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7:0.99.29-1.module+el8.10.0+1616+0d20cc68"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:8096"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2369407"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:7677","modified":"2026-04-20T00:09:49.617912Z","published":"2026-04-14T12:01:52.852600Z","upstream":["CVE-2025-15269","CVE-2025-15270","CVE-2025-15275","CVE-2025-15279"],"summary":"Important: fontforge security update","details":"FontForge is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript (ASCII and binary Type 1, some Type 3 and Type 0), TrueType, OpenType (Type2) and CID-keyed fonts. \n\nSecurity Fix(es):\n\n* fontforge: FontForge: Remote Code Execution via heap-based buffer overflow in BMP file parsing (CVE-2025-15279)\n\n* fontforge: FontForge: Remote Code Execution via Use-After-Free in SFD file parsing (CVE-2025-15269)\n\n* fontforge: FontForge: Arbitrary code execution via SFD file parsing buffer overflow (CVE-2025-15275)\n\n* fontforge: FontForge: Remote Code Execution via malicious SFD file parsing (CVE-2025-15270)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:8","name":"fontforge","purl":"pkg:rpm/rocky-linux/fontforge?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:20200314-7.el8_10"}],"database_specific":{"yum_repository":"PowerTools"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:7677"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2426421"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2426423"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2426429"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2426434"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:7681","modified":"2026-04-20T00:09:43.114121Z","published":"2026-04-14T12:01:12.815874Z","upstream":["CVE-2006-10002","CVE-2006-10003"],"summary":"Important: perl-XML-Parser security update","details":"This module provides ways to parse XML documents. It is built on top of XML::Parser::Expat, which is a lower level interface to James Clark's expat library. Each call to one of the parsing methods creates a new instance of XML::Parser::Expat which is then used to parse the document. Expat options may be provided when the XML::Parser object is created. These options are then passed on to the Expat object on each parse call. They can also be given as extra arguments to the parse methods, in which case they override options given at XML::Parser creation time.\n\nSecurity Fix(es):\n\n* perl-xml-parser: XML::Parser: Memory corruption via deeply nested XML files (CVE-2006-10003)\n\n* perl-xml-parser: XML::Parser for Perl: Heap corruption and denial of service from crafted XML input (CVE-2006-10002)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:8","name":"perl-XML-Parser","purl":"pkg:rpm/rocky-linux/perl-XML-Parser?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.44-12.el8_10"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:7681"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2448999"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2449001"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:7896","modified":"2026-04-20T00:09:51.351632Z","published":"2026-04-14T00:03:57.180146Z","upstream":["CVE-2026-21710","CVE-2026-26996","CVE-2026-27135","CVE-2026-27904"],"summary":"Important: nodejs:20 security update","details":"Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nSecurity Fix(es):\n\n* minimatch: minimatch: Denial of Service via specially crafted glob patterns (CVE-2026-26996)\n\n* minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions (CVE-2026-27904)\n\n* nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination (CVE-2026-27135)\n\n* Node.js: Node.js: Denial of Service due to crafted HTTP `__proto__` header (CVE-2026-21710)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:9","name":"nodejs-nodemon","purl":"pkg:rpm/rocky-linux/nodejs-nodemon?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.0.1-1.module+el9.7.0+40017+f0db1785"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:9","name":"nodejs-nodemon","purl":"pkg:rpm/rocky-linux/nodejs-nodemon?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.0.1-1.module+el9.7.0+40022+9ecc286c"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:9","name":"nodejs-nodemon","purl":"pkg:rpm/rocky-linux/nodejs-nodemon?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.0.1-1.module+el9.7.0+40018+a011993d"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:9","name":"nodejs-nodemon","purl":"pkg:rpm/rocky-linux/nodejs-nodemon?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.0.1-1.module+el9.7.0+40153+4d595597"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:9","name":"nodejs-packaging","purl":"pkg:rpm/rocky-linux/nodejs-packaging?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2021.06-6.module+el9.7.0+40052+e32ea525"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:9","name":"nodejs-packaging","purl":"pkg:rpm/rocky-linux/nodejs-packaging?