{"resultsPerPage":9,"startIndex":0,"totalResults":9,"format":"NVD_CVE","version":"2.0","timestamp":"2026-07-19T19:12:04.997","vulnerabilities":[{"cve":{"id":"CVE-2024-3727","sourceIdentifier":"secalert@redhat.com","published":"2024-05-14T15:42:07.060","lastModified":"2026-07-19T00:16:37.393","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks."},{"lang":"es","value":"Se encontró una falla en la librería github.com/containers/image. Esta falla permite a los atacantes activar accesos inesperados al registro autenticado en nombre de un usuario víctima, lo que provoca agotamiento de recursos, path traversal local y otros ataques."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"defaultStatus":"unaffected","collectionURL":"https://github.com/containers/image","packageName":"image","versions":[{"version":"0","lessThan":"5.29.3","versionType":"semver","status":"affected"},{"version":"5.30.0","lessThan":"5.30.1","versionType":"semver","status":"affected"}]},{"vendor":"Red Hat","product":"OADP-1.3-RHEL-9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"oadp/oadp-velero-plugin-rhel9","cpes":["cpe:/a:redhat:openshift_api_data_protection:1.3::el9"],"versions":[{"version":"1.3.4-9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 4.4","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"advanced-cluster-security/rhacs-central-db-rhel8","cpes":["cpe:/a:redhat:advanced_cluster_security:4.4::el8"],"versions":[{"version":"4.4.5-2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 4.4","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"advanced-cluster-security/rhacs-collector-rhel8","cpes":["cpe:/a:redhat:advanced_cluster_security:4.4::el8"],"versions":[{"version":"4.4.5-2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 4.4","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"advanced-cluster-security/rhacs-collector-slim-rhel8","cpes":["cpe:/a:redhat:advanced_cluster_security:4.4::el8"],"versions":[{"version":"4.4.5-2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 4.4","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"advanced-cluster-security/rhacs-main-rhel8","cpes":["cpe:/a:redhat:advanced_cluster_security:4.4::el8"],"versions":[{"version":"4.4.5-4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 4.4","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"advanced-cluster-security/rhacs-operator-bundle","cpes":["cpe:/a:redhat:advanced_cluster_security:4.4::el8"],"versions":[{"version":"4.4.5-3","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 4.4","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"advanced-cluster-security/rhacs-rhel8-operator","cpes":["cpe:/a:redhat:advanced_cluster_security:4.4::el8"],"versions":[{"version":"4.4.5-2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 4.4","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"advanced-cluster-security/rhacs-roxctl-rhel8","cpes":["cpe:/a:redhat:advanced_cluster_security:4.4::el8"],"versions":[{"version":"4.4.5-2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 4.4","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"advanced-cluster-security/rhacs-scanner-db-rhel8","cpes":["cpe:/a:redhat:advanced_cluster_security:4.4::el8"],"versions":[{"version":"4.4.5-2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 4.4","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"advanced-cluster-security/rhacs-scanner-db-slim-rhel8","cpes":["cpe:/a:redhat:advanced_cluster_security:4.4::el8"],"versions":[{"version":"4.4.5-3","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 4.4","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"advanced-cluster-security/rhacs-scanner-rhel8","cpes":["cpe:/a:redhat:advanced_cluster_security:4.4::el8"],"versions":[{"version":"4.4.5-2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 4.4","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"advanced-cluster-security/rhacs-scanner-slim-rhel8","cpes":["cpe:/a:redhat:advanced_cluster_security:4.4::el8"],"versions":[{"version":"4.4.5-2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 4.4","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"advanced-cluster-security/rhacs-scanner-v4-db-rhel8","cpes":["cpe:/a:redhat:advanced_cluster_security:4.4::el8"],"versions":[{"version":"4.4.5-3","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 4.4","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"advanced-cluster-security/rhacs-scanner-v4-rhel8","cpes":["cpe:/a:redhat:advanced_cluster_security:4.4::el8"],"versions":[{"version":"4.4.5-3","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 4.5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"advanced-cluster-security/rhacs-central-db-rhel8","cpes":["cpe:/a:redhat:advanced_cluster_security:4.5::el8"],"versions":[{"version":"4.5.2-2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 4.5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"advanced-cluster-security/rhacs-collector-rhel8","cpes":["cpe:/a:redhat:advanced_cluster_security:4.5::el8"],"versions":[{"version":"4.5.2-2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 4.5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"advanced-cluster-security/rhacs-collector-slim-rhel8","cpes":["cpe:/a:redhat:advanced_cluster_security:4.5::el8"],"versions":[{"version":"4.5.2-2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 4.5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"advanced-cluster-security/rhacs-main-rhel8","cpes":["cpe:/a:redhat:advanced_cluster_security:4.5::el8"],"versions":[{"version":"4.5.2-2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 4.5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"advanced-cluster-security/rhacs-operator-bundle","cpes":["cpe:/a:redhat:advanced_cluster_security:4.5::el8"],"versions":[{"version":"4.5.2-2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 4.5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"advanced-cluster-security/rhacs-rhel8-operator","cpes":["cpe:/a:redhat:advanced_cluster_security:4.5::el8"],"versions":[{"version":"4.5.2-2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 4.5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"advanced-cluster-security/rhacs-roxctl-rhel8","cpes":["cpe:/a:redhat:advanced_cluster_security:4.5::el8"],"versions":[{"version":"4.5.2-2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 4.5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"advanced-cluster-security/rhacs-scanner-db-rhel8","cpes":["cpe:/a:redhat:advanced_cluster_security:4.5::el8"],"versions":[{"version":"4.5.2-2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 4.5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"advanced-cluster-security/rhacs-scanner-db-slim-rhel8","cpes":["cpe:/a:redhat:advanced_cluster_security:4.5::el8"],"versions":[{"version":"4.5.2-2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 4.5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"advanced-cluster-security/rhacs-scanner-rhel8","cpes":["cpe:/a:redhat:advanced_cluster_security:4.5::el8"],"versions":[{"version":"4.5.2-2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 4.5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"advanced-cluster-security/rhacs-scanner-slim-rhel8","cpes":["cpe:/a:redhat:advanced_cluster_security:4.5::el8"],"versions":[{"version":"4.5.2-1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 4.5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"advanced-cluster-security/rhacs-scanner-v4-db-rhel8","cpes":["cpe:/a:redhat:advanced_cluster_security:4.5::el8"],"versions":[{"version":"4.5.2-2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 4.5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"advanced-cluster-security/rhacs-scanner-v4-rhel8","cpes":["cpe:/a:redhat:advanced_cluster_security:4.5::el8"],"versions":[{"version":"4.5.2-2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"container-tools:rhel8","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"],"versions":[{"version":"8100020240808093819.afee755d","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"buildah","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"2:1.37.2-1.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"skopeo","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"2:1.16.1-1.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"podman","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"2:5.2.2-1.