{"advisories":[{"schema_version":"1.7.0","id":"RLSA-2026:36211","modified":"2026-07-14T00:07:04.325698Z","published":"2026-07-13T18:04:04.699447Z","upstream":["CVE-2026-50031"],"summary":"Moderate: freeipmi security update","details":"The freeipmi packages contain an Intelligent Platform Management Interface (IPMI) remote console and system management software based on the IPMI specification.\n\nSecurity Fix(es):\n\n* freeipmi: FreeIPMI: Denial of service via buffer overflow in ipmi-oem client (CVE-2026-50031)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:10","name":"freeipmi","purl":"pkg:rpm/rocky-linux/freeipmi?distro=rocky-linux-10&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.6.18-1.el10_2"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:36211"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2484296"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:38500","modified":"2026-07-14T00:07:02.918509Z","published":"2026-07-13T18:02:03.679549Z","upstream":["CVE-2025-67030"],"summary":"Important: maven:3.9 security update","details":"Maven is a software project management and comprehension tool. Based on the concept of a project object model (POM), Maven can manage a project's build, reporting and documentation from a central piece of information.\n\nSecurity Fix(es):\n\n* org.codehaus.plexus:plexus-utils: Plexus-utils: Directory Traversal in extractFile method (CVE-2025-67030)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L"}],"affected":[{"package":{"ecosystem":"Rocky Linux:9","name":"aopalliance","purl":"pkg:rpm/rocky-linux/aopalliance?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.0-51.module+el9.7.0+40002+8e3c44a9"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:9","name":"apache-commons-cli","purl":"pkg:rpm/rocky-linux/apache-commons-cli?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.9.0-4.module+el9.7.0+40002+8e3c44a9"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:9","name":"apache-commons-codec","purl":"pkg:rpm/rocky-linux/apache-commons-codec?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.17.1-8.module+el9.7.0+40002+8e3c44a9"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:9","name":"apache-commons-io","purl":"pkg:rpm/rocky-linux/apache-commons-io?distro=rocky-linux-9&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:2.16.1-9.module+el9.7.0+40002+8e3c44a9"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:9","name":"atinject","purl":"pkg:rpm/rocky-linux/atinject?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.0.5-14.module+el9.7.0+40002+8e3c44a9"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:9","name":"google-guice","purl":"pkg:rpm/rocky-linux/google-guice?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:5.1.0-23.module+el9.7.0+40002+8e3c44a9"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:9","name":"guava","purl":"pkg:rpm/rocky-linux/guava?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:33.3.0-5.module+el9.7.0+40002+8e3c44a9"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:9","name":"httpcomponents-client","purl":"pkg:rpm/rocky-linux/httpcomponents-client?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.5.14-21.module+el9.7.0+40002+8e3c44a9"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:9","name":"httpcomponents-core","purl":"pkg:rpm/rocky-linux/httpcomponents-core?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.16-21.module+el9.7.0+40002+8e3c44a9"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:9","name":"jakarta-annotations","purl":"pkg:rpm/rocky-linux/jakarta-annotations?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.3.5-38.module+el9.7.0+40002+8e3c44a9"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:9","name":"jansi","purl":"pkg:rpm/rocky-linux/jansi?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.4.1-12.module+el9.7.0+40002+8e3c44a9"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:9","name":"jsr-305","purl":"pkg:rpm/rocky-linux/jsr-305?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.0.2-36.module+el9.7.0+40002+8e3c44a9"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:9","name":"maven","purl":"pkg:rpm/rocky-linux/maven?distro=rocky-linux-9&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:3.9.9-13.module+el9.8.0+40095+a2161487"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:9","name":"maven-resolver","purl":"pkg:rpm/rocky-linux/maven-resolver?distro=rocky-linux-9&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.9.22-6.module+el9.7.0+40002+8e3c44a9"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:9","name":"maven-shared-utils","purl":"pkg:rpm/rocky-linux/maven-shared-utils?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.4.2-19.module+el9.7.0+40002+8e3c44a9"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:9","name":"maven-wagon","purl":"pkg:rpm/rocky-linux/maven-wagon?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.5.3-17.module+el9.7.0+40002+8e3c44a9"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:9","name":"plexus-cipher","purl":"pkg:rpm/rocky-linux/plexus-cipher?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.0-25.module+el9.7.0+40002+8e3c44a9"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:9","name":"plexus-classworlds","purl":"pkg:rpm/rocky-linux/plexus-classworlds?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.8.0-9.module+el9.7.0+40002+8e3c44a9"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:9","name":"plexus-containers","purl":"pkg:rpm/rocky-linux/plexus-containers?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.2.0-10.module+el9.7.0+40002+8e3c44a9"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:9","name":"plexus-interpolation","purl":"pkg:rpm/rocky-linux/plexus-interpolation?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.27-10.module+el9.7.0+40002+8e3c44a9"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:9","name":"plexus-sec-dispatcher","purl":"pkg:rpm/rocky-linux/plexus-sec-dispatcher?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.0-28.module+el9.7.0+40002+8e3c44a9"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:9","name":"plexus-utils","purl":"pkg:rpm/rocky-linux/plexus-utils?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.5.1-17.module+el9.7.0+40002+8e3c44a9"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:9","name":"sisu","purl":"pkg:rpm/rocky-linux/sisu?distro=rocky-linux-9&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:0.9.0~M3-7.module+el9.7.0+40002+8e3c44a9"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:9","name":"slf4j","purl":"pkg:rpm/rocky-linux/slf4j?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.7.36-9.module+el9.7.0+40002+8e3c44a9"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:38500"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451409"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:36210","modified":"2026-07-14T00:07:00.341928Z","published":"2026-07-13T18:02:03.679549Z","upstream":["CVE-2026-50031"],"summary":"Moderate: freeipmi security update","details":"The freeipmi packages contain an Intelligent Platform Management Interface (IPMI) remote console and system management software based on the IPMI specification.\n\nSecurity Fix(es):\n\n* freeipmi: FreeIPMI: Denial of service via buffer overflow in ipmi-oem client (CVE-2026-50031)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:9","name":"freeipmi","purl":"pkg:rpm/rocky-linux/freeipmi?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.6.18-1.el9_8"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:36210"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2484296"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:36215","modified":"2026-07-14T00:06:53.560346Z","published":"2026-07-13T18:01:45.429329Z","upstream":["CVE-2026-45447"],"summary":"Important: compat-openssl10 security update","details":"The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries and is provided for compatibility with previous releases and software that does not support compilation with OpenSSL-1.1.\n\nSecurity Fix(es):\n\n* openssl: Heap Use-After-Free in OpenSSL PKCS7_verify() (CVE-2026-45447)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:8","name":"compat-openssl10","purl":"pkg:rpm/rocky-linux/compat-openssl10?distro=rocky-linux-8&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.0.2o-4.el8_10.3"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:36215"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481898"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:38504","modified":"2026-07-14T00:06:57.621971Z","published":"2026-07-13T12:01:07.269263Z","upstream":["CVE-2026-33811","CVE-2026-39835","CVE-2026-57231"],"summary":"Important: container-tools:rhel8 security update","details":"The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.\n\nSecurity Fix(es):\n\n* net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME (CVE-2026-33811)\n\n* golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate (CVE-2026-39835)\n\n* podman: Podman: Information disclosure via malicious container image environment variables (CVE-2026-57231)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:8","name":"aardvark-dns","purl":"pkg:rpm/rocky-linux/aardvark-dns?distro=rocky-linux-8&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:1.10.1-2.module+el8.10.0+1948+4b5cd4a9"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"aardvark-dns","purl":"pkg:rpm/rocky-linux/aardvark-dns?distro=rocky-linux-8&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:1.10.1-2.module+el8.10.0+1896+b18fa106"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"aardvark-dns","purl":"pkg:rpm/rocky-linux/aardvark-dns?distro=rocky-linux-8&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:1.10.1-2.module+el8.10.0+40133+32c21f88"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"aardvark-dns","purl":"pkg:rpm/rocky-linux/aardvark-dns?distro=rocky-linux-8&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:1.10.1-2.module+el8.10.0+1880+8e896d1b"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"aardvark-dns","purl":"pkg:rpm/rocky-linux/aardvark-dns?distro=rocky-linux-8&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:1.10.1-2.module+el8.10.0+1874+ce489889"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"aardvark-dns","purl":"pkg:rpm/rocky-linux/aardvark-dns?distro=rocky-linux-8&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:1.10.1-2.module+el8.10.0+2001+6a33db9f"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"aardvark-dns","purl":"pkg:rpm/rocky-linux/aardvark-dns?distro=rocky-linux-8&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:1.10.1-2.module+el8.10.0+40047+0c0a73f4"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"cockpit-podman","purl":"pkg:rpm/rocky-linux/cockpit-podman?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:84.1-1.module+el8.10.0+1874+ce489889"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"cockpit-podman","purl":"pkg:rpm/rocky-linux/cockpit-podman?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:84.1-1.module+el8.10.0+1880+8e896d1b"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"cockpit-podman","purl":"pkg:rpm/rocky-linux/cockpit-podman?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:84.1-1.module+el8.10.0+1948+4b5cd4a9"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"cockpit-podman","purl":"pkg:rpm/rocky-linux/cockpit-podman?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:84.1-1.module+el8.10.0+2001+6a33db9f"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"cockpit-podman","purl":"pkg:rpm/rocky-linux/cockpit-podman?