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2021.06-6.module+el9.7.0+40153+4d595597"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:9","name":"nodejs","purl":"pkg:rpm/rocky-linux/nodejs?distro=rocky-linux-9&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:20.20.2-1.module+el9.7.0+40153+4d595597"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:7896"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2441268"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442922"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2448754"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453151"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:7670","modified":"2026-04-20T00:09:43.321432Z","published":"2026-04-13T06:01:13.567166Z","upstream":["CVE-2026-1525","CVE-2026-1526","CVE-2026-1527","CVE-2026-1528","CVE-2026-21637","CVE-2026-21710","CVE-2026-21711","CVE-2026-21712","CVE-2026-21713","CVE-2026-21714","CVE-2026-21715","CVE-2026-21716","CVE-2026-21717","CVE-2026-2229","CVE-2026-2581","CVE-2026-26996","CVE-2026-27135"],"summary":"Important: nodejs:24 security update","details":"Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nSecurity Fix(es):\n\n* nodejs: Nodejs denial of service (CVE-2026-21637)\n\n* minimatch: minimatch: Denial of Service via specially crafted glob patterns (CVE-2026-26996)\n\n* undici: Undici: Denial of Service due to uncontrolled resource consumption (CVE-2026-2581)\n\n* undici: Undici: HTTP header injection and request smuggling vulnerability (CVE-2026-1527)\n\n* undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression (CVE-2026-1526)\n\n* undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter (CVE-2026-2229)\n\n* undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers (CVE-2026-1525)\n\n* undici: undici: Denial of Service via crafted WebSocket frame with large length (CVE-2026-1528)\n\n* nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination (CVE-2026-27135)\n\n* Node.js: Node.js: Denial of Service via malformed Internationalized Domain Name processing (CVE-2026-21712)\n\n* Node.js: Node.js: Denial of Service due to crafted HTTP `__proto__` header (CVE-2026-21710)\n\n* Node.js: Node.js: Information disclosure due to `fs.realpathSync.native()` bypassing filesystem read restrictions (CVE-2026-21715)\n\n* nodejs: Node.js: Permission bypass allows unauthorized modification of file permissions and ownership via incomplete security fix. (CVE-2026-21716)\n\n* Node.js: Node.js: Unauthorized inter-process communication due to missing Unix Domain Socket permission checks (CVE-2026-21711)\n\n* Node.js: Node.js: Information disclosure via timing oracle in HMAC verification (CVE-2026-21713)\n\n* Node.js: Node.js: Memory leak and Denial of Service via crafted HTTP/2 WINDOW_UPDATE frames (CVE-2026-21714)\n\n* nodejs: v8: Node.js: Denial of Service via V8 string hashing mechanism due to predictable hash collisions (CVE-2026-21717)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:8","name":"nodejs-nodemon","purl":"pkg:rpm/rocky-linux/nodejs-nodemon?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.0.3-1.module+el8.10.0+2084+ab509703"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"nodejs-packaging","purl":"pkg:rpm/rocky-linux/nodejs-packaging?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2021.06-6.module+el8.10.0+40048+6d99f608"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"nodejs","purl":"pkg:rpm/rocky-linux/nodejs?distro=rocky-linux-8&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:24.14.1-2.module+el8.10.0+40152+064e9ddb"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:7670"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2431340"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2441268"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2447140"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2447141"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2447142"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2447143"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2447144"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2447145"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2448754"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453037"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453151"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453152"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453157"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453158"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453160"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453161"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453162"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:6632","modified":"2026-04-20T00:09:52.432727Z","published":"2026-04-12T06:07:10.449425Z","upstream":["CVE-2025-38109","CVE-2026-23144","CVE-2026-23171","CVE-2026-23191","CVE-2026-23193","CVE-2026-23204","CVE-2026-23209"],"summary":"Moderate: kernel security update","details":"The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* kernel: Linux kernel (net/mlx5): Use-after-free in ECVF vports unload leads to denial of service (CVE-2025-38109)\n\n* kernel: Linux kernel: Local denial of service and memory leak in DAMON sysfs via setup failure (CVE-2026-23144)\n\n* kernel: Linux kernel: Use-after-free in bonding module can cause system crash or arbitrary code execution (CVE-2026-23171)\n\n* kernel: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() (CVE-2026-23193)\n\n* kernel: macvlan: fix error recovery