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Migration Toolkit for Containers 1.8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhmtc/openshift-migration-controller-rhel8","cpes":["cpe:/a:redhat:rhmt:1.8::el8"],"versions":[{"version":"v1.8.4-22","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.13","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"podman","cpes":["cpe:/a:redhat:openshift:4.13::el8","cpe:/a:redhat:openshift:4.13::el9","cpe:/a:redhat:openshift_ironic:4.13::el9"],"versions":[{"version":"3:4.4.1-13.rhaos4.13.el8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.13","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"skopeo","cpes":["cpe:/a:redhat:openshift:4.13::el8","cpe:/a:redhat:openshift:4.13::el9","cpe:/a:redhat:openshift_ironic:4.13::el9"],"versions":[{"version":"2:1.11.3-3.rhaos4.13.el8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.14","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-operator-lifecycle-manager","cpes":["cpe:/a:redhat:openshift:4.14::el8","cpe:/a:redhat:openshift:4.14::el9"],"versions":[{"version":"v4.14.0-202407260439.p0.g8d9b39e.assembly.stream.el8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.14","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"podman","cpes":["cpe:/a:redhat:openshift:4.14::el8","cpe:/a:redhat:openshift:4.14::el9","cpe:/a:redhat:openshift_ironic:4.14::el9"],"versions":[{"version":"3:4.4.1-19.rhaos4.14.el8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.14","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"skopeo","cpes":["cpe:/a:redhat:openshift:4.14::el8","cpe:/a:redhat:openshift:4.14::el9","cpe:/a:redhat:openshift_ironic:4.14::el9"],"versions":[{"version":"2:1.11.3-3.rhaos4.14.el8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/network-tools-rhel8","cpes":["cpe:/a:redhat:openshift:4.15::el8","cpe:/a:redhat:openshift:4.15::el9"],"versions":[{"version":"v4.15.0-202409172305.p0.g17536c8.assembly.stream.el8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-agent-installer-api-server-rhel8","cpes":["cpe:/a:redhat:openshift:4.15::el8","cpe:/a:redhat:openshift:4.15::el9"],"versions":[{"version":"v4.15.0-202409171307.p0.ged4651a.assembly.stream.el8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-agent-installer-node-agent-rhel9","cpes":["cpe:/a:redhat:openshift:4.15::el8","cpe:/a:redhat:openshift:4.15::el9"],"versions":[{"version":"v4.15.0-202409161436.p0.g1f44c02.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-alibaba-machine-controllers-rhel9","cpes":["cpe:/a:redhat:openshift:4.15::el8","cpe:/a:redhat:openshift:4.15::el9"],"versions":[{"version":"v4.15.0-202409120135.p0.gf7f5eed.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-apiserver-network-proxy-rhel9","cpes":["cpe:/a:redhat:openshift:4.15::el8","cpe:/a:redhat:openshift:4.15::el9"],"versions":[{"version":"v4.15.0-202409131835.p0.gadccbd5.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-cluster-autoscaler-rhel9-operator","cpes":["cpe:/a:redhat:openshift:4.15::el8","cpe:/a:redhat:openshift:4.15::el9"],"versions":[{"version":"v4.15.0-202409120135.p0.g8425d88.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-cluster-control-plane-machine-set-rhel9-operator","cpes":["cpe:/a:redhat:openshift:4.15::el8","cpe:/a:redhat:openshift:4.15::el9"],"versions":[{"version":"v4.15.0-202409130735.p0.gc03231f.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-cluster-ingress-rhel9-operator","cpes":["cpe:/a:redhat:openshift:4.15::el8","cpe:/a:redhat:openshift:4.15::el9"],"versions":[{"version":"v4.15.0-202409131635.p0.gb73e37f.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-cluster-network-rhel9-operator","cpes":["cpe:/a:redhat:openshift:4.15::el8","cpe:/a:redhat:openshift:4.15::el9"],"versions":[{"version":"v4.15.0-202409161836.p0.g092d15b.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-cluster-node-tuning-rhel9-operator","cpes":["cpe:/a:redhat:openshift:4.15::el8","cpe:/a:redhat:openshift:4.15::el9"],"versions":[{"version":"v4.15.0-202409180105.p0.g1fdd5b0.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-console","cpes":["cpe:/a:redhat:openshift:4.15::el8","cpe:/a:redhat:openshift:4.15::el9"],"versions":[{"version":"v4.15.0-202409180905.p0.gf6f61ca.assembly.stream.el8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-docker-builder","cpes":["cpe:/a:redhat:openshift:4.15::el8","cpe:/a:redhat:openshift:4.15::el9"],"versions":[{"version":"v4.15.0-202409171307.p0.g160e7ca.assembly.stream.el8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-hypershift-rhel9","cpes":["cpe:/a:redhat:openshift:4.15::el8","cpe:/a:redhat:openshift:4.15::el9"],"versions":[{"version":"v4.15.0-202409131635.p0.gb7c1d6a.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-insights-rhel9-operator","cpes":["cpe:/a:redhat:openshift:4.15::el8","cpe:/a:redhat:openshift:4.15::el9"],"versions":[{"version":"v4.15.0-202409111636.p0.gf0c44f6.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-machine-api-rhel9-operator","cpes":["cpe:/a:redhat:openshift:4.15::el8","cpe:/a:redhat:openshift:4.15::el9"],"versions":[{"version":"v4.15.0-202409120135.p0.g3ab953d.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-multus-admission-controller-rhel9","cpes":["cpe:/a:redhat:openshift:4.15::el8","cpe:/a:redhat:openshift:4.15::el9"],"versions":[{"version":"v4.15.0-202409111636.p0.g9ea52de.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-multus-whereabouts-ipam-cni-rhel8","cpes":["cpe:/a:redhat:openshift:4.15::el8","cpe:/a:redhat:openshift:4.15::el9"],"versions":[{"version":"v4.15.0-202409111636.p0.gd80fe46.assembly.stream.el8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-nutanix-machine-controllers-rhel9","cpes":["cpe:/a:redhat:openshift:4.15::el8","cpe:/a:redhat:openshift:4.15::el9"],"versions":[{"version":"v4.15.0-202409120135.p0.g8de6f94.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-openshift-controller-manager-rhel9","cpes":["cpe:/a:redhat:openshift:4.15::el8","cpe:/a:redhat:openshift:4.15::el9"],"versions":[{"version":"v4.15.0-202409171307.p0.g5d529dd.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-operator-lifecycle-manager-rhel9","cpes":["cpe:/a:redhat:openshift:4.15::el8","cpe:/a:redhat:openshift:4.15::el9"],"versions":[{"version":"v4.15.0-202409180305.p0.g1da79fe.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-operator-registry-rhel9","cpes":["cpe:/a:redhat:openshift:4.15::el8","cpe:/a:redhat:openshift:4.15::el9"],"versions":[{"version":"v4.15.0-202409180305.p0.g1da79fe.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-ovn-kubernetes-microshift-rhel9","cpes":["cpe:/a:redhat:openshift:4.15::el8","cpe:/a:redhat:openshift:4.15::el9"],"versions":[{"version":"v4.15.0-202409172305.p0.g5af0be8.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-ovn-kubernetes-rhel9","cpes":["cpe:/a:redhat:openshift:4.15::el8","cpe:/a:redhat:openshift:4.15::el9"],"versions":[{"version":"v4.15.0-202409172305.p0.g5af0be8.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-powervs-cloud-controller-manager-rhel9","cpes":["cpe:/a:redhat:openshift:4.15::el8","cpe:/a:redhat:openshift:4.15::el9"],"versions":[{"version":"v4.15.0-202409130536.p0.g1d6a7ed.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-powervs-machine-controllers-rhel9","cpes":["cpe:/a:redhat:openshift:4.15::el8","cpe:/a:redhat:openshift:4.15::el9"],"versions":[{"version":"v4.15.0-202409161436.p0.g4121cfc.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-sdn-rhel9","cpes":["cpe:/a:redhat:openshift:4.15::el8","cpe:/a:redhat:openshift:4.15::el9"],"versions":[{"version":"v4.15.0-202409120135.p0.g71a6f28.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-tests","cpes":["cpe:/a:redhat:openshift:4.15::el8","cpe:/a:redhat:openshift:4.15::el9"],"versions":[{"version":"v4.15.0-202409180705.p0.g95ee44e.assembly.stream.el8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-tools-rhel8","cpes":["cpe:/a:redhat:openshift:4.15::el8","cpe:/a:redhat:openshift:4.15::el9"],"versions":[{"version":"v4.15.0-202409161234.p0.g4e8d689.assembly.stream.el8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.15::el8","cpe:/a:redhat:openshift:4.15::el9"],"versions":[{"version":"415.92.202409162258-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"podman","cpes":["cpe:/a:redhat:openshift:4.15::el8","cpe:/a:redhat:openshift:4.15::el9","cpe:/a:redhat:openshift_ironic:4.15::el9"],"versions":[{"version":"3:4.4.1-30.rhaos4.15.el8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"skopeo","cpes":["cpe:/a:redhat:openshift:4.15::el8","cpe:/a:redhat:openshift:4.15::el9","cpe:/a:redhat:openshift_ironic:4.15::el9"],"versions":[{"version":"2:1.11.3-4.rhaos4.15.el8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-agent-installer-node-agent-rhel9","cpes":["cpe:/a:redhat:openshift:4.15::el8","cpe:/a:redhat:openshift:4.15::el9"],"versions":[{"version":"v4.15.0-202410230304.p0.g366295f.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-agent-installer-orchestrator-rhel8","cpes":["cpe:/a:redhat:openshift:4.15::el8","cpe:/a:redhat:openshift:4.15::el9"],"versions":[{"version":"v4.15.0-202410230304.p0.gfde2b2e.assembly.stream.el8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-operator-lifecycle-manager-rhel9","cpes":["cpe:/a:redhat:openshift:4.15::el8","cpe:/a:redhat:openshift:4.15::el9"],"versions":[{"version":"v4.15.0-202407230407.p0.gf3f8de5.