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:84.1-1.module+el8.10.0+1815+5fe7415e"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"cockpit-podman","purl":"pkg:rpm/rocky-linux/cockpit-podman?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:84.1-1.module+el8.10.0+1825+623b0c20"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"cockpit-podman","purl":"pkg:rpm/rocky-linux/cockpit-podman?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:84.1-1.module+el8.10.0+1896+b18fa106"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"cockpit-podman","purl":"pkg:rpm/rocky-linux/cockpit-podman?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:84.1-1.module+el8.10.0+1843+6892ab28"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"cockpit-podman","purl":"pkg:rpm/rocky-linux/cockpit-podman?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:84.1-1.module+el8.10.0+1872+2e18eb19"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"cockpit-podman","purl":"pkg:rpm/rocky-linux/cockpit-podman?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:84.1-1.module+el8.10.0+40047+0c0a73f4"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"cockpit-podman","purl":"pkg:rpm/rocky-linux/cockpit-podman?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:84.1-1.module+el8.10.0+40133+32c21f88"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"conmon","purl":"pkg:rpm/rocky-linux/conmon?distro=rocky-linux-8&epoch=3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3:2.1.10-1.module+el8.10.0+40047+0c0a73f4"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"conmon","purl":"pkg:rpm/rocky-linux/conmon?distro=rocky-linux-8&epoch=3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3:2.1.10-1.module+el8.10.0+1874+ce489889"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"conmon","purl":"pkg:rpm/rocky-linux/conmon?distro=rocky-linux-8&epoch=3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3:2.1.10-1.module+el8.10.0+1880+8e896d1b"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"conmon","purl":"pkg:rpm/rocky-linux/conmon?distro=rocky-linux-8&epoch=3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3:2.1.10-1.module+el8.10.0+1843+6892ab28"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"conmon","purl":"pkg:rpm/rocky-linux/conmon?distro=rocky-linux-8&epoch=3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3:2.1.10-1.module+el8.10.0+1815+5fe7415e"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"conmon","purl":"pkg:rpm/rocky-linux/conmon?distro=rocky-linux-8&epoch=3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3:2.1.10-1.module+el8.10.0+1948+4b5cd4a9"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"conmon","purl":"pkg:rpm/rocky-linux/conmon?distro=rocky-linux-8&epoch=3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3:2.1.10-1.module+el8.10.0+2001+6a33db9f"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"conmon","purl":"pkg:rpm/rocky-linux/conmon?distro=rocky-linux-8&epoch=3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3:2.1.10-1.module+el8.10.0+1896+b18fa106"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"conmon","purl":"pkg:rpm/rocky-linux/conmon?distro=rocky-linux-8&epoch=3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3:2.1.10-1.module+el8.10.0+40133+32c21f88"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"conmon","purl":"pkg:rpm/rocky-linux/conmon?distro=rocky-linux-8&epoch=3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3:2.1.10-1.module+el8.10.0+1872+2e18eb19"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"containernetworking-plugins","purl":"pkg:rpm/rocky-linux/containernetworking-plugins?distro=rocky-linux-8&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.4.0-8.module+el8.10.0+40133+32c21f88"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"containers-common","purl":"pkg:rpm/rocky-linux/containers-common?distro=rocky-linux-8&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:1-82.module+el8.10.0+1880+8e896d1b"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"containers-common","purl":"pkg:rpm/rocky-linux/containers-common?distro=rocky-linux-8&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:1-82.module+el8.10.0+1896+b18fa106"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"containers-common","purl":"pkg:rpm/rocky-linux/containers-common?distro=rocky-linux-8&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:1-82.module+el8.10.0+1948+4b5cd4a9"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"containers-common","purl":"pkg:rpm/rocky-linux/containers-common?distro=rocky-linux-8&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:1-82.module+el8.10.0+40133+32c21f88"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"containers-common","purl":"pkg:rpm/rocky-linux/containers-common?distro=rocky-linux-8&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:1-82.module+el8.10.0+1843+6892ab28"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"containers-common","purl":"pkg:rpm/rocky-linux/containers-common?distro=rocky-linux-8&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:1-82.module+el8.10.0+2001+6a33db9f"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"containers-common","purl":"pkg:rpm/rocky-linux/containers-common?distro=rocky-linux-8&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:1-82.module+el8.10.0+40047+0c0a73f4"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"containers-common","purl":"pkg:rpm/rocky-linux/containers-common?distro=rocky-linux-8&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:1-82.module+el8.10.0+1872+2e18eb19"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"containers-common","purl":"pkg:rpm/rocky-linux/containers-common?distro=rocky-linux-8&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:1-82.module+el8.10.0+1874+ce489889"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"container-selinux","purl":"pkg:rpm/rocky-linux/container-selinux?distro=rocky-linux-8&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:2.229.0-3.module+el8.10.0+40223+e940a224"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"criu","purl":"pkg:rpm/rocky-linux/criu?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.18-5.module+el8.10.0+1880+8e896d1b"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"criu","purl":"pkg:rpm/rocky-linux/criu?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.18-5.module+el8.10.0+1874+ce489889"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"criu","purl":"pkg:rpm/rocky-linux/criu?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.18-5.module+el8.10.0+1948+4b5cd4a9"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"criu","purl":"pkg:rpm/rocky-linux/criu?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.18-5.module+el8.10.0+40047+0c0a73f4"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"criu","purl":"pkg:rpm/rocky-linux/criu?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.18-5.module+el8.10.0+1843+6892ab28"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"criu","purl":"pkg:rpm/rocky-linux/criu?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.18-5.module+el8.10.0+1872+2e18eb19"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"criu","purl":"pkg:rpm/rocky-linux/criu?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.18-5.module+el8.10.0+2001+6a33db9f"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"criu","purl":"pkg:rpm/rocky-linux/criu?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.18-5.module+el8.10.0+40133+32c21f88"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"criu","purl":"pkg:rpm/rocky-linux/criu?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.18-5.module+el8.10.0+1825+623b0c20"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"criu","purl":"pkg:rpm/rocky-linux/criu?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.18-5.module+el8.10.0+1815+5fe7415e"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"criu","purl":"pkg:rpm/rocky-linux/criu?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.18-5.module+el8.10.0+1896+b18fa106"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"crun","purl":"pkg:rpm/rocky-linux/crun?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.14.3-2.module+el8.10.0+2001+6a33db9f"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"crun","purl":"pkg:rpm/rocky-linux/crun?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.14.3-2.module+el8.10.0+40047+0c0a73f4"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"crun","purl":"pkg:rpm/rocky-linux/crun?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.14.3-2.module+el8.10.0+1815+5fe7415e"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"crun","purl":"pkg:rpm/rocky-linux/crun?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.14.3-2.module+el8.10.0+40133+32c21f88"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"crun","purl":"pkg:rpm/rocky-linux/crun?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.14.3-2.module+el8.10.0+1825+623b0c20"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"crun","purl":"pkg:rpm/rocky-linux/crun?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.14.3-2.module+el8.10.0+1896+b18fa106"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"crun","purl":"pkg:rpm/rocky-linux/crun?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.14.3-2.module+el8.10.0+1948+4b5cd4a9"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"crun","purl":"pkg:rpm/rocky-linux/crun?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.14.3-2.module+el8.10.0+1843+6892ab28"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"crun","purl":"pkg:rpm/rocky-linux/crun?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.14.3-2.module+el8.10.0+1874+ce489889"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"crun","purl":"pkg:rpm/rocky-linux/crun?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.14.3-2.module+el8.10.0+1880+8e896d1b"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"crun","purl":"pkg:rpm/rocky-linux/crun?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.14.3-2.module+el8.10.0+1872+2e18eb19"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"fuse-overlayfs","purl":"pkg:rpm/rocky-linux/fuse-overlayfs?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.13-1.module+el8.10.0+1874+ce489889"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"fuse-overlayfs","purl":"pkg:rpm/rocky-linux/fuse-overlayfs?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.13-1.module+el8.10.0+40047+0c0a73f4"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"fuse-overlayfs","purl":"pkg:rpm/rocky-linux/fuse-overlayfs?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.13-1.module+el8.10.0+1880+8e896d1b"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"fuse-overlayfs","purl":"pkg:rpm/rocky-linux/fuse-overlayfs?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.13-1.module+el8.10.0+1896+b18fa106"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"fuse-overlayfs","purl":"pkg:rpm/rocky-linux/fuse-overlayfs?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.13-1.module+el8.10.0+40133+32c21f88"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"fuse-overlayfs","purl":"pkg:rpm/rocky-linux/fuse-overlayfs?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.13-1.module+el8.10.0+1815+5fe7415e"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"fuse-overlayfs","purl":"pkg:rpm/rocky-linux/fuse-overlayfs?