in macvlan_common_newlink() (CVE-2026-23209)\n\n* kernel: net/sched: cls_u32: use skb_header_pointer_careful() (CVE-2026-23204)\n\n* kernel: ALSA: aloop: Fix racy access at PCM trigger (CVE-2026-23191)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:10","name":"kernel","purl":"pkg:rpm/rocky-linux/kernel?distro=rocky-linux-10&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:6.12.0-124.49.1.el10_1"}],"database_specific":{"yum_repository":"BaseOS"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:6632"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2439872"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2439886"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2439947"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2439931"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2376101"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2439887"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2439900"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:7080","modified":"2026-04-20T00:09:52.728642Z","published":"2026-04-12T06:07:10.449425Z","upstream":["CVE-2026-1525","CVE-2026-1526","CVE-2026-1528","CVE-2026-21710","CVE-2026-2229","CVE-2026-25547","CVE-2026-26996","CVE-2026-27135","CVE-2026-27904"],"summary":"Important: nodejs22 security update","details":"Node.js is a platform built on Chrome's JavaScript runtime \\ for easily building fast, scalable network applications. \\ Node.js uses an event-driven, non-blocking I/O model that \\ makes it lightweight and efficient, perfect for data-intensive \\ real-time applications that run across distributed devices.\n\nSecurity Fix(es):\n\n* brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion (CVE-2026-25547)\n\n* minimatch: minimatch: Denial of Service via specially crafted glob patterns (CVE-2026-26996)\n\n* minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions (CVE-2026-27904)\n\n* undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression (CVE-2026-1526)\n\n* undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter (CVE-2026-2229)\n\n* undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers (CVE-2026-1525)\n\n* undici: undici: Denial of Service via crafted WebSocket frame with large length (CVE-2026-1528)\n\n* nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination (CVE-2026-27135)\n\n* Node.js: Node.js: Denial of Service due to crafted HTTP `__proto__` header (CVE-2026-21710)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:10","name":"nodejs22","purl":"pkg:rpm/rocky-linux/nodejs22?distro=rocky-linux-10&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:22.22.2-1.el10_1"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:7080"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2447142"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442922"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2447144"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2441268"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2448754"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2447143"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436942"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453151"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2447145"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:6917","modified":"2026-04-20T00:09:42.333410Z","published":"2026-04-12T00:00:37.583002Z","upstream":["CVE-2026-3889","CVE-2026-4371","CVE-2026-4684","CVE-2026-4685","CVE-2026-4686","CVE-2026-4687","CVE-2026-4688","CVE-2026-4689","CVE-2026-4690","CVE-2026-4691","CVE-2026-4692","CVE-2026-4693","CVE-2026-4694","CVE-2026-4695","CVE-2026-4696","CVE-2026-4697","CVE-2026-4698","CVE-2026-4699","CVE-2026-4700","CVE-2026-4701","CVE-2026-4702","CVE-2026-4704","CVE-2026-4705","CVE-2026-4706","CVE-2026-4707","CVE-2026-4708","CVE-2026-4709","CVE-2026-4710","CVE-2026-4711","CVE-2026-4712","CVE-2026-4713","CVE-2026-4714","CVE-2026-4715","CVE-2026-4716","CVE-2026-4717","CVE-2026-4718","CVE-2026-4719","CVE-2026-4720","CVE-2026-4721"],"summary":"Important: thunderbird security update","details":"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nSecurity Fix(es):\n\n* firefox: thunderbird: Use-after-free in the JavaScript Engine component (CVE-2026-4701)\n\n* firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149 (CVE-2026-4721)\n\n* firefox: thunderbird: Privilege escalation in the Netmonitor component (CVE-2026-4717)\n\n* firefox: thunderbird: Sandbox escape due to use-after-free in the Disability Access APIs component (CVE-2026-4688)\n\n* firefox: thunderbird: Incorrect boundary conditions in the Graphics: Canvas2D component (CVE-2026-4706)\n\n* firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: Web Codecs component (CVE-2026-4695)\n\n* firefox: thunderbird: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component (CVE-2026-4689)\n\n* firefox: thunderbird: JIT miscompilation in the JavaScript Engine: JIT component (CVE-2026-4698)\n\n* firefox: thunderbird: Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component (CVE-2026-4716)\n\n* firefox: thunderbird: Race condition, use-after-free in the Graphics: WebRender component (CVE-2026-4684)\n\n* firefox: thunderbird: Undefined behavior in the WebRTC: Signaling component (CVE-2026-4705)\n\n* firefox: thunderbird: Uninitialized memory in the Graphics: Canvas2D component (CVE-2026-4715)\n\n* firefox: thunderbird: Incorrect boundary conditions in the Graphics: Canvas2D component (CVE-2026-4685)\n\n* firefox: thunderbird: Incorrect boundary conditions in the Audio/Video component (CVE-2026-4714)\n\n* firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: GMP component (CVE-2026-4709)\n\n* firefox: thunderbird: Incorrect boundary conditions in the Audio/Video component (CVE-2026-4710)\n\n* firefox: thunderbird: Information disclosure in the Widget: Cocoa component (CVE-2026-4712)\n\n* firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: Web Codecs component (CVE-2026-4697)\n\n* firefox: thunderbird: Incorrect boundary conditions in the Graphics component (CVE-2026-4713)\n\n* firefox: thunderbird: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component (CVE-2026-4690)\n\n* firefox: thunderbird: Use-after-free in the Widget: Cocoa component (CVE-2026-4711)\n\n* firefox: thunderbird: Incorrect boundary conditions in the Graphics: Canvas2D component (CVE-2026-4686)\n\n* firefox: thunderbird: Incorrect boundary conditions in the Graphics component (CVE-2026-4708)\n\n* firefox: thunderbird: Use-after-free in the CSS Parsing and Computation component (CVE-2026-4691)\n\n* firefox: thunderbird: Incorrect boundary conditions in the Layout: Text and Fonts component (CVE-2026-4699)\n\n* firefox: thunderbird: Use-after-free in the Layout: Text and Fonts component (CVE-2026-4696)\n\n* firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: Playback component (CVE-2026-4693)\n\n* firefox: thunderbird: Undefined behavior in the WebRTC: Signaling component (CVE-2026-4718)\n\n* firefox: thunderbird: JIT miscompilation in the JavaScript Engine component (CVE-2026-4702)\n\n* firefox: thunderbird: Incorrect boundary conditions in the Graphics: Text component (CVE-2026-4719)\n\n* firefox: thunderbird: Incorrect boundary conditions, integer overflow in the Graphics component (CVE-2026-4694)\n\n* firefox: thunderbird: Sandbox escape in the Responsive Design Mode component (CVE-2026-4692)\n\n* firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149 (CVE-2026-4720)\n\n* firefox: thunderbird: Mitigation bypass in the Networking: HTTP component (CVE-2026-4700)\n\n* firefox: thunderbird: Incorrect boundary conditions in the Graphics: Canvas2D component (CVE-2026-4707)\n\n* firefox: thunderbird: Denial-of-service in the WebRTC: Signaling component (CVE-2026-4704)\n\n* firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Telemetry component (CVE-2026-4687)\n\n* thunderbird: Out of bounds read in IMAP parsing (CVE-2026-4371)\n\n* thunderbird: Spoofing issue in Thunderbird (CVE-2026-3889)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:8","name":"thunderbird","purl":"pkg:rpm/rocky-linux/thunderbird?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:140.9.0-1.el8_10"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:6917"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450710"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450711"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450712"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450713"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450714"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450715"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450718"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450719"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450720"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450721"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450722"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450723"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450724"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450725"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450726"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450727"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450728"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450729"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450730"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450732"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450733"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450734"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450735"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450738"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450739"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450740"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450741"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450742"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450744"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450746"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450747"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450748"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450751"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450752"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450755"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450756"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450757"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451001"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451006"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:6570","modified":"2026-04-20T00:09:50.409493Z","published":"2026-04-11T18:03:32.222009Z","upstream":["CVE-2025-38109","CVE-2026-23111","CVE-2026-23210","CVE-2026-23231"],"summary":"Moderate: kernel security update","details":"The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* kernel: Linux kernel (net/mlx5): Use-after-free in ECVF vports unload leads to denial of service (CVE-2025-38109)\n\n* kernel: Kernel: Privilege escalation or denial of service in nf_tables via inverted element activity check (CVE-2026-23111)\n\n* kernel: Linux kernel: Denial of Service in ice driver due to race condition during VSI rebuild (CVE-2026-23210)\n\n* kernel: kernel: Privilege escalation or denial of service via use-after-free in nf_tables_addchain() (CVE-2026-23231)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:9","name":"kernel","purl":"pkg:rpm/rocky-linux/kernel?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:5.14.0-611.47.1.el9_7"}],"database_specific":{"yum_repository":"BaseOS"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:6570"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2376101"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2439687"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2439895"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2444376"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:6572","modified":"2026-04-20T00:09:49.551592Z","published":"2026-04-11T18:01:36.134956Z","upstream":["CVE-2024-26984","CVE-2025-71238","CVE-2026-23193","CVE-2026-23231"],"summary":"Moderate: kernel-rt security update","details":"The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: nouveau: fix instmem race condition around ptr stores (CVE-2024-26984)\n\n* kernel: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() (CVE-2026-23193)\n\n* kernel: kernel: Privilege escalation or denial of service via use-after-free in nf_tables_addchain() (CVE-2026-23231)\n\n* kernel: Linux kernel (qla2xxx): Double free vulnerability leads to denial of service and potential privilege escalation. (CVE-2025-71238)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:8","name":"kernel-rt","purl":"pkg:rpm/rocky-linux/kernel-rt?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.18.0-553.117.1.rt7.458.el8_10"}],"database_specific":{"yum_repository":"NFV"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:6572"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2278333"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2439887"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2444376"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2444398"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:6571","modified":"2026-04-20T00:09:40.253684Z","published":"2026-04-11T18:00:47.350485Z","upstream":["CVE-2024-26984","CVE-2025-71238","CVE-2026-23193","CVE-2026-23231"],"summary":"Moderate: kernel security update","details":"The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* kernel: nouveau: fix instmem race condition around ptr stores (CVE-2024-26984)\n\n* kernel: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() (CVE-2026-23193)\n\n* kernel: kernel: Privilege escalation or denial of service via use-after-free in nf_tables_addchain() (CVE-2026-23231)\n\n* kernel: Linux kernel (qla2xxx): Double free vulnerability leads to denial of service and potential privilege escalation. (CVE-2025-71238)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:8","name":"kernel","purl":"pkg:rpm/rocky-linux/kernel?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.18.0-553.117.1.el8_10"}],"database_specific":{"yum_repository":"BaseOS"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:6571"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2278333"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2439887"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2444376"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2444398"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:7342","modified":"2026-04-20T00:09:52.831187Z","published":"2026-04-11T12:07:07.893431Z","upstream":["CVE-2026-3608"],"summary":"Important: kea security update","details":"DHCP implementation from Internet Systems Consortium, Inc. that features fully functional DHCPv4, DHCPv6 and Dynamic DNS servers. Both DHCP servers fully support server discovery, address assignment, renewal, rebinding and release. The DHCPv6 server supports prefix delegation. Both servers support DNS Update mechanism, using stand-alone DDNS daemon.\n\nSecurity Fix(es):\n\n* Kea: Kea: Denial of Service via maliciously crafted message (CVE-2026-3608)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:10","name":"kea","purl":"pkg:rpm/rocky-linux/kea?distro=rocky-linux-10&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.0.1-3.el10_1"}],"database_specific":{"yum_repository":"BaseOS"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:7342"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451139"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]}],"total":50,"page":1,"size":50,"links":{"first":"/api/v3/osv/?page=1","last":"/api/v3/osv/?page=1","self":"/api/v3/osv/"},"last_updated_at":"2026-04-20T03:59:21Z"}