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.16","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"podman","cpes":["cpe:/a:redhat:openshift:4.16::el8","cpe:/a:redhat:openshift:4.16::el9","cpe:/a:redhat:openshift_ironic:4.16::el9"],"versions":[{"version":"4:4.9.4-5.1.rhaos4.16.el8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.16","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"skopeo","cpes":["cpe:/a:redhat:openshift:4.16::el8","cpe:/a:redhat:openshift:4.16::el9","cpe:/a:redhat:openshift_ironic:4.16::el9"],"versions":[{"version":"2:1.14.4-1.rhaos4.16.el8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.16","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"cri-o","cpes":["cpe:/a:redhat:openshift:4.16::el8","cpe:/a:redhat:openshift:4.16::el9"],"versions":[{"version":"0:1.29.5-7.rhaos4.16.git7db4ada.el8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.16","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-operator-lifecycle-manager-rhel9","cpes":["cpe:/a:redhat:openshift:4.16::el9"],"versions":[{"version":"v4.16.0-202407171536.p0.g1551101.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.16","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-machine-config-rhel9-operator","cpes":["cpe:/a:redhat:openshift:4.16::el9"],"versions":[{"version":"v4.16.0-202409162206.p0.g6a425ab.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.16","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-agent-installer-orchestrator-rhel9","cpes":["cpe:/a:redhat:openshift:4.16::el9"],"versions":[{"version":"v4.16.0-202409231504.p0.g342902b.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.16","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-agent-installer-node-agent-rhel9","cpes":["cpe:/a:redhat:openshift:4.16::el9"],"versions":[{"version":"v4.16.0-202410172201.p0.gb121e87.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.17","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-machine-config-rhel9-operator","cpes":["cpe:/a:redhat:openshift:4.17::el9"],"versions":[{"version":"v4.17.0-202409122005.p0.gb170ad0.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.17","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-olm-operator-controller-rhel9","cpes":["cpe:/a:redhat:openshift:4.17::el9"],"versions":[{"version":"v4.17.0-202409100034.p0.g8d16b39.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.17","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-operator-lifecycle-manager-rhel9","cpes":["cpe:/a:redhat:openshift:4.17::el9"],"versions":[{"version":"v4.17.0-202409101338.p0.gb0d86a0.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.17","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-operator-registry-rhel9","cpes":["cpe:/a:redhat:openshift:4.17::el9"],"versions":[{"version":"v4.17.0-202409101338.p0.gb0d86a0.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.17","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-agent-installer-orchestrator-rhel9","cpes":["cpe:/a:redhat:openshift:4.17::el9"],"versions":[{"version":"v4.17.0-202410022234.p0.gfbc55c6.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.18","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/oc-mirror-plugin-rhel9","cpes":["cpe:/a:redhat:openshift:4.18::el9"],"versions":[{"version":"v4.18.0-202502100934.p0.gc00c7c9.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.18","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-agent-installer-api-server-rhel9","cpes":["cpe:/a:redhat:openshift:4.18::el9"],"versions":[{"version":"v4.18.0-202502040032.p0.ge5a4005.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.18","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-agent-installer-node-agent-rhel9","cpes":["cpe:/a:redhat:openshift:4.18::el9"],"versions":[{"version":"v4.18.0-202502041302.p0.g51a74ac.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.18","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-agent-installer-orchestrator-rhel9","cpes":["cpe:/a:redhat:openshift:4.18::el9"],"versions":[{"version":"v4.18.0-202501230001.p0.g5348c85.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.18","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-machine-config-rhel9-operator","cpes":["cpe:/a:redhat:openshift:4.18::el9"],"versions":[{"version":"v4.18.0-202502100153.p0.g120ba67.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.18","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-openshift-apiserver-rhel9","cpes":["cpe:/a:redhat:openshift:4.18::el9"],"versions":[{"version":"v4.18.0-202502060238.p0.g73d65db.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHEL-9-CNV-4.15","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"container-native-virtualization/virt-cdi-controller-rhel9","cpes":["cpe:/a:redhat:container_native_virtualization:4.15::el9"],"versions":[{"version":"v4.15.5-7","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Multicluster Engine for Kubernetes","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"multicluster-engine/agent-service-rhel8","cpes":["cpe:/a:redhat:multicluster_engine"]},{"vendor":"Red Hat","product":"Multicluster Engine for Kubernetes","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"multicluster-engine/assisted-installer-agent-rhel8","cpes":["cpe:/a:redhat:multicluster_engine"]},{"vendor":"Red Hat","product":"Multicluster Engine for Kubernetes","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"multicluster-engine/assisted-installer-reporter-rhel8","cpes":["cpe:/a:redhat:multicluster_engine"]},{"vendor":"Red Hat","product":"Multicluster Engine for Kubernetes","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"multicluster-engine/assisted-installer-rhel8","cpes":["cpe:/a:redhat:multicluster_engine"]},{"vendor":"Red Hat","product":"Multicluster Engine for Kubernetes","defaultStatus":"unaffected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"multicluster-engine-hive-container","cpes":["cpe:/a:redhat:multicluster_engine"]},{"vendor":"Red Hat","product":"OpenShift Developer Tools and Services","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"ocp-tools-4/jenkins-agent-base-rhel8","cpes":["cpe:/a:redhat:ocp_tools"]},{"vendor":"Red Hat","product":"OpenShift Developer Tools and Services","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"ocp-tools-4/jenkins-rhel8","cpes":["cpe:/a:redhat:ocp_tools"]},{"vendor":"Red Hat","product":"OpenShift Serverless","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift-serverless-1/client-kn-rhel8","cpes":["cpe:/a:redhat:serverless:1"]},{"vendor":"Red Hat","product":"OpenShift Serverless","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift-serverless-clients","cpes":["cpe:/a:redhat:serverless:1"]},{"vendor":"Red Hat","product":"OpenShift Source-to-Image (S2I)","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"source-to-image-container","cpes":["cpe:/a:redhat:source_to_image:1"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhacm2/submariner-rhel9-operator","cpes":["cpe:/a:redhat:acm:2"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 3","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"advanced-cluster-security/rhacs-central-db-rhel8","cpes":["cpe:/a:redhat:advanced_cluster_security:3"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 3","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"advanced-cluster-security/rhacs-main-rhel8","cpes":["cpe:/a:redhat:advanced_cluster_security:3"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 3","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"advanced-cluster-security/rhacs-rhel8-operator","cpes":["cpe:/a:redhat:advanced_cluster_security:3"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 3","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"advanced-cluster-security/rhacs-roxctl-rhel8","cpes":["cpe:/a:redhat:advanced_cluster_security:3"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 3","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"advanced-cluster-security/rhacs-scanner-db-rhel8","cpes":["cpe:/a:redhat:advanced_cluster_security:3"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 3","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"advanced-cluster-security/rhacs-scanner-db-slim-rhel8","cpes":["cpe:/a:redhat:advanced_cluster_security:3"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 3","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"advanced-cluster-security/rhacs-scanner-rhel8","cpes":["cpe:/a:redhat:advanced_cluster_security:3"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 