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.13-1.module+el8.10.0+1825+623b0c20"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"fuse-overlayfs","purl":"pkg:rpm/rocky-linux/fuse-overlayfs?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.13-1.module+el8.10.0+1948+4b5cd4a9"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"fuse-overlayfs","purl":"pkg:rpm/rocky-linux/fuse-overlayfs?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.13-1.module+el8.10.0+2001+6a33db9f"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"fuse-overlayfs","purl":"pkg:rpm/rocky-linux/fuse-overlayfs?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.13-1.module+el8.10.0+1843+6892ab28"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"fuse-overlayfs","purl":"pkg:rpm/rocky-linux/fuse-overlayfs?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.13-1.module+el8.10.0+1872+2e18eb19"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"libslirp","purl":"pkg:rpm/rocky-linux/libslirp?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.0-2.module+el8.10.0+1896+b18fa106"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"libslirp","purl":"pkg:rpm/rocky-linux/libslirp?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.0-2.module+el8.10.0+1948+4b5cd4a9"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"libslirp","purl":"pkg:rpm/rocky-linux/libslirp?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.0-2.module+el8.10.0+1872+2e18eb19"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"libslirp","purl":"pkg:rpm/rocky-linux/libslirp?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.0-2.module+el8.10.0+1874+ce489889"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"libslirp","purl":"pkg:rpm/rocky-linux/libslirp?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.0-2.module+el8.10.0+40133+32c21f88"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"libslirp","purl":"pkg:rpm/rocky-linux/libslirp?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.0-2.module+el8.10.0+2001+6a33db9f"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"libslirp","purl":"pkg:rpm/rocky-linux/libslirp?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.0-2.module+el8.10.0+1880+8e896d1b"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"libslirp","purl":"pkg:rpm/rocky-linux/libslirp?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.0-2.module+el8.10.0+40047+0c0a73f4"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"libslirp","purl":"pkg:rpm/rocky-linux/libslirp?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.0-2.module+el8.10.0+1815+5fe7415e"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"libslirp","purl":"pkg:rpm/rocky-linux/libslirp?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.0-2.module+el8.10.0+1825+623b0c20"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"libslirp","purl":"pkg:rpm/rocky-linux/libslirp?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.0-2.module+el8.10.0+1843+6892ab28"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"netavark","purl":"pkg:rpm/rocky-linux/netavark?distro=rocky-linux-8&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:1.10.3-1.module+el8.10.0+40047+0c0a73f4"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"netavark","purl":"pkg:rpm/rocky-linux/netavark?distro=rocky-linux-8&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:1.10.3-1.module+el8.10.0+1896+b18fa106"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"netavark","purl":"pkg:rpm/rocky-linux/netavark?distro=rocky-linux-8&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:1.10.3-1.module+el8.10.0+1872+2e18eb19"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"netavark","purl":"pkg:rpm/rocky-linux/netavark?distro=rocky-linux-8&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:1.10.3-1.module+el8.10.0+1843+6892ab28"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"netavark","purl":"pkg:rpm/rocky-linux/netavark?distro=rocky-linux-8&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:1.10.3-1.module+el8.10.0+2001+6a33db9f"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"netavark","purl":"pkg:rpm/rocky-linux/netavark?distro=rocky-linux-8&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:1.10.3-1.module+el8.10.0+1948+4b5cd4a9"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"netavark","purl":"pkg:rpm/rocky-linux/netavark?distro=rocky-linux-8&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:1.10.3-1.module+el8.10.0+1815+5fe7415e"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"netavark","purl":"pkg:rpm/rocky-linux/netavark?distro=rocky-linux-8&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:1.10.3-1.module+el8.10.0+1880+8e896d1b"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"netavark","purl":"pkg:rpm/rocky-linux/netavark?distro=rocky-linux-8&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:1.10.3-1.module+el8.10.0+40133+32c21f88"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"netavark","purl":"pkg:rpm/rocky-linux/netavark?distro=rocky-linux-8&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:1.10.3-1.module+el8.10.0+1874+ce489889"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"netavark","purl":"pkg:rpm/rocky-linux/netavark?distro=rocky-linux-8&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:1.10.3-1.module+el8.10.0+1825+623b0c20"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"oci-seccomp-bpf-hook","purl":"pkg:rpm/rocky-linux/oci-seccomp-bpf-hook?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2.10-1.module+el8.10.0+1874+ce489889"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"oci-seccomp-bpf-hook","purl":"pkg:rpm/rocky-linux/oci-seccomp-bpf-hook?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2.10-1.module+el8.10.0+1815+5fe7415e"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"oci-seccomp-bpf-hook","purl":"pkg:rpm/rocky-linux/oci-seccomp-bpf-hook?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2.10-1.module+el8.10.0+40047+0c0a73f4"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"oci-seccomp-bpf-hook","purl":"pkg:rpm/rocky-linux/oci-seccomp-bpf-hook?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2.10-1.module+el8.10.0+40133+32c21f88"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"oci-seccomp-bpf-hook","purl":"pkg:rpm/rocky-linux/oci-seccomp-bpf-hook?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2.10-1.module+el8.10.0+2001+6a33db9f"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"oci-seccomp-bpf-hook","purl":"pkg:rpm/rocky-linux/oci-seccomp-bpf-hook?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2.10-1.module+el8.10.0+1880+8e896d1b"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"oci-seccomp-bpf-hook","purl":"pkg:rpm/rocky-linux/oci-seccomp-bpf-hook?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2.10-1.module+el8.10.0+1843+6892ab28"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"oci-seccomp-bpf-hook","purl":"pkg:rpm/rocky-linux/oci-seccomp-bpf-hook?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2.10-1.module+el8.10.0+1872+2e18eb19"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"oci-seccomp-bpf-hook","purl":"pkg:rpm/rocky-linux/oci-seccomp-bpf-hook?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2.10-1.module+el8.10.0+1825+623b0c20"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"oci-seccomp-bpf-hook","purl":"pkg:rpm/rocky-linux/oci-seccomp-bpf-hook?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2.10-1.module+el8.10.0+1896+b18fa106"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"oci-seccomp-bpf-hook","purl":"pkg:rpm/rocky-linux/oci-seccomp-bpf-hook?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2.10-1.module+el8.10.0+1948+4b5cd4a9"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"python-podman","purl":"pkg:rpm/rocky-linux/python-podman?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.0-3.module+el8.10.0+40133+32c21f88"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"python-podman","purl":"pkg:rpm/rocky-linux/python-podman?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.0-3.module+el8.10.0+2001+6a33db9f"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"python-podman","purl":"pkg:rpm/rocky-linux/python-podman?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.0-3.module+el8.10.0+40047+0c0a73f4"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"python-podman","purl":"pkg:rpm/rocky-linux/python-podman?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.0-3.module+el8.10.0+1948+4b5cd4a9"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"python-podman","purl":"pkg:rpm/rocky-linux/python-podman?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.0-3.module+el8.10.0+1896+b18fa106"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"runc","purl":"pkg:rpm/rocky-linux/runc?distro=rocky-linux-8&epoch=4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4:1.2.9-4.module+el8.10.0+40133+32c21f88"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"skopeo","purl":"pkg:rpm/rocky-linux/skopeo?distro=rocky-linux-8&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:1.14.6-2.module+el8.10.0+40223+e940a224"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"slirp4netns","purl":"pkg:rpm/rocky-linux/slirp4netns?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2.3-1.module+el8.10.0+1948+4b5cd4a9"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"slirp4netns","purl":"pkg:rpm/rocky-linux/slirp4netns?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2.3-1.module+el8.10.0+40133+32c21f88"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"slirp4netns","purl":"pkg:rpm/rocky-linux/slirp4netns?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2.3-1.module+el8.10.0+1815+5fe7415e"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"slirp4netns","purl":"pkg:rpm/rocky-linux/slirp4netns?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2.3-1.module+el8.10.0+2001+6a33db9f"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"slirp4netns","purl":"pkg:rpm/rocky-linux/slirp4netns?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2.3-1.module+el8.10.0+1896+b18fa106"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"slirp4netns","purl":"pkg:rpm/rocky-linux/slirp4netns?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2.3-1.module+el8.10.0+40047+0c0a73f4"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"slirp4netns","purl":"pkg:rpm/rocky-linux/slirp4netns?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2.3-1.module+el8.10.0+1825+623b0c20"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"slirp4netns","purl":"pkg:rpm/rocky-linux/slirp4netns?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2.3-1.module+el8.10.0+1843+6892ab28"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"slirp4netns","purl":"pkg:rpm/rocky-linux/slirp4netns?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2.3-1.module+el8.10.0+1872+2e18eb19"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"slirp4netns","purl":"pkg:rpm/rocky-linux/slirp4netns?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2.3-1.module+el8.10.0+1874+ce489889"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"slirp4netns","purl":"pkg:rpm/rocky-linux/slirp4netns?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2.3-1.module+el8.10.0+1880+8e896d1b"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"toolbox","purl":"pkg:rpm/rocky-linux/toolbox?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.0.99.5.1-1.module+el8.10.0+40133+32c21f88.rocky.0.2"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"toolbox","purl":"pkg:rpm/rocky-linux/toolbox?