{"resultsPerPage":3,"startIndex":0,"totalResults":3,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-23T20:24:47.124","vulnerabilities":[{"cve":{"id":"CVE-2026-4424","sourceIdentifier":"secalert@redhat.com","published":"2026-03-19T15:16:28.300","lastModified":"2026-05-21T04:16:29.920","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a specially crafted RAR archive, leading to the disclosure of sensitive heap memory information without requiring authentication or user interaction."},{"lang":"es","value":"Se encontró una falla en libarchive. Esta vulnerabilidad de lectura fuera de límites de la pila (heap) existe en la lógica de procesamiento de archivos RAR debido a una validación incorrecta del tamaño de la ventana deslizante LZSS después de las transiciones entre métodos de compresión. Un atacante remoto puede explotar esto al proporcionar un archivo RAR especialmente diseñado, lo que lleva a la divulgación de información sensible de la memoria de la pila (heap) sin requerir autenticación ni interacción del usuario."}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:libarchive:libarchive:-:*:*:*:*:*:*:*","matchCriteriaId":"6A51945D-40D7-4C28-B0BB-774687265DCE"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:hardened_images:-:*:*:*:*:*:*:*","matchCriteriaId":"87DEB507-5B64-47D7-9A50-3B87FD1E571F"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*","matchCriteriaId":"932D137F-528B-4526-9A89-CD59FA1AB0FE"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openshift_container_platform:4.16:*:*:*:*:*:*:*","matchCriteriaId":"0EBB38E1-4161-402D-8A37-74D92891AAC5"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.16:*:*:*:*:*:*:*","matchCriteriaId":"D3056B67-E5C4-40A0-86BF-1D9E6637B13F"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openshift_container_platform_for_power:4.16:*:*:*:*:*:*:*","matchCriteriaId":"0EC48A26-5827-4EC0-BE90-EA25F0A9B56C"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","matchCriteriaId":"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*","matchCriteriaId":"6897676D-53F9-45B3-B27F-7FF9A4C58D33"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*","matchCriteriaId":"E28F226A-CBC7-4A32-BE58-398FA5B42481"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:10065","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:10097","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:11768","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:12071","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:12274","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:13812","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:14773","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:14937","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:15087","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:16008","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:16009","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:16030","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:16174","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:17596","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:19724","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:19725","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:8492","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:8510","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:8517","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:8521","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:8534","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:8864","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:8865","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:8866","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:8867","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:8873","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:8908","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:8944","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:9026","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:9592","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:9832","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/security/cve/CVE-2026-4424","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2449006","source":"secalert@redhat.com","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/libarchive/libarchive/pull/2898","source":"secalert@redhat.com","tags":["Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-5121","sourceIdentifier":"secalert@redhat.com","published":"2026-03-30T08:16:18.780","lastModified":"2026-05-21T04:16:31.343","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buffer overflow. This could potentially allow for arbitrary code execution on the affected system."},{"lang":"es","value":"Se encontró un fallo en libarchive. En sistemas de 32 bits, existe una vulnerabilidad de desbordamiento de entero en la lógica de asignación de punteros de bloque zisofs. Un atacante remoto puede explotar esto al proporcionar una imagen ISO9660 especialmente diseñada, lo que puede llevar a un desbordamiento de búfer de pila. Esto podría permitir potencialmente la ejecución de código arbitrario en el sistema afectado."}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-190"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-190"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:libarchive:libarchive:-:*:*:*:*:*:*:*","matchCriteriaId":"6A51945D-40D7-4C28-B0BB-774687265DCE"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:hardened_images:-:*:*:*:*:*:*:*","matchCriteriaId":"87DEB507-5B64-47D7-9A50-3B87FD1E571F"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*","matchCriteriaId":"932D137F-528B-4526-9A89-CD59FA1AB0FE"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","matchCriteriaId":"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:10065","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:10097","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:11768","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:12071","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:12274","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:13812","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:14773","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:14937","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:15087","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:16008","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:16009","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:16030","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:16174","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:17596","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:19724","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:19725","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:8510","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:8517","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:8521","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:8534","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:8864","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:8866","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:8867","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:8873","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:8908","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:8944","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:9026","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:9592","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:9832","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2026-5121","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2452945","source":"secalert@redhat.com"},{"url":"https://github.com/advisories/GHSA-2vwv-vqpv-v8vc","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://github.com/libarchive/libarchive/pull/2934","source":"secalert@redhat.com","tags":["Issue Tracking","Patch"]}]}},{"cve":{"id":"CVE-2026-5201","sourceIdentifier":"secalert@redhat.com","published":"2026-03-31T09:16:23.440","lastModified":"2026-05-21T04:16:31.760","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper validation of color component counts when processing a specially crafted JPEG image. A remote attacker can exploit this flaw without user interaction, for example, via thumbnail generation. Successful exploitation leads to application crashes and denial of service (DoS) conditions."},{"lang":"es","value":"Se encontró un fallo en la biblioteca gdk-pixbuf. Esta vulnerabilidad de desbordamiento de búfer basado en montículo ocurre en el cargador de imágenes JPEG debido a una validación incorrecta del recuento de componentes de color al procesar una imagen JPEG especialmente diseñada. Un atacante remoto puede explotar este fallo sin interacción del usuario, por ejemplo, a través de la generación de miniaturas. La explotación exitosa conduce a bloqueos de la aplicación y condiciones de denegación de servicio (DoS)."}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:gdk-pixbuf:-:*:*:*:*:*:*:*","matchCriteriaId":"66105200-1A98-42B1-B0DB-012B0CC1C0CB"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*","matchCriteriaId":"6897676D-53F9-45B3-B27F-7FF9A4C58D33"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*","matchCriteriaId":"E28F226A-CBC7-4A32-BE58-398FA5B42481"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*","matchCriteriaId":"F1CA946D-1665-4874-9D41-C7D963DD1F56"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:10707","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:10708","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:10741","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:11325","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:11326","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:11327","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:11328","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:11806","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:12060","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:12061","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:12062","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:12114","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:12115","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:16008","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:16009","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:16030","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:16174","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:19127","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:19210","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:19724","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:19725","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2026-5201","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453291","source":"secalert@redhat.com","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/304","source":"secalert@redhat.com","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2026/04/msg00010.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}}]}