3","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"advanced-cluster-security/rhacs-scanner-slim-rhel8","cpes":["cpe:/a:redhat:advanced_cluster_security:3"]},{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 1.2","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift-clients","cpes":["cpe:/a:redhat:ansible_automation_platform"]},{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift-clients","cpes":["cpe:/a:redhat:ansible_automation_platform:2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"buildah","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"conmon","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"containers-common","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"osbuild-composer","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"podman","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"skopeo","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"buildah","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"podman","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"skopeo","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"container-tools:4.0/buildah","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"container-tools:4.0/conmon","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"container-tools:4.0/containers-common","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"container-tools:4.0/podman","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"container-tools:4.0/skopeo","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"osbuild-composer","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"conmon","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"containers-common","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"osbuild-composer","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 3.11","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"atomic-openshift","cpes":["cpe:/a:redhat:openshift:3.11"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 3.11","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"podman","cpes":["cpe:/a:redhat:openshift:3.11"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"buildah","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"conmon","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"containers-common","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift4/ose-agent-installer-csr-approver-rhel9","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift4/ose-baremetal-installer-rhel8","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift4/ose-cli","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift4/ose-cli-artifacts","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift4/ose-deployer","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift4/ose-installer","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift4/ose-installer-altinfra-rhel8","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift4/ose-installer-artifacts-rhel9","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift4/ose-olm-rukpak-rhel8","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift4/ose-openshift-proxy-pull-test-rhel8","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift-clients","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"unaffected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"ose-installer-terraform-providers-container","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform Assisted Installer 1","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhai-tech-preview/assisted-installer-agent-rhel8","cpes":["cpe:/a:redhat:assisted_installer:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform Assisted Installer 1","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhai-tech-preview/assisted-installer-reporter-rhel8","cpes":["cpe:/a:redhat:assisted_installer:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform Assisted Installer 1","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhai-tech-preview/assisted-installer-rhel8","cpes":["cpe:/a:redhat:assisted_installer:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Dev Spaces","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"devspaces/udi-rhel8","cpes":["cpe:/a:redhat:openshift_devspaces:3"]},{"vendor":"Red Hat","product":"Red Hat Openshift Sandboxed Containers","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift-sandboxed-containers/osc-must-gather-rhel9","cpes":["cpe:/a:redhat:openshift_sandboxed_containers:1"]},{"vendor":"Red Hat","product":"Red Hat Openshift Sandboxed Containers","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift-sandboxed-containers/osc-rhel8-operator","cpes":["cpe:/a:redhat:openshift_sandboxed_containers:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Virtualization 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"container-native-virtualization/virt-cdi-apiserver","cpes":["cpe:/a:redhat:container_native_virtualization:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Virtualization 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"container-native-virtualization/virt-cdi-apiserver-rhel9","cpes":["cpe:/a:redhat:container_native_virtualization:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Virtualization 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"container-native-virtualization/virt-cdi-cloner","cpes":["cpe:/a:redhat:container_native_virtualization:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Virtualization 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"container-native-virtualization/virt-cdi-cloner-rhel9","cpes":["cpe:/a:redhat:container_native_virtualization:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Virtualization 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"container-native-virtualization/virt-cdi-controller","cpes":["cpe:/a:redhat:container_native_virtualization:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Virtualization 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"container-native-virtualization/virt-cdi-importer","cpes":["cpe:/a:redhat:container_native_virtualization:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Virtualization 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"container-native-virtualization/virt-cdi-importer-rhel9","cpes":["cpe:/a:redhat:container_native_virtualization:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Virtualization 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"container-native-virtualization/virt-cdi-operator","cpes":["cpe:/a:redhat:container_native_virtualization:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Virtualization 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"container-native-virtualization/virt-cdi-operator-rhel9","cpes":["cpe:/a:redhat:container_native_virtualization:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Virtualization 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"container-native-virtualization/virt-cdi-uploadproxy","cpes":["cpe:/a:redhat:container_native_virtualization:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Virtualization 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"container-native-virtualization/virt-cdi-uploadproxy-rhel9","cpes":["cpe:/a:redhat:container_native_virtualization:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Virtualization 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"container-native-virtualization/virt-cdi-uploadserver","cpes":["cpe:/a:redhat:container_native_virtualization:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Virtualization 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"container-native-virtualization/virt-cdi-uploadserver-rhel9","cpes":["cpe:/a:redhat:container_native_virtualization:4"]},{"vendor":"Red Hat","product":"Red Hat OpenStack Platform 16.2","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"osp-director-provisioner-container","cpes":["cpe:/a:redhat:openstack:16.2"]},{"vendor":"Red Hat","product":"Red Hat Quay 