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.0.99.5.1-1.module+el8.10.0+40087+cfe9c127.rocky.0.2"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"udica","purl":"pkg:rpm/rocky-linux/udica?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.2.6-21.module+el8.10.0+40047+0c0a73f4"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"udica","purl":"pkg:rpm/rocky-linux/udica?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.2.6-21.module+el8.10.0+40133+32c21f88"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"udica","purl":"pkg:rpm/rocky-linux/udica?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.2.6-21.module+el8.10.0+1948+4b5cd4a9"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"udica","purl":"pkg:rpm/rocky-linux/udica?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.2.6-21.module+el8.10.0+2001+6a33db9f"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"udica","purl":"pkg:rpm/rocky-linux/udica?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.2.6-21.module+el8.10.0+1872+2e18eb19"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"udica","purl":"pkg:rpm/rocky-linux/udica?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.2.6-21.module+el8.10.0+1874+ce489889"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"udica","purl":"pkg:rpm/rocky-linux/udica?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.2.6-21.module+el8.10.0+1880+8e896d1b"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"udica","purl":"pkg:rpm/rocky-linux/udica?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.2.6-21.module+el8.10.0+1896+b18fa106"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"udica","purl":"pkg:rpm/rocky-linux/udica?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.2.6-21.module+el8.10.0+1815+5fe7415e"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"udica","purl":"pkg:rpm/rocky-linux/udica?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.2.6-21.module+el8.10.0+1825+623b0c20"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"udica","purl":"pkg:rpm/rocky-linux/udica?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.2.6-21.module+el8.10.0+1843+6892ab28"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:38504"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467822"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480680"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2493620"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:38847","modified":"2026-07-14T00:06:58.062791Z","published":"2026-07-13T12:01:07.269263Z","upstream":["CVE-2026-42055"],"summary":"Important: nginx:1.24 security, bug fix, and enhancement update","details":"nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. \n\nSecurity Fix(es):\n\n* nginx: NGINX: Arbitrary code execution or Denial of Service via heap-based buffer overflow with crafted HTTP/2 headers (CVE-2026-42055)\n\nBug Fix(es) and Enhancement(s):\n\n* \"HTTP/2 bomb\" nginx fix breaks module ABI causing crashes [rhel-8.10.z] (JIRA:Rocky Linux-191779)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:8","name":"nginx","purl":"pkg:rpm/rocky-linux/nginx?distro=rocky-linux-8&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.24.0-3.module+el8.10.0+40144+38158758"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"nginx","purl":"pkg:rpm/rocky-linux/nginx?distro=rocky-linux-8&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.24.0-3.module+el8.10.0+40187+52bedf24.1"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:8","name":"nginx","purl":"pkg:rpm/rocky-linux/nginx?distro=rocky-linux-8&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.24.0-3.module+el8.10.0+40220+e6a4bcb0.2"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:38847"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2489866"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:37436","modified":"2026-07-14T00:07:04.827945Z","published":"2026-07-13T00:05:40.038455Z","upstream":["CVE-2026-39821","CVE-2026-39822"],"summary":"Important: golang security, bug fix, and enhancement update","details":"The golang packages provide the Go programming language compiler.\n\nSecurity Fix(es):\n\n* golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing (CVE-2026-39821)\n\n* os: golang: Go os.Root: Symlink following vulnerability allows directory traversal (CVE-2026-39822)\n\nBug Fix(es) and Enhancement(s):\n\n* Update Go to version 1.26.5+1 [rhel-10.2.z] (JIRA:Rocky Linux-193473)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N"}],"affected":[{"package":{"ecosystem":"Rocky Linux:10","name":"golang","purl":"pkg:rpm/rocky-linux/golang?distro=rocky-linux-10&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.26.5-1.el10_2"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:37436"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2498152"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480756"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:37435","modified":"2026-07-14T00:07:02.417454Z","published":"2026-07-13T00:03:36.461878Z","upstream":["CVE-2026-39821","CVE-2026-39822"],"summary":"Important: golang security, bug fix, and enhancement update","details":"The golang packages provide the Go programming language compiler.\n\nSecurity Fix(es):\n\n* golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing (CVE-2026-39821)\n\n* os: golang: Go os.Root: Symlink following vulnerability allows directory traversal (CVE-2026-39822)\n\nBug Fix(es) and Enhancement(s):\n\n* Update Go to version 1.26.5+1 [rhel-9.8.z] (JIRA:Rocky Linux-193476)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N"}],"affected":[{"package":{"ecosystem":"Rocky Linux:9","name":"golang","purl":"pkg:rpm/rocky-linux/golang?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.26.5-1.el9_8"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:37435"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480756"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2498152"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:36957","modified":"2026-07-14T00:07:02.104469Z","published":"2026-07-13T00:03:36.461878Z","upstream":["CVE-2025-71066","CVE-2026-46113","CVE-2026-53359"],"summary":"Important: kernel security update","details":"The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* kernel: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (CVE-2025-71066)\n\n* kernel: KVM: x86: Fix shadow paging use-after-free due to unexpected GFN (CVE-2026-46113)\n\n* kernel: KVM: x86: Fix shadow paging use-after-free due to unexpected role (CVE-2026-53359)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:9","name":"kernel","purl":"pkg:rpm/rocky-linux/kernel?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:5.14.0-687.24.1.el9_8"}],"database_specific":{"yum_repository":"BaseOS"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:36957"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429036"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482587"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2497033"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:36956","modified":"2026-07-14T00:07:04.726637Z","published":"2026-07-11T12:05:28.871633Z","upstream":["CVE-2025-71066","CVE-2026-46113","CVE-2026-46227","CVE-2026-53359"],"summary":"Important: kernel security update","details":"The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* kernel: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (CVE-2025-71066)\n\n* kernel: sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL (CVE-2026-46227)\n\n* kernel: KVM: x86: Fix shadow paging use-after-free due to unexpected GFN (CVE-2026-46113)\n\n* kernel: KVM: x86: Fix shadow paging use-after-free due to unexpected role (CVE-2026-53359)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:10","name":"kernel","purl":"pkg:rpm/rocky-linux/kernel?distro=rocky-linux-10&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:6.12.0-211.32.1.el10_2"}],"database_specific":{"yum_repository":"BaseOS"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:36956"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429036"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482587"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482564"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2497033"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:36018","modified":"2026-07-14T00:07:00.228316Z","published":"2026-07-11T12:03:26.258635Z","upstream":["CVE-2025-10263","CVE-2026-43112","CVE-2026-43276","CVE-2026-46116","CVE-2026-46155","CVE-2026-46209","CVE-2026-46227","CVE-2026-46244","CVE-2026-46259","CVE-2026-46316","CVE-2026-46323"],"summary":"Important: kernel security, bug fix, and enhancement update","details":"The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* kernel: fs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath (CVE-2026-43112)\n\n* kernel: net: mana: Fix double destroy_workqueue on service rescan PCI path (CVE-2026-43276)\n\n* kernel: Linux kernel: Use-After-Free in net/gro due to improper handling of zerocopy skbs (CVE-2026-46323)\n\n* kernel: xfrm: defensively unhash xfrm_state lists in __xfrm_state_delete (CVE-2026-46116)\n\n* kernel: sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL (CVE-2026-46227)\n\n* kernel: drm/gem: Fix inconsistent plane dimension calculation in drm_gem_fb_init_with_funcs() (CVE-2026-46209)\n\n* kernel: smb/client: fix out-of-bounds read in smb2_compound_op() (CVE-2026-46155)\n\n* kernel: netfilter: nft_inner: Fix IPv6 inner_thoff desync (CVE-2026-46244)\n\n* kernel: procfs: fix missing RCU protection when reading real_parent in do_task_stat() (CVE-2026-46259)\n\n* kernel: Arm Processors: Privilege escalation or information disclosure via writes to higher exception level resources (CVE-2025-10263)\n\n* kernel: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry (CVE-2026-46316)\n\nBug Fix(es) and Enhancement(s):\n\n* WARNING at drivers/gpu/drm/nouveau/nvkm/subdev/gsp/r535.c:1585 r535_gsp_fini+0x2fb/0x310 [nouveau] [rhel-9.8.z] (JIRA:Rocky Linux-160966)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N"}],"affected":[{"package":{"ecosystem":"Rocky Linux:9","name":"kernel","purl":"pkg:rpm/rocky-linux/kernel?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:5.14.0-687.22.1.el9_8"}],"database_specific":{"yum_repository":"BaseOS"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:36018"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467015"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467113"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479832"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482523"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482564"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482636"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482660"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2484451"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2484477"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2486958"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2486982"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:36365","modified":"2026-07-14T00:06:58.095606Z","published":"2026-07-11T06:00:34.602341Z","upstream":["CVE-2026-43112"],"summary":"Important: kernel-rt security update","details":"The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: fs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath (CVE-2026-43112)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:8","name":"kernel-rt","purl":"pkg:rpm/rocky-linux/kernel-rt?