3","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"quay/quay-builder-rhel8","cpes":["cpe:/a:redhat:quay:3"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-05-13T17:59:41.318223Z","id":"CVE-2024-3727","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-354"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2024:0045","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:3718","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:4159","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:4613","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:4850","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:4960","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:5258","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:5951","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:6054","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:6122","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:6708","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:6818","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:6824","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:7164","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:7174","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:7182","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:7187","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:7922","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:7941","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:8260","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:8425","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:9097","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:9098","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:9102","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:9960","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2024-3727","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2274767","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:0045","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://access.redhat.com/errata/RHSA-2024:4159","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://access.redhat.com/errata/RHSA-2024:4613","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://access.redhat.com/security/cve/CVE-2024-3727","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2274767","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4HEYS34N55G7NOQZKNEXZKQVNDGEICCD/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6B37TXOKTKDBE2V26X2NSP7JKNMZOFVP/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CYT3D2P3OJKISNFKOOHGY6HCUCQZYAVR/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLND3YDQQRWVRIUPL2G5UKXP5L3VSBBT/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DTOMYERG5ND4QFDHC4ZSGCED3T3ESRSC/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FBZQ2ZRMFEUQ35235B2HWPSXGDCBZHFV/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GD2GSBQTBLYADASUBHHZV2CZPTSLIPQJ/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QFXMF3VVKIZN7ZMB7PKZCSWV6MOMTGMQ/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFVSMR7TNLO2KPWJSW4CF64C2QMQXCIN/","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2025-49794","sourceIdentifier":"secalert@redhat.com","published":"2025-06-16T16:15:18.997","lastModified":"2026-07-19T00:16:38.310","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the <sch:name path=\"...\"/> schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program's crash using libxml or other possible undefined behaviors."},{"lang":"es","value":"Se detectó una vulnerabilidad de use-after-free en libxml2. Este problema se produce al analizar elementos XPath en ciertas circunstancias cuando el esquema XML contiene los elementos de esquema . Esta falla permite a un actor malicioso manipular un documento XML malicioso que se utiliza como entrada para libxml, lo que provoca el bloqueo del programa al usar libxml u otros posibles comportamientos indefinidos."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"defaultStatus":"unaffected","collectionURL":"https://gitlab.gnome.org/GNOME/libxml2/","packageName":"libxml2","versions":[{"version":"0","lessThan":"2.15.0","versionType":"semver","status":"affected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/o:redhat:enterprise_linux:10.0"],"versions":[{"version":"0:2.12.5-7.el10_0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:2.9.1-6.el7_9.10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/o:redhat:enterprise_linux:8::baseos"],"versions":[{"version":"0:2.9.7-21.el8_10.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/o:redhat:enterprise_linux:8::baseos"],"versions":[{"version":"0:2.9.7-21.el8_10.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.2 Advanced Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_aus:8.2::appstream","cpe:/o:redhat:rhel_aus:8.2::baseos"],"versions":[{"version":"0:2.9.7-9.el8_2.3","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"],"versions":[{"version":"0:2.9.7-9.el8_4.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"],"versions":[{"version":"0:2.9.7-9.el8_4.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_e4s:8.6::baseos","cpe:/o:redhat:rhel_tus:8.6::baseos"],"versions":[{"version":"0:2.9.7-13.el8_6.10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_e4s:8.6::baseos","cpe:/o:redhat:rhel_tus:8.6::baseos"],"versions":[{"version":"0:2.9.7-13.el8_6.10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_e4s:8.6::baseos","cpe:/o:redhat:rhel_tus:8.6::baseos"],"versions":[{"version":"0:2.9.7-13.el8_6.10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream","cpe:/o:redhat:rhel_e4s:8.8::baseos","cpe:/o:redhat:rhel_tus:8.8::baseos"],"versions":[{"version":"0:2.9.7-16.el8_8.9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream","cpe:/o:redhat:rhel_e4s:8.8::baseos","cpe:/o:redhat:rhel_tus:8.8::baseos"],"versions":[{"version":"0:2.9.7-16.el8_8.9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/o:redhat:enterprise_linux:9::baseos"],"versions":[{"version":"0:2.9.13-10.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/o:redhat:enterprise_linux:9::baseos"],"versions":[{"version":"0:2.9.13-10.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_e4s:9.0::appstream","cpe:/o:redhat:rhel_e4s:9.0::baseos"],"versions":[{"version":"0:2.9.13-1.el9_0.5","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream","cpe:/o:redhat:rhel_e4s:9.2::baseos"],"versions":[{"version":"0:2.9.13-3.el9_2.7","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream","cpe:/o:redhat:rhel_eus:9.4::baseos"],"versions":[{"version":"0:2.9.13-10.el9_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Core Services 2.4.62.SP2","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:jboss_core_services:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.12","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.12::el8"],"versions":[{"version":"412.86.202510291903-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.13","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.13::el9"],"versions":[{"version":"413.92.202510150118-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.14","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.14::el9"],"versions":[{"version":"414.92.202510211419-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.17","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.17::el9"],"versions":[{"version":"417.94.202510112152-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.18","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.18::el9"],"versions":[{"version":"418.94.202510230424-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.19","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.19::el9"],"versions":[{"version":"4.19.9.6.202510140714-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.20","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.20::el9"],"versions":[{"version":"4.20.9.6.202509251656-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Web Terminal 1.11 on RHEL 9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"web-terminal/web-terminal-rhel9-operator","cpes":["cpe:/a:redhat:webterminal:1.11::el9"],"versions":[{"version":"1.11-19","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Web Terminal 1.11 on RHEL 9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"web-terminal/web-terminal-tooling-rhel9","cpes":["cpe:/a:redhat:webterminal:1.11::el9"],"versions":[{"version":"1.11-8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Web Terminal 1.12 on RHEL 9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"web-terminal/web-terminal-tooling-rhel9","cpes":["cpe:/a:redhat:webterminal:1.12::el9"],"versions":[{"version":"1.12-4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-data-index-ephemeral-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-11","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-data-index-postgresql-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-11","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-db-migrator-tool-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-11","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-jobs-service-ephemeral-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-jobs-service-postgresql-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-management-console-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-operator-bundle","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-rhel8-operator","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-18","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-swf-builder-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-11","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-swf-devmode-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-7","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"cert-manager operator for Red Hat OpenShift 1.16","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"cert-manager/jetstack-cert-manager-rhel9","cpes":["cpe:/a:redhat:cert_manager:1.16::el9"],"versions":[{"version":"v1.16.5-1760515757","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Compliance Operator 1","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"compliance/openshift-file-integrity-rhel8-operator","cpes":["cpe:/a:redhat:openshift_file_integrity_operator:1::el9"],"versions":[{"version":"v1.3","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"libxml2-main","cpes":["cpe:/a:redhat:hummingbird:1"],"versions":[{"version":"2.15.2-0.3.hum1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Insights proxy 1.5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"insights-proxy/insights-proxy-container-rhel9","cpes":["cpe:/a:redhat:insights_proxy:1.5::el9"],"versions":[{"version":"1.5.5-1754504343","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/o:redhat:enterprise_linux:6"]}]},{"source":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e","affectedData":[{"vendor":"Siemens","product":"RUGGEDCOM ROX MX5000","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX MX5000RE","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1400","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1500","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1501","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1510","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1511","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1512","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1524","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1536","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX5000","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM RST2428P","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V4.0","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-06-16T15:50:46.041375Z","id":"CVE-2025-49794","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-825"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2025:10630","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:10698","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:10699","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:11580","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:12098","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:12099","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:12199","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:12237","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:12239","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:12240","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:12241","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:13335","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:15397","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:15827","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:15828","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:18217","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:18218","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:18219","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:18240","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:19020","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:19041","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:19046","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:19894","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:21913","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:0934","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:7519","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2025-49794","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2372373","source":"secalert@redhat.com"},{"url":"https://gitlab.gnome.org/GNOME/libxml2/-/issues/931","source":"secalert@redhat.com"},{"url":"https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://cert-portal.siemens.com/productcert/html/ssa-253495.html","source":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e"},{"url":"https://cert-portal.siemens.com/productcert/html/ssa-577017.html","source":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e"}]}},{"cve":{"id":"CVE-2025-49796","sourceIdentifier":"secalert@redhat.com","published":"2025-06-16T16:15:19.370","lastModified":"2026-07-19T00:16:38.787","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory."},{"lang":"es","value":"Se encontró una vulnerabilidad en libxml2. El procesamiento de ciertos elementos sch:name del archivo XML de entrada puede provocar un problema de corrupción de memoria. Esta falla permite a un atacante manipular un archivo XML de entrada malicioso que puede provocar el bloqueo de libxml, lo que resulta en una denegación de servicio u otro posible comportamiento indefinido debido a la corrupción de datos confidenciales en la memoria."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"defaultStatus":"unaffected","collectionURL":"https://gitlab.gnome.org/GNOME/libxml2/","packageName":"libxml2","versions":[{"version":"0","lessThan":"2.15.0","versionType":"semver","status":"affected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/o:redhat:enterprise_linux:10.0"],"versions":[{"version":"0:2.12.5-7.el10_0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:2.9.1-6.el7_9.10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/o:redhat:enterprise_linux:8::baseos"],"versions":[{"version":"0:2.9.7-21.el8_10.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/o:redhat:enterprise_linux:8::baseos"],"versions":[{"version":"0:2.9.7-21.el8_10.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.2 Advanced Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_aus:8.2::appstream","cpe:/o:redhat:rhel_aus:8.2::baseos"],"versions":[{"version":"0:2.9.7-9.el8_2.3","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"],"versions":[{"version":"0:2.9.7-9.el8_4.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"],"versions":[{"version":"0:2.9.7-9.el8_4.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_e4s:8.6::baseos","cpe:/o:redhat:rhel_tus:8.6::baseos"],"versions":[{"version":"0:2.9.7-13.el8_6.10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_e4s:8.6::baseos","cpe:/o:redhat:rhel_tus:8.6::baseos"],"versions":[{"version":"0:2.9.7-13.el8_6.10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_e4s:8.6::baseos","cpe:/o:redhat:rhel_tus:8.6::baseos"],"versions":[{"version":"0:2.9.7-13.el8_6.10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream","cpe:/o:redhat:rhel_e4s:8.8::baseos","cpe:/o:redhat:rhel_tus:8.8::baseos"],"versions":[{"version":"0:2.9.7-16.el8_8.9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream","cpe:/o:redhat:rhel_e4s:8.8::baseos","cpe:/o:redhat:rhel_tus:8.8::baseos"],"versions":[{"version":"0:2.9.7-16.el8_8.9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/o:redhat:enterprise_linux:9::baseos"],"versions":[{"version":"0:2.9.13-10.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/o:redhat:enterprise_linux:9::baseos"],"versions":[{"version":"0:2.9.13-10.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_e4s:9.0::appstream","cpe:/o:redhat:rhel_e4s:9.0::baseos"],"versions":[{"version":"0:2.9.13-1.el9_0.5","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream","cpe:/o:redhat:rhel_e4s:9.2::baseos"],"versions":[{"version":"0:2.9.13-3.el9_2.7","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream","cpe:/o:redhat:rhel_eus:9.4::baseos"],"versions":[{"version":"0:2.9.13-10.el9_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Core Services 2.4.62.SP2","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:jboss_core_services:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.12","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.12::el8"],"versions":[{"version":"412.86.202510291903-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.13","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.13::el9"],"versions":[{"version":"413.92.202510150118-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.14","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.14::el9"],"versions":[{"version":"414.92.202510211419-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.17","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.17::el9"],"versions":[{"version":"417.94.202510112152-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.18","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.18::el9"],"versions":[{"version":"418.94.202510230424-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.19","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.19::el9"],"versions":[{"version":"4.19.9.6.202510140714-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.20","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.20::el9"],"versions":[{"version":"4.20.9.6.202509251656-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Web