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.18.0-553.141.1.rt7.482.el8_10"}],"database_specific":{"yum_repository":"NFV"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:36365"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467015"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:36366","modified":"2026-07-14T00:06:42.295593Z","published":"2026-07-11T06:00:16.443974Z","upstream":["CVE-2026-43112"],"summary":"Important: kernel security update","details":"The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* kernel: fs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath (CVE-2026-43112)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:8","name":"kernel","purl":"pkg:rpm/rocky-linux/kernel?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.18.0-553.141.1.el8_10"}],"database_specific":{"yum_repository":"BaseOS"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:36366"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467015"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:37072","modified":"2026-07-14T00:07:04.776945Z","published":"2026-07-10T12:05:34.876921Z","upstream":["CVE-2026-25681","CVE-2026-27136","CVE-2026-39829","CVE-2026-39830","CVE-2026-39832","CVE-2026-39835","CVE-2026-42508","CVE-2026-57231"],"summary":"Important: podman security, bug fix, and enhancement update","details":"The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.\n\nSecurity Fix(es):\n\n* golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate (CVE-2026-39835)\n\n* golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters (CVE-2026-39829)\n\n* golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses (CVE-2026-39830)\n\n* golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions (CVE-2026-39832)\n\n* golang.org/x/crypto/ssh/knownhosts: golang: golang.org/x/crypto/ssh/knownhosts: Revocation bypass via unchecked SignatureKey (CVE-2026-42508)\n\n* golang.org/x/net/html: golang: golang.org/x/net/html: Cross-Site Scripting via HTML parsing bypass (CVE-2026-27136)\n\n* golang.org/x/net/html: golang.org/x/net/html: Arbitrary code execution via Cross-Site Scripting (CVE-2026-25681)\n\n* podman: Podman: Information disclosure via malicious container image environment variables (CVE-2026-57231)\n\nBug Fix(es) and Enhancement(s):\n\n* podman does not clean up all files and leaves orphaned files consuming disk space [rhel-10.2.z] (JIRA:Rocky Linux-173842)\n\n* [FJ10.2 Bug]: [REG]The \"podman-remote save\" command fails for rootless users. [rhel-10.2.z] (JIRA:Rocky Linux-192440)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"}],"affected":[{"package":{"ecosystem":"Rocky Linux:10","name":"podman","purl":"pkg:rpm/rocky-linux/podman?distro=rocky-linux-10&epoch=7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7:5.8.2-4.el10_2"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:37072"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480688"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480681"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480680"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480684"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480761"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480685"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2493620"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480757"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:36675","modified":"2026-07-14T00:07:04.471153Z","published":"2026-07-10T12:05:34.876921Z","upstream":["CVE-2026-53705"],"summary":"Important: gstreamer1-plugins-good security update","details":"GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license.\n\nSecurity Fix(es):\n\n* gstreamer1-plugins-good: GStreamer: Heap buffer overflow in WavPack decoder via integer overflow (CVE-2026-53705)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:10","name":"gstreamer1-plugins-good","purl":"pkg:rpm/rocky-linux/gstreamer1-plugins-good?distro=rocky-linux-10&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.26.7-2.el10_2.1"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:36675"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2487615"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:36788","modified":"2026-07-14T00:07:04.653878Z","published":"2026-07-10T12:05:34.876921Z","upstream":["CVE-2026-29146","CVE-2026-34486"],"summary":"Important: tomcat security, bug fix, and enhancement update","details":"Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nSecurity Fix(es):\n\n* Apache Tomcat: Apache Tomcat: Information disclosure via Padding Oracle vulnerability in EncryptInterceptor (CVE-2026-29146)\n\n* Apache Tomcat: Apache Tomcat: Missing Encryption of Sensitive Data due to EncryptInterceptor bypass (CVE-2026-34486)\n\nBug Fix(es) and Enhancement(s):\n\n* Remove tomcat clustering JAR from RPM builds (JIRA:Rocky Linux-168577)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"affected":[{"package":{"ecosystem":"Rocky Linux:10","name":"tomcat","purl":"pkg:rpm/rocky-linux/tomcat?distro=rocky-linux-10-aarch64&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:10.1.49-3.el10_2"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:36788"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457027"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457020"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:36790","modified":"2026-07-14T00:07:04.609329Z","published":"2026-07-10T12:05:34.876921Z","upstream":["CVE-2026-29146","CVE-2026-34486"],"summary":"Important: tomcat9 security, bug fix, and enhancement update","details":"Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process.  Tomcat is developed in an open and participatory environment and released under the Apache Software License version 2.0. Tomcat is intended to be a collaboration of the best-of-breed developers from around the world.\n\nSecurity Fix(es):\n\n* Apache Tomcat: Apache Tomcat: Information disclosure via Padding Oracle vulnerability in EncryptInterceptor (CVE-2026-29146)\n\n* Apache Tomcat: Apache Tomcat: Missing Encryption of Sensitive Data due to EncryptInterceptor bypass (CVE-2026-34486)\n\nBug Fix(es) and Enhancement(s):\n\n* Remove tomcat clustering JAR from RPM builds (JIRA:Rocky Linux-185571)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"affected":[{"package":{"ecosystem":"Rocky Linux:10","name":"tomcat9","purl":"pkg:rpm/rocky-linux/tomcat9?distro=rocky-linux-10-aarch64&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:9.0.117-2.el10_2"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:36790"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457027"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457020"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:36782","modified":"2026-07-14T00:07:04.563196Z","published":"2026-07-10T12:05:34.876921Z","upstream":["CVE-2026-35406"],"summary":"Moderate: aardvark-dns security update","details":"Authoritative DNS server for A/AAAA container records  Forwards other request to configured resolvers. Read more about configuration in `src/backend/mod.rs`.\n\nSecurity Fix(es):\n\n* aardvark-dns: Aardvark-dns: Denial of Service via truncated TCP DNS query and connection reset (CVE-2026-35406)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:10","name":"aardvark-dns","purl":"pkg:rpm/rocky-linux/aardvark-dns?distro=rocky-linux-10&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:1.17.1-1.el10_2"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:36782"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456280"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:36749","modified":"2026-07-14T00:07:04.517486Z","published":"2026-07-10T12:05:34.876921Z","upstream":["CVE-2026-52718","CVE-2026-52719","CVE-2026-52720","CVE-2026-52722"],"summary":"Important: gstreamer1-plugins-bad-free security update","details":"GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer.\n\nSecurity Fix(es):\n\n* gstreamer1-plugins-bad-free: GStreamer: Denial of service via AV1 tile_list_obu parser byte/bit confusion (CVE-2026-52718)\n\n* gstreamer1-plugins-bad-free: GStreamer: Out-of-bounds read via JPEG segment length validation in VA decoder (CVE-2026-52719)\n\n* gstreamer1-plugins-bad-free: GStreamer: Heap buffer overflow via crafted VNC server rectangle in librfb (CVE-2026-52720)\n\n* gstreamer1-plugins-bad-free: GStreamer: Signed integer overflow in VMnc decoder cursor payload handling (CVE-2026-52722)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:10","name":"gstreamer1-plugins-bad-free","purl":"pkg:rpm/rocky-linux/gstreamer1-plugins-bad-free?distro=rocky-linux-10&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.26.7-2.el10_2.4"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:36749"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2486731"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2486353"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2486733"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2486328"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:35841","modified":"2026-07-14T00:07:04.011859Z","published":"2026-07-10T12:05:34.876921Z","upstream":["CVE-2026-11525","CVE-2026-12151","CVE-2026-42338","CVE-2026-48615","CVE-2026-48618","CVE-2026-48619","CVE-2026-48928","CVE-2026-48930","CVE-2026-48933","CVE-2026-48934","CVE-2026-48935","CVE-2026-6733","CVE-2026-6734","CVE-2026-9678","CVE-2026-9697"],"summary":"Important: nodejs24 security, bug fix, and enhancement update","details":"Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices.\n\nSecurity Fix(es):\n\n* ip-address: ip-address: Cross-site scripting via improper HTML escaping of untrusted input (CVE-2026-42338)\n\n* undici: undici: Denial of Service due to unbounded memory growth via WebSocket frames (CVE-2026-12151)\n\n* undici: Undici: Information disclosure due to improper cache-control header parsing (CVE-2026-9678)\n\n* undici: Undici: Response queue poisoning on reused keep-alive sockets can lead to incorrect response delivery. (CVE-2026-6733)\n\n* undici: undici: Weakening of cookie SameSite policy due to incorrect parsing of Set-Cookie header (CVE-2026-11525)\n\n* undici: undici: Man-in-the-Middle attack via ignored TLS options with SOCKS5 proxy (CVE-2026-9697)\n\n* undici: undici: Information disclosure and data integrity issues due to incorrect Socks5ProxyAgent connection routing (CVE-2026-6734)\n\n* nodejs: Node.js: Denial of Service via unlimited HTTP/2 ORIGIN frames (CVE-2026-48619)\n\n* nodejs: Node.js: Silent authority rebinding due to embedded-nul hostnames in TLS handling (CVE-2026-48930)\n\n* nodejs: Node.js: Unauthorized file metadata modification (CVE-2026-48935)\n\n* nodejs: Node.js WebCrypto: Denial of Service via large input to subtle.encrypt() (CVE-2026-48933)\n\n* nodejs: Node.js: Certification validation bypass in TLS host verification (CVE-2026-48934)\n\n* Node.js: Node.js: Trust-policy bypass due to hostname matching inconsistency (CVE-2026-48928)\n\n* nodejs: Node.js: Information disclosure of proxy credentials via proxy tunnel error handling (CVE-2026-48615)\n\n* nodejs: Node.js: Authentication bypass due to TLS hostname handling and unicode dot separator mismatch (CVE-2026-48618)\n\nBug Fix(es) and Enhancement(s):\n\n* nodejs24: Rebase to the latest Node.js 24 release [rhel-10.2.z] (JIRA:Rocky Linux-186582)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"affected":[{"package":{"ecosystem":"Rocky Linux:10","name":"nodejs24","purl":"pkg:rpm/rocky-linux/nodejs24?distro=rocky-linux-10&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:24.18.0-1.el10_2"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:35841"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2490006"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2476810"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2490008"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2490024"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2493333"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2493329"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2493335"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2493331"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2489980"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2493332"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2490000"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2493326"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2490018"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2493325"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2493337"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:36673","modified":"2026-07-14T00:07:04.425307Z","published":"2026-07-10T12:05:34.876921Z","upstream":["CVE-2026-53703"],"summary":"Moderate: gstreamer1-plugins-ugly-free security update","details":"GStreamer is a streaming media framework, based on graphs of elements which operate on media data.  