Terminal 1.11 on RHEL 9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"web-terminal/web-terminal-rhel9-operator","cpes":["cpe:/a:redhat:webterminal:1.11::el9"],"versions":[{"version":"1.11-19","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Web Terminal 1.11 on RHEL 9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"web-terminal/web-terminal-tooling-rhel9","cpes":["cpe:/a:redhat:webterminal:1.11::el9"],"versions":[{"version":"1.11-8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Web Terminal 1.12 on RHEL 9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"web-terminal/web-terminal-tooling-rhel9","cpes":["cpe:/a:redhat:webterminal:1.12::el9"],"versions":[{"version":"1.12-4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-data-index-ephemeral-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-11","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-data-index-postgresql-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-11","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-db-migrator-tool-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-11","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-jobs-service-ephemeral-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-jobs-service-postgresql-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-management-console-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-operator-bundle","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-rhel8-operator","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-18","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-swf-builder-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-11","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-swf-devmode-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-7","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"cert-manager operator for Red Hat OpenShift 1.16","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"cert-manager/jetstack-cert-manager-rhel9","cpes":["cpe:/a:redhat:cert_manager:1.16::el9"],"versions":[{"version":"v1.16.5-1760515757","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Compliance Operator 1","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"compliance/openshift-file-integrity-rhel8-operator","cpes":["cpe:/a:redhat:openshift_file_integrity_operator:1::el9"],"versions":[{"version":"v1.3","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Discovery 2","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"discovery/discovery-server-rhel9","cpes":["cpe:/a:redhat:discovery:2::el9"],"versions":[{"version":"2.0.1-1754478727","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"libxml2-main","cpes":["cpe:/a:redhat:hummingbird:1"],"versions":[{"version":"2.15.2-0.3.hum1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Insights proxy 1.5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"insights-proxy/insights-proxy-container-rhel9","cpes":["cpe:/a:redhat:insights_proxy:1.5::el9"],"versions":[{"version":"1.5.5-1754504343","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/o:redhat:enterprise_linux:6"]}]},{"source":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e","affectedData":[{"vendor":"Siemens","product":"RUGGEDCOM ROX MX5000","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX MX5000RE","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1400","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1500","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1501","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1510","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1511","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1512","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1524","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1536","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX5000","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM RST2428P","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V4.0","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-06-16T15:32:55.790163Z","id":"CVE-2025-49796","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2025:10630","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:10698","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:10699","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:11580","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:12098","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:12099","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:12199","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:12237","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:12239","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:12240","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:12241","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:13267","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:13335","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:15397","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:15827","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:15828","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:18217","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:18218","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:18219","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:18240","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:19020","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:19041","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:19046","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:19894","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:21913","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:0934","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:7519","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2025-49796","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2372385","source":"secalert@redhat.com"},{"url":"https://gitlab.gnome.org/GNOME/libxml2/-/issues/933","source":"secalert@redhat.com"},{"url":"https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://cert-portal.siemens.com/productcert/html/ssa-253495.html","source":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e"},{"url":"https://cert-portal.siemens.com/productcert/html/ssa-577017.html","source":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e"}]}},{"cve":{"id":"CVE-2025-12103","sourceIdentifier":"secalert@redhat.com","published":"2025-10-28T14:15:55.847","lastModified":"2026-07-19T01:17:01.750","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in Red Hat Openshift AI Service. The TrustyAI component is granting all service accounts and users on a cluster permissions to  get, list, watch any pod in any namespace on the cluster.\n\nTrustyAI is creating a role `trustyai-service-operator-lmeval-user-role` and a CRB `trustyai-service-operator-default-lmeval-user-rolebinding` which is being applied to `system:authenticated` making it so that every single user or service account can get a list of pods running in any namespace on the cluster \n\nAdditionally users can access all `persistentvolumeclaims` and `lmevaljobs`"}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat OpenShift AI 2.25","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhoai/odh-ta-lmes-driver-rhel9","cpes":["cpe:/a:redhat:openshift_ai:2.25::el9"],"versions":[{"version":"1776243252","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI 3.0","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhoai/odh-trustyai-service-operator-rhel9","cpes":["cpe:/a:redhat:openshift_ai:3.0::el9"],"versions":[{"version":"v3.0.0-1762251316","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhoai/odh-trustyai-service-operator-rhel8","cpes":["cpe:/a:redhat:openshift_ai"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N","baseScore":5.0,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-10-28T13:43:51.831220Z","id":"CVE-2025-12103","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-266"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2025:21117","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:10184","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2025-12103","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2405966","source":"secalert@redhat.com"}]}},{"cve":{"id":"CVE-2026-9165","sourceIdentifier":"secalert@redhat.com","published":"2026-07-06T09:16:39.400","lastModified":"2026-07-19T01:17:02.260","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in Red Hat Advanced Cluster Security for Kubernetes (RHACS). Central does not limit the depth of GraphQL queries served on the authenticated GraphQL API. An authenticated user with a valid API token can send deeply nested queries that cause excessive resource consumption in Central, resulting in a denial of service for the management plane."