This package contains plug-ins whose license is not fully compatible with LGPL.\n\nSecurity Fix(es):\n\n* gstreamer1-plugins-ugly-free: GStreamer: Out-of-bounds read in RealMedia demuxer audio stream header parser (CVE-2026-53703)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:10","name":"gstreamer1-plugins-ugly-free","purl":"pkg:rpm/rocky-linux/gstreamer1-plugins-ugly-free?distro=rocky-linux-10&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.26.7-2.el10_2.1"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:36673"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2487613"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:37123","modified":"2026-07-14T00:07:02.163140Z","published":"2026-07-10T12:03:38.827258Z","upstream":["CVE-2026-25681","CVE-2026-27136","CVE-2026-39829","CVE-2026-39832","CVE-2026-39835","CVE-2026-42508","CVE-2026-57231"],"summary":"Important: podman security, bug fix, and enhancement update","details":"The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.\n\nSecurity Fix(es):\n\n* golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate (CVE-2026-39835)\n\n* golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters (CVE-2026-39829)\n\n* golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions (CVE-2026-39832)\n\n* golang.org/x/crypto/ssh/knownhosts: golang: golang.org/x/crypto/ssh/knownhosts: Revocation bypass via unchecked SignatureKey (CVE-2026-42508)\n\n* golang.org/x/net/html: golang: golang.org/x/net/html: Cross-Site Scripting via HTML parsing bypass (CVE-2026-27136)\n\n* golang.org/x/net/html: golang.org/x/net/html: Arbitrary code execution via Cross-Site Scripting (CVE-2026-25681)\n\n* podman: Podman: Information disclosure via malicious container image environment variables (CVE-2026-57231)\n\nBug Fix(es) and Enhancement(s):\n\n* podman does not clean up all files and leaves orphaned files consuming disk space [rhel-9.8.z] (JIRA:Rocky Linux-173988)\n\n* [FJ9.8 Bug]: [REG]The \"podman-remote save\" command fails for rootless users. [rhel-9.8.z] (JIRA:Rocky Linux-192439)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"}],"affected":[{"package":{"ecosystem":"Rocky Linux:9","name":"podman","purl":"pkg:rpm/rocky-linux/podman?distro=rocky-linux-9&epoch=6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6:5.8.2-4.el9_8"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:37123"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480680"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480681"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480685"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480688"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480757"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480761"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2493620"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:36879","modified":"2026-07-14T00:07:02.016983Z","published":"2026-07-10T12:03:38.827258Z","upstream":["CVE-2026-29146","CVE-2026-34486"],"summary":"Important: tomcat security, bug fix, and enhancement update","details":"Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nSecurity Fix(es):\n\n* Apache Tomcat: Apache Tomcat: Information disclosure via Padding Oracle vulnerability in EncryptInterceptor (CVE-2026-29146)\n\n* Apache Tomcat: Apache Tomcat: Missing Encryption of Sensitive Data due to EncryptInterceptor bypass (CVE-2026-34486)\n\nBug Fix(es) and Enhancement(s):\n\n* Remove tomcat clustering JAR from RPM builds (JIRA:Rocky Linux-183992)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"affected":[{"package":{"ecosystem":"Rocky Linux:9","name":"tomcat","purl":"pkg:rpm/rocky-linux/tomcat?distro=rocky-linux-9-x86-64&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:9.0.117-2.el9_8"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:36879"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457020"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457027"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:37410","modified":"2026-07-14T00:07:02.350883Z","published":"2026-07-10T12:03:38.827258Z","upstream":["CVE-2026-39832","CVE-2026-39835"],"summary":"Important: buildah security update","details":"The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images. \n\nSecurity Fix(es):\n\n* golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate (CVE-2026-39835)\n\n* golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions (CVE-2026-39832)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"}],"affected":[{"package":{"ecosystem":"Rocky Linux:9","name":"buildah","purl":"pkg:rpm/rocky-linux/buildah?distro=rocky-linux-9&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:1.43.1-3.el9_8"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:37410"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480680"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480685"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:36674","modified":"2026-07-14T00:07:01.763384Z","published":"2026-07-10T12:03:38.827258Z","upstream":["CVE-2026-53703","CVE-2026-53704"],"summary":"Moderate: gstreamer1-plugins-ugly-free security update","details":"GStreamer is a streaming media framework, based on graphs of elements which operate on media data.  This package contains plug-ins whose license is not fully compatible with LGPL.\n\nSecurity Fix(es):\n\n* gstreamer1-plugins-ugly-free: GStreamer: Out-of-bounds read in RealMedia demuxer audio stream header parser (CVE-2026-53703)\n\n* gstreamer1-plugins-ugly-free: GStreamer: Out-of-bounds read in RealMedia demuxer FILEINFO metadata parser (CVE-2026-53704)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:9","name":"gstreamer1-plugins-ugly-free","purl":"pkg:rpm/rocky-linux/gstreamer1-plugins-ugly-free?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.22.12-6.el9_8.1"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:36674"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2487613"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2487614"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:36834","modified":"2026-07-14T00:07:01.949133Z","published":"2026-07-10T12:03:38.827258Z","upstream":["CVE-2026-52718","CVE-2026-52719","CVE-2026-52720","CVE-2026-52722"],"summary":"Important: gstreamer1-plugins-bad-free security update","details":"GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer.\n\nSecurity Fix(es):\n\n* gstreamer1-plugins-bad-free: GStreamer: Denial of service via AV1 tile_list_obu parser byte/bit confusion (CVE-2026-52718)\n\n* gstreamer1-plugins-bad-free: GStreamer: Out-of-bounds read via JPEG segment length validation in VA decoder (CVE-2026-52719)\n\n* gstreamer1-plugins-bad-free: GStreamer: Heap buffer overflow via crafted VNC server rectangle in librfb (CVE-2026-52720)\n\n* gstreamer1-plugins-bad-free: GStreamer: Signed integer overflow in VMnc decoder cursor payload handling (CVE-2026-52722)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:9","name":"gstreamer1-plugins-bad-free","purl":"pkg:rpm/rocky-linux/gstreamer1-plugins-bad-free?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.22.12-7.el9_8.1"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:36834"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2486328"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2486353"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2486731"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2486733"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:36617","modified":"2026-07-14T00:07:00.573128Z","published":"2026-07-10T12:03:38.827258Z","upstream":["CVE-2026-33811"],"summary":"Important: oci-seccomp-bpf-hook security update","details":"OCI Hook to generate seccomp json files based on EBF syscalls used by container oci-seccomp-bpf-hook provides a library for applications looking to use the Container Pod concept popularized by Kubernetes.\n\nSecurity Fix(es):\n\n* net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME (CVE-2026-33811)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:9","name":"oci-seccomp-bpf-hook","purl":"pkg:rpm/rocky-linux/oci-seccomp-bpf-hook?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2.11-2.el9_8"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:36617"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467822"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:37207","modified":"2026-07-14T00:07:02.282437Z","published":"2026-07-10T12:03:38.827258Z","upstream":["CVE-2026-45700"],"summary":"Important: freerdp security update","details":"FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.\n\nSecurity Fix(es):\n\n* freerdp: FreeRDP: Out-of-bounds write in planar bitmap decoder allows arbitrary code execution (CVE-2026-45700)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:9","name":"freerdp","purl":"pkg:rpm/rocky-linux/freerdp?distro=rocky-linux-9&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:2.11.7-7.el9_8.4"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:37207"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2483470"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:36832","modified":"2026-07-14T00:07:01.874996Z","published":"2026-07-10T12:03:38.827258Z","upstream":["CVE-2026-8357"],"summary":"Important: libreoffice security update","details":"LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite.\n\nSecurity Fix(es):\n\n* libreoffice: LibreOffice Calc: Arbitrary code execution via heap buffer overflow in formula compilation (CVE-2026-8357)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:9","name":"libreoffice","purl":"pkg:rpm/rocky-linux/libreoffice?distro=rocky-linux-9&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:7.1.8.1-15.el9_8.2"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:36832"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2488964"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:37129","modified":"2026-07-14T00:07:02.221468Z","published":"2026-07-10T12:03:38.827258Z","upstream":["CVE-2026-53705"],"summary":"Important: gstreamer1-plugins-good security update","details":"GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license.\n\nSecurity Fix(es):\n\n* gstreamer1-plugins-good: GStreamer: Heap buffer overflow in WavPack decoder via integer overflow (CVE-2026-53705)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:9","name":"gstreamer1-plugins-good","purl":"pkg:rpm/rocky-linux/gstreamer1-plugins-good?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.22.12-7.el9_8.1"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:37129"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2487615"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:37130","modified":"2026-07-14T00:06:53.708686Z","published":"2026-07-10T06:00:28.519192Z","upstream":["CVE-2026-52720","CVE-2026-52722"],"summary":"Important: gstreamer1-plugins-bad-free security update","details":"GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer.\n\nSecurity Fix(es):\n\n* gstreamer1-plugins-bad-free: GStreamer: Heap buffer overflow via crafted VNC server rectangle in librfb (CVE-2026-52720)\n\n* gstreamer1-plugins-bad-free: GStreamer: Signed integer overflow in VMnc decoder cursor payload handling (CVE-2026-52722)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:8","name":"gstreamer1-plugins-bad-free","purl":"pkg:rpm/rocky-linux/gstreamer1-plugins-bad-free?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.16.1-8.el8_10"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:37130"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2486731"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2486733"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:37137","modified":"2026-07-14T00:06:53.753526Z","published":"2026-07-10T06:00:28.519192Z","upstream":["CVE-2026-29146","CVE-2026-34486"],"summary":"Important: tomcat security, bug fix, and enhancement update","details":"Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nSecurity Fix(es):\n\n* Apache Tomcat: Apache Tomcat: Information disclosure via Padding Oracle vulnerability in EncryptInterceptor (CVE-2026-29146)\n\n* Apache Tomcat: Apache Tomcat: Missing Encryption of Sensitive Data due to EncryptInterceptor bypass (CVE-2026-34486)\n\nBug Fix(es) and Enhancement(s):\n\n* Remove tomcat clustering JAR from RPM builds (JIRA:Rocky Linux-183993)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"affected":[{"package":{"ecosystem":"Rocky Linux:8","name":"tomcat","purl":"pkg:rpm/rocky-linux/tomcat?distro=rocky-linux-8-x86-64&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:9.0.87-2.el8_10"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:37137"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457020"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457027"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:36201","modified":"2026-07-14T00:06:53.500486Z","published":"2026-07-09T06:00:27.431682Z","upstream":["CVE-2026-11610","CVE-2026-11774"],"summary":"Important: 389-ds:1.4 security update","details":"389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. \n\nSecurity Fix(es):\n\n* 389-ds-base: 389-ds-base: Heap buffer overflow in sasl_io_recv() via padded SASL UNBIND (CVE-2026-11610)\n\n* 389-ds-base: 389-ds-base: integer overflow in SASL packet length bypasses size limit leading to heap buffer overflow (CVE-2026-11774)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:8","name":"389-ds-base","purl":"pkg:rpm/rocky-linux/389-ds-base?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.4.3.39-25.module+el8.10.0+40233+16963435"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:36201"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2484414"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2484916"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:36774","modified":"2026-07-14T00:06:53.659024Z","published":"2026-07-09T06:00:27.431682Z","upstream":["CVE-2026-53705"],"summary":"Important: gstreamer1-plugins-good security update","details":"GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license.\n\nSecurity Fix(es):\n\n* gstreamer1-plugins-good: GStreamer: Heap buffer overflow in WavPack decoder via integer overflow (CVE-2026-53705)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:8","name":"gstreamer1-plugins-good","purl":"pkg:rpm/rocky-linux/gstreamer1-plugins-good?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.16.1-7.el8_10"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:36774"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2487615"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:36721","modified":"2026-07-14T00:06:53.611750Z","published":"2026-07-09T06:00:27.431682Z","upstream":["CVE-2025-9230"],"summary":"Moderate: edk2 security, bug fix, and enhancement update","details":"EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. \n\nSecurity Fix(es):\n\n* openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap (CVE-2025-9230)\n\nBug Fix(es) and Enhancement(s):\n\n* [FJ8.10 Bug] How to Update Secure Boot Certificates with Microsoft 2023 in KVM Guests (JIRA:Rocky Linux-151949)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"affected":[{"package":{"ecosystem":"Rocky Linux:8","name":"edk2","purl":"pkg:rpm/rocky-linux/edk2?distro=rocky-linux-8-x86-64&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:20220126gitbb1bba3d77-13.el8_10.10"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:36721"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2396054"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:36730","modified":"2026-07-14T00:06:42.384842Z","published":"2026-07-09T06:00:16.850158Z","upstream":["CVE-2026-48864"],"summary":"Moderate: libsolv security update","details":"The libsolv packages provide a library for resolving package dependencies using a satisfiability algorithm.\n\nSecurity Fix(es):\n\n* libsolv: Heap buffer overflow in libsolv repopagestore via unchecked decompression of malicious .solv page data (CVE-2026-48864)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:8","name":"libsolv","purl":"pkg:rpm/rocky-linux/libsolv?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.7.20-7.el8_10"}],"database_specific":{"yum_repository":"BaseOS"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:36730"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460425"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:36728","modified":"2026-07-14T00:06:42.347681Z","published":"2026-07-09T06:00:16.850158Z","upstream":["CVE-2025-13151"],"summary":"Low: libtasn1 security update","details":"A library that provides Abstract Syntax Notation One (ASN.1, as specified by the X.680 ITU-T recommendation) parsing and structures management, and Distinguished Encoding Rules (DER, as per X.690) encoding and decoding functions.\n\nSecurity Fix(es):\n\n* libtasn1: libtasn1: Denial of Service via stack-based buffer overflow in asn1_expend_octet_string (CVE-2025-13151)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:8","name":"libtasn1","purl":"pkg:rpm/rocky-linux/libtasn1?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.13-6.el8_10"}],"database_specific":{"yum_repository":"BaseOS"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:36728"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2427698"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:36734","modified":"2026-07-14T00:06:42.431318Z","published":"2026-07-09T06:00:16.850158Z","upstream":["CVE-2025-6170"],"summary":"Low: libxml2 security update","details":"The libxml2 library is a development toolbox providing the implementation of various XML standards.\n\nSecurity Fix(es):\n\n* libxml2: Stack Buffer Overflow in xmllint Interactive Shell Command Handling (CVE-2025-6170)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"affected":[{"package":{"ecosystem":"Rocky Linux:8","name":"libxml2","purl":"pkg:rpm/rocky-linux/libxml2?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.9.7-21.el8_10.6"}],"database_specific":{"yum_repository":"BaseOS"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:36734"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2372952"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:36733","modified":"2026-07-14T00:06:42.483834Z","published":"2026-07-09T06:00:16.850158Z","upstream":["CVE-2026-34980"],"summary":"Moderate: cups security update","details":"The Common UNIX Printing System (CUPS) provides a portable printing layer for Linux, UNIX, and similar operating systems.\n\nSecurity Fix(es):\n\n* cups: OpenPrinting CUPS: Shared PostScript queue lets anonymous Print-Job requests reach `lp` code execution over the network (CVE-2026-34980)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L"}],"affected":[{"package":{"ecosystem":"Rocky Linux:8","name":"cups","purl":"pkg:rpm/rocky-linux/cups?distro=rocky-linux-8&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:2.2.6-68.el8_10"}],"database_specific":{"yum_repository":"BaseOS"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:36733"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2454954"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:36639","modified":"2026-07-14T00:07:01.691706Z","published":"2026-07-08T18:03:20.135265Z","upstream":["CVE-2026-42055"],"summary":"Important: nginx:1.26 security, bug fix, and enhancement update","details":"nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. \n\nSecurity Fix(es):\n\n* nginx: NGINX: Arbitrary code execution or Denial of Service via heap-based buffer overflow with crafted HTTP/2 headers (CVE-2026-42055)\n\nBug Fix(es) and Enhancement(s):\n\n* nginx:1.26/nginx: \"HTTP/2 bomb\" nginx fix breaks module ABI causing crashes [rhel-9.8.z] (JIRA:Rocky Linux-191774)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:9","name":"nginx","purl":"pkg:rpm/rocky-linux/nginx?distro=rocky-linux-9&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:1.26.3-9.module+el9.8.0+40235+8be1317a.2"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:9","name":"nginx","purl":"pkg:rpm/rocky-linux/nginx?distro=rocky-linux-9&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:1.26.3-9.module+el9.8.0+40222+e48d13b6.1"}],"database_specific":{"yum_repository":"AppStream"}}]},{"package":{"ecosystem":"Rocky Linux:9","name":"nginx","purl":"pkg:rpm/rocky-linux/nginx?distro=rocky-linux-9&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:1.26.3-9.module+el9.8.0+40194+40adfc1b"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:36639"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2489866"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:36189","modified":"2026-07-14T00:07:04.919650Z","published":"2026-07-08T12:06:34.177947Z","upstream":["CVE-2026-8450"],"summary":"Important: perl-HTTP-Daemon security update","details":"The perl-HTTP-Daemon package includes the HTTP::Daemon class, a subclass of IO::Socket::IP. Instances of the HTTP::Daemon class are HTTP/1.1 servers that listen on a socket for incoming requests.