},{"lang":"es","value":"Se ha detectado una vulnerabilidad en Red Hat Advanced Cluster Security para Kubernetes (RHACS). Central no limita la profundidad de las consultas GraphQL que se sirven en la API GraphQL autenticada. Un usuario autenticado con un token de API válido puede enviar consultas profundamente anidadas que provocan un consumo excesivo de recursos en Central, lo que da lugar a una denegación de servicio en el plano de gestión."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 4.9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"advanced-cluster-security/rhacs-main-rhel8","cpes":["cpe:/a:redhat:advanced_cluster_security:4.9::el8"],"versions":[{"version":"1783357116","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security for Kubernetes 4.10","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"advanced-cluster-security/rhacs-main-rhel8","cpes":["cpe:/a:redhat:advanced_cluster_security:4.10::el8"],"versions":[{"version":"1783357140","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security for Kubernetes 4.11","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"advanced-cluster-security/rhacs-main-rhel9","cpes":["cpe:/a:redhat:advanced_cluster_security:4.11::el9"],"versions":[{"version":"1783352589","lessThan":"*","versionType":"rpm","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":4.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T14:00:57.848857Z","id":"CVE-2026-9165","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-400"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:36207","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36319","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36625","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2026-9165","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480505","source":"secalert@redhat.com"}]}},{"cve":{"id":"CVE-2026-16198","sourceIdentifier":"cna@vuldb.com","published":"2026-07-19T00:16:40.650","lastModified":"2026-07-19T00:16:40.650","vulnStatus":"Received","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was detected in Sipeed PicoClaw up to 0.2.9. The impacted element is an unknown function of the file web/backend/middleware/access_control.go of the component First Run Setup. Performing a manipulation of the argument allowed_cidrs results in authentication bypass using alternate channel. The attack may be initiated remotely. The attack's complexity is rated as high. The exploitability is regarded as difficult. The exploit is now public and may be used. The patch is named 017601354be38cb027ff3ffb01aed79bd5d12610. Applying a patch is the recommended action to fix this issue."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"Sipeed","product":"PicoClaw","cpes":["cpe:2.3:a:sipeed:picoclaw:*:*:*:*:*:*:*:*"],"modules":["First Run Setup"],"versions":[{"version":"0.2.0","status":"affected"},{"version":"0.2.1","status":"affected"},{"version":"0.2.2","status":"affected"},{"version":"0.2.3","status":"affected"},{"version":"0.2.4","status":"affected"},{"version":"0.2.5","status":"affected"},{"version":"0.2.6","status":"affected"},{"version":"0.2.7","status":"affected"},{"version":"0.2.8","status":"affected"},{"version":"0.2.9","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.9,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":5.6,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.2,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:H/Au:N/C:P/I:P/A:P","baseScore":5.1,"accessVector":"NETWORK","accessComplexity":"HIGH","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":4.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Primary","description":[{"lang":"en","value":"CWE-287"},{"lang":"en","value":"CWE-288"}]}],"references":[{"url":"https://github.com/sipeed/picoclaw/","source":"cna@vuldb.com"},{"url":"https://github.com/sipeed/picoclaw/commit/017601354be38cb027ff3ffb01aed79bd5d12610","source":"cna@vuldb.com"},{"url":"https://github.com/sipeed/picoclaw/issues/3080","source":"cna@vuldb.com"},{"url":"https://github.com/sipeed/picoclaw/pull/3083","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-16198","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/852965","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/380014","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/380014/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-16199","sourceIdentifier":"cna@vuldb.com","published":"2026-07-19T00:16:40.830","lastModified":"2026-07-19T00:16:40.830","vulnStatus":"Received","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw has been found in nextlevelbuilder GoClaw up to 3.13.3-beta.3. This affects the function ExecTool.Execute of the file goclaw/internal/tools/credentialed_exec.go. Executing a manipulation can lead to improper authorization. The attack may be launched remotely. The exploit has been published and may be used."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"nextlevelbuilder","product":"GoClaw","cpes":["cpe:2.3:a:nextlevelbuilder:goclaw:*:*:*:*:*:*:*:*"],"versions":[{"version":"3.13.3-beta.0","status":"affected"},{"version":"3.13.3-beta.1","status":"affected"},{"version":"3.13.3-beta.2","status":"affected"},{"version":"3.13.3-beta.3","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Primary","description":[{"lang":"en","value":"CWE-266"},{"lang":"en","value":"CWE-285"}]}],"references":[{"url":"https://github.com/nextlevelbuilder/goclaw/","source":"cna@vuldb.com"},{"url":"https://github.com/nextlevelbuilder/goclaw/issues/1215","source":"cna@vuldb.com"},{"url":"https://github.com/nextlevelbuilder/goclaw/issues/1215#issuecomment-4760153807","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-16199","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/857621","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/380015","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/380015/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-16200","sourceIdentifier":"cna@vuldb.com","published":"2026-07-19T01:17:01.900","lastModified":"2026-07-19T01:17:01.900","vulnStatus":"Received","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability has been found in zevorn rt-claw up to 0.2.0. This impacts the function claw_tool_invoke of the file claw/services/swarm/swarm.c of the component RPC Handler. The manipulation leads to incorrect authorization. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"zevorn","product":"rt-claw","cpes":["cpe:2.3:a:zevorn:rt-claw:*:*:*:*:*:*:*:*"],"modules":["RPC Handler"],"versions":[{"version":"0.1","status":"affected"},{"version":"0.2.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Primary","description":[{"lang":"en","value":"CWE-285"},{"lang":"en","value":"CWE-863"}]}],"references":[{"url":"https://github.com/zevorn/rt-claw/","source":"cna@vuldb.com"},{"url":"https://github.com/zevorn/rt-claw/issues/133","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-16200","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/857622","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/380016","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/380016/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-16201","sourceIdentifier":"cna@vuldb.com","published":"2026-07-19T01:17:02.087","lastModified":"2026-07-19T01:17:02.087","vulnStatus":"Received","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was found in zevorn rt-claw up to 0.2.0. Affected is the function claw_net_get/claw_net_post of the file claw/services/tools/net.c of the component http_request. The manipulation results in information disclosure. The attack can be executed remotely. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"zevorn","product":"rt-claw","cpes":["cpe:2.3:a:zevorn:rt-claw:*:*:*:*:*:*:*:*"],"modules":["http_request"],"versions":[{"version":"0.1","status":"affected"},{"version":"0.2.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Primary","description":[{"lang":"en","value":"CWE-200"},{"lang":"en","value":"CWE-284"}]}],"references":[{"url":"https://github.com/zevorn/rt-claw/","source":"cna@vuldb.com"},{"url":"https://github.com/zevorn/rt-claw/issues/136","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-16201","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/857623","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/380017","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/380017/cti","source":"cna@vuldb.com"}]}}]}