\n\nSecurity Fix(es):\n\n* perl-HTTP-Daemon: HTTP::Daemon: Arbitrary code execution via OS command injection in send_file() (CVE-2026-8450)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:10","name":"perl-HTTP-Daemon","purl":"pkg:rpm/rocky-linux/perl-HTTP-Daemon?distro=rocky-linux-10-aarch64&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:6.16-7.el10_2.1"}],"database_specific":{"yum_repository":"CRB"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:36189"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481773"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:36199","modified":"2026-07-14T00:07:04.218218Z","published":"2026-07-08T12:06:21.540749Z","upstream":["CVE-2026-39829","CVE-2026-39830","CVE-2026-39832","CVE-2026-39835"],"summary":"Important: buildah security update","details":"The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images. \n\nSecurity Fix(es):\n\n* golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate (CVE-2026-39835)\n\n* golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters (CVE-2026-39829)\n\n* golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses (CVE-2026-39830)\n\n* golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions (CVE-2026-39832)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"}],"affected":[{"package":{"ecosystem":"Rocky Linux:10","name":"buildah","purl":"pkg:rpm/rocky-linux/buildah?distro=rocky-linux-10&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:1.43.1-3.el10_2"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:36199"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480684"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480681"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480685"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480680"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:36203","modified":"2026-07-14T00:07:04.272259Z","published":"2026-07-08T12:06:21.540749Z","upstream":["CVE-2026-40033","CVE-2026-44420","CVE-2026-44421","CVE-2026-44422","CVE-2026-45700"],"summary":"Important: freerdp security update","details":"FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.\n\nSecurity Fix(es):\n\n* freerdp: FreeRDP: Remote code execution via heap-buffer-overflow in gdi_CacheToSurface (CVE-2026-40033)\n\n* freerdp: FreeRDP: Arbitrary code execution or denial of service via heap use-after-free in RDPEAR NDR parser (CVE-2026-44422)\n\n* freerdp: FreeRDP: Out-of-bounds write in planar bitmap decoder allows arbitrary code execution (CVE-2026-45700)\n\n* freerdp: FreeRDP: Arbitrary code execution via crafted RDPGFX PDUs (CVE-2026-44421)\n\n* freerdp: FreeRDP: Arbitrary code execution and denial of service via heap-buffer-overflow (CVE-2026-44420)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:10","name":"freerdp","purl":"pkg:rpm/rocky-linux/freerdp?distro=rocky-linux-10&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:3.10.3-12.el10_2.6"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:36203"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2483470"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2483480"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481473"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2483471"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2483467"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:35842","modified":"2026-07-14T00:07:04.058827Z","published":"2026-07-08T12:06:21.540749Z","upstream":["CVE-2026-11525","CVE-2026-12151","CVE-2026-42338","CVE-2026-48615","CVE-2026-48618","CVE-2026-48619","CVE-2026-48928","CVE-2026-48930","CVE-2026-48933","CVE-2026-48934","CVE-2026-48935","CVE-2026-6733","CVE-2026-9678"],"summary":"Important: nodejs22 security, bug fix, and enhancement update","details":"Node.js is a platform built on Chrome's JavaScript runtime \\ for easily building fast, scalable network applications. \\ Node.js uses an event-driven, non-blocking I/O model that \\ makes it lightweight and efficient, perfect for data-intensive \\ real-time applications that run across distributed devices.\n\nSecurity Fix(es):\n\n* ip-address: ip-address: Cross-site scripting via improper HTML escaping of untrusted input (CVE-2026-42338)\n\n* undici: undici: Denial of Service due to unbounded memory growth via WebSocket frames (CVE-2026-12151)\n\n* undici: Undici: Information disclosure due to improper cache-control header parsing (CVE-2026-9678)\n\n* undici: Undici: Response queue poisoning on reused keep-alive sockets can lead to incorrect response delivery. (CVE-2026-6733)\n\n* undici: undici: Weakening of cookie SameSite policy due to incorrect parsing of Set-Cookie header (CVE-2026-11525)\n\n* nodejs: Node.js: Denial of Service via unlimited HTTP/2 ORIGIN frames (CVE-2026-48619)\n\n* nodejs: Node.js: Silent authority rebinding due to embedded-nul hostnames in TLS handling (CVE-2026-48930)\n\n* nodejs: Node.js: Unauthorized file metadata modification (CVE-2026-48935)\n\n* nodejs: Node.js WebCrypto: Denial of Service via large input to subtle.encrypt() (CVE-2026-48933)\n\n* nodejs: Node.js: Certification validation bypass in TLS host verification (CVE-2026-48934)\n\n* Node.js: Node.js: Trust-policy bypass due to hostname matching inconsistency (CVE-2026-48928)\n\n* nodejs: Node.js: Information disclosure of proxy credentials via proxy tunnel error handling (CVE-2026-48615)\n\n* nodejs: Node.js: Authentication bypass due to TLS hostname handling and unicode dot separator mismatch (CVE-2026-48618)\n\nBug Fix(es) and Enhancement(s):\n\n* nodejs22: Rebase to the latest Node.js 22 release [rhel-10.2.z] (JIRA:Rocky Linux-186623)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"affected":[{"package":{"ecosystem":"Rocky Linux:10","name":"nodejs22","purl":"pkg:rpm/rocky-linux/nodejs22?distro=rocky-linux-10&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:22.23.1-2.el10_2"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:35842"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2490006"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2476810"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2490008"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2493333"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2493329"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2493335"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2493331"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2489980"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2493332"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2490000"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2493326"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2493325"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2493337"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:36193","modified":"2026-07-14T00:07:04.110454Z","published":"2026-07-08T12:06:21.540749Z","upstream":["CVE-2026-8643"],"summary":"Important: python3.14-pip security update","details":"Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.\n\nSecurity Fix(es):\n\n* python-pip: Path traversal via malicious entry point name in pip wheel installation allows arbitrary file overwrite (CVE-2026-8643)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:10","name":"python3.14-pip","purl":"pkg:rpm/rocky-linux/python3.14-pip?distro=rocky-linux-10-aarch64&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:25.2-3.el10_2.5"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:36193"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460927"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:36364","modified":"2026-07-14T00:07:04.377648Z","published":"2026-07-08T12:06:21.540749Z","upstream":["CVE-2026-42055"],"summary":"Important: nginx security, bug fix, and enhancement update","details":"nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. \n\nSecurity Fix(es):\n\n* nginx: NGINX: Arbitrary code execution or Denial of Service via heap-based buffer overflow with crafted HTTP/2 headers (CVE-2026-42055)\n\nBug Fix(es) and Enhancement(s):\n\n* \"HTTP/2 bomb\" nginx fix breaks module ABI causing crashes [rhel-10.2.z] (JIRA:Rocky Linux-191778)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:10","name":"nginx","purl":"pkg:rpm/rocky-linux/nginx?distro=rocky-linux-10&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:1.26.3-6.el10_2.5"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:36364"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2489866"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:36196","modified":"2026-07-14T00:07:04.167182Z","published":"2026-07-08T12:06:21.540749Z","upstream":["CVE-2026-11610","CVE-2026-11774"],"summary":"Important: 389-ds-base security update","details":"389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.\n\nSecurity Fix(es):\n\n* 389-ds-base: 389-ds-base: Heap buffer overflow in sasl_io_recv() via padded SASL UNBIND (CVE-2026-11610)\n\n* 389-ds-base: 389-ds-base: integer overflow in SASL packet length bypasses size limit leading to heap buffer overflow (CVE-2026-11774)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:10","name":"389-ds-base","purl":"pkg:rpm/rocky-linux/389-ds-base?distro=rocky-linux-10&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.2.0-8.el10_2"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:36196"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2484414"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2484916"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:36187","modified":"2026-07-14T00:07:02.958066Z","published":"2026-07-08T12:04:06.378376Z","upstream":["CVE-2026-8450"],"summary":"Important: perl-HTTP-Daemon security update","details":"The perl-HTTP-Daemon package includes the HTTP::Daemon class, a subclass of IO::Socket::IP. Instances of the HTTP::Daemon class are HTTP/1.1 servers that listen on a socket for incoming requests.\n\nSecurity Fix(es):\n\n* perl-HTTP-Daemon: HTTP::Daemon: Arbitrary code execution via OS command injection in send_file() (CVE-2026-8450)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:9","name":"perl-HTTP-Daemon","purl":"pkg:rpm/rocky-linux/perl-HTTP-Daemon?distro=rocky-linux-9-x86-64&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:6.12-6.el9_8.1"}],"database_specific":{"yum_repository":"CRB"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:36187"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481773"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:36195","modified":"2026-07-14T00:07:00.284753Z","published":"2026-07-08T12:03:53.587615Z","upstream":["CVE-2026-11610","CVE-2026-11774"],"summary":"Important: 389-ds-base security update","details":"389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.\n\nSecurity Fix(es):\n\n* 389-ds-base: 389-ds-base: Heap buffer overflow in sasl_io_recv() via padded SASL UNBIND (CVE-2026-11610)\n\n* 389-ds-base: 389-ds-base: integer overflow in SASL packet length bypasses size limit leading to heap buffer overflow (CVE-2026-11774)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:9","name":"389-ds-base","purl":"pkg:rpm/rocky-linux/389-ds-base?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.8.0-8.el9_8"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:36195"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2484414"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2484916"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]},{"schema_version":"1.7.0","id":"RLSA-2026:36317","modified":"2026-07-14T00:07:00.500497Z","published":"2026-07-08T12:03:53.587615Z","upstream":["CVE-2026-25679","CVE-2026-27145"],"summary":"Important: skopeo security update","details":"The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. \n\nSecurity Fix(es):\n\n* net/url: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)\n\n* crypto/x509: golang: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries (CVE-2026-27145)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"affected":[{"package":{"ecosystem":"Rocky Linux:9","name":"skopeo","purl":"pkg:rpm/rocky-linux/skopeo?distro=rocky-linux-9&epoch=2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:1.22.2-7.el9_8"}],"database_specific":{"yum_repository":"AppStream"}}]}],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:36317"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2445356"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2484207"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]}],"total":50,"page":1,"size":50,"links":{"first":"/api/v3/osv/?page=1","last":"/api/v3/osv/?page=1","self":"/api/v3/osv/"},"last_updated_at":"2026